Hi to all, I am getting stuck on SQLmap Essential - Case 7. (HTB Academy)
I have been using this to no avail
sqlmap -u ‘http://46.101.32.158:32274/case7.php?id=1’ --batch --dump -T flag7 --level=5 --risk=3 --random-agent --union-cols=1-9 -v 3
and also this where I specify the technique
sqlmap -u ‘http://46.101.32.158:32274/case7.php?id=1’ --batch --dump -T flag7 --level=5 --risk=3 --random-agent --technique=U --union-cols=1-9 -v 3
Can someone give me a nudge on what I am doing wrong?
Thank you
Hello
Parse the arguments you specified when you find out how to solve the problem, the solution is on the surface)
I don’t understand the way to solve the issue. I am able to solve it using
sqlmap -u http://134.209.17.36:30901/case7.php?id=1 --union-cols=5 --dump --no-cast
but even if I use --union-cols=1-9 I receive the token. Unfortunately I don’t see any description on how can I count the cols. Overall for me the basic descriptions are missing in HTB academy for sqlmap.
Hello,
The answer to get the flag is in the previous tasks, HTB assumes you have used them / or know about them, that’s why they doesn’t mention them anymore
Hint : the comand is almost correct, but you are missing one part to “dump” the flag data from to defined table
Bro are you serious ?
While I understand their logic in “We already taught this so you should know it.” Not everyone is going to be able to remember every single command of every lesson. I feel they should add a link next to their statement directing you to the previous lesson as a refresher.
Guys I hope you are well, Remember to be specific about you want to get and what you face
You have to specify the total columns by counting them in the webpage, the character in the union clause, the technique and if you can the dbms.