SQLMap Essentials HTB ACADEMY case 8

hello all, before I post my comment for help I want to clarify that this module in particular has had a few typos in flags and bugs throughout. Once again on this module after trying hundreds of commands I end up empty handed. I’m using python3 sqlmap.py -u http://157.245.46.136:31197/case9.php?id=1&uid --randomize=uid --batch -v 5 | grep URI any and all help appreciated!!

case 8 - you will need to use the --csrf -token=
To find the name of the token, use burp and load the url and look at the request, it should say the name of the token.
Save that request and use it with the flag ie
sqlmap -r file.txt --csrf-token=“tokenName” --batch --dump

The problem I had, I was using F12 dev tools and copying the cURL but the result would say it can’t find the token name, so I had to use burp instead to capture the request.

1 Like