Hi all,
I am facing issues with HTB academy - SQLmap essentials case#4.
I created a HTTP request file using the HTTP request header:
GET /case4.php HTTP/1.1
Host: 134.209.28.204:31916
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://134.209.28.204:31916/
Upgrade-Insecure-Requests: 1
Sec-GPC: 1
Next i ran sqlmap using the command:
sqlmap -r req1 --data ‘{“id”:1*&name:test}’ --batch --dump
I got the error which states:
specified file ‘req1’ does not contain a usable HTTP request (with parameters)
I am thinking i should be using the POST HTTP request header instead? I then proceeded to use the POST HTTP request heaader:
POST /case4.php HTTP/1.1
Host: 134.209.28.204:31916
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: /
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 8
Origin: http://134.209.28.204:31916
DNT: 1
Connection: keep-alive
Referer: http://134.209.28.204:31916/case4.php
Sec-GPC: 1
I then got the next error:
no parameter(s) found for testing in the provided data (e.g. GET parameter ‘id’ in ‘Custom Application Development Software for Business - Salesforce.com’). You are advised to rerun with ‘–crawl=2’
Is anyone able to point me in the correct direction?
Thank you