Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
thoxx19776yIs this the first time you are trying something like this?
You dont find SQL injections just because you are using sqlmap with some default settings/presets... I bet thousand script kiddies tried that before. You should put more effort and research in a topic like this. -
C0D4669026y@R1100 if the target uri (generally a dynamic Id) for sqli has been sanitised and/or has sql attack preventions in place then it's unlikely it will pick anything up.
But that doesn't mean another uri doesn't exist that isn't protected. -
All you have to do is to use prepared statements and there won't be any SQL Injection possible. Prepared statements were new and fairly unused maybe 10-6 years ago, but I imagine they are much more widespread now.
Related Rants
-
linuxxx33First new job impression; Me: you use Ubuntu as well? Nearly everyone does Linux here I see! Co-worker: yup!...
-
miguelhdz11I got a new job almost triple my old salary, I will move to a new city. I'm happy as fuck!
-
practiseSafeHex14I GOT A JOB OFFER!!! IM OUT OF THIS FUCKING HELLHOLE!!! 🖕🖕🖕🖕🖕🖕🖕🖕🖕🖕🖕🖕
Looking for bug bountry online and trying to find sqli bug.
I tried using sqlmap but no success.
Is it about WAF they're using or sqlmap is not complete ?
(I set the level and risk to highest possible)
Thanks
@ExGetMessage
rant
sqli
bug bountry
new job