stackoom
  简体   繁体   中英

SQLMap host does not seem to be injectable, does this mean there are no vulnerabilities?

 原文  2021-07-17 14:29:55       python/ sql/ penetration-testing/ sqlmap/ penetration-tools

Question

python sqlmap.py -u "https://localhost:8080" --level=5 --risk=5

[15:13:30] [WARNING] parameter 'Host' does not seem to be injectable
[15:13:30] [CRITICAL] all tested parameters do not appear to be injectable

SQLMap outputted this after many testing rows, is this the normal behaviour of the program or did I enter the url incorrectly?

Image shows whole output:

在此处输入图像描述

1 answers

solution1
 0  2022-07-01 17:33:29

... is this the normal behaviour of the program or did I enter the url incorrectly?

According to the output sqlmap did not find any vulnerable injection point.

Normally, -u would also require to specify parameters for testing, but since you've specified --level and --risk , sqlmap tried to inject into http headers with extended payload set. Some responses were suspected for vulnerability in Host header, but finding was not confirmed.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Why does this not seem to be random? inheritance does not seem to be working Does this benchmark seem relevant? portalocker does not seem to lock Importing functions does not seem to work Why does the output seem rotated? MouseTracking events does not seem to function why does this seem to be an infinite loop? Return function does not seem to be working Class does not seem to be Global in python
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM