using SQLMAP to test SQL injection in ASP.NET web application

4.9k Views Asked by Krishna Samaga At 20 October 2024 at 12:41

I am trying to get SQLMAP tool to test the possibilities of SQL injection on my asp.net web application which has forms authentication. But I am not getting any clear directions on this. I have tried my hands on numerous forums and found nothing concrete for ASP.NET web application. Most of the demos are provided for PHP sites, which does not work like ASP.NET.

When I try to run

sqlmap.py -u "https://test.XXXX_SIT/login.aspx" --dbs

command, I end up getting the below response from the SQLMAP console

I am new to this aspect of security testing and I am even open for any better and simple free tool that does the job for me.

Please let me know the possible solution or other better possibilities to achieve this.

Regards,

Krishna Samaga B.

Original Q&A

There are 1 best solutions below

Nejmeddine Khéchine On 21 April 2021 at 16:42

You need parameters to test.

sqlmap.py -u "https://test.XXXX_SIT/login.aspx?login=1&pass=2" --dbs

for example login and pass are GET parameters.

sqlmap.py -u "https://test.XXXX_SIT/login.aspx" --data='login=1&pass=2' --dbs

if you're sending POST request with login and pass

using SQLMAP to test SQL injection in ASP.NET web application

There are 1 best solutions below

Related Questions in ASP.NET

Related Questions in TESTING

Related Questions in CODE-INJECTION

Related Questions in WEB-TESTING

Related Questions in SQLMAP

Trending Questions

Popular # Hahtags

Popular Questions