Lab3 Authentication and Authorization sqlmap not detecting vulnerable param

Hello @rohanmadiratta1-13aa,

How did you launch the commands? --risk and --level flags, etc?


didnt use --level or --risk as it wasnt included in the solutions

1 Like

This is exactly the same problem I’m having with these labs! I dump hours into a lab beating my head against the wall. I check the solutions and it still doesn’t work! I give up and start googling and find this…come on INE! Fix your stuff!

Were you able to get this lab to work? I can’t get an answer from anyone. Support is useless, the forums aren’t much better.

This lab work well! Imo, you could use:
sqlmap -u --data="/ajax.php?fun=login&username=david&password=david" --keep-alive --dbms=mysql -p username (This one cause I tested and it is vulnerable to username parameter)