Lab3 Authentication and Authorization sqlmap not detecting vulnerable param

Hello @rohanmadiratta1-13aa,

How did you launch the commands? --risk and --level flags, etc?

Thanks,

didnt use --level or --risk as it wasnt included in the solutions

1 Like

This is exactly the same problem I’m having with these labs! I dump hours into a lab beating my head against the wall. I check the solutions and it still doesn’t work! I give up and start googling and find this…come on INE! Fix your stuff!

1 Like

Were you able to get this lab to work? I can’t get an answer from anyone. Support is useless, the forums aren’t much better.

1 Like

This lab work well! Imo, you could use:
sqlmap -u http://3.lab.auth.site/ --data="/ajax.php?fun=login&username=david&password=david" --keep-alive --dbms=mysql -p username (This one cause I tested and it is vulnerable to username parameter)

Yeah, this is not working for me as I’ve tried it couple of times already. it keeps saying Unable to connect

Can’t try it to see if I could help you, because all these labs are under maintenance…

1 Like