6Oca
How to use SQLmap for automatic scanning [closed]
If I want to scan this web application with SQLmap, how should I craft the command?
I tried this command but it didn't work. How do I fix it?
sqlmap --batch -u http://192.168.56.103:8754/payment-details/2 --data="id=1&Credit_Card_Number=120555777" --cookie=' JSESSIONID=DCD4D01977B03E59E5A72DBF8E7E02BB' --level=5 --risk=3
Its result is
WARNING] false positive or unexploitable injection point detected
[08:59:38] [WARNING] parameter 'Host' does not seem to be injectable
[08:59:38] [CRITICAL] all tested parameters do not appear to be injectable. If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could try to use option '--tamper' (e.g. '--tamper=space2comment') and/or switch '--random-agent'
