I am new to SQLMap. I have setup Kali and OWASPBWA VM. Both VMs are on same NAT Network set in VirtualBox.
When I try to run following command:
sqlmap -u "http://<IP_ADDRESS>/mutillidae/index.php?page=user-info.php?username=111&password=bbb&user-info-php-submit-button=View+Account+Details" -p username
I get following messages:
- Previous heuristics detected that the target is protected by some kind of WAF/IPS.
- Multiple messages – Unable to connect to the targeturl. sqlmap is trying to reconnect.
- heuristics test shows that GET parameter ‘username’ might not be injectable.
There are several YouTube videos which display same setup with above 2 VMs, and are able to run the command and find injection in username parameter. What am I doing wrong? Please help.
Go to Source