BurpSuit + SqlMap = One Love

Valeriy Shevchenko
2 min readApr 24, 2018

--

Sorry, but it's not hacking writeup. I am on a way to prepare it. Just need more time with this to not make harm many companies before they fix their issues.

This article kind of instruction how to set up your SqlMap API with BurpSuit SQLiPy extension. Often, what you do not use is very quickly forgotten. So here I decided to write something to remember and share with you.

  1. Set up your SqlMap API on your Kali Linux machine

Check you ip address with ifconfig command.

Then go to SqlMap API directory

../usr/share/sqlmap

And run you API tool there with command

python sqlmapapi.py -s -H <Your IP> -p <Prefer port>

2. For now everything what you need is to reuse you ip address/port with sqlmapapi.py on your SQLiPy extension in Burp.

Take what you need on your proxy tab and send it to SQLiPy Scan

You can configure your options in SQLMap Scanner for your target and press Start Scan button

And time to time check the results in SQLMap Logs

Have fun, guys! Have a good catches ;)

--

--

Valeriy Shevchenko
Valeriy Shevchenko

Written by Valeriy Shevchenko

I am a guy passionate about testing and security researching 👨‍💻 → t.me/valyaroller

Responses (1)