Operator On The Wire
Join
← Back to Knowledge Base
RED TEAM / SQL / SQLMAP / WebSockets

sqlmap-websocket-proxy

  • Install the tool:
python3 -m pip install sqlmap-websocket-proxy

# GLOBAL VENV 

pipx install sqlmap-websocket-proxy
  • Run the proxy:
sqlmap-websocket-proxy -u ws://<target-host>:<port>/ -p 9091 -d '{"id":"%param%"}'

NOTE: Injectable parameters must be encoded in format %param%

  • Run sqlmap:
sqlmap -u http://localhost:9091/?param1=1