I am all into sqlmap, however, there are situations where sqlmap just fails for one reason or another, and Havij gets the job done.
One major problem with Havij is that it doesn’t work with HTTPS sites “at least for me”, and I came across a particular site with a confirmed SQLi that when I pointed sqlmap at it didn’t work, so, I ran Havij:
Pressed the Analyze button, aaaaaand…. nothing, it’s IDLE
So, I thought maybe Havij doesn’t do HTTPS, my solution approach was using stunnel to listen on port:80 and configure it to connect to the https site, the point Havij to the stunnel server at port:80 and let stunnel to the SSL
Let’ see how the stunnel.conf will look like:
then run “stunnel stunnel.conf” …
Ok, looks good to me… Now I’ll point Havij to the stunnel machine with HTTP
And Havij just works fine after that 🙂
Can you record a video for this tutorial??
Thanks you very much
I’m afraid I do not have that planned … nor think will be.
If you’re familiar with linux “backtrack?” it’s a very easy thing to do, google your way, if you couldn’t do it, you’ve not tried hard enough 🙂
I tried, but i think i didnt configure stunnel properly, so still need sqlmap (Mr slow fff)…i dont understand why you put ‘0.0.0.0:80’ and where write ‘pid=’ n ‘output=’ in the conf file,,,
sorry i forget 2 say thanks man! ..4 the info. at least now i know there is a way to use https with havij,,,,even if i cannot enjoy it
can helps me i need use this method ???
I’m afraid I can’t get this going…
Keep getting 400.
same shtit here