During penetration tests it's common to use a certain IP address while conducting different kinds of tests and exploitation techniques due to the variety of issues ranging from anonymity to legal aspects.
SQLMap provides the --proxy
switch to pass a URL of an HTTP(s) proxy. Let try to understand this.
A valid proxy is in the form of http://url:port
. Assuming our proxy is at https://proxy.example.com:8080
we use the --proxy
switch as follows:
./sqlmap.py --proxy="https://proxy.example.com:8080" -u "http://vuln.com/?id=1
There is another switch of a similar kind, called the --tor
which allows you to configure SQLMap with the Tor Network.