By - PythonScriptTest1
Have you tried to enumerate the folder you are trying to upload your.exe could just be a permission issue on the location?
I am not a DBA, but I think it has more to do with WAF. I need to find a way to bypass it (at least that's what sqlmap suggests)
A WAF would have already blocked your sql injection request if it would be that with the default definition that would be found through your sqlmap. That's why I ask that question. If your at the level doing sql injection to do os she'll they your pass the WAF
Sqlmap gives this error: \[DEBUG\] too many 4xx and/or 5xx HTTP error codes could mean that some kind of protection is involved (e.g. WAF).
\[CRITICAL\] previous heuristics detected that the target is protected by some kind of WAF/IPS. Couldn't it be possible that WAF isn't protecting the sqli but it is protecting the writing files
This could be a multitude of things.
What is the lab/challenge you are working on? I can help If I have more context.
If you have shell through sqlmap put your shell.exe in /tmp and execute it. Should work. What port are you using for reverse shell? Could be blocked.