On Fri, Sep 30, 2011 at 11:26:36PM -0700, Kristian Erik Hermansen spake thusly: > Sqlmap supports both cookie and post parameter SQL injection. Bernardo Damele > rules...
Indeed it does. I setup Webscarab and ran through all of the functionality I can find on a site and then feed those logs into sqlmap so it can find the cookies and post parameters and grind away on them. It takes quite a while (hours) to run a moderately complex site through the most comprehensive tests sqlmap offers. -- Tracy Reed
pgpTDHaGfZWCn.pgp
Description: PGP signature
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
