Failed at the first step... the update. Thanks
I have now updated and tried to pass the config file but it gives an error even
with the default one.
./sqlmap.py -c sqlmap.conf -b
sqlmap/1.0-dev (r4647) - automatic SQL injection and database takeover tool
http://www.sqlmap.org
[*] starti
Hi Moritz.
Please use proper/valud "cookie" value for doing it.
You've used:
--cookie="c7cf953095d6fb6587fd8c625c1ef9b8"
while you most probably wanted to do this:
--cookie="PHPSESSID=c7cf953095d6fb6587fd8c625c1ef9b8"
Also, you'll be able to retrieve cookie value after you login properly with
y
You can login with your browser, get the session cookie and then pass that as a
parameter to sqlmap.
Br
Enviado desde mi BlackBerry de Movistar
-Original Message-
From: "Moritz Friedmann"
Date: Wed, 04 Jan 2012 02:58:48
To:
Subject: [sqlmap-users] Blind SQL with Login and Cookie?
---
Hi Cats.
Please, wait for day or two and you'll hopefully be able to use sqlmap in
that case too.
Kind regards,
Miroslav Stampar
On Mon, Jan 2, 2012 at 8:01 PM, cats wrote:
> I can dump users and databases, but not the tables in any database.
>
> Here's some output from sqlmap:
>
> Revision: 4
hi,
i want to check a site of my friend for vnl. i found a leak, but to come
there you have to login. that's my problem: how can i scan this site with
the login datas and the cookie?
here is the post data:
http://www.site.com/pages/logincheck.php
POST /pages/logincheck.php HTTP/1.1
