Hi.
It doesn't look there. But, if Location is changed then there should be
redirection (with other potential strings).
Kind regards
On 17.12.2012. 22:12, "David Alvarez" wrote:
> Hello,
>
> I detected a blind SQL injection in a MySQL database. The difference
> between its responses its in the
Hello,
I detected a blind SQL injection in a MySQL database. The difference
between its responses its in the Location HTTP header. But, when I set the
"string" switch, sqlmap doesn`t recognize a true statement. Is sqlmap
looking at http header?
Thanks.
Kind Regads,
David Álvarez
Hi.
I believe that this was fixed few weeks ago. Please update to have it fixed.
Kind regards,
Miroslav Stampar
On Dec 17, 2012 10:01 AM, "beta" wrote:
> g:\progz\Python27>python.exe sqlmap-2012\sqlmap.py -u
> "http:///index.php?f_id=589&main=1";
> -p main --file-read="/etc
Undefined index while used for sure is a sign of dropped parameters almost
always in cases of long payloads
Kind regards,
Miroslav Stampar
On Dec 17, 2012 1:21 PM, "li" wrote:
> Hello there,
>
>
> i just get a problem when i use the --os-shell command.english is not my
> mother languag.But i w
Hello there,
i just get a problem when i use the --os-shell command.english is not my mother
languag.But i will try my best to explain the situation.
when i use the default --os-shell payload ,it does not work.the server respose
is
HTTP/1.1 200 OK
Date: Mon, 17 Dec 2012 11:42:34 GMT
Server
g:\progz\Python27>python.exe sqlmap-2012\sqlmap.py -u
"http:///index.php?f_id=589&main=1";
-p main --file-read="/etc/host"
sqlmap/1.0-dev-621ae58 - automatic SQL injection and database takeover
tool
http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking
