incorrectly identified "tainted" parameter
Hi.
Thing is that in general negative parameter values are a leftover from manual
injection attempts causing problems in some cases. Hence the warning/error
message. Have you tried just to change that -1 value to 1 for ShowMenu
paramete
Hi.
Thing is that in general negative parameter values are a leftover from
manual injection attempts causing problems in some cases. Hence the
warning/error message. Have you tried just to change that -1 value to 1 for
ShowMenu parameter?
Kind regards
On Dec 10, 2011 3:23 PM, "Bob Simonoff" wrot
Can you replace the (-) with %2d, it's hexadecimal representation?
On Sat, Dec 10, 2011 at 8:22 AM, Bob Simonoff wrote:
>
> I received this message:
>
> [23:28:33] [CRITICAL] you have provided tainted parameter values
> (ncmb%26ShowMenu=-1) with most probably leftover chars from manual sql
> inje
I received this message:
[23:28:33] [CRITICAL] you have provided tainted parameter values
(ncmb%26ShowMenu=-1) with most probably leftover chars from manual sql
injection tests (;()') or non-valid numerical value. Please, always use only
valid parameter values so sqlmap could be able to do a v
