Thanks a lot!
If there is a doc explaining a little about the sqlmap code structure
maybe I can help with this feature.
I know a little of python but in this case I think the biggest problem
would be find the right part of sqlmap code to include/change.
On Fri, Aug 19, 2016 at 6:19 AM, Miroslav S
Currently there is no way. Will implement it when I catch time (
https://github.com/sqlmapproject/sqlmap/issues/1679).
Bye
On Thu, Aug 18, 2016 at 11:35 PM, Ricardo Iramar dos Santos <
rira...@gmail.com> wrote:
> I checked and burp replace feature doesn't have any kind of parameter
> to include
I checked and burp replace feature doesn't have any kind of parameter
to include a incremental number. :(
I'll check mitmproxy.
On Thu, Aug 18, 2016 at 4:10 PM, Ricardo Iramar dos Santos
wrote:
> Great idea!!! Thanks!!! :)
> I'll try and let you know the results.
>
> On Thu, Aug 18, 2016 at 4:07
Great idea!!! Thanks!!! :)
I'll try and let you know the results.
On Thu, Aug 18, 2016 at 4:07 PM, Brandon Perry
wrote:
> You can write a burp rule that rewrites a specific value that you set in the
> SOAP body with an incrementing integer as sqlmap is exploiting the
> sqlinjection (it wouldn’t
You can write a burp rule that rewrites a specific value that you set in the
SOAP body with an incrementing integer as sqlmap is exploiting the sqlinjection
(it wouldn’t realize the parameter needed to be incremented).
You can use —proxy to send sqlmap through burp.
> On Aug 18, 2016, at 2:02 P
I have a SOAP POST request where two different should be unique. One
is an Email and another UserID.
Is there a way to inject on Email having the email domain (e.g.
@gmail.com) as a suffix and increment the UserID parameter (e.g.
starting from 100)?
Thanks!
Ricardo Iramar
