Seems to do what I wanted. Turns out my particular case was a false
positive so extraction hasn't been tested, but I examined the traffic
for the testing probes and they are all in the right place and
everything in that stage works for one or more injection points.
Thanks!
Miroslav Stampar wrote
Hi Steve.
Could you please test this with the latest r5004?
Kind regards,
Miroslav Stampar
On Mon, Apr 16, 2012 at 8:45 PM, Miroslav Stampar <
miroslav.stam...@gmail.com> wrote:
> Hi Steve.
>
> As there were requests for this same feature before we'll try to implement
> it these days. Will keep
Hi Steve.
As there were requests for this same feature before we'll try to implement
it these days. Will keep you posted.
Kind regards,
Miroslav Stampar
On Mon, Apr 16, 2012 at 8:40 PM, Steve Pinkham wrote:
> I have an app that has post data like this:
>
>
> loginxml=%3Ccom.customcode%3E%0A%09%
I have an app that has post data like this:
loginxml=%3Ccom.customcode%3E%0A%09%3Cusername%3Easdf%3C%2Fusername%3E%0A%09%3Cpassword%3Eqwerty%3C%2Fpassword%3E%0A%3C%2Fcom.customcode%3E
Which looks like this decoded:
loginxml=
asdf
qwerty
Is there a way to mark injection locations
