Hi Miroslav,
The situation is that I can't rerun or hit the system again for a couple of
days due to a business issue. In the meanwhile, I need to extract all
payloads injected from the scan that I already ran today. If I cannot see
payloads from the exploit phase, can you please point me to the l
Great. Thanks so much. I'll take a look and let you know.
Also, let us say I scan the same URL in front of an Oracle DB twice, then
the payloads for both scans should be exactly same, right? Since it is the
same URL/DB?
Thanks,
Mithun
On Jan 20, 2016 7:09 PM, "Miroslav Stampar"
wrote:
> You can
You can take a look into xml/payloads/*.xml and xml/boundaries.xml for
testing phase payloads
You can take a look into lib/controller/checks.py for testing phase
generation of payloads
You can take a look into xml/boundaries.xml and xml/queries.xml for
exploitation phase payloads
You can take a lo
Hi Miroslav,
The situation is that I can't rerun or hit the system again for a couple of
days due to a business issue. In the meanwhile, I need to extract all
payloads injected from the scan that I already ran today. If I cannot see
payloads from the exploit phase, can you please point me to the l
You can see all testing payloads by rerunning with -v 3.
You can't see payloads that sqlmap generated during the exploitation phase.
Results of those payloads are stored inside the appropriate session.sqlite,
but with hashed queries/payloads. Without doing this session files would
explode in case
Hello Everyone,
I need to retrieve all payloads inserted by SQLMap into vulnerable
parameters. Is it possible?
Right now, in my output directory, I can see a log file with only one
payload example. Does the tool store all payloads that it injects? How can
I pull out this information?
Thanks,
Mit
