Hi Chris.
This all looks kind of strange. At your place I would try running sqlmap
against:
./sqlmap.py -u "www.target.com/forgot_password.html?1*"
Putting that 1'=1 looks to me like a big no no (if you take a good look
into the response you'll see for yourself that putting it does not make any
s
Hey guys, frustration is the name of the game. I have burp pro telling me
that it is a definite sql injection, but I cannot get sqlmap to find an
injection point. I have tried adding a * where the single quote is, using
the ?1 as prefix and =1 as suffix, and tuning the level and risk. I tried
lo
