Hi Marek.
I've started to reply to your original mail and stopped because I've got
bunch of other work to finish.
My though is that we can't easily do this as a "feature" of sqlmap as it
would require *too much effort for a little or no gain* (in terms of
functionality).
Now, in your place I wou
After reading my own post I need to clarify this:
My drafted plan of modifying sqlmap was not thought to be a feature
request or change recommendation. At most it is an idea and I'd like to
read your further suggestions. If I can accomplish some of the more
sophisticated functions of sqlmap (file
Just wanted to share some of my ideas:
It is not the first time, that during a penetration test, we came over
an obviously blind-SQL-injectable WebApp, that uses comma characters to
split the input somehow. Hence we can't use comma within the injection
expression.
Usually this is a dead end, becau
