Hi,
during my pentests I've found several Blind SQL Injection that could be
exploited just by authenticated users (I obviously mean web authentication
not NTLM/Basic authentication).
In most of these cases, a FALSE boolean response of a sql injection logged
the user off, and I needed re-authenticate to launch the exploit again. Is
there a way to configure sqlmap to re-authenticate automatically in case of
a FALSE response? Some sort of a two step injection (authentication +
injection) in particular cases (eg. FALSE response)?
Best regards,
Jeremy
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
