Hi
I've got an application that is vulnerable to SQLi in one of two
cookie parameters. The one that is injectable is the ASP.NET_SessionId
which has to start with a valid session id but then if given an extra
' on the end it fails and dumps out a nice SQL error.

So what I need to do is to tell sqlmap to inject onto the end of the
one cookie but leave the other intact. Is this possible?

Robin

------------------------------------------------------------------------------
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
The must-attend event for mobile developers. Connect with experts. 
Get tools for creating Super Apps. See the latest technologies.
Sessions, hands-on labs, demos & much more. Register early & save!
http://p.sf.net/sfu/rim-blackberry-1
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to