Hi I've got an application that is vulnerable to SQLi in one of two cookie parameters. The one that is injectable is the ASP.NET_SessionId which has to start with a valid session id but then if given an extra ' on the end it fails and dumps out a nice SQL error.
So what I need to do is to tell sqlmap to inject onto the end of the one cookie but leave the other intact. Is this possible? Robin ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1 _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users