Hello guys, recently came accross the following $ ./sqlmap.py -u "http://site/cgi-bin/abc.cgi?action=view_a;id=18;aid=1" -p aid --dbms=mysql --is-dba
sqlmap/1.0-dev (r4395) - automatic SQL injection and database takeover tool http://www.sqlmap.org [!] legal disclaimer: usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program [*] starting at 04:12:54 [04:12:54] [WARNING] the testable parameter 'aid' you provided is not inside the GET [04:12:54] [CRITICAL] all testable parameters you provided are not present within the GET, POST and Cookie parameters [*] shutting down at 04:12:54 sqlmap executed successfully when substituted ";" with "&": $ ./sqlmap.py -u "http://site/cgi-bin/abc.cgi?action=view_a&id=18&aid=1" -p aid --dbms=mysql --is-dba Trust you will fix this :) thanks -- AM (secuid0) Key ID: 0x5EB17EE7 ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users