I would say just use a virtual machine. Grab a copy of backtrack, update sqlmap, and start from there.
VirtualBox is a free, open source virtualization suite that runs on windows. You will have a much better time interacting with sqlmap. On Mon, Nov 21, 2011 at 1:39 PM, Iago Sousa <146050...@gmail.com> wrote: > What is the fld? > > On Mon, Nov 21, 2011 at 10:30 AM, Bob Simonoff <b...@simonofffamily.com> > wrote: >> >> I have been asked to test a web site for SQL injection. The website uses >> POST and the parameter names all have the 3 characters %26 (percent 26) as a >> separator. This makes thinks difficult, since I am running sqlmap from >> windows. First windows is trying to substitute %2 as the second argument of >> the command line, but python is also at play here. I have not found an >> escape sequence that allows both windows and python to be happy. I have >> tried various combinations of ^, \, and %% to no avail. >> >> So an example of post data would be: >> --data="fld%26First=Bob&fld%26Last=Jones" >> >> Can anyone provide a recommendation? >> >> Thanks >> Bob >> >> Apologies if this appears twice, I had trouble with my subscription >> >> ------------------------------------------------------------------------------ >> All the data continuously generated in your IT infrastructure >> contains a definitive record of customers, application performance, >> security threats, fraudulent activity, and more. Splunk takes this >> data and makes sense of it. IT sense. And common sense. >> http://p.sf.net/sfu/splunk-novd2d >> _______________________________________________ >> sqlmap-users mailing list >> sqlmap-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Iago Sousa > > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure > contains a definitive record of customers, application performance, > security threats, fraudulent activity, and more. Splunk takes this > data and makes sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-novd2d > _______________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
