Hi Anindya.
With the latest commit (r4598) you should be able to do this (-p host).
Kind regards,
Miroslav Stampar
On Mon, Dec 19, 2011 at 12:29 PM, Miroslav Stampar <
miroslav.stam...@gmail.com> wrote:
> Hi.
>
> Sorry, but you'll have to wait a bit. Thing is that there is no easy
> "patch" solution for it.
>
> Kind regards
>
>
> On Sun, Dec 18, 2011 at 5:49 PM, A C <anindya.chakrabe...@yahoo.com>wrote:
>
>> I might be able to take a stab at hacking something up - where would I
>> attempt to add this functionality?
>>
>> --Anindya
>>
>> ------------------------------
>> *From:* Miroslav Stampar <miroslav.stam...@gmail.com>
>> *To:* A C <anindya.chakrabe...@yahoo.com>
>> *Cc:* "sqlmap-users@lists.sourceforge.net" <
>> sqlmap-users@lists.sourceforge.net>
>> *Sent:* Wednesday, December 14, 2011 11:03 AM
>> *Subject:* Re: [sqlmap-users] Injection in Host: header
>>
>> Hi.
>>
>> This moment there isn't support for Host header. I won't promise anything
>> but maybe it will be implemented these days.
>>
>> Kind regards
>>
>> On Mon, Dec 12, 2011 at 11:26 PM, A C <anindya.chakrabe...@yahoo.com>wrote:
>>
>> Hi sqlmap users,
>>
>> I've successfully used sqlmap to do wonderful things though parameters of
>> web applications but I've recently come across an app which seems to have a
>> possible injection flaw in the Host: header field. in other words, if I put
>> a single quote (or other SQL) in the Host: header with my normal HTTP
>> request, I will get back a MySQL error similar to the following:
>>
>> Error: <br />1064: You have an error in your SQL syntax; check the manual
>> that c
>> orresponds to your MySQL server version for the right syntax to use near
>> 'ORDER
>> BY pag_gr desc, pag_cat desc, pag_ide desc, sit_typ desc' at line 1
>>
>> I'm can't seem to find a way to use sqlmap to perform its normal magic -
>> is there a way to do this?
>>
>> Thanks!
>> --Anindya
>>
>>
>> ------------------------------------------------------------------------------
>> Learn Windows Azure Live! Tuesday, Dec 13, 2011
>> Microsoft is holding a special Learn Windows Azure training event for
>> developers. It will provide a great way to learn Windows Azure and what it
>> provides. You can attend the event by watching it streamed LIVE online.
>> Learn more at http://p.sf.net/sfu/ms-windowsazure
>> _______________________________________________
>> sqlmap-users mailing list
>> sqlmap-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>>
>>
>> --
>> Miroslav Stampar
>> http://about.me/stamparm
>>
>>
>>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Write once. Port to many.
Get the SDK and tools to simplify cross-platform app development. Create
new or port existing apps to sell to consumers worldwide. Explore the
Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join
http://p.sf.net/sfu/intel-appdev
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
