Hello,
if I provide an URL with * like this:
http://target.com/path/to/index.php?id=12*&action=add&path=/path/to/&imgIndex=
sqlmap don't recognize valid get param in the urls:
[15:34:23] [WARNING] you've provided target url without any GET parameters
(e.g. www.site.com/article.php?id=1) and without providing any POST
parameters through --data option
do you want to try URI injections in the target url itself? [Y/n/q]
But looks like it inject correctly where I placed the wildcard.
Instead without * everything is working fine as usual.
So I am not sure if it's this some sort of bug or it's me misusing the *
option (i.e. if the url is not rewrote I should just use -p id).
Thanks,
Gianluca Brindisi
------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
