Hi !
I've just found an injection via a JSON parameter which i've tested
manually and im trying to succeed with sqlmap.
But I cant find the way to tell sqlmap where to inject.
Via the --data parameter there is no way of tell where to inject like in
the URI injections with get and the * ?
I've tried also by the --prefix and --suffix to complete the post data to
send, but this parameters got messed up with all the JSON quotes. Sqlmap
returns the error ''You havent especified the sufix''.
Thanks for all ;)
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
