Hello, When using sqlmap with the forms option, it does not send the cookies or headers specified on the command line. I'd like sqlmap to connect to the specified URL using the cookie(s) I specify and then process the forms on the response. Is there some way to do this, or does it require grabbing the response manually, or code changes to sqlmap?
Here is my sqlmap version: URL: https://svn.sqlmap.org/sqlmap/trunk/sqlmap Repository Root: https://svn.sqlmap.org/sqlmap Repository UUID: 7eb2e9d7-d917-0410-b3c8-b11144ad09fb Revision: 4687 Node Kind: directory Schedule: normal Last Changed Author: stamparm Last Changed Rev: 4687 Last Changed Date: 2012-01-16 21:28:21 +1100 (Mon, 16 Jan 2012) Here is the request with --forms: # sqlmap.py -u "http://<removed>/<removed>.php" --cookie="PHPSESSID=<removed>; username=<removed>" -v 6 --forms sqlmap/1.0-dev - automatic SQL injection and database takeover tool <snip> [09:30:50] [DEBUG] cleaning up configuration parameters [09:30:50] [DEBUG] setting the HTTP timeout [09:30:50] [DEBUG] setting the HTTP Cookie header [09:30:50] [DEBUG] setting the HTTP method to GET [09:30:50] [DEBUG] setting the HTTP proxy to pass by all HTTP requests [09:30:50] [DEBUG] creating HTTP requests opener object [09:30:50] [INFO] testing connection to the target url [09:30:50] [TRAFFIC OUT] HTTP request [#1]: GET /vote.php HTTP/1.1 Accept-Encoding: identity Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7 Host: s14513-20grcmuy.roma.coliseumlab.net Accept-language: en-us,en;q=0.5 Pragma: no-cache Cache-control: no-cache,no-store Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Connection: close Here is the request without --forms: # sqlmap.py -u "http://<removed>/<removed>.php" --cookie="PHPSESSID=<removed>; username=<removed>" -v 6 sqlmap/1.0-dev - automatic SQL injection and database takeover tool <snip> [09:31:20] [DEBUG] cleaning up configuration parameters [09:31:20] [DEBUG] setting the HTTP timeout [09:31:20] [DEBUG] setting the HTTP Cookie header [09:31:20] [DEBUG] setting the HTTP method to GET [09:31:20] [DEBUG] setting the HTTP proxy to pass by all HTTP requests [09:31:20] [DEBUG] creating HTTP requests opener object [09:31:20] [ERROR] [*] EH: start() [09:31:20] [ERROR] [*] EH: conf.url and not any conf.forms... [09:31:20] [INFO] using '/root/checkout/sqlmap-gitsvn/output/s14513-20grcmuy.roma.coliseumlab.net/session' as session file [09:31:20] [INFO] testing connection to the target url [09:31:20] [TRAFFIC OUT] HTTP request [#1]: GET /vote.php HTTP/1.1 Accept-Encoding: identity Accept-language: en-us,en;q=0.5 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-agent: sqlmap/1.0-dev (http://www.sqlmap.org) Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7 Host: s14513-20grcmuy.roma.coliseumlab.net Cookie: PHPSESSID=l82mfmirthmukct3kp7sj3gji2; username=MzAx Pragma: no-cache Cache-control: no-cache,no-store Connection: close Thanks, Abu ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
