Hi.

Payload is a must because it's usable from practical point of view. It can
be copy pasted into the browser and used right away. Vector is just a form
how to make a payload. Sorry, but the final decision is like the way it is.

Kind regards,
Miroslav Stampar
On Feb 10, 2012 9:15 PM, "Till Maas" <opensou...@till.name> wrote:

> Hi Miroslav,
>
> On Fri, Feb 10, 2012 at 03:59:39PM +0100, Miroslav Stampar wrote:
>
> > Basically, IMO average user doesn't care about anything but the data
> > retrieval. But, nevertheless, find this "patch" included with the latest
> > commit (r4735). You'll be able to see the vector if you use greater
> verbose
> > mode than the default 1 (e.g. -v 2).
>
> thank you for including the patch. But I would like to propose to change
> payload and vector in the output. To me it looks more useful to display
> the vector instead of the payload in a normal use case. The Payload
> usually does not make it clear how a certain injection works and what it
> does without the information what the vector is. Therefore I do not see
> much value for the average user to see the payload without the vector.
> But the vector is useful without knowing the payload imho, because the
> actual values used for the payload are imho mainly useful for debugging.
>
> So my proposal is to show the vector instead of the payload by default
> and only the payload if the verbosity is greater than 1. Or do you know
> use cases for average users to know the payload?
>
> Regards
> Till
>
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to