Hi.
To sum things up here:
1) "Follow the redirection" should be clear what it does
2) "Stay on the original page" uses the original URL and jumps there
(useful if there were some changes resulting in changes on the original
page - e.g. some session cookie was set resulting in "differentiation" of
the original page)
3) "Ignore" uses the redirection page itself (usually blank or simple one
with few lines) as the one for extracting the results (useful for boolean
based injections as those pages are usually dramatically different than the
originals)
About the "no follow up requests". There are indeed lots of cases when it's
useful to just imitate what browser does - follow the redirection to
whatever destination it goes. Also, "Ignore" should be suitable for your
case when you don't want sqlmap to follow the redirection.
Also, with the latest revision (r4864), -t traffic.txt should work properly
with that [3] Ignore option (no more non-existing requests)
Kind regards,
Miroslav Stampar
On Tue, Mar 13, 2012 at 6:07 PM, buawig <bua...@gmail.com> wrote:
> Hi,
>
> when testing URLs that result in redirects sqlmap offers three
> possibilities:
>
> [1] Follow the redirection (default)
> [2] Stay on the original page
> [3] Ignore
>
> If I answer with
> > 2
> or with
> > 3
>
> it still sends requests to the URL found in the Location: header.
>
> Is there a way to prevent these requests to the URL specified in the
> Location: header?
>
> Sqlmap should only query the url specified in -u parameter and analyze
> the responses - no follow up requests.
>
> thanks,
> buawig
>
>
> ------------------------------------------------------------------------------
> Keep Your Developer Skills Current with LearnDevNow!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-d2d
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
