Get yourself the burp proxy
(http://portswigger.net/burp/downloadfree.html), configure sqlmap to use
the proxy (via the '--proxy' parameter) and check the requests that
passed through the proxy.

Cheers
Dennis


Am 08.05.2012 12:45, schrieb Lukas Rist:
> Hi Bernardo,
>
> On Tue, May 8, 2012 at 12:39 PM, Bernardo Damele A. G.
> <bernardo.dam...@gmail.com> wrote:
>> Increase verbosity to 3, read the output, it says the payload used
>> when detection phase finishes and injections are identified and
>> generally speaking, read the user's manual.
> I'm actually more interested in those injections and the patterns used
> for detection which are not successful. And if I've read the manual
> right, no verbosity level provides this kind of information.
>
>
> Lukas
>
>> Bernardo
>>
>>
>> On 8 May 2012 12:37, Lukas Rist <glas...@gmail.com> wrote:
>>> Hello,
>>>
>>> Is there a possibility to get the patter sqlmap has used to determine
>>> the injection (i.e. error based) success?
>>> I want to get some insight how sqlmap decides if a parameter is
>>> vulnerable or not.
>>>
>>>
>>> Thanks,
>>> Lukas
>>>
>>> ------------------------------------------------------------------------------
>>> Live Security Virtual Conference
>>> Exclusive live event will cover all the ways today's security and
>>> threat landscape has changed and how IT managers can respond. Discussions
>>> will include endpoint security, mobile security and the latest in malware
>>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>>> _______________________________________________
>>> sqlmap-users mailing list
>>> sqlmap-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>> --
>> Bernardo Damele A. G.
>>
>> Homepage: http://about.me/inquis
>> E-mail / Jabber: bernardo.damele (at) gmail.com
>> Mobile: +447788962949 (UK 07788962949)
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and 
> threat landscape has changed and how IT managers can respond. Discussions 
> will include endpoint security, mobile security and the latest in malware 
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to