Miroslav, great! Makes me and my customer happy!
Thomas
Von: Miroslav Stampar [mailto:miroslav.stam...@gmail.com]
Gesendet: Freitag, 25. Mai 2012 01:12
An: Thomas Schreiber
Cc: sqlmap-users@lists.sourceforge.net
Betreff: Re: [sqlmap-users] Not url-encoding POST-data possible?
Hi Thomas.
With the latest r5076 you'll get a new switch '--skip-urlencode' which tells
sqlmap to skip URL encoding of POST data.
Kind regards,
Miroslav Stampar
On Thu, May 24, 2012 at 11:56 AM, Miroslav Stampar
<miroslav.stam...@gmail.com> wrote:
Hi.
There is no such option, but something will be done (e.g. --skip-urlencode).
Will keep you updated.
Kind regards
On May 23, 2012 9:56 PM, "Thomas Schreiber" <ts2...@googlemail.com> wrote:
Hi,
can I tell sqlmap to not url-encode POST-data?
In my case a php webservice complains about not getting a '<' as first
character:
Warning: simplexml_load_string(): Entity: line 1: parser error : Start
tag expected, '<' not found in...
Warning: simplexml_load_string(): %3Crequest...
The reason is, that sqlmap sends the payload url-encoded:
%3CRequest%3E%3CID%3E111*%3C/ID>%3C%2FRequest%3E
Trying the same request in burp without urlencoding like this:
<Request><ID>111*</ID></Request>
does not produce the error
Thanks!
Thomas
----------------------------------------------------------------------------
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users