Re: [sqlmap-users] Anyone having trouble with --eval?

Tue, 21 Aug 2012 05:08:21 -0700 

Hi Sergio.

Sorry for not responding earlier. Just opened an issue [1] for this bug.
Will try to fix it today.

Kind regards,
Miroslav Stampar

[1] https://github.com/sqlmapproject/sqlmap/issues/157

On Fri, Aug 17, 2012 at 2:10 PM, Sergio Molina <smol...@wpr.es> wrote:

> Hi there
>
> Just downloaded latest dev version (actually I did yesterday). I am having
> trouble with --eval, sqlmap complains when running evaluateCode with
> modified parameters (something like pincode=abc123'' stuff). More
> precisely,  the following lines in lib/request/connect.py:
>
> for part in item.split(delimiter):
>   if '=' in part:
>     name, value = part.split('=', 1)
>     evaluateCode(”%s='%s'” % (name, value), variables)
>
> When providing next value for --eval:
>
> --eval "import random;import urllib2;numRequest=random.randint(1,
> 999999999);userId='sql...@wpr.es'+str(numRequest);headers = {
> 'Accept-Language' : 'en-us,en;q=0.5    '}; req =
> urllib2.Request('${SAFE_UPSELL_URL}&userId='+ userId, None, headers);
> response = urllib2.urlopen(req);"
>
> Just want to do something like --safe-url and --safe-freq combination but
> using same userId fo both related requests while using different userId for
> every other pair of requests.
>
> Sorry I am not good at python. Am I missing anything ? Or is it a bug ?
>
> Thanks in advance !
>
> Regards
> Sergio M
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>


-- 
Miroslav Stampar
http://about.me/stamparm

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to