Hi Anton, On 19 December 2012 19:16, Anton Sazonov <anton.sazo...@gmail.com> wrote: > > Bernardo, wouldn't it be wiser to remove the .tgz/.zip link altogether from > sqlmap.org? > > I mean, most of the people's failures fall into the category of "git the > latest version, would you".
Those .zip and tar.gz are generated from the very latest development version at each git push. The only disadvantage is that they're not git working directories (there's no .git/ folder) so cannot be kept updated. > [...] > On another note, could you or anyone kindly explain the newish --live-test? I > only see it in git fetch logs. And I don't much read Python. --live-test is used internally for development regression testing purposes whereby test cases are defined in xml/livetests.xml - it is a hidden switch needed only during the development to assert no bugs are introduced in existing and solid features following new developments. > Finally, please, eventually, do take care of issue #48 > (https://github.com/sqlmapproject/sqlmap/issues/48), specifically the > inability to inject into any fields, including HTTP headers. At the moment, sqlmap can detect and exploit SQL injections in Cookie, User-Agent and Referer headers, given you provide a high --level value (say 3 or above). Ability to inject in arbitrary headers will come, but is not top priority at the moment. -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) ------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users