Hello, During one assessment I have found the web application that is vulnerable to the SQL injection not in parameter values but in parameter names itself.
This is something sqlmap is unable to find. Is it possible to add such functionality (e.g. by optional parameter) to sqlmap? Regards Karel Marhoul ------------------------------------------------------------------------------ Own the Future-Intel® Level Up Game Demo Contest 2013 Rise to greatness in Intel's independent game demo contest. Compete for recognition, cash, and the chance to get your game on Steam. $5K grand prize plus 10 genre and skill prizes. Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
