Thanks! Now I'm getting better results ;) On Wed, Oct 23, 2013 at 1:08 PM, Miroslav Stampar <miroslav.stam...@gmail.com> wrote: > It should be fixed now :) > > Bye > > > On Wed, Oct 23, 2013 at 5:55 PM, Andres Riancho <andres.rian...@gmail.com> > wrote: >> >> All right, thanks! :) >> >> On Wed, Oct 23, 2013 at 12:20 PM, Miroslav Stampar >> <miroslav.stam...@gmail.com> wrote: >> > Hi Andres. >> > >> > Expect a fix ASAP (<1 hour). >> > >> > Bye >> > >> > On Oct 23, 2013 5:18 PM, "Andres Riancho" <andres.rian...@gmail.com> >> > wrote: >> >> >> >> I'm capturing sqlmap's traffic using burp and I see: >> >> >> >> >> >> >> >> %5C_%5C_PAYLOAD%5C_DELIMITER%5C_%5C_frmContact%5C%22%5C%29%5C%29%5C%29%5C%20RLIKE%5C%20%5C%28SELECT%5C%20%5C%28CASE%5C%20WHEN%5C%20%5C%282371%5C=2371%5C%29%5C%20THEN%5C%200x66726d436f6e74616374%5C%20ELSE%5C%200x28%5C%20END%5C%29%5C%29%5C%20AND%5C%20%5C%28%5C%28%5C%28%5C%22aruB%5C%22%5C%20LIKE%5C%20%5C%22aruB%5C_%5C_PAYLOAD%5C_DELIMITER%5C_%5C_ >> >> >> >> Decoded: >> >> >> >> \_\_PAYLOAD\_DELIMITER\_\_frmContact\"\)\)\)\ RLIKE\ \(SELECT\ \(CASE\ >> >> WHEN\ \(2371\=2371\)\ THEN\ 0x66726d436f6e74616374\ ELSE\ 0x28\ >> >> END\)\)\ >> >> AND\ \(\(\(\"aruB\"\ LIKE\ \"aruB\_\_PAYLOAD\_DELIMITER\_\_ >> >> >> >> I suspect that PAYLOAD_DELIMITER was intended to be replaced before >> >> being sent? >> >> >> >> Also, what's with all the %5C? There is also a strange thing in this >> >> request "RLIKE", which I suppose should be "OR LIKE" ? >> >> >> >> sqlmap/1.0-dev-28529a9 >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> October Webinars: Code for Performance >> >> Free Intel webinars can help you accelerate application performance. >> >> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the >> >> most >> >> from >> >> the latest Intel processors and coprocessors. See abstracts and >> >> register > >> >> >> >> >> >> http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk >> >> _______________________________________________ >> >> sqlmap-users mailing list >> >> sqlmap-users@lists.sourceforge.net >> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> -- >> Andrés Riancho >> Project Leader at w3af - http://w3af.org/ >> Web Application Attack and Audit Framework >> Twitter: @w3af >> GPG: 0x93C344F3 > > > > > -- > Miroslav Stampar > http://about.me/stamparm
-- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
