Yes, I need to provide the JSESSIONID. If don’t, it will redirect to login page.
发件人: Brandon Perry [mailto:bperry.volat...@gmail.com] 发送时间: 2015年6月15日 9:51 收件人: guoyangjuan 抄送: sqlmap-users@lists.sourceforge.net; Longxiang 主题: Re: [sqlmap-users] Cannot identify JSON parameters Do you need to provide the JSESSIONID as well? On Jun 14, 2015, at 8:34 PM, guoyangjuan <guoyangj...@huawei.com<mailto:guoyangj...@huawei.com>> wrote: Hi, Thanks for your prompt reply. I’ve tried outer single quotes just as you suggested, but I still get the "no parameter(s) found" message. Any ideas? Kind regards, Guo 发件人: Brandon Perry [mailto:bperry.volat...@gmail.com] 发送时间: 2015年6月12日 21:37 收件人: guoyangjuan 抄送: sqlmap-users@lists.sourceforge.net<mailto:sqlmap-users@lists.sourceforge.net>; Longxiang 主题: Re: [sqlmap-users] Cannot identify JSON parameters --data="{"apn":"requestApn","language":"zh_CN"}" That is not the correct way to specify JSON, should use outer single quotes. --data='{"apn":"requestApn","language":"zh_CN"}' On Fri, Jun 12, 2015 at 4:29 AM, guoyangjuan <guoyangj...@huawei.com<mailto:guoyangj...@huawei.com>> wrote: Hi, I'm using sqlmap/1.0-dev-nongit-20150608 to test the following JSON request that I extracted from Burp and censored a bit: ---------------------------------------------------------------------- POST /SomeURL/getApns.action HTTP/1.1 Host: IP:8443 User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:34.0) Gecko/20100101 Firefox/34.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type: application/json; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: https://IP:8443/SomeURL/show_apn_page.jsp?now=Fri%20Jun%2012%202015%2009:34:42%20GMT+0800<https://ip:8443/SomeURL/show_apn_page.jsp?now=Fri%20Jun%2012%202015%2009:34:42%20GMT+0800> Content-Length: 39 Cookie: JSESSIONID=40E3B9CDA12CF88200D301CCC1163F2B; locale=zh_CN; org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=zh_CN; HttpOnly=true; locked=false; timeNum=1434072883045; timeState=true; loginUserName=SomeUser; lockScreen=false Connection: keep-alive Pragma: no-cache Cache-Control: no-cache {"apn":"requestApn","language":"zh_CN"} ---------------------------------------------------------------------- I tried the following command to do the SQL injection test, but it ended up with "no parameter(s) found" message. ----------------------------------------------------------------------- Command: sqlmap.py -u "https://SomeURL/getApns.action<https://someurl/getApns.action>" --cookie="JSESSIONID=40E3B9CDA12CF88200D301CCC1163F2B; locale=zh_CN; org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=zh_CN; HttpOnly=true; locked=false; timeNum=1434072883045; timeState=true; loginUserName=SomeUser; lockScreen=false" --data="{"apn":"requestApn","language":"zh_CN"}" --ignore-proxy --dbms "MySQL" ----------------------------------------------------------------------- Log: [*] starting at 09:36:31 [09:36:31] [INFO] testing connection to the target URL [09:36:33] [INFO] testing if the target URL is stable. This can take a couple of seconds [09:36:35] [INFO] target URL is stable [09:36:35] [CRITICAL] no parameter(s) found for testing in the provided data (e. g. GET parameter 'id' in 'www.site.com/index.php?id=1<http://www.site.com/index.php?id=1>') [*] shutting down at 09:36:35 ----------------------------------------------------------------------- Then I saved the post JSON request to file “testURL.txt” and tried “sqlmap.py –r d:\testURL.txt ”, It can perfectly identify JSON parameters: ----------------------------------------------------------------------- Log: [*] starting at 09:43:58 [09:43:58] [INFO] parsing HTTP request from 'd:\testURL.txt' JSON data found in POST data. Do you want to process it? [Y/n/q] Y [09:44:06] [INFO] testing connection to the target URL [09:44:07] [WARNING] the web server responded with an HTTP error code (400) which could interfere with the results of the tests [09:44:07] [INFO] testing if the target URL is stable. This can take a couple of seconds [09:44:08] [INFO] target URL is stable [09:44:08] [INFO] testing if (custom) POST parameter 'JSON apn' is dynamic ... [09:45:01] [INFO] testing if (custom) POST parameter 'JSON language' is dynamic ... ----------------------------------------------------------------------- Why it behaved differently? For some reason, I can only use “sqlmap.py –u SomeURL --cookie=SomeCookie --data=JSON data” to do the test. Can sqlmap identify JSON post data using the above command? How do I achieve this? Kind regards, Guo ------------------------------------------------------------------------------ _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net<mailto:sqlmap-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/sqlmap-users -- http://volatile-minds.blogspot.com<http://volatile-minds.blogspot.com/> -- blog http://www.volatileminds.net<http://www.volatileminds.net/> -- website
------------------------------------------------------------------------------
_______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
