Hi, I am testing an application, which works in this way: You send a request as a POST request and application returns 302 Found. Web browser uses location field to send a GET request for updated site. When I test this with Sqlmap, it asks me whether I want to follow 302 redirect (I answer yes) and whether I want to resubmit the request to eh new page (I answer NO). However, when I look at the generated thraffic file, I can see something like this: HTTP request [#1]: POST /target_url HTTP/1.1 Accept-language: en-US,en;q=0.5 Accept-encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7 Host: 192.168.56.102:8443 Cookie: JSESSIONID=538470CD02AD9190BCC92DC434C6C9BD Pragma: no-cache Cache-control: no-cache,no-store Referer: https://192.168.56.102:8443/target_url Content-type: application/x-www-form-urlencoded Content-length: 17 Connection: close
newState=DISABLED HTTP redirect [#1] (302 Found): Content-length: 0 Content-language: en-US Server: Apache-Coyote/1.1 Connection: close Location: https://192.168.56.102:8443/target_url Date: Fri, 12 Jun 2015 15:16:16 GMT ############################################################################ HTTP request [#1]: POST \/target_url HTTP/1.1 Accept-language: en-US,en;q=0.5 Accept-encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7 Host: 192.168.56.102:8443 Cookie: JSESSIONID=538470CD02AD9190BCC92DC434C6C9BD Pragma: no-cache Cache-control: no-cache,no-store Referer: https://192.168.56.102:8443/target_url Content-type: application/x-www-form-urlencoded Content-length: 17 Connection: close newState=DISABLED HTTP response [#1] (200 OK): Content-language: en-US Transfer-encoding: chunked Uri: https://192.168.56.102:8443/redirected_url Server: Apache-Coyote/1.1 Connection: close Date: Fri, 12 Jun 2015 15:16:29 GMT Content-type: text/html;charset=UTF-8 <!DOCTYPE html> <html> <head> etc. I have redacted it a but the "target_url" is the same for all requests and responses. So I can see that Sqlmap still POSTs the query to the site pointed by location header instead of just GETting it, although I explicitly denied that. Could you please look into this? Thanks, Vojta ------------------------------------------------------------------------------ _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
