Hi Miroslav,
The situation is that I can't rerun or hit the system again for a couple of
days due to a business issue. In the meanwhile, I need to extract all
payloads injected from the scan that I already ran today. If I cannot see
payloads from the exploit phase, can you please point me to the logic in
the code where these payloads are generated? I saw a few xml files under
the payloads folder, and along with these xml files and the code, I can try
to reverse engineer and probably regenerate those payloads again. I am
assuming that the same payloads are generated in every scan for a given
database type (say Oracle)?
Thanks,
Mithun
On Jan 20, 2016 6:19 PM, "Miroslav Stampar" <miroslav.stam...@gmail.com>
wrote:
> You can see all testing payloads by rerunning with -v 3.
>
> You can't see payloads that sqlmap generated during the exploitation
> phase. Results of those payloads are stored inside the appropriate
> session.sqlite, but with hashed queries/payloads. Without doing this
> session files would explode in case of huge table dumps.
>
> Bye
>
> On Wed, Jan 20, 2016 at 1:04 PM, Mithun Vaidhyanathan <
> mithun.vaidhyanat...@owasp.org> wrote:
>
>> Hello Everyone,
>>
>> I need to retrieve all payloads inserted by SQLMap into vulnerable
>> parameters. Is it possible?
>>
>> Right now, in my output directory, I can see a log file with only one
>> payload example. Does the tool store all payloads that it injects? How can
>> I pull out this information?
>>
>> Thanks,
>> Mithun
>>
>>
>> ------------------------------------------------------------------------------
>> Site24x7 APM Insight: Get Deep Visibility into Application Performance
>> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>> Monitor end-to-end web transactions and take corrective actions now
>> Troubleshoot faster and improve end-user experience. Signup Now!
>> http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
>> _______________________________________________
>> sqlmap-users mailing list
>> sqlmap-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
