Re: [sqlmap-users] How to authenticate Central Authentication Service(CAS) with SQLMap?
Brought to you by:
inquisb
From: Sherif El-D. <arc...@gm...> - 2011-10-09 04:07:40
|
This is how you should do it: 1- login to CAS with valid credentials using your browser. 2- after successful login, get your session cookie "use any proxy, firebux, or any other way" 3- after that, run sqlmap using the "--cookie=COOKIE", it will work :) Sherif Eldeeb On Sat, Oct 8, 2011 at 10:18 AM, Metin Emenullahi <me...@mt...>wrote: > Hi there, > > I have a problem with CAS. I have a website which has several applications > based on CAS and I want to do some SqlInjection tests in order to close > holes in the system as much as possible. But because of the ticket system of > CAS, I couldn't pass the login screen with SQLMap. How can I login to the > site, by providing username and password via SQLMap? > > Thanks in advance. > > > -- > > -- o -- > Metin Emenullahi > IEEE METU Student Branch > System Administrator > > > ------------------------------------------------------------------------------ > All of the data generated in your IT infrastructure is seriously valuable. > Why? It contains a definitive record of application performance, security > threats, fraudulent activity, and more. Splunk takes this data and makes > sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-d2dcopy2 > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > |