[sqlmap-users] trouble with "Accept-Encoding"
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] trouble with "Accept-Encoding"
|
From: Philippe A. R. S. <sc...@co...> - 2008-12-05 16:11:58
|
Hi, using the current svn version sql-map wouldn't find an injection (using --string). In verbose output I saw that gzip Content-Encoding was used. This scrambles the -v5 output badly. After removing the appropriate line (390) from ./lib/core/option.py the injection was succesfully discovered. I didn't look any further. But there seems to be something broken with the handling of encoded responses. It would be helpful to be able to disable encoding as an option and if -v5 supplied the decoded response (as an option?). BTW, the server was: web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727 Regards, Philippe |
