Re: [sqlmap-users] proxy/non-proxy behavior is different
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] proxy/non-proxy behavior is different
|
From: Pragmatk <pra...@gm...> - 2009-04-16 14:05:23
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
li...@li... wrote:
> I'm currently conducting a pen-test where I am successfully able to
> enumerate data from a database using sqlmap (blind sql injection).
Since you're pentesting web applications, and because you decided to
read --help before posting, So surely you know how a HTTP proxy works.
> My session cookies will working when not using the proxy in sqlmap.
> Using the proxy setting will not work (proxy through burp suite).
> When not using the proxy, sqlmap will use a GET request without the
> host:port information and just use the /url.
Based on the facts that you
1) Have read --help
and 2) Are pentesting web applications
and 3) (Based one (2)) Know how a HTTP proxy works
I conclude that you're inquiring about the possibility of having sqlmap
go take a shit on the HTTP proxy protocol and break its built-in proxy
support. What I fail to understand is what you're looking to gain by
doing so.
- --
Joe / "Pragmatk"
[ 6426 C563 2592 0BB8 5193 797E 1A09 9E97 323C 7837 ]
[ gpg --recv-keys --keyserver pgp.mit.edu 0x323C7837 ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJJ50gWAAoJEBoJnpcyPHg3VsAQAL53bjZwdYPrgGP9ldmXyjnt
mdTdsfOPRzEz0I6o4PsjKDQ5uPkivIVE+x6LRW16YTTIWay+0jauU1gEFAWOkO8g
dcxRRHz5kZ3mrm5TYA9VFmkZGCvwSp6hvrHAiFVcWKFcjelW8zH/LS3Dc+YcS8q7
6/bOxk3CnDPmwNujIlfZTtWzVb/t++BJAfCma39Q2g5+xg32rKCGjWJ9hzDXMWgj
DxvV/BZtYmUpvjAkpdkgXs8rdyy26UYKt01z65Vb31csZ1F0/Chym4tOxRi1nhsV
vgHivE97p/ABOMbeirdzeKMD6XQhgSCZkUPA8L9ABuSwcPA5ICJ8jgWBdlxZsKS6
ZMM+TDdBV2Ciu6kUEdN/dX6RoTx7izCarkNqMrwqSkXVSUFyiBzS0aQ6z0KJOs40
jkTJsD8wG+UnaX8zrDpG++96PcoUiIhihPhIGu0NWUgcTkHGbS4ySag9TaAzsqyn
TCHjiyzd9VsKyP39pU5vN+PZgg3322RR9KSvbManJOuA+0kta2R+4bYnQ8zhQO4X
nFuNB8p6P91/nMLhQ7+JIxvtcbVAI4CToBV69MDqjFjk0wtUDH9s1qltgk87RDIC
ekQ+PZfkO4oU+CRVaLJWN6b/RYkR0vT2nhBp/JQQvUp27mZRSTSDXYu7ozVR3Cu+
yyykYJoy5Ttb8FKpuTnM
=Ev4c
-----END PGP SIGNATURE-----
|
