Re: [sqlmap-users] proxy/non-proxy behavior is different
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] proxy/non-proxy behavior is different
|
From: <li...@li...> - 2009-04-16 15:53:10
|
Well, I can see this thread is going nowhere and wreaks of sarcasm rather than a discussion of a differences found using sqlmap in proxy mode. The session tokens work fine not using sqlmap in proxy mode. On Thu, Apr 16, 2009 at 05:34:55PM +0100, Pragmatk wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > li...@li... wrote: > > I was noting a difference between how sqlmap works in proxy > > vs non-proxy mode to the point where obtained session tokens > > will not work. I am inquiring if there is a way to make > > sqlmap work differently, regardless of protocol. > The proxy feature works perfectly well. It is your proxy - or rather: > your use of it - that is incorrect. That being said, I'm guessing Burp > probably has some sort of feature capable of rewrite requests. If not, I > suggest you write one. > > > Session credentials are obtained using firefox to burp suite. > > Running sqlmap through burp using the same obtained session > > token does not work because sqlmap uses different requests > > than the obtained token. > Err, I lost you there. I thought your issue was sqlmap's > http://host:port/requesturi-requests that screwed your sessions? How are > the session tokens passed? Are you supplying them correctly to sqlmap? > > - -- > Joe / "Pragmatk" > [ 6426 C563 2592 0BB8 5193 797E 1A09 9E97 323C 7837 ] > [ gpg --recv-keys --keyserver pgp.mit.edu 0x323C7837 ] |
