Re: [sqlmap-users] GET parameters not being recognised
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] GET parameters not being recognised
|
From: Andres R. <and...@gm...> - 2009-07-14 12:45:39
|
Ryan, On Tue, Jul 14, 2009 at 9:21 AM, Ryan Dewhurst<rya...@gm...> wrote: > Hello, > While trying to run SQLMap on Windows Vista (PE version) I get the > following error: > > C:\Users\user\Desktop\sqlmap\sqlmap>sqlmap.exe --auth-type=BASIC > --auth-cred=user:password@ -u > http://localhost/pentest/module.php?ModuleName=com.rating.actions&RatingActionInput > Name=ggg&ProductReviewText=ggg&ProductRatingVoteValue=2&action=acExecRate&ProductID=1 You should use quotes around the URL: sqlmap.exe --auth-type=BASIC --auth-cred=user:password@ -u "http://localhost/pentest/module.php?ModuleName=com.rating.actions&RatingActionInputName=ggg&ProductReviewText=ggg&ProductRatingVoteValue=2&action=acExecRate&ProductID=1" At least that will work on Linux. > sqlmap/0.6.4 coded by Bernardo Damele A. G. <ber...@gm...> > and Daniele Bellucci <dan...@gm...> > > [*] starting at: 13:13:10 > > [13:13:10] [INFO] testing connection to the target url > [13:13:13] [INFO] testing if the url is stable, wait a few seconds > [13:13:18] [INFO] url is stable > [13:13:18] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic > [13:13:21] [WARNING] User-Agent parameter 'User-Agent' is not dynamic > [13:13:21] [INFO] testing if Cookie parameter > 'MIPHPF_SESSION-1631451101' is dynamic > [13:13:23] [WARNING] Cookie parameter 'MIPHPF_SESSION-1631451101' is not dynamic > [13:13:23] [INFO] testing if GET parameter 'ModuleName' is dynamic > [13:13:27] [WARNING] GET parameter 'ModuleName' is not dynamic > > [*] shutting down at: 13:13:27 > > 'RatingActionInputName' is not recognized as an internal or external command, > operable program or batch file. > 'ProductReviewText' is not recognized as an internal or external command, > operable program or batch file. > 'ProductRatingVoteValue' is not recognized as an internal or external command, > operable program or batch file. > 'action' is not recognized as an internal or external command, > operable program or batch file. > 'ProductID' is not recognized as an internal or external command, > operable program or batch file. > > Any help much apretiated. > > Ryan > > ------------------------------------------------------------------------------ > Enter the BlackBerry Developer Challenge > This is your chance to win up to $100,000 in prizes! For a limited time, > vendors submitting new applications to BlackBerry App World(TM) will have > the opportunity to enter the BlackBerry Developer Challenge. See full prize > details at: http://p.sf.net/sfu/Challenge > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ |
