Re: [sqlmap-users] GET parameters not being recognised
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] GET parameters not being recognised
|
From: Ryan D. <rya...@gm...> - 2009-07-14 12:47:47
|
2009/7/14 Andres Riancho <and...@gm...>: > Ryan, > > On Tue, Jul 14, 2009 at 9:21 AM, Ryan Dewhurst<rya...@gm...> wrote: >> Hello, >> While trying to run SQLMap on Windows Vista (PE version) I get the >> following error: >> >> C:\Users\user\Desktop\sqlmap\sqlmap>sqlmap.exe --auth-type=BASIC >> --auth-cred=user:password@ -u >> http://localhost/pentest/module.php?ModuleName=com.rating.actions&RatingActionInput >> Name=ggg&ProductReviewText=ggg&ProductRatingVoteValue=2&action=acExecRate&ProductID=1 > > You should use quotes around the URL: > > sqlmap.exe --auth-type=BASIC --auth-cred=user:password@ -u > "http://localhost/pentest/module.php?ModuleName=com.rating.actions&RatingActionInputName=ggg&ProductReviewText=ggg&ProductRatingVoteValue=2&action=acExecRate&ProductID=1" > > At least that will work on Linux. Aye that worked! Thanks Andres. >> sqlmap/0.6.4 coded by Bernardo Damele A. G. <ber...@gm...> >> and Daniele Bellucci <dan...@gm...> >> >> [*] starting at: 13:13:10 >> >> [13:13:10] [INFO] testing connection to the target url >> [13:13:13] [INFO] testing if the url is stable, wait a few seconds >> [13:13:18] [INFO] url is stable >> [13:13:18] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic >> [13:13:21] [WARNING] User-Agent parameter 'User-Agent' is not dynamic >> [13:13:21] [INFO] testing if Cookie parameter >> 'MIPHPF_SESSION-1631451101' is dynamic >> [13:13:23] [WARNING] Cookie parameter 'MIPHPF_SESSION-1631451101' is not dynamic >> [13:13:23] [INFO] testing if GET parameter 'ModuleName' is dynamic >> [13:13:27] [WARNING] GET parameter 'ModuleName' is not dynamic >> >> [*] shutting down at: 13:13:27 >> >> 'RatingActionInputName' is not recognized as an internal or external command, >> operable program or batch file. >> 'ProductReviewText' is not recognized as an internal or external command, >> operable program or batch file. >> 'ProductRatingVoteValue' is not recognized as an internal or external command, >> operable program or batch file. >> 'action' is not recognized as an internal or external command, >> operable program or batch file. >> 'ProductID' is not recognized as an internal or external command, >> operable program or batch file. >> >> Any help much apretiated. >> >> Ryan >> >> ------------------------------------------------------------------------------ >> Enter the BlackBerry Developer Challenge >> This is your chance to win up to $100,000 in prizes! For a limited time, >> vendors submitting new applications to BlackBerry App World(TM) will have >> the opportunity to enter the BlackBerry Developer Challenge. See full prize >> details at: http://p.sf.net/sfu/Challenge >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > |
