[sqlmap-users] Help with Testable Parameters
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Help with Testable Parameters
|
From: John O. <jo...@gm...> - 2010-08-13 20:51:39
|
Hi all. I am just starting using sqlmap 0.8 (on windows XP) to get SQL map to test SQL injection against my web application (LAMP). It seems like it's not finding my testable parameters because the get request is as follows: GET /data/usersupplieddata HTTP/1.1 and not like the typical get_int.php?id=1 etc. I've tried the -p option as follows: -p "usersupplieddata" I am getting the error message as follows: 16:30:29] [DEBUG] initializing the configuration 16:30:29] [DEBUG] initializing the knowledge base 16:30:29] [DEBUG] cleaning up configuration parameters 16:30:29] [DEBUG] setting the HTTP timeout 16:30:29] [DEBUG] setting the HTTP Cookie header 16:30:29] [DEBUG] setting the HTTP method to GET 16:30:29] [DEBUG] forcing back-end DBMS to user defined value 16:30:29] [DEBUG] forcing back-end DBMS operating system to user defined value 16:30:29] [DEBUG] creating HTTP requests opener object 16:30:29] [DEBUG] parsing XML queries file 16:30:29] [WARNING] the testable parameter 'usersupplieddata' you provided is not into the Cookie 16:30:29] [ERROR] all testable parameters you provided are not present within the GET, POST and Cookie parameters I have confirmed that that string is in fact being sent to the Web server as in the above request, so I'm confused at the error message. Does anyone have any suggestions, or have they encountered this type of situation? Thanks in advance John |
