Re: [sqlmap-users] Session Issue
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Session Issue
|
From: Chris O. <chr...@gm...> - 2011-01-19 14:21:28
|
Thank you Bernardo! On 19 January 2011 14:15, Bernardo Damele A. G. <ber...@gm...>wrote: > If you use it each time, yes. It does not necessarily have to be in > output/. Any path where you have rw access is ok. > > > Bernardo Damele A. G. > > This message was sent from a smartphone > > On 19 Jan 2011, at 14:13, Chris Oakley <chr...@gm...> > wrote: > > So if I use it like this: > > -s output/dir/filename > > Each time I use the command it will avoid this issue? > > Chris > > On 19 January 2011 14:08, Bernardo Damele A. G. <<ber...@gm...> > ber...@gm...> wrote: > >> Chris, >> >> Sqlmap constantly write the session file during a run so it is not >> supposed to be run concurrently twice or more times against the same URL. If >> you really need so specify a different session file to use with switch -s. >> >> Bernardo Damele A. G. >> >> This message was sent from a smartphone >> >> On 19 Jan 2011, at 13:58, Chris Oakley < <chr...@gm...> >> chr...@gm...> wrote: >> >> I've been runnning two simultaneous tests on the same domain, but >> different pages. Previously, when I've completed a test, the session is >> saved in such a way that when the test ends it will jump straight to the >> injection points if it found any when I execute the same or similar >> commands. Now, if I execute the exact same command again, it seems to start >> testing right over from the beginning - and this takes ages. >> >> I am scanning <http://www.example.com/blah/?foo=bar><http://www.example.com/blah/?foo=bar> >> www.example.com/blah/?foo=bar and <http://www.example.com/foo/bar><http://www.example.com/foo/bar> >> www.example.com/foo/bar at the same time, and the output directory only >> has <http://www.example.com> <http://www.example.com>www.example.com with >> a single session file that just looks like >> >> [11:20:37 01/19/11] >> >> [13:41:41 01/19/11] >> >> and a log file that contains the 4 injection points but nothing else. The >> other scan has also found some injection points but none of these feature in >> either of these two files. >> >> Is this because I'm running two tests on the same domain or is it >> something that's broken in the latest dev version? Or is it something >> else? I've tried this with the last few revisions and the latest revision >> on Windows and Linux boxes - same result. >> >> Regards >> >> Chris >> >> >> ------------------------------------------------------------------------------ >> Protect Your Site and Customers from Malware Attacks >> Learn about various malware tactics and how to avoid them. Understand >> malware threats, the impact they can have on your business, and how you >> can protect your company and customers by using code signing. >> <http://p.sf.net/sfu/oracle-sfdevnl>http://p.sf.net/sfu/oracle-sfdevnl >> >> _______________________________________________ >> sqlmap-users mailing list >> <sql...@li...>sql...@li... >> <https://lists.sourceforge.net/lists/listinfo/sqlmap-users> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > |
