[sqlmap-users] Sqlmap missing a get param?
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Sqlmap missing a get param?
|
From: Chris O. <chr...@gm...> - 2011-02-04 16:27:36
|
Hi all I've just issued the following command using the latest revision of sqlmap .9: C:\Program Files\sqlmap-0.9>python sqlmap.py -u "http://x.x.x.x/index.php?r oute=product/manufacturer&manufacturer_id=1&sort=pd.name &order=DESC&page=18&scri pt1296664523519=12345" --text-only --proxy "http://127.0.0.1:8085" --level=5 --r isk=3 --flush-session Partial output from this command is as follows: [16:22:21] [INFO] flushing session file [16:22:21] [INFO] testing connection to the target url [16:22:21] [INFO] testing if the url is stable, wait a few seconds [16:22:23] [INFO] url is stable [16:22:23] [INFO] testing if GET parameter 'sort' is dynamic [16:22:24] [WARNING] GET parameter 'sort' is not dynamic [16:22:24] [WARNING] heuristic test shows that GET parameter 'sort' might not be injectable [16:22:24] [INFO] testing sql injection on GET parameter 'sort' The parameter I'm specifically looking at as potentially injectable is "manufacturer_id" but sqlmap starts at 'sort' and then moves through to the end of the param list, then ends, totally bypassing the first parameter. For testing purposes if you install a clean version of the latest open cart, you should be able to replicate this. Regards Chris |
