Re: [sqlmap-users] Sqlmap missing a get param?
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Sqlmap missing a get param?
|
From: Miroslav S. <mir...@gm...> - 2011-02-04 19:38:05
|
well, as said, it's a dictionary. that means that it doesn't play well with such "abominations" :) are you certain that one parameter value is not "overwritten" by the other at the servers side. in server side programming (PHP, ASP) i don't know how to handle such requests out of box. could you please post some examples just to experiment? kr On Fri, Feb 4, 2011 at 8:34 PM, Pieter de Boer <pi...@th...> wrote: > On 02/04/11 19:06, Miroslav Stampar wrote: >> >> > From now (r3225) we are storing dictionary keys in the order of >> appearance (OrderedDict principle). >> >> That means that if you have URL like ?rss=1&back=2&out=3&index=0 their >> testing order will be the same as their order of appearance (rss, >> back, out and index at the end). > > Hm, how does it handle URLs with the same parameter more than once? While > perhaps a bit odd, I have seen such URLs in practice. > > -- > Pieter > > -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com Alternate: miroslav.stampar (at) mail.ru PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
