[sqlmap-users] Semicolon in URL
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Semicolon in URL
|
From: Anastasios M. <ana...@gm...> - 2011-10-06 06:24:27
|
Hello guys, recently came accross the following
$ ./sqlmap.py -u
"http://site/cgi-bin/abc.cgi?action=view_a;id=18;aid=1" -p aid
--dbms=mysql --is-dba
sqlmap/1.0-dev (r4395) - automatic SQL injection and database takeover tool
http://www.sqlmap.org
[!] legal disclaimer: usage of sqlmap for attacking targets without
prior mutual consent is illegal. It is the end user's responsibility
to obey all applicable local, state and federal laws. Authors assume
no liability and are not responsible for any misuse or damage caused
by this program
[*] starting at 04:12:54
[04:12:54] [WARNING] the testable parameter 'aid' you provided is not
inside the GET
[04:12:54] [CRITICAL] all testable parameters you provided are not
present within the GET, POST and Cookie parameters
[*] shutting down at 04:12:54
sqlmap executed successfully when substituted ";" with "&":
$ ./sqlmap.py -u
"http://site/cgi-bin/abc.cgi?action=view_a&id=18&aid=1" -p aid
--dbms=mysql --is-dba
Trust you will fix this :)
thanks
--
AM (secuid0)
Key ID: 0x5EB17EE7
|
