[sqlmap-users] Problem/confusion with wildcard in url
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Problem/confusion with wildcard in url
|
From: Gianluca B. <g...@br...> - 2012-01-05 14:18:57
|
Hello, if I provide an URL with * like this: http://target.com/path/to/index.php?id=12*&action=add&path=/path/to/&imgIndex= sqlmap don't recognize valid get param in the urls: [15:34:23] [WARNING] you've provided target url without any GET parameters (e.g. www.site.com/article.php?id=1) and without providing any POST parameters through --data option do you want to try URI injections in the target url itself? [Y/n/q] But looks like it inject correctly where I placed the wildcard. Instead without * everything is working fine as usual. So I am not sure if it's this some sort of bug or it's me misusing the * option (i.e. if the url is not rewrote I should just use -p id). Thanks, Gianluca Brindisi |
