Re: [sqlmap-users] redirection handling
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] redirection handling
|
From: Miroslav S. <mir...@gm...> - 2012-03-14 14:16:48
|
Hi. To sum things up here: 1) "Follow the redirection" should be clear what it does 2) "Stay on the original page" uses the original URL and jumps there (useful if there were some changes resulting in changes on the original page - e.g. some session cookie was set resulting in "differentiation" of the original page) 3) "Ignore" uses the redirection page itself (usually blank or simple one with few lines) as the one for extracting the results (useful for boolean based injections as those pages are usually dramatically different than the originals) About the "no follow up requests". There are indeed lots of cases when it's useful to just imitate what browser does - follow the redirection to whatever destination it goes. Also, "Ignore" should be suitable for your case when you don't want sqlmap to follow the redirection. Also, with the latest revision (r4864), -t traffic.txt should work properly with that [3] Ignore option (no more non-existing requests) Kind regards, Miroslav Stampar On Tue, Mar 13, 2012 at 6:07 PM, buawig <bu...@gm...> wrote: > Hi, > > when testing URLs that result in redirects sqlmap offers three > possibilities: > > [1] Follow the redirection (default) > [2] Stay on the original page > [3] Ignore > > If I answer with > > 2 > or with > > 3 > > it still sends requests to the URL found in the Location: header. > > Is there a way to prevent these requests to the URL specified in the > Location: header? > > Sqlmap should only query the url specified in -u parameter and analyze > the responses - no follow up requests. > > thanks, > buawig > > > ------------------------------------------------------------------------------ > Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
