Re: [sqlmap-users] Not url-encoding POST-data possible?
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Not url-encoding POST-data possible?
|
From: Miroslav S. <mir...@gm...> - 2012-05-24 09:56:47
|
Hi. There is no such option, but something will be done (e.g. --skip-urlencode). Will keep you updated. Kind regards On May 23, 2012 9:56 PM, "Thomas Schreiber" <ts...@go...> wrote: > Hi, > > can I tell sqlmap to not url-encode POST-data? > > In my case a php webservice complains about not getting a '<' as first > character: > > Warning: simplexml_load_string(): Entity: line 1: parser error : Start > tag expected, '<' not found in... > Warning: simplexml_load_string(): %3Crequest... > > The reason is, that sqlmap sends the payload url-encoded: > > %3CRequest%3E%3CID%3E111*%3C/ID>%3C%2FRequest%3E > > Trying the same request in burp without urlencoding like this: > > <Request><ID>111*</ID></Request> > > does not produce the error > > Thanks! > > Thomas > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
