[sqlmap-users] HTTP 302 Redirect Not Fully Displayed in Verbose 6 when Following Redirects
Brought to you by:
inquisb
From: Abuse 0. <abu...@gm...> - 2012-11-12 03:20:18
|
Hi, When looking at HTTP Requests and Response, by using verbose level 6 (-v 6), sqlmap does not show the full HTTP response with the HTTP 302 Moved Temporarily. sqlmap got a 302 redirect to 'http://removed/removed.shtml'. Do you want to follow? [Y/n] y [14:07:02] [INFO] heuristics detected web page charset 'ascii' [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Object Moved): Connection: close Content-type: text/html Location: https://removed/removed.shtml Cache-control: private [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Moved Temporarily): In the body of the first HTTP Response, the 302 temporary redirect, is the result of the SQL injection. If I don't follow the redirection then I see the result. This is fine (to me at least), I just didn't realise or expect it at first. I expected that verbose 6 would show all of the responses, particularly those that contain the results that sqlmap is returning. Cheers, Abu |