Re: [sqlmap-users] HTTP 302 Redirect Not Fully Displayed in Verbose 6 when Following Redirects
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] HTTP 302 Redirect Not Fully Displayed in Verbose 6 when Following Redirects
|
From: Miroslav S. <mir...@gm...> - 2012-12-07 11:04:33
|
p.s. redirect response messages will now always be displayed in high verbose level as "[TRAFFIC IN] HTTP redirect", no matter if following or not: [12:01:24] [TRAFFIC IN] HTTP redirect [#1] (301 Moved Permanently): Proxy-connection: close Set-cookie: jl_stickiness=2685012490.20480.0000; path=/ Age: 0 Server: Varnish Via: 1.1 varnish, 1.0 157.247.180.183:8080 (squid/2.6.STABLE18) Location: http://www.target.com Date: Fri, 07 Dec 2012 11:00:49 GMT Accept-ranges: bytes Kind regards, Miroslav Stampar On Fri, Dec 7, 2012 at 11:58 AM, Miroslav Stampar < mir...@gm...> wrote: > Done ;) > > Bye > > > On Fri, Dec 7, 2012 at 11:22 AM, Miroslav Stampar < > mir...@gm...> wrote: > >> Hi. >> >> Sorry for waiting. Opened a new issue for this one [1]. Will try to >> finish it today. >> >> Kind regards, >> Miroslav Stampar >> >> [1] https://github.com/sqlmapproject/sqlmap/issues/288 >> >> On Mon, Nov 12, 2012 at 4:20 AM, Abuse 007 <abu...@gm...> wrote: >> >>> Hi, >>> >>> When looking at HTTP Requests and Response, by using verbose level 6 (-v >>> 6), sqlmap does not show the full HTTP response with the HTTP 302 Moved >>> Temporarily. >>> >>> sqlmap got a 302 redirect to 'http://removed/removed.shtml'. Do you >>> want to follow? [Y/n] y >>> [14:07:02] [INFO] heuristics detected web page charset 'ascii' >>> [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Object Moved): >>> Connection: close >>> Content-type: text/html >>> Location: https://removed/removed.shtml >>> Cache-control: private >>> [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Moved Temporarily): >>> >>> >>> In the body of the first HTTP Response, the 302 temporary redirect, is >>> the result of the SQL injection. >>> >>> If I don't follow the redirection then I see the result. This is fine >>> (to me at least), I just didn't realise or expect it at first. I expected >>> that verbose 6 would show all of the responses, particularly those that >>> contain the results that sqlmap is returning. >>> >>> Cheers, >>> Abu >>> >>> >>> ------------------------------------------------------------------------------ >>> Everyone hates slow websites. So do we. >>> Make your web apps faster with AppDynamics >>> Download AppDynamics Lite for free today: >>> http://p.sf.net/sfu/appdyn_d2d_nov >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> > > > > -- > Miroslav Stampar > http://about.me/stamparm > -- Miroslav Stampar http://about.me/stamparm |
