Re: [sqlmap-users] not working after updating

[Anton S. <ant...@gm...>]

Hi Bernardo and thank you for the detailed and conceivable answers. I'm
sure more people appreciate that than me.

And please fix the #48 issue. I'm the one that started it, so I feel
somehow obliged, although I contribute nothing :)

Joking, of course. Kindly focus on your own priorities.

Thanks.
Anton


On Thu, Dec 20, 2012 at 2:23 AM, Bernardo Damele A. G. <
ber...@gm...> wrote:

> Hi Anton,
>
> On 19 December 2012 19:16, Anton Sazonov <ant...@gm...> wrote:
> >
> > Bernardo, wouldn't it be wiser to remove the .tgz/.zip link altogether
> from sqlmap.org?
> >
> > I mean, most of the people's failures fall into the category of "git the
> latest version, would you".
>
> Those .zip and tar.gz are generated from the very latest development
> version at each git push. The only disadvantage is that they're not
> git working directories (there's no .git/ folder) so cannot be kept
> updated.
>
> > [...]
> > On another note, could you or anyone kindly explain the newish
> --live-test? I only see it in git fetch logs. And I don't much read Python.
>
> --live-test is used internally for development regression testing
> purposes whereby test cases are defined in xml/livetests.xml - it is a
> hidden switch needed only during the development to assert no bugs are
> introduced in existing and solid features following new developments.
>
> > Finally, please, eventually, do take care of issue #48 (
> https://github.com/sqlmapproject/sqlmap/issues/48), specifically the
> inability to inject into any fields, including HTTP headers.
>
> At the moment, sqlmap can detect and exploit SQL injections in Cookie,
> User-Agent and Referer headers, given you provide a high --level value
> (say 3 or above). Ability to inject in arbitrary headers will come,
> but is not top priority at the moment.
>
> --
> Bernardo Damele A. G.
>
> E-mail / Jabber: bernardo.damele (at) gmail.com
> Mobile: +447788962949 (UK 07788962949)
>