Re: [sqlmap-users] --load-cookies format

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update:

With the latest commit [1] you should be warned about the expired cookies.

Kind regards,
Miroslav Stampar

[1]
https://github.com/sqlmapproject/sqlmap/commit/212e92ea0187f9b990c4cc0d4cbb9ac7b5b1739c

On Tue, Feb 12, 2013 at 12:59 PM, Miroslav Stampar <
mir...@gm...> wrote:

> p.s. you can use for example:
> mytestserver.com    FALSE    /test    FALSE    *1000000000000000000*
>  JSESSIONID    1064CC1958261C9D61D102C4C995611P.tcatmytestsrv
>
>
> On Tue, Feb 12, 2013 at 12:45 PM, Miroslav Stampar <
> mir...@gm...> wrote:
>
>> Hi.
>>
>> With the last commit [1] "format" should be less strict (your original
>> content should be valid).
>>
>> Also, please read through [2] to see the content of those fields inside.
>> I would say that in your case cookies "expired".
>>
>> Kind regards,
>> Miroslav Stampar
>>
>> [1]
>> https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b
>> [2] http://www.cookiecentral.com/faq/#3.5
>>
>>
>> On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet <
>> bor...@or...> wrote:
>>
>>>  Hi Miroslav,
>>>
>>> I have edited the file manually and sqlmap does not complain anymore.
>>> However it does *not* seem to use the cookie present in the file. Is
>>> there another option I should use to actually use the cookies once loaded?
>>>
>>> Alternatively, it does work if I don't use --load-cookies but only
>>> --cookie JSESSIONID=WHATEVERSESSIONID
>>>
>>> Thanks!
>>> Boris
>>>
>>>
>>>
>>> On 12/02/13 11:19, Miroslav Stampar wrote:
>>>
>>> Hi.
>>>
>>>  First line needs to start with "# Netscape HTTP Cookie File.". Also,
>>> each value inside entries need to be splitted with \t (TAB) <- not spaces.
>>> Find attached a valid example.
>>>
>>>  We are here depending on low-level python module (cookielib) parsing
>>> it automatically. Nevertheless, I can see now that it's too constrained in
>>> this manner. Will do some "adaptations" and let you know.
>>>
>>>  Kind regards,
>>> Miroslav Stampar
>>>
>>> On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet <
>>> bor...@or...> wrote:
>>>
>>>>  Hi everyone,
>>>>
>>>> I am trying to use the --load-cookies option on sqlmap. I have saved
>>>> session cookies using wget and I am trying to load them in sqlmap with the
>>>> following command:
>>>>
>>>> *python sqlmap.py -u "http://mytestserver.com"<http://mytestserver.com>--load-cookies=cookies.txt
>>>> *
>>>>
>>>> but I get an error message:
>>>>
>>>> *[11:00:32] [CRITICAL] there was a problem loading cookies file
>>>> ('u'cookies.txt' does not look like a Netscape format cookies file')*
>>>>
>>>> So my question is, what is supposed to be the accepted format for
>>>> loading a cookie file into sqlmap?
>>>>
>>>> Regards,
>>>> Boris
>>>>
>>>> cookies.txt:
>>>> # HTTP cookie file.
>>>> # Generated by Wget on 2013-02-12 10:58:35.
>>>> # Edit at your own risk.
>>>>
>>>> mytestserver.com    FALSE    /test    FALSE    0    JSESSIONID
>>>> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv
>>>>
>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Free Next-Gen Firewall Hardware Offer
>>>> Buy your Sophos next-gen firewall before the end March 2013
>>>> and get the hardware for free! Learn more.
>>>> http://p.sf.net/sfu/sophos-d2d-feb
>>>> _______________________________________________
>>>> sqlmap-users mailing list
>>>> sql...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>>
>>>>
>>>
>>>
>>>  --
>>> Miroslav Stampar
>>> http://about.me/stamparm
>>>
>>>
>>>
>>
>>
>> --
>> Miroslav Stampar
>> http://about.me/stamparm
>>
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>

-- 
Miroslav Stampar
http://about.me/stamparm