Re: [sqlmap-users] --load-cookies format
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] --load-cookies format
|
From: Boris C. <bor...@or...> - 2013-02-12 14:20:56
|
Thanks a lot Miroslav, I am always impressed with your reactivity. I am going to pull and test again. Boris On 12/02/13 13:31, Miroslav Stampar wrote: > Update: > > With the latest commit [1] you should be warned about the expired cookies. > > Kind regards, > Miroslav Stampar > > [1] > https://github.com/sqlmapproject/sqlmap/commit/212e92ea0187f9b990c4cc0d4cbb9ac7b5b1739c > > On Tue, Feb 12, 2013 at 12:59 PM, Miroslav Stampar > <mir...@gm... <mailto:mir...@gm...>> wrote: > > p.s. you can use for example: > mytestserver.com <http://mytestserver.com> FALSE /test > FALSE *1000000000000000000* JSESSIONID > 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv > > > On Tue, Feb 12, 2013 at 12:45 PM, Miroslav Stampar > <mir...@gm... <mailto:mir...@gm...>> > wrote: > > Hi. > > With the last commit [1] "format" should be less strict (your > original content should be valid). > > Also, please read through [2] to see the content of those > fields inside. I would say that in your case cookies "expired". > > Kind regards, > Miroslav Stampar > > [1] > https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b > [2] http://www.cookiecentral.com/faq/#3.5 > > > On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet > <bor...@or... <mailto:bor...@or...>> > wrote: > > Hi Miroslav, > > I have edited the file manually and sqlmap does not > complain anymore. However it does *not* seem to use the > cookie present in the file. Is there another option I > should use to actually use the cookies once loaded? > > Alternatively, it does work if I don't use --load-cookies > but only --cookie JSESSIONID=WHATEVERSESSIONID > > Thanks! > Boris > > > > On 12/02/13 11:19, Miroslav Stampar wrote: >> Hi. >> >> First line needs to start with "# Netscape HTTP Cookie >> File.". Also, each value inside entries need to be >> splitted with \t (TAB) <- not spaces. Find attached a >> valid example. >> >> We are here depending on low-level python module >> (cookielib) parsing it automatically. Nevertheless, I can >> see now that it's too constrained in this manner. Will do >> some "adaptations" and let you know. >> >> Kind regards, >> Miroslav Stampar >> >> On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet >> <bor...@or... >> <mailto:bor...@or...>> wrote: >> >> Hi everyone, >> >> I am trying to use the --load-cookies option on >> sqlmap. I have saved session cookies using wget and I >> am trying to load them in sqlmap with the following >> command: >> >> /python sqlmap.py -u "http://mytestserver.com" >> <http://mytestserver.com> --load-cookies=cookies.txt/ >> >> but I get an error message: >> >> /[11:00:32] [CRITICAL] there was a problem loading >> cookies file ('u'cookies.txt' does not look like a >> Netscape format cookies file')/ >> >> So my question is, what is supposed to be the >> accepted format for loading a cookie file into sqlmap? >> >> Regards, >> Boris >> >> cookies.txt: >> # HTTP cookie file. >> # Generated by Wget on 2013-02-12 10:58:35. >> # Edit at your own risk. >> >> mytestserver.com <http://mytestserver.com> FALSE >> /test FALSE 0 JSESSIONID >> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >> >> >> >> ------------------------------------------------------------------------------ >> Free Next-Gen Firewall Hardware Offer >> Buy your Sophos next-gen firewall before the end >> March 2013 >> and get the hardware for free! Learn more. >> http://p.sf.net/sfu/sophos-d2d-feb >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
