[sqlmap-users] double quite problem
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] double quite problem
|
From: lars p. <lar...@ma...> - 2013-03-10 08:19:41
|
hello i am trying to test a web app with injection in the x-forwarded-for header and sqlmap filters out the injection chars. the injection is 1"' or 1'" and sqlmap changes to 1' or 1" sqlmap.py -u "http://www.testing/vuln/" --prefix=" ' " " --headers="x-forwarded-for: *" <---is filtered sqlmap.py -u "http://www.testing/vuln/" --prefix=" " " --headers="x-forwarded-for: * " " <---is filtered i put the spaces there to see. is there a fix for this? regards lars |
