Re: [sqlmap-users] how to send post request as safeurl

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,
thanks for reply, but if I understand it right, I can supply only URL to
second-order parameter.
But I need to send a POST request.
Thank you very much,
Vojta

On 20.4.2015 20:22, Brandon Perry wrote:
> However, that being said, I have run into this before and had to write
> my own exploits to fully exploit the vulnerability.
>
> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry
> <bpe...@gm... <mailto:bpe...@gm...>> wrote:
>
>     There is a second order parameter, it could be used to perform
>     this. It would be requested after ever injected request were sent.
>
>     On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek
>     <kr...@gm... <mailto:kr...@gm...>> wrote:
>
>         Greetings,
>         I am testing an application which I suspect to log me out if I
>         don't
>         send certain post request in certain time interval.
>         Is this possible to do with Sqlmap? I know that there is a
>         parameter
>         which lets me to run any python code before every request. But
>         it is not
>         so nice, let's say.
>         Is there any possibility to supply a post request to safeurl?
>         Is there
>         anything like this planed?
>         Thank you very much,
>         Vojta
>
>         ------------------------------------------------------------------------------
>         BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>         Develop your own process in accordance with the BPMN 2 standard
>         Learn Process modeling best practices with Bonita BPM through
>         live exercises
>         http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>         event?utm_
>         source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>         _______________________________________________
>         sqlmap-users mailing list
>         sql...@li...
>         <mailto:sql...@li...>
>         https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
>
>
>     -- 
>     http://volatile-minds.blogspot.com -- blog
>     http://www.volatileminds.net -- website
>
>
>
>
> -- 
> http://volatile-minds.blogspot.com -- blog
> http://www.volatileminds.net -- website