Re: [sqlmap-users] inverting --string and --not-string

[Tim M. <tma...@gm...>]

Let me try to put this another way.  According to the usage doc:

"Sometimes it may fail, that is why the user can provide a string (--string
option) which is always present on original page and on all True injected
query pages, but that it is not on the False ones."

Is there a way to invert this logic so that "--string" works for strings
that are present on original page and all *true* ones?

On Fri, Apr 22, 2016 at 11:20 AM, Miroslav Stampar <
mir...@gm...> wrote:

> This doesn't make any sense. With --string either there is a string (TRUE)
> or there isn't (FALSE). In case of --not-string it's the complete opposite.
>
> You are asking for 4 states: 1) with string and not-string; 2) with string
> and no not-string; 3) without string and with not-string; and 4) without
> string and without not-string
>
> Please reconsider your whole use-case.
>
> Bye
>
> On Fri, Apr 22, 2016 at 4:23 PM, Tim Maletic <tma...@gm...> wrote:
>
>> I'm testing a system where no injection and false injections produce page
>> A, but true injections produce page B.
>>
>> sqlmap doesn't support setting both --string and --not-string, and these
>> options assume the opposite of the above, so I don't see a way to handle
>> this unusual situation.
>>
>> Suggestions?
>> Thanks!
>> -tm
>>
>>
>> ------------------------------------------------------------------------------
>> Find and fix application performance issues faster with Applications
>> Manager
>> Applications Manager provides deep performance insights into multiple
>> tiers of
>> your business applications. It resolves application problems quickly and
>> reduces your MTTR. Get your free trial!
>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>> _______________________________________________
>> sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>