sqlmap-users Mailing List for sqlmap (Page 71)

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hello,
if I provide an URL with * like this:
http://target.com/path/to/index.php?id=12*&action=add&path=/path/to/&imgIndex=

sqlmap don't recognize valid get param in the urls:

[15:34:23] [WARNING] you've provided target url without any GET parameters
(e.g. www.site.com/article.php?id=1) and without providing any POST
parameters through --data option
do you want to try URI injections in the target url itself? [Y/n/q]

But looks like it inject correctly where I placed the wildcard.

Instead without * everything is working fine as usual.
So I am not sure if it's this some sort of bug or it's me misusing the *
option (i.e. if the url is not rewrote I should just use -p id).

Thanks,
Gianluca Brindisi

2008	Jan	Feb	Mar	Apr	May	Jun	Jul	Aug	Sep (4)	Oct (11)	Nov (24)	Dec (13)
2009	Jan (23)	Feb (17)	Mar (13)	Apr (48)	May (22)	Jun (18)	Jul (22)	Aug (13)	Sep (23)	Oct (6)	Nov (11)	Dec (25)
2010	Jan (21)	Feb (33)	Mar (61)	Apr (47)	May (48)	Jun (30)	Jul (24)	Aug (37)	Sep (52)	Oct (59)	Nov (32)	Dec (57)
2011	Jan (166)	Feb (93)	Mar (65)	Apr (117)	May (87)	Jun (124)	Jul (102)	Aug (78)	Sep (65)	Oct (22)	Nov (71)	Dec (79)
2012	Jan (93)	Feb (55)	Mar (45)	Apr (49)	May (56)	Jun (93)	Jul (95)	Aug (42)	Sep (26)	Oct (36)	Nov (32)	Dec (46)
2013	Jan (36)	Feb (78)	Mar (38)	Apr (57)	May (35)	Jun (39)	Jul (23)	Aug (33)	Sep (28)	Oct (38)	Nov (22)	Dec (16)
2014	Jan (33)	Feb (23)	Mar (41)	Apr (29)	May (12)	Jun (20)	Jul (21)	Aug (23)	Sep (18)	Oct (34)	Nov (12)	Dec (39)
2015	Jan (2)	Feb (51)	Mar (10)	Apr (28)	May (9)	Jun (22)	Jul (32)	Aug (35)	Sep (29)	Oct (50)	Nov (8)	Dec (2)
2016	Jan (8)	Feb (2)	Mar (3)	Apr (14)	May	Jun	Jul	Aug (12)	Sep	Oct	Nov (1)	Dec (19)
2017	Jan	Feb (18)	Mar	Apr (1)	May	Jun	Jul	Aug (4)	Sep	Oct	Nov (2)	Dec
2018	Jan	Feb	Mar (1)	Apr (1)	May (3)	Jun	Jul	Aug	Sep	Oct	Nov	Dec
2019	Jan	Feb	Mar	Apr (3)	May	Jun	Jul	Aug	Sep	Oct	Nov	Dec

sqlmap-users Mailing List for sqlmap (Page 71)

sqlmap-users — sqlmap users mailing list