Thread: [sqlmap-users] how to send post request as safeurl
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users
|
From: Vojtěch P. <kr...@gm...> - 2015-04-20 18:18:15
|
Greetings, I am testing an application which I suspect to log me out if I don't send certain post request in certain time interval. Is this possible to do with Sqlmap? I know that there is a parameter which lets me to run any python code before every request. But it is not so nice, let's say. Is there any possibility to supply a post request to safeurl? Is there anything like this planed? Thank you very much, Vojta |
|
From: Brandon P. <bpe...@gm...> - 2015-04-20 18:21:50
|
There is a second order parameter, it could be used to perform this. It would be requested after ever injected request were sent. On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...> wrote: > Greetings, > I am testing an application which I suspect to log me out if I don't > send certain post request in certain time interval. > Is this possible to do with Sqlmap? I know that there is a parameter > which lets me to run any python code before every request. But it is not > so nice, let's say. > Is there any possibility to supply a post request to safeurl? Is there > anything like this planed? > Thank you very much, > Vojta > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live > exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
|
From: Brandon P. <bpe...@gm...> - 2015-04-20 18:22:55
|
However, that being said, I have run into this before and had to write my own exploits to fully exploit the vulnerability. On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry <bpe...@gm...> wrote: > There is a second order parameter, it could be used to perform this. It > would be requested after ever injected request were sent. > > On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...> > wrote: > >> Greetings, >> I am testing an application which I suspect to log me out if I don't >> send certain post request in certain time interval. >> Is this possible to do with Sqlmap? I know that there is a parameter >> which lets me to run any python code before every request. But it is not >> so nice, let's say. >> Is there any possibility to supply a post request to safeurl? Is there >> anything like this planed? >> Thank you very much, >> Vojta >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through live >> exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
|
From: Vojtěch P. <kr...@gm...> - 2015-04-20 18:34:41
|
Hi, thanks for reply, but if I understand it right, I can supply only URL to second-order parameter. But I need to send a POST request. Thank you very much, Vojta On 20.4.2015 20:22, Brandon Perry wrote: > However, that being said, I have run into this before and had to write > my own exploits to fully exploit the vulnerability. > > On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry > <bpe...@gm... <mailto:bpe...@gm...>> wrote: > > There is a second order parameter, it could be used to perform > this. It would be requested after ever injected request were sent. > > On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek > <kr...@gm... <mailto:kr...@gm...>> wrote: > > Greetings, > I am testing an application which I suspect to log me out if I > don't > send certain post request in certain time interval. > Is this possible to do with Sqlmap? I know that there is a > parameter > which lets me to run any python code before every request. But > it is not > so nice, let's say. > Is there any possibility to supply a post request to safeurl? > Is there > anything like this planed? > Thank you very much, > Vojta > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through > live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website |
|
From: Johnathon D. <hoo...@gm...> - 2015-04-20 18:36:51
|
I dont think second order option will work as that is specifiing where to
look for injection results, which might result in your underlying injection
failing if the results are not to be found there.
There is however options in latest version that appear to be for just this
type of situation (although I personally haven't used them just yet):
--safe-url=SAFURL URL address to visit frequently during testing
--safe-freq=SAFREQ Test requests between two visits to a given safe URL
I believe this will ensure your session remains active during scan.
There is also the options for CSRF tokens to be snagged and parsed via:
--csrf-token=CSR.. Parameter used to hold anti-CSRF token
--csrf-url=CSRFURL URL address to visit to extract anti-CSRF token
In case the csrf token needs to be refreshed for each injection (when
injecting into forms and other typical POST injections and such).
On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry <bpe...@gm...>
wrote:
> However, that being said, I have run into this before and had to write my
> own exploits to fully exploit the vulnerability.
>
> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry <bpe...@gm...>
> wrote:
>
>> There is a second order parameter, it could be used to perform this. It
>> would be requested after ever injected request were sent.
>>
>> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...>
>> wrote:
>>
>>> Greetings,
>>> I am testing an application which I suspect to log me out if I don't
>>> send certain post request in certain time interval.
>>> Is this possible to do with Sqlmap? I know that there is a parameter
>>> which lets me to run any python code before every request. But it is not
>>> so nice, let's say.
>>> Is there any possibility to supply a post request to safeurl? Is there
>>> anything like this planed?
>>> Thank you very much,
>>> Vojta
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>>> Develop your own process in accordance with the BPMN 2 standard
>>> Learn Process modeling best practices with Bonita BPM through live
>>> exercises
>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>>> event?utm_
>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>>> _______________________________________________
>>> sqlmap-users mailing list
>>> sql...@li...
>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>
>>
>>
>>
>> --
>> http://volatile-minds.blogspot.com -- blog
>> http://www.volatileminds.net -- website
>>
>
>
>
> --
> http://volatile-minds.blogspot.com -- blog
> http://www.volatileminds.net -- website
>
>
> ------------------------------------------------------------------------------
> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
> Develop your own process in accordance with the BPMN 2 standard
> Learn Process modeling best practices with Bonita BPM through live
> exercises
> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
> event?utm_
> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
|
|
From: Brandon P. <bpe...@gm...> - 2015-04-20 18:37:59
|
Ah, good point. Hadn't thought about that. Also, requiring a POST request does make it difficult. On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe <hoo...@gm...> wrote: > I dont think second order option will work as that is specifiing where to > look for injection results, which might result in your underlying injection > failing if the results are not to be found there. > > There is however options in latest version that appear to be for just this > type of situation (although I personally haven't used them just yet): > --safe-url=SAFURL URL address to visit frequently during testing > --safe-freq=SAFREQ Test requests between two visits to a given safe > URL > > I believe this will ensure your session remains active during scan. > > There is also the options for CSRF tokens to be snagged and parsed via: > --csrf-token=CSR.. Parameter used to hold anti-CSRF token > --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token > > In case the csrf token needs to be refreshed for each injection (when > injecting into forms and other typical POST injections and such). > > On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry <bpe...@gm...> > wrote: > >> However, that being said, I have run into this before and had to write my >> own exploits to fully exploit the vulnerability. >> >> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry <bpe...@gm... >> > wrote: >> >>> There is a second order parameter, it could be used to perform this. It >>> would be requested after ever injected request were sent. >>> >>> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...> >>> wrote: >>> >>>> Greetings, >>>> I am testing an application which I suspect to log me out if I don't >>>> send certain post request in certain time interval. >>>> Is this possible to do with Sqlmap? I know that there is a parameter >>>> which lets me to run any python code before every request. But it is not >>>> so nice, let's say. >>>> Is there any possibility to supply a post request to safeurl? Is there >>>> anything like this planed? >>>> Thank you very much, >>>> Vojta >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>> Develop your own process in accordance with the BPMN 2 standard >>>> Learn Process modeling best practices with Bonita BPM through live >>>> exercises >>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>> event?utm_ >>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>> >>> >>> >>> -- >>> http://volatile-minds.blogspot.com -- blog >>> http://www.volatileminds.net -- website >>> >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through live >> exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
|
From: Miroslav S. <mir...@gm...> - 2015-04-20 20:26:13
|
Pushing the patch in couple of hours. Bye On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry <bpe...@gm...> wrote: > Ah, good point. Hadn't thought about that. Also, requiring a POST request > does make it difficult. > > On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe <hoo...@gm...> > wrote: > >> I dont think second order option will work as that is specifiing where to >> look for injection results, which might result in your underlying injection >> failing if the results are not to be found there. >> >> There is however options in latest version that appear to be for just >> this type of situation (although I personally haven't used them just yet): >> --safe-url=SAFURL URL address to visit frequently during testing >> --safe-freq=SAFREQ Test requests between two visits to a given safe >> URL >> >> I believe this will ensure your session remains active during scan. >> >> There is also the options for CSRF tokens to be snagged and parsed via: >> --csrf-token=CSR.. Parameter used to hold anti-CSRF token >> --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token >> >> In case the csrf token needs to be refreshed for each injection (when >> injecting into forms and other typical POST injections and such). >> >> On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry <bpe...@gm... >> > wrote: >> >>> However, that being said, I have run into this before and had to write >>> my own exploits to fully exploit the vulnerability. >>> >>> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry < >>> bpe...@gm...> wrote: >>> >>>> There is a second order parameter, it could be used to perform this. It >>>> would be requested after ever injected request were sent. >>>> >>>> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...> >>>> wrote: >>>> >>>>> Greetings, >>>>> I am testing an application which I suspect to log me out if I don't >>>>> send certain post request in certain time interval. >>>>> Is this possible to do with Sqlmap? I know that there is a parameter >>>>> which lets me to run any python code before every request. But it is >>>>> not >>>>> so nice, let's say. >>>>> Is there any possibility to supply a post request to safeurl? Is there >>>>> anything like this planed? >>>>> Thank you very much, >>>>> Vojta >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>>> Develop your own process in accordance with the BPMN 2 standard >>>>> Learn Process modeling best practices with Bonita BPM through live >>>>> exercises >>>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>>> event?utm_ >>>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>>> _______________________________________________ >>>>> sqlmap-users mailing list >>>>> sql...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>> >>>> >>>> >>>> >>>> -- >>>> http://volatile-minds.blogspot.com -- blog >>>> http://www.volatileminds.net -- website >>>> >>> >>> >>> >>> -- >>> http://volatile-minds.blogspot.com -- blog >>> http://www.volatileminds.net -- website >>> >>> >>> ------------------------------------------------------------------------------ >>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>> Develop your own process in accordance with the BPMN 2 standard >>> Learn Process modeling best practices with Bonita BPM through live >>> exercises >>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>> event?utm_ >>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >> > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live > exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Vojtěch P. <kr...@gm...> - 2015-04-20 20:33:25
|
Okay, thanks and what is exactly going to be added? Thanks, Vojta On 20.4.2015 22:26, Miroslav Stampar wrote: > Pushing the patch in couple of hours. > > Bye > > On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry > <bpe...@gm... <mailto:bpe...@gm...>> wrote: > > Ah, good point. Hadn't thought about that. Also, requiring a POST > request does make it difficult. > > On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe > <hoo...@gm... <mailto:hoo...@gm...>> wrote: > > I dont think second order option will work as that is > specifiing where to look for injection results, which might > result in your underlying injection failing if the results are > not to be found there. > > There is however options in latest version that appear to be > for just this type of situation (although I personally haven't > used them just yet): > --safe-url=SAFURL URL address to visit frequently during > testing > --safe-freq=SAFREQ Test requests between two visits to a > given safe URL > > I believe this will ensure your session remains active during > scan. > > There is also the options for CSRF tokens to be snagged and > parsed via: > --csrf-token=CSR.. Parameter used to hold anti-CSRF token > --csrf-url=CSRFURL URL address to visit to extract > anti-CSRF token > > In case the csrf token needs to be refreshed for each > injection (when injecting into forms and other typical POST > injections and such). > > On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry > <bpe...@gm... <mailto:bpe...@gm...>> > wrote: > > However, that being said, I have run into this before and > had to write my own exploits to fully exploit the > vulnerability. > > On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry > <bpe...@gm... > <mailto:bpe...@gm...>> wrote: > > There is a second order parameter, it could be used to > perform this. It would be requested after ever > injected request were sent. > > On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek > <kr...@gm... <mailto:kr...@gm...>> wrote: > > Greetings, > I am testing an application which I suspect to log > me out if I don't > send certain post request in certain time interval. > Is this possible to do with Sqlmap? I know that > there is a parameter > which lets me to run any python code before every > request. But it is not > so nice, let's say. > Is there any possibility to supply a post request > to safeurl? Is there > anything like this planed? > Thank you very much, > Vojta > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am > PDT/1PM EDT > Develop your own process in accordance with the > BPMN 2 standard > Learn Process modeling best practices with Bonita > BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 > standard > Learn Process modeling best practices with Bonita BPM > through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live > exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Miroslav S. <mir...@gm...> - 2015-04-20 20:35:54
|
--safe-post is it ok? On Mon, Apr 20, 2015 at 10:33 PM, Vojtěch Polášek <kr...@gm...> wrote: > Okay, thanks and what is exactly going to be added? > Thanks, > Vojta > > > On 20.4.2015 22:26, Miroslav Stampar wrote: > > Pushing the patch in couple of hours. > > Bye > > On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry <bpe...@gm...> > wrote: > >> Ah, good point. Hadn't thought about that. Also, requiring a POST request >> does make it difficult. >> >> On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe <hoo...@gm...> >> wrote: >> >>> I dont think second order option will work as that is specifiing where >>> to look for injection results, which might result in your underlying >>> injection failing if the results are not to be found there. >>> >>> There is however options in latest version that appear to be for just >>> this type of situation (although I personally haven't used them just yet): >>> --safe-url=SAFURL URL address to visit frequently during testing >>> --safe-freq=SAFREQ Test requests between two visits to a given safe >>> URL >>> >>> I believe this will ensure your session remains active during scan. >>> >>> There is also the options for CSRF tokens to be snagged and parsed via: >>> --csrf-token=CSR.. Parameter used to hold anti-CSRF token >>> --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token >>> >>> In case the csrf token needs to be refreshed for each injection (when >>> injecting into forms and other typical POST injections and such). >>> >>> On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry < >>> bpe...@gm...> wrote: >>> >>>> However, that being said, I have run into this before and had to write >>>> my own exploits to fully exploit the vulnerability. >>>> >>>> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry < >>>> bpe...@gm...> wrote: >>>> >>>>> There is a second order parameter, it could be used to perform this. >>>>> It would be requested after ever injected request were sent. >>>>> >>>>> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...> >>>>> wrote: >>>>> >>>>>> Greetings, >>>>>> I am testing an application which I suspect to log me out if I don't >>>>>> send certain post request in certain time interval. >>>>>> Is this possible to do with Sqlmap? I know that there is a parameter >>>>>> which lets me to run any python code before every request. But it is >>>>>> not >>>>>> so nice, let's say. >>>>>> Is there any possibility to supply a post request to safeurl? Is there >>>>>> anything like this planed? >>>>>> Thank you very much, >>>>>> Vojta >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>>>> Develop your own process in accordance with the BPMN 2 standard >>>>>> Learn Process modeling best practices with Bonita BPM through live >>>>>> exercises >>>>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>>>> event?utm_ >>>>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>>>> _______________________________________________ >>>>>> sqlmap-users mailing list >>>>>> sql...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> http://volatile-minds.blogspot.com -- blog >>>>> http://www.volatileminds.net -- website >>>>> >>>> >>>> >>>> >>>> -- >>>> http://volatile-minds.blogspot.com -- blog >>>> http://www.volatileminds.net -- website >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>> Develop your own process in accordance with the BPMN 2 standard >>>> Learn Process modeling best practices with Bonita BPM through live >>>> exercises >>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>> event?utm_ >>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>>> >>> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through live >> exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live exerciseshttp://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > > > > _______________________________________________ > sqlmap-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live > exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Vojtěch P. <kr...@gm...> - 2015-04-20 20:43:54
|
Definitelly, thank you for your lightning response. Vojta On 20.4.2015 22:35, Miroslav Stampar wrote: > --safe-post > > is it ok? > > On Mon, Apr 20, 2015 at 10:33 PM, Vojtěch Polášek <kr...@gm... > <mailto:kr...@gm...>> wrote: > > Okay, thanks and what is exactly going to be added? > Thanks, > Vojta > > > On 20.4.2015 22:26, Miroslav Stampar wrote: >> Pushing the patch in couple of hours. >> >> Bye >> >> On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry >> <bpe...@gm... <mailto:bpe...@gm...>> wrote: >> >> Ah, good point. Hadn't thought about that. Also, requiring a >> POST request does make it difficult. >> >> On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe >> <hoo...@gm... <mailto:hoo...@gm...>> wrote: >> >> I dont think second order option will work as that is >> specifiing where to look for injection results, which >> might result in your underlying injection failing if the >> results are not to be found there. >> >> There is however options in latest version that appear to >> be for just this type of situation (although I personally >> haven't used them just yet): >> --safe-url=SAFURL URL address to visit frequently >> during testing >> --safe-freq=SAFREQ Test requests between two visits >> to a given safe URL >> >> I believe this will ensure your session remains active >> during scan. >> >> There is also the options for CSRF tokens to be snagged >> and parsed via: >> --csrf-token=CSR.. Parameter used to hold anti-CSRF >> token >> --csrf-url=CSRFURL URL address to visit to extract >> anti-CSRF token >> >> In case the csrf token needs to be refreshed for each >> injection (when injecting into forms and other typical >> POST injections and such). >> >> On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry >> <bpe...@gm... >> <mailto:bpe...@gm...>> wrote: >> >> However, that being said, I have run into this before >> and had to write my own exploits to fully exploit the >> vulnerability. >> >> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry >> <bpe...@gm... >> <mailto:bpe...@gm...>> wrote: >> >> There is a second order parameter, it could be >> used to perform this. It would be requested after >> ever injected request were sent. >> >> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek >> <kr...@gm... <mailto:kr...@gm...>> wrote: >> >> Greetings, >> I am testing an application which I suspect >> to log me out if I don't >> send certain post request in certain time >> interval. >> Is this possible to do with Sqlmap? I know >> that there is a parameter >> which lets me to run any python code before >> every request. But it is not >> so nice, let's say. >> Is there any possibility to supply a post >> request to safeurl? Is there >> anything like this planed? >> Thank you very much, >> Vojta >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at >> 10am PDT/1PM EDT >> Develop your own process in accordance with >> the BPMN 2 standard >> Learn Process modeling best practices with >> Bonita BPM through live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am >> PDT/1PM EDT >> Develop your own process in accordance with the BPMN >> 2 standard >> Learn Process modeling best practices with Bonita BPM >> through live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through >> live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> >> >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live > exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2015-04-20 21:57:07
|
Done (usage e.g. --safe-url=... --safe-post="foo=bar&..."). Bye On Mon, Apr 20, 2015 at 10:26 PM, Miroslav Stampar < mir...@gm...> wrote: > Pushing the patch in couple of hours. > > Bye > > On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry <bpe...@gm...> > wrote: > >> Ah, good point. Hadn't thought about that. Also, requiring a POST request >> does make it difficult. >> >> On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe <hoo...@gm...> >> wrote: >> >>> I dont think second order option will work as that is specifiing where >>> to look for injection results, which might result in your underlying >>> injection failing if the results are not to be found there. >>> >>> There is however options in latest version that appear to be for just >>> this type of situation (although I personally haven't used them just yet): >>> --safe-url=SAFURL URL address to visit frequently during testing >>> --safe-freq=SAFREQ Test requests between two visits to a given safe >>> URL >>> >>> I believe this will ensure your session remains active during scan. >>> >>> There is also the options for CSRF tokens to be snagged and parsed via: >>> --csrf-token=CSR.. Parameter used to hold anti-CSRF token >>> --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token >>> >>> In case the csrf token needs to be refreshed for each injection (when >>> injecting into forms and other typical POST injections and such). >>> >>> On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry < >>> bpe...@gm...> wrote: >>> >>>> However, that being said, I have run into this before and had to write >>>> my own exploits to fully exploit the vulnerability. >>>> >>>> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry < >>>> bpe...@gm...> wrote: >>>> >>>>> There is a second order parameter, it could be used to perform this. >>>>> It would be requested after ever injected request were sent. >>>>> >>>>> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...> >>>>> wrote: >>>>> >>>>>> Greetings, >>>>>> I am testing an application which I suspect to log me out if I don't >>>>>> send certain post request in certain time interval. >>>>>> Is this possible to do with Sqlmap? I know that there is a parameter >>>>>> which lets me to run any python code before every request. But it is >>>>>> not >>>>>> so nice, let's say. >>>>>> Is there any possibility to supply a post request to safeurl? Is there >>>>>> anything like this planed? >>>>>> Thank you very much, >>>>>> Vojta >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>>>> Develop your own process in accordance with the BPMN 2 standard >>>>>> Learn Process modeling best practices with Bonita BPM through live >>>>>> exercises >>>>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>>>> event?utm_ >>>>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>>>> _______________________________________________ >>>>>> sqlmap-users mailing list >>>>>> sql...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> http://volatile-minds.blogspot.com -- blog >>>>> http://www.volatileminds.net -- website >>>>> >>>> >>>> >>>> >>>> -- >>>> http://volatile-minds.blogspot.com -- blog >>>> http://www.volatileminds.net -- website >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>> Develop your own process in accordance with the BPMN 2 standard >>>> Learn Process modeling best practices with Bonita BPM through live >>>> exercises >>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>> event?utm_ >>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>>> >>> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through live >> exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > -- Miroslav Stampar http://about.me/stamparm |
|
From: Vojtěch P. <kr...@gm...> - 2015-04-22 12:29:58
|
Hi, I tried your new --safe-post and it doesn't seem to fullfill my needs. I need to submit in this url same cookies as in requests for SQL injection etc. Would it be possible to provide something like --safe-request and read request from a file? Thanks, Vojta On 20.4.2015 23:56, Miroslav Stampar wrote: > Done (usage e.g. --safe-url=... --safe-post="foo=bar&..."). > > Bye > > On Mon, Apr 20, 2015 at 10:26 PM, Miroslav Stampar > <mir...@gm... <mailto:mir...@gm...>> wrote: > > Pushing the patch in couple of hours. > > Bye > > On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry > <bpe...@gm... <mailto:bpe...@gm...>> wrote: > > Ah, good point. Hadn't thought about that. Also, requiring a > POST request does make it difficult. > > On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe > <hoo...@gm... <mailto:hoo...@gm...>> wrote: > > I dont think second order option will work as that is > specifiing where to look for injection results, which > might result in your underlying injection failing if the > results are not to be found there. > > There is however options in latest version that appear to > be for just this type of situation (although I personally > haven't used them just yet): > --safe-url=SAFURL URL address to visit frequently > during testing > --safe-freq=SAFREQ Test requests between two visits > to a given safe URL > > I believe this will ensure your session remains active > during scan. > > There is also the options for CSRF tokens to be snagged > and parsed via: > --csrf-token=CSR.. Parameter used to hold anti-CSRF token > --csrf-url=CSRFURL URL address to visit to extract > anti-CSRF token > > In case the csrf token needs to be refreshed for each > injection (when injecting into forms and other typical > POST injections and such). > > On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry > <bpe...@gm... > <mailto:bpe...@gm...>> wrote: > > However, that being said, I have run into this before > and had to write my own exploits to fully exploit the > vulnerability. > > On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry > <bpe...@gm... > <mailto:bpe...@gm...>> wrote: > > There is a second order parameter, it could be > used to perform this. It would be requested after > ever injected request were sent. > > On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek > <kr...@gm... <mailto:kr...@gm...>> wrote: > > Greetings, > I am testing an application which I suspect to > log me out if I don't > send certain post request in certain time > interval. > Is this possible to do with Sqlmap? I know > that there is a parameter > which lets me to run any python code before > every request. But it is not > so nice, let's say. > Is there any possibility to supply a post > request to safeurl? Is there > anything like this planed? > Thank you very much, > Vojta > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at > 10am PDT/1PM EDT > Develop your own process in accordance with > the BPMN 2 standard > Learn Process modeling best practices with > Bonita BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am > PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 > standard > Learn Process modeling best practices with Bonita BPM > through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through > live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Miroslav S. <mir...@gm...> - 2015-04-22 13:37:58
|
I'll just repeat a sentence from your original message: "Is there any possibility to supply a post request to safeurl?" Bye On Wed, Apr 22, 2015 at 2:29 PM, Vojtěch Polášek <kr...@gm...> wrote: > Hi, > I tried your new --safe-post and it doesn't seem to fullfill my needs. I > need to submit in this url same cookies as in requests for SQL injection > etc. Would it be possible to provide something like --safe-request and read > request from a file? > Thanks, > Vojta > > > On 20.4.2015 23:56, Miroslav Stampar wrote: > > Done (usage e.g. --safe-url=... --safe-post="foo=bar&..."). > > Bye > > On Mon, Apr 20, 2015 at 10:26 PM, Miroslav Stampar < > mir...@gm...> wrote: > >> Pushing the patch in couple of hours. >> >> Bye >> >> On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry <bpe...@gm... >> > wrote: >> >>> Ah, good point. Hadn't thought about that. Also, requiring a POST >>> request does make it difficult. >>> >>> On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe <hoo...@gm...> >>> wrote: >>> >>>> I dont think second order option will work as that is specifiing >>>> where to look for injection results, which might result in your underlying >>>> injection failing if the results are not to be found there. >>>> >>>> There is however options in latest version that appear to be for just >>>> this type of situation (although I personally haven't used them just yet): >>>> --safe-url=SAFURL URL address to visit frequently during testing >>>> --safe-freq=SAFREQ Test requests between two visits to a given >>>> safe URL >>>> >>>> I believe this will ensure your session remains active during scan. >>>> >>>> There is also the options for CSRF tokens to be snagged and parsed via: >>>> --csrf-token=CSR.. Parameter used to hold anti-CSRF token >>>> --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token >>>> >>>> In case the csrf token needs to be refreshed for each injection (when >>>> injecting into forms and other typical POST injections and such). >>>> >>>> On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry < >>>> bpe...@gm...> wrote: >>>> >>>>> However, that being said, I have run into this before and had to write >>>>> my own exploits to fully exploit the vulnerability. >>>>> >>>>> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry < >>>>> bpe...@gm...> wrote: >>>>> >>>>>> There is a second order parameter, it could be used to perform this. >>>>>> It would be requested after ever injected request were sent. >>>>>> >>>>>> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...> >>>>>> wrote: >>>>>> >>>>>>> Greetings, >>>>>>> I am testing an application which I suspect to log me out if I don't >>>>>>> send certain post request in certain time interval. >>>>>>> Is this possible to do with Sqlmap? I know that there is a parameter >>>>>>> which lets me to run any python code before every request. But it is >>>>>>> not >>>>>>> so nice, let's say. >>>>>>> Is there any possibility to supply a post request to safeurl? Is >>>>>>> there >>>>>>> anything like this planed? >>>>>>> Thank you very much, >>>>>>> Vojta >>>>>>> >>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>>>>> Develop your own process in accordance with the BPMN 2 standard >>>>>>> Learn Process modeling best practices with Bonita BPM through live >>>>>>> exercises >>>>>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>>>>> event?utm_ >>>>>>> >>>>>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>>>>> _______________________________________________ >>>>>>> sqlmap-users mailing list >>>>>>> sql...@li... >>>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> http://volatile-minds.blogspot.com -- blog >>>>>> http://www.volatileminds.net -- website >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> http://volatile-minds.blogspot.com -- blog >>>>> http://www.volatileminds.net -- website >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>>> Develop your own process in accordance with the BPMN 2 standard >>>>> Learn Process modeling best practices with Bonita BPM through live >>>>> exercises >>>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>>> event?utm_ >>>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>>> _______________________________________________ >>>>> sqlmap-users mailing list >>>>> sql...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>> >>>>> >>>> >>> >>> >>> -- >>> http://volatile-minds.blogspot.com -- blog >>> http://www.volatileminds.net -- website >>> >>> >>> ------------------------------------------------------------------------------ >>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>> Develop your own process in accordance with the BPMN 2 standard >>> Learn Process modeling best practices with Bonita BPM through live >>> exercises >>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>> event?utm_ >>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live exerciseshttp://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > > > > _______________________________________________ > sqlmap-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live > exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Vojtěch P. <kr...@gm...> - 2015-04-22 13:08:23
|
Well, so if I understand it right. Currently, --safe-url receives the URL to which the post request is going to be sent. --safe-post receives *only* POST data, no HTTP headers etc. There is no possibility to send some specific cookies or other HTTP headers currently with this safe thing. Am I right? Thanks for clarification. I am sorry if my description of problem wasn't exact enough. Vojta On 22.4.2015 14:52, Miroslav Stampar wrote: > I'll just repeat a sentence from your original message: > > "Is there any possibility to supply a post request to safeurl?" > > Bye > > On Wed, Apr 22, 2015 at 2:29 PM, Vojtěch Polášek <kr...@gm... > <mailto:kr...@gm...>> wrote: > > Hi, > I tried your new --safe-post and it doesn't seem to fullfill my > needs. I need to submit in this url same cookies as in requests > for SQL injection etc. Would it be possible to provide something > like --safe-request and read request from a file? > Thanks, > Vojta > > > On 20.4.2015 23:56, Miroslav Stampar wrote: >> Done (usage e.g. --safe-url=... --safe-post="foo=bar&..."). >> >> Bye >> >> On Mon, Apr 20, 2015 at 10:26 PM, Miroslav Stampar >> <mir...@gm... <mailto:mir...@gm...>> >> wrote: >> >> Pushing the patch in couple of hours. >> >> Bye >> >> On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry >> <bpe...@gm... >> <mailto:bpe...@gm...>> wrote: >> >> Ah, good point. Hadn't thought about that. Also, >> requiring a POST request does make it difficult. >> >> On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe >> <hoo...@gm... <mailto:hoo...@gm...>> wrote: >> >> I dont think second order option will work as that is >> specifiing where to look for injection results, which >> might result in your underlying injection failing if >> the results are not to be found there. >> >> There is however options in latest version that >> appear to be for just this type of situation >> (although I personally haven't used them just yet): >> --safe-url=SAFURL URL address to visit >> frequently during testing >> --safe-freq=SAFREQ Test requests between two >> visits to a given safe URL >> >> I believe this will ensure your session remains >> active during scan. >> >> There is also the options for CSRF tokens to be >> snagged and parsed via: >> --csrf-token=CSR.. Parameter used to hold >> anti-CSRF token >> --csrf-url=CSRFURL URL address to visit to >> extract anti-CSRF token >> >> In case the csrf token needs to be refreshed for each >> injection (when injecting into forms and other >> typical POST injections and such). >> >> On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry >> <bpe...@gm... >> <mailto:bpe...@gm...>> wrote: >> >> However, that being said, I have run into this >> before and had to write my own exploits to fully >> exploit the vulnerability. >> >> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry >> <bpe...@gm... >> <mailto:bpe...@gm...>> wrote: >> >> There is a second order parameter, it could >> be used to perform this. It would be >> requested after ever injected request were sent. >> >> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch >> Polášek <kr...@gm... >> <mailto:kr...@gm...>> wrote: >> >> Greetings, >> I am testing an application which I >> suspect to log me out if I don't >> send certain post request in certain time >> interval. >> Is this possible to do with Sqlmap? I >> know that there is a parameter >> which lets me to run any python code >> before every request. But it is not >> so nice, let's say. >> Is there any possibility to supply a post >> request to safeurl? Is there >> anything like this planed? >> Thank you very much, >> Vojta >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th >> at 10am PDT/1PM EDT >> Develop your own process in accordance >> with the BPMN 2 standard >> Learn Process modeling best practices >> with Bonita BPM through live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am >> PDT/1PM EDT >> Develop your own process in accordance with the >> BPMN 2 standard >> Learn Process modeling best practices with Bonita >> BPM through live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 >> standard >> Learn Process modeling best practices with Bonita BPM >> through live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> >> >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live > exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2015-04-22 14:29:40
|
Please update to the latest revision and use: --safe-req=...req.txt --safe-freq=... Bye On Wed, Apr 22, 2015 at 3:08 PM, Vojtěch Polášek <kr...@gm...> wrote: > Well, so if I understand it right. Currently, --safe-url receives the URL > to which the post request is going to be sent. > --safe-post receives *only* POST data, no HTTP headers etc. > There is no possibility to send some specific cookies or other HTTP > headers currently with this safe thing. Am I right? > Thanks for clarification. I am sorry if my description of problem wasn't > exact enough. > Vojta > > On 22.4.2015 14:52, Miroslav Stampar wrote: > > I'll just repeat a sentence from your original message: > > "Is there any possibility to supply a post request to safeurl?" > > Bye > > On Wed, Apr 22, 2015 at 2:29 PM, Vojtěch Polášek <kr...@gm...> > wrote: > >> Hi, >> I tried your new --safe-post and it doesn't seem to fullfill my needs. I >> need to submit in this url same cookies as in requests for SQL injection >> etc. Would it be possible to provide something like --safe-request and read >> request from a file? >> Thanks, >> Vojta >> >> >> On 20.4.2015 23:56, Miroslav Stampar wrote: >> >> Done (usage e.g. --safe-url=... --safe-post="foo=bar&..."). >> >> Bye >> >> On Mon, Apr 20, 2015 at 10:26 PM, Miroslav Stampar < >> mir...@gm...> wrote: >> >>> Pushing the patch in couple of hours. >>> >>> Bye >>> >>> On Mon, Apr 20, 2015 at 8:37 PM, Brandon Perry < >>> bpe...@gm...> wrote: >>> >>>> Ah, good point. Hadn't thought about that. Also, requiring a POST >>>> request does make it difficult. >>>> >>>> On Mon, Apr 20, 2015 at 1:36 PM, Johnathon Doe <hoo...@gm...> >>>> wrote: >>>> >>>>> I dont think second order option will work as that is specifiing >>>>> where to look for injection results, which might result in your underlying >>>>> injection failing if the results are not to be found there. >>>>> >>>>> There is however options in latest version that appear to be for just >>>>> this type of situation (although I personally haven't used them just yet): >>>>> --safe-url=SAFURL URL address to visit frequently during testing >>>>> --safe-freq=SAFREQ Test requests between two visits to a given >>>>> safe URL >>>>> >>>>> I believe this will ensure your session remains active during scan. >>>>> >>>>> There is also the options for CSRF tokens to be snagged and parsed via: >>>>> --csrf-token=CSR.. Parameter used to hold anti-CSRF token >>>>> --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token >>>>> >>>>> In case the csrf token needs to be refreshed for each injection (when >>>>> injecting into forms and other typical POST injections and such). >>>>> >>>>> On Mon, Apr 20, 2015 at 1:22 PM, Brandon Perry < >>>>> bpe...@gm...> wrote: >>>>> >>>>>> However, that being said, I have run into this before and had to >>>>>> write my own exploits to fully exploit the vulnerability. >>>>>> >>>>>> On Mon, Apr 20, 2015 at 1:21 PM, Brandon Perry < >>>>>> bpe...@gm...> wrote: >>>>>> >>>>>>> There is a second order parameter, it could be used to perform this. >>>>>>> It would be requested after ever injected request were sent. >>>>>>> >>>>>>> On Mon, Apr 20, 2015 at 1:18 PM, Vojtěch Polášek <kr...@gm...> >>>>>>> wrote: >>>>>>> >>>>>>>> Greetings, >>>>>>>> I am testing an application which I suspect to log me out if I don't >>>>>>>> send certain post request in certain time interval. >>>>>>>> Is this possible to do with Sqlmap? I know that there is a parameter >>>>>>>> which lets me to run any python code before every request. But it >>>>>>>> is not >>>>>>>> so nice, let's say. >>>>>>>> Is there any possibility to supply a post request to safeurl? Is >>>>>>>> there >>>>>>>> anything like this planed? >>>>>>>> Thank you very much, >>>>>>>> Vojta >>>>>>>> >>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>>>>>> Develop your own process in accordance with the BPMN 2 standard >>>>>>>> Learn Process modeling best practices with Bonita BPM through live >>>>>>>> exercises >>>>>>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>>>>>> event?utm_ >>>>>>>> >>>>>>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>>>>>> _______________________________________________ >>>>>>>> sqlmap-users mailing list >>>>>>>> sql...@li... >>>>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> http://volatile-minds.blogspot.com -- blog >>>>>>> http://www.volatileminds.net -- website >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> http://volatile-minds.blogspot.com -- blog >>>>>> http://www.volatileminds.net -- website >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>>>> Develop your own process in accordance with the BPMN 2 standard >>>>>> Learn Process modeling best practices with Bonita BPM through live >>>>>> exercises >>>>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>>>> event?utm_ >>>>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>>>> _______________________________________________ >>>>>> sqlmap-users mailing list >>>>>> sql...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>> >>>>>> >>>>> >>>> >>>> >>>> -- >>>> http://volatile-minds.blogspot.com -- blog >>>> http://www.volatileminds.net -- website >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >>>> Develop your own process in accordance with the BPMN 2 standard >>>> Learn Process modeling best practices with Bonita BPM through live >>>> exercises >>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >>>> event?utm_ >>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >>> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through live exerciseshttp://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> >> >> >> _______________________________________________ >> sqlmap-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through live >> exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live > exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X