Thread: [sqlmap-users] how to use sqlmap with mod_rewrite enable

Brought to you by: inquisb

This project can now be found here.

sqlmap-users

[sqlmap-users] how to use sqlmap with mod_rewrite enable

From: Ryan F. <ry...@gm...> - 2010-10-25 03:15:22

Dear List,

i have problem ho to use sqlmap to test within mod_rewrite

example

http://victime.com/news/2010/1

i found SQLi on 2010

it's blind SQLi

http://victime.com/news/2010 and 1=1/1

http://victime.com/news/2010 and 1=0/1

how to use with sqlmap.

Thank you

Re: [sqlmap-users] how to use sqlmap with mod_rewrite enable

From: Ulisses C. <uss...@gm...> - 2010-10-25 04:20:11

Like Bernardo said here in this list a couple mails later...

"
Get sqlmap from svn.
Use asterisk to mark the injection point. Eg:
www.site.tld/path/category_123*/getItem.do

Bernardo Damele A. G.
"

Maybe helps.

Cheers,
Ulisses Castro

On Mon, Oct 25, 2010 at 1:15 AM, Ryan Fabella <ry...@gm...> wrote:
> Dear List,
>
> i have problem ho to use sqlmap to test within mod_rewrite
>
> example
>
> http://victime.com/news/2010/1
>
> i found SQLi on 2010
>
> it's blind SQLi
>
> http://victime.com/news/2010 and 1=1/1
>
> http://victime.com/news/2010 and 1=0/1
>
> how to use with sqlmap.
>
> Thank you
>
> ------------------------------------------------------------------------------
> Nokia and AT&T present the 2010 Calling All Innovators-North America contest
> Create new apps & games for the Nokia N8 for consumers in  U.S. and Canada
> $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
> Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
> http://p.sf.net/sfu/nokia-dev2dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>