Penetration Testing mailing list archives
RE: SQLMAP
From: Marvin Simkin <Marvin.Simkin () asu edu>
Date: Thu, 6 Nov 2008 16:20:18 -0700
I think it wants some parameters to test. For example: python sqlmap.py -u http://www.domain.com/page.php?id=3&option=foo Then it will try to inject SQL in place of the "3" or the "foo". ------------------------------------- Marvin Simkin Information Security University Technology Office Arizona State University http://simkin.asu.edu/ -----Original Message----- From: listbounce () securityfocus com on behalf of Anthony Cicalla Sent: Thu 2008-11-06 11:06 To: Michael Condon Cc: pen-test () securityfocus com Subject: Re: SQLMAP Can you post you conf file, with the domain you are testing xxxx'ed out? On Wed, Nov 5, 2008 at 6:35 PM, Michael Condon <admin () singulartechnologysolutions com> wrote:
When I run a simple sqlmap command (which is shown similarly in their doc): python sqlmap.py -u http://www.domain.com/page.php -v 2 I receive the following error: all testable parameters are not present within the GET, POST and Cookie parameters. What am I misunderstanding/doing wrong? Other than that, does anyone know of a good Win32 SQL Injection testing tool? ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
-- Anthony, ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- SQLMAP Michael Condon (Nov 06)
- Re: SQLMAP Anthony Cicalla (Nov 06)
- RE: SQLMAP Marvin Simkin (Nov 09)
- Re: SQLMAP Michael Condon (Nov 09)
- RE: SQLMAP Marvin Simkin (Nov 09)
- Re: SQLMAP Bojan Zdrnja (Nov 09)
- Re: SQLMAP Michael Condon (Nov 09)
- Re: SQLMAP Taras P. Ivashchenko (Nov 18)
- Re: SQLMAP Anthony Cicalla (Nov 19)
- Re: SQLMAP Michael Condon (Nov 09)
- Re: SQLMAP Anthony Cicalla (Nov 06)