is well written and covers most of what a beginner
would want to know. I appreciate it
Thanks!
Bob
- Original Message -
From: Miroslav Stampar
To: Bob Simonoff
Cc: sqlmap-users@lists.sourceforge.net
Sent: Sunday, December 11, 2011 3:37 AM
Subject: Re: [sqlmap-users] A
I received this message:
[23:28:33] [CRITICAL] you have provided tainted parameter values
(ncmb%26ShowMenu=-1) with most probably leftover chars from manual sql
injection tests (;()') or non-valid numerical value. Please, always use only
valid parameter values so sqlmap could be able to do a v
etter time interacting with sqlmap.
>
> On Mon, Nov 21, 2011 at 1:39 PM, Iago Sousa <146050...@gmail.com> wrote:
>> What is the fld?
>>
>> On Mon, Nov 21, 2011 at 10:30 AM, Bob Simonoff
>> wrote:
>>>
>>> I have
I have been asked to test a web site for SQL injection. The website uses POST
and the parameter names all have the 3 characters %26 (percent 26) as a
separator. This makes thinks difficult, since I am running sqlmap from windows.
First windows is trying to substitute %2 as the second argument
