Breeding: How to inject a part of cookie using sqlmap -

Wednesday, 15 May 2013

i need sql injection on part of cookie using sqlmap. target url static.

a sample cookie:

cookie1=blah_var1/blah_val1/blah_var2/blah_val2/searchtext/userinput/blah_var3/blah_val3/.../

in cookie need inject "userinput" using sqlmap. know --cookie parameter wont work in case. part of cookie lone have injected using sqlmap.

i don't know how this. please help.

intercept request, save file , give file sqlmap -r parameter, default sqlmap should check cookie.

sqlmap.py -r request.txt

you can utilize tamper info (firefox extension), or free version of burp proxy intercept request.

sqlmap

Breeding