Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Doc

Browse Source
This commit is contained in:
Laurent Destailleur 2020-09-24 15:45:52 +02:00
parent 2404856409
commit 43783008c1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
test/sqlmap/README
View File

@ -44,7 +44,7 @@ Add, into file ~/git/sqlmap/data/xml/payloads/boolean_blind.xml, the custom rule
Introduce a vulnerability by changing the GETPOST on parameter search_status into GETPOST('search_status', 'none') and removing $db->sanitize when parameter is used;
./sqlmap.py -A "securitytest" --threads=4 -u "http://localhostdev/comm/propal/list.php?search_status=*" --dbms=mysql --os=linux --technique=B --batch --skip-waf \
--cookie="DOLSESSID_xxxxxx=yyyyyyyy;" --prefix='1' -v 5 > sqlmap.txt
--cookie="DOLSESSID_xxxxxx=yyyyyyyy;" --prefix='1' -v 4 > sqlmap.txt
Check vulnerability is found into sqlmap.txt. Scanner is working.