sqlmap中的"Resend original POST data to a new location"是什么意思?
What does "Resend original POST data to a new location" mean in sqlmap?
使用sqlmap时,我有以下几点:
sqlmap got a 302 redirect to 'http://localhost/sqlmap/index.php'. Do you want to follow? [Y/n] y
我知道我的 POST 响应正在重定向到 index.php。下一个问题是:
redirect is a result of a POST request. Do you want to resend original POST data to a new location? [Y/n] y
但我不明白将原始数据重新发送到新位置是什么意思。
有人可以帮忙吗?
基本上它会将您的 POST 数据重新发送到找到的新位置(重定向)。假设您的 POST 数据是:
data = {
"username": "example",
"password": "example"
}
如果站点将您重定向到 http://example.com/php?login=False,您将它发送到 http://example.com/php?login=True,它将把数据重新发送到那个 link,所以简而言之,sqlmap 将在重定向到的新 link 上重试登录凭据。
因混淆而编辑(见评论)
POST:
In computing, POST is a request method supported by the HTTP protocol
used by the World Wide Web. By design, the POST request method
requests that a web server accept the data enclosed in the body of the
request message, most likely for storing it. It is often used when
uploading a file or when submitting a completed web form.
参考:https://en.m.wikipedia.org/wiki/POST_(HTTP)
获取:
GET requests a representation of the specified resource. Note that GET
should not be used for operations that cause side-effects, such as
using it for taking actions in web applications. One reason for this
is that GET may be used arbitrarily by robots or crawlers, which
should not need to consider the side effects that a request should
cause.
参考:What is the difference between POST and GET?
使用sqlmap时,我有以下几点:
sqlmap got a 302 redirect to 'http://localhost/sqlmap/index.php'. Do you want to follow? [Y/n] y
我知道我的 POST 响应正在重定向到 index.php。下一个问题是:
redirect is a result of a POST request. Do you want to resend original POST data to a new location? [Y/n] y
但我不明白将原始数据重新发送到新位置是什么意思。
有人可以帮忙吗?
基本上它会将您的 POST 数据重新发送到找到的新位置(重定向)。假设您的 POST 数据是:
data = {
"username": "example",
"password": "example"
}
如果站点将您重定向到 http://example.com/php?login=False,您将它发送到 http://example.com/php?login=True,它将把数据重新发送到那个 link,所以简而言之,sqlmap 将在重定向到的新 link 上重试登录凭据。
因混淆而编辑(见评论)
POST:
In computing, POST is a request method supported by the HTTP protocol used by the World Wide Web. By design, the POST request method requests that a web server accept the data enclosed in the body of the request message, most likely for storing it. It is often used when uploading a file or when submitting a completed web form.
参考:https://en.m.wikipedia.org/wiki/POST_(HTTP)
获取:
GET requests a representation of the specified resource. Note that GET should not be used for operations that cause side-effects, such as using it for taking actions in web applications. One reason for this is that GET may be used arbitrarily by robots or crawlers, which should not need to consider the side effects that a request should cause.
参考:What is the difference between POST and GET?