Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid video in documentation #7

Open
duraki opened this issue Jul 13, 2018 · 8 comments
Open

Invalid video in documentation #7

duraki opened this issue Jul 13, 2018 · 8 comments

Comments

@duraki
Copy link

duraki commented Jul 13, 2018

From the README (and official web), we are getting:

This video is no longer available because the uploader has closed their YouTube account.

Can we get reupload or something?

Thanks.
@codingo
Copy link

codingo commented Jul 31, 2018

Agreed - video was a useful primer for this. Would be great to see it re-posted.

@duraki
Copy link
Author

duraki commented Aug 1, 2018

Paging @djhohnstein to take a look into it

@djhohnstein
Copy link
Contributor

Hey guys,

Sorry it took me awhile to get back to you. I no longer am a maintainer of these repositories so I haven't been watching them closely. The video still exists and just needs to be dug up by the new maintainers and re-uploaded (as I no longer have the MP4). The commands should still be valid though from the official web version as you guys have linked above.

The issue has been raised to the requisite parties and they'll be handling the issue from here on forward.

Cheers!

@codingo
Copy link

codingo commented Aug 4, 2018

Any chance you could put the command string here?

@djhohnstein
Copy link
Contributor

From the article here (https://rhinosecuritylabs.com/application-security/sleuthql-sql-injection-discovery-tool/), scroll down to "Using SleuthQL". Save the selected items from your site. Then, you can use the tool as the Readme states (https://github.com/RhinoSecurityLabs/SleuthQL#usage) by pointing the script to the XML, along with passing a comma separated list of domains that you want to analyze. This will create a directory for each domain with request text files.

To run SQLMap in batch, use the find command pointing it to the directory of requests files and run SQLMap in batch via:

find $directoryDomainName -name “*.txt” -exec sqlmap -r {} –batch \;

@codingo
Copy link

codingo commented Aug 6, 2018

Thank-you @djhohnstein. The command string I was referring to though I bleive was a bit more detailed t o allow quicker loading of targets? It's been a while since I made the slide deck for the talk this is in and unfortunately I didn't put the command there.

@djhohnstein
Copy link
Contributor

If I were to guess you might be thinking about Burp Spidering which will automatically crawl the site and submit forms. Otherwise, if you wanted to check the results of your SQLMap you can check the log file for successes.

@codingo
Copy link

codingo commented Jan 15, 2019

Closed with 29fc878

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@codingo @duraki @djhohnstein