I have a domain in the format: example.com?host=http://anotherexample.com?bar=1
I want to attack the "bar" param, but sqlmap (correctly) parses the second url as a value of the foo param. Therefore I can't select the bar variable with the -p argument.
Any way around this?
In response to one answer, the resulting command is like so:
sqlmap -v -p user -u "example.com?host=?user=1" --prefix="http://anotherexample.com/debug"
This isn't valid, as the first param must be a ? for the url to be valid, and the remaining params but be &'s.