I've a web app that has an injection point in POST data. POST data requires 4 params and one of these is a session-custom token. The problem is that every time request is made i need to get a new token from the app. To obtain a "fresh" token i did a python script but.. how to pass and upgrade this token to sqlmap for each sqlmap-request?
Example, request is:
POST /xxx/page.sto HTTP/1.1
Host: xxxx
Content-Type: multipart/form-data; boundary=------47876555712215045582138952413
...other headers...
-----------------------------47876555712215045582138952413
Content-Disposition: form-data; name="CustomToken"
1240100630411055 *--this is the token i need to change every request--*
-----------------------------47876555712215045582138952413
Content-Disposition: form-data; name="param2"
https://hostname/path/page.sto
-----------------------------47876555712215045582138952413
Content-Disposition: form-data; name="param3"
mike* *--this is the vuln param--*
-----------------------------47876555712215045582138952413
Content-Disposition: form-data; name="param4"
asd
-----------------------------47876555712215045582138952413--
the commands:
sqlmap -r request.txt -p param3
with char '*' near param3 (mike) sqlmap automatically recognizes injection params, but how can i give dynamically a token (or a list of valid tokens) to tool?
ps. I have also tried with "--tamper" options, wrote a script that makes a request and then rebuilds a POST data but it doesn't work because sqlmap when makes post request it doubles the POST data.