The API, specifically the /scan/{$taskid}/data endpoint, returns the vulnerable parameter, but not the target URL. This is an issue when using a Google dork because you can't know which URL is vulnerable.
Simply launch the API with python sqlmapapi.py -s, start a new task with the googleDork parameter, wait for it to finish, and send a request to the /scan/{$taskid}/data. The target URL won't be included.
What's the problem (or question)?
The API, specifically the
/scan/{$taskid}/data
endpoint, returns the vulnerable parameter, but not the target URL. This is an issue when using a Google dork because you can't know which URL is vulnerable.Response: http://pastebin.com/raw/SW2BL90f
Do you have an idea for a solution?
Return the URL along with the rest of the data.
How can we reproduce the issue?
Simply launch the API with
python sqlmapapi.py -s
, start a new task with thegoogleDork
parameter, wait for it to finish, and send a request to the/scan/{$taskid}/data
. The target URL won't be included.What are the running context details?
Version
1.1.1.20#dev
.