When using the -batch option in SQLmap it should stay at least in the domain scope. I noticed that when my domain redirects (302) to for example some Azure or other (third party) domain, it shouldn't proceed but however answers yes to all following requests.
It could be as simple as checking if the whole URL part before the first path / is the same. Or at least an (default) option should be to stay in the domain scope or to even define a domain scope such as --scope=www.example.com, --scope=www.example.com,test.example.com or --scope=*.example.com
When using the
-batchoption in SQLmap it should stay at least in the domain scope. I noticed that when my domain redirects (302) to for example some Azure or other (third party) domain, it shouldn't proceed but however answers yes to all following requests.It could be as simple as checking if the whole URL part before the first path
/is the same. Or at least an (default) option should be to stay in the domain scope or to even define a domain scope such as--scope=www.example.com,--scope=www.example.com,test.example.comor--scope=*.example.com