Re: [sqlmap-users] MySQL < 5.0.0
Brought to you by:
inquisb
From: Freeman Y. <fre...@la...> - 2008-10-22 08:37:45
|
Bernardo Damele A. G. wrote: > Hi Freeman, > > On Wed, Oct 22, 2008 at 00:40, Freeman Y. <fre...@la...> wrote: > >> ... >> [...] >> [16:36:06] [INFO] query: SELECT 0 FROM information_schema.TABLES LIMIT 0, 1 >> [16:36:06] [INFO] retrieved: >> [16:36:11] [INFO] performed 6 queries in 5 seconds >> back-end DBMS: MySQL < 5.0.0 >> >> [16:36:11] [ERROR] information_schema not available, back-end DBMS is MySQL >> < 5. >> 0 >> >> [*] shutting down at: 16:36:11 >> >> If you look I did use -D and then --tables. What am I doing wrong? >> > > As you can see from sqlmap messages, the remote DBMS is MySQL < 5.0 so > it has not information_schema. If you assume it is MySQL >= 5.0 so the > current user does not have access to the information_schema system > database. > > Cheers, > Sorry I was mistaken, I thought that if I had the DB name then it could enumerate the tables with -D tablename and --tables even if MySQL is < 5.0. Do you have any suggestions as how to attack this type of DB then? I'm somewhat new to SQL injections, please bear with me :) Thanks for your help! |