[sqlmap-users] sqlmap password field injection
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] sqlmap password field injection
|
From: Zinho <zi...@ha...> - 2008-11-08 19:13:08
|
Ciao Bernardo ( ;) italiano anche io) Following up with the response you gave to Dan about injection in login form I have tried to put test'+OR+'1'='1');-- in the data parameter (because this is the way to bypass the auth through sqli and get the string) but I receive [ERROR] all testable parameters you provided are not present within t he GET, POST and Cookie parameters It seems that the problem is in the '=' character in the data parameter. I tried it both using sqlmap.conf and inline parameters with no luck Any suggestion on this will be very appreciated. -- ---- Zinho Webmaster and Founder Hackers Center Internet Security Portal www.hackerscenter.com |
