Re: [sqlmap-users] sqlmap bug
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] sqlmap bug
|
From: Bernardo D. A. G. <ber...@gm...> - 2009-02-01 10:17:29
|
Hi Joe, Joe wrote: > Bernardo Damele A. G. wrote: >> Did you check manually for the UNION query SQL injection using only NULL >> chars or did you really confirm it by inject a string or number in >> one/some of the NULLs? > Yup. But again, the app only uses the first returned row. I did both > and 2=1 union all select null,null,null,etc > and > and 2=1 union all select 1,2,3,etc > And both worked fine. Support for partial UNION query SQL injection has been added already in sqlmap 0.6.3, but not exactly in this way. I will implement also this way to exploit partial UNION. Thanks for the idea. > I will. This user manual ... is it in the svn? Yes, in all versions, it's the doc/README.pdf file, but you can read it also online from the homepage link. -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +39-3493821385 (IT), +44-(0)7788962949 (UK) PGP Key ID: 0x05F5A30F |
