Re: [sqlmap-users] sqlmap bugs!
Brought to you by:
inquisb
From: Bernardo D. A. G. <ber...@gm...> - 2009-06-05 10:44:55
|
Hi, 2009/6/5 peterdocter <doc...@gm...>: > sqlmap is so good working for mysql 5.x or have Schema > > some bugs: > mysql<=4.x > A: > vul: > http://test.com/test.php?id=1 SQL > The admin table is exists! > But I use: > ./sqlmap -u http://test.com/test.php?id=1 > > --sql-query "select * from admin" > do not working??? On MySQL < 5.0 there is not information_schema and sqlmap does not perform any bruteforce on the tables/columns names. This said, the asterisk can not be expanded to the columns within the admin table. However, you can use --dump -T admin -D databasename -C col1,col2,col3 assuming you know already the columns and the databasename. > B: > vul: > > http://test.com/test.php?id=1' SQL /* > > --prefix=PREFIX Injection payload prefix string > --postfix=POSTFIX Injection payload postfix string > > ./sqlmap -u http://test.com/test.php?id=1 > --prefix "'" > --postfix "/*" > sqlmap is not working too!!! Run it with -v 3 and see if the SQL payload is forged as you expect. > Wish add: > Fuzz Tables and Columns or brute force for dictionary file > Manually injected into sql > > I meet a lot of is: > http://test.com/test.php/id/1 SQL > > or tell me how to add it and resolve bugs? This is something that I will work in the long run. Cheers, -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +447788962949 (UK), +393493821385 (IT) PGP Key ID: 0x05F5A30F |