Re: [sqlmap-users] Blind SQL Injection
Brought to you by:
inquisb
From: David G. <sk...@gm...> - 2010-03-26 00:20:49
|
Try passing --string parameter to sqlmap. --string=STRING String to match in page when the query is valid On Thu, Mar 25, 2010 at 6:18 PM, Pagera <pag...@gm...> wrote: > Hello and hope fine > thank bernardo for the DirBuster > > a question about Blind sql injection > does SQLMap support this mode? > > i used --UNION-USE but it failed .. i have a vulnerable url > im able to view all database information by manipulating the http url > like "version() , etc > but when im using SQLMap the result is that this url is not vulnerable!!! > > im wondering if its cuz of not supporting Blind Mode? > > and thank for help > > > > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- David Gomes Guimarães |