Re: [sqlmap-users] hmm
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] hmm
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-05-20 12:51:41
|
James, On Thu, May 20, 2010 at 12:30, <ja...@ev...> wrote: > ... > Have you noted that SQLMap misses a lot of vulns? Simple ones like > > windowsistrash.asp?id=1';waitfor delay '00:00:15' > > And also more complex POST vulns? I've been using SQLNinja on the advice > > of my friend Bert and it appears to pwn windoze better than SQLmap... > ... As I said several times, sqlmap can detect only boolean-based blind SQL injection at first. If and once it identifies this type of injection, it can be used to test and exploit UNION query and stacked queries. This is a design flaw which will be fixed in the upcoming months. sqlninja is not able to detect the injection, you have to instruct it where it is and how to exploit it in the sqlninja.conf file. It uses only waitfor delay (time-based blind SQL injection) to enumerate very little data, the only data needed to takeover it. This is why it "pwn windoze better". -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
