Re: [sqlmap-users] Call for common table names
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Call for common table names
|
From: Miroslav S. <mir...@gm...> - 2010-09-29 12:28:04
|
to be honest, this is great idea :) i've tried it and it really shows some really cool stuff :) will do this because i am more than interested what will be the results. once again, great idea On Wed, Sep 29, 2010 at 2:24 PM, Andres Riancho <and...@gm...> wrote: > Maybe if you search google's codesearch for "create table ..." inside. sql > files and automate the result extraction you would get something really cool > :) > > Regards, > -- > Andres Riancho > > El sep 29, 2010 9:21 a.m., "Miroslav Stampar" <mir...@gm...> > escribió: > > Hi. > > We are currently adding new feature into sqlmap for retrieving table > names when database (information_) schema is missing and/or sqlmap is > unable to extract table names via normal ways. > > Basic injection vector is: ...AND EXISTS(SELECT 1 FROM <table_name>)... > > So, if you have some knowledge to share please do. > > PHP, Joomla, Wordpress,... everything is more than welcome, except > database system tables. We have those more than enough ;) > > Bye. > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
