Re: [sqlmap-users] Planning sqlmap 1.0
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Planning sqlmap 1.0
|
From: Miroslav S. <mir...@gm...> - 2011-05-04 12:32:25
|
On Wed, May 4, 2011 at 2:26 PM, <bu...@gm...> wrote: > On 05/04/2011 12:15 PM, Bernardo Damele A. G. wrote: >> * Confirm injection in another page (feature requested by someone on >> the mailing list) > > Great! > >> * Implement out-of-band for data fetching: we may possibly implement >> this. It would be split down in the following functions: >> * HTTP requests (Oracle UTL_HTTP) >> * UNC paths (can be done in all DBMS afaik) >> * openrowset (to replicate dbms remotely on MSSQL) >> * db_link() (to replicate dbms remotely on PgSQL) > > Will this also include DNS based exfiltration? (UTL_INADDR, ..) > http://article.gmane.org/gmane.comp.security.sqlmap/1073 yes :) > > > > > > > > ------------------------------------------------------------------------------ > WhatsUp Gold - Download Free Network Management Software > The most intuitive, comprehensive, and cost-effective network > management toolset available today. Delivers lowest initial > acquisition cost and overall TCO of any competing solution. > http://p.sf.net/sfu/whatsupgold-sd > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com PGP Key ID: 0xB5397B1B |
