Re: [sqlmap-users] POST injection
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] POST injection
|
From: Ahmed S. <ah...@is...> - 2011-05-08 20:35:25
|
try --level 3 --risk 3 On Sun, May 8, 2011 at 11:33 PM, <ja...@ev...> wrote: > Hi, > > I was recently messing around with another scanner and I found an > injection I'd like to play around with in Sqlmap. > > The injection found is a POST to something.asp and its " > action=login&login=whatever'=sleep(15)='&password= ". I verified it > manually and its good to go, however I've not yet been able to get > SQLmap to detect and exploit it. > > I've been messing with --prefix and --suffix but I cant get any joy. > > Any ideas on this boys? > > Thanks in advance, > James > > > > ------------------------------------------------------------------------------ > WhatsUp Gold - Download Free Network Management Software > The most intuitive, comprehensive, and cost-effective network > management toolset available today. Delivers lowest initial > acquisition cost and overall TCO of any competing solution. > http://p.sf.net/sfu/whatsupgold-sd > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- - Ahmed Shawky El-Antry - Pen-tester, Programmer and System administrator - lnxg33k owner "http://lnxg33k.wordpress.com" - Isecur1ty team member"http://www.isecur1ty.org" - Twitter @lnxg33k |
