[sqlmap-users] Update query
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Update query
|
From: David A. <dav...@gm...> - 2011-11-08 13:13:52
|
Hello, I detected a simple sql injection in an update query. The vulnerable functionality locks items of a list. An example of the vulnerable parameter is: A) vuln_param=1 AND 1=1 B) vuln_param=1 AND 1=0 The problem is that sqlmap is not able to detect differences because when sqlmap execute A) the value will be locked, so the following requests won't modify the results in the database, the item is locked, and all responses will be equal. To unlock the item, you have to execute another functionality.So, how does sqlmap deal in these situations? A solution could be provide the unlock request and execute that funcionality after every request made by sqlmap, in order to unlock the item and detect changes in the responses. However, this duplicates the number of requests needed. kr |
