Re: [sqlmap-users] Strange query before injection and after verification

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi Andres.

That strange part is actually a "heuristic" check. It's "injected" into the
parameter value to see if there would be a DBMS specific error message.
It's really a standard procedure.

Now, could you please explain why is it bothering you?

Kind regards,
Miroslav Stampar

On Tue, Nov 22, 2011 at 2:24 AM, Andres Ferraro <an...@an...>wrote:

> Hi Folks,
>
> Whenever   I   use   sqlmap   injecting   into   cookies,   with  just
> --technique=BT, even when I set --prefix="" and --suffix="" and really
> no matter what I do I get the following
>
> 1- Connectivity test - All fine
> 2 - Check to see if the URL is stable - All fine here
> 3 - [PAYLOAD] 1pre ('""')'"))suff
> 4 - normal injection stuff...
>
> Where  "pre"  is whatever I set as prefix (including blank) and "suff"
> if my suffix string.
>
> Is  there any way to stop the "('""')'"))" string from going out??
> I've tried  everything  I  could  think  of,  even removed all payloads and
> delimiters from payloads.xml.
>
> Any clue?
>
> ps:  The  really  weird  part is those characters (the parenthesis and
> quotes)  would  change  depending  on the contents of the payloads.xml
> file, yet would never go away.
>
> --
> Best regards,
>  Andres                          mailto:an...@an...
>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure
> contains a definitive record of customers, application performance,
> security threats, fraudulent activity, and more. Splunk takes this
> data and makes sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-novd2d
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>

-- 
Miroslav Stampar
http://about.me/stamparm