[sqlmap-users] problems with union injections
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] problems with union injections
|
From: a n. g. <ae9...@to...> - 2012-07-07 19:19:00
|
Hello, I have some questions regarding union injections that google didn't answer. The scenario is the following: MySQL 5.0 and error messages are shown "SELECT col1 as val,col2 FROM dummtyable WHERE col3=".$id ." ORDER BY col2 DESC LIMIT 1" The outputs of the query are not shown. Sqlmap detects a error-based vulnerability and the union injection with two columns but it's unable to exploit the union injection. I already tried --union-char several times, it's always the same result. Is there a way to exploit it though there is no output of the query? kind regards, a nice guy |
