Re: [sqlmap-users] Injection into columns list
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Injection into columns list
|
From: Dennis <kor...@ya...> - 2012-07-25 09:28:37
|
I'm not sure about Troy, but I had a similar case recently. I could control the bit of the query between SELECT and FROM, which could be exploited either with nested (SELECT)s or by expanding the query with another FROM [...] UNION SELECT [...] to extend the query. SQLmap did not find the injection. The DBMS was Oracle. Cheers Am 25.07.2012 00:48, schrieb Miroslav Stampar: > > Hi Troy. > > More info is required for sure. > > You mean that you just need a (SELECT...)/subquery type of injection? > This is something that we are aware that we need to do. > > Kind regards, > Miroslav Stampar > > On Jul 24, 2012 11:18 PM, "Troy B" <pow...@gm... > <mailto:pow...@gm...>> wrote: > > Evening all, > > I had an SQL injection into a MySQL5-based web application the > other week which involved me having control over the column list > being selected. I tried sqlmap against the URL, but it didn't > find the injection point. I tried again, taking the --level and > --risk a little higher, but still nothing. > > In the end, I manually exploited it using a sub-select. Was I > doing something wrong with sqlmap, or will it not identify > injection points like that? I can provide an example of the query > the application was using if this helps. > > Regards, > > Matt > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. > Discussions > will include endpoint security, mobile security and the latest in > malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
