[sqlmap-users] Injecting into LIMIT ints
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Injecting into LIMIT ints
|
From: Chris O. <chr...@gm...> - 2012-08-03 14:08:41
|
Hi All I have found that an application has a rewritten URL element that ends up in a SQL query. The error message tells me that I'm injecting into the LIMIT number at the end of the query. This appears to be the only point of injection for now. A simplified version of the query that's being injected into is: SELECT * FROM posts WHERE site_id = '1' ORDER BY post_date DESC, created_date DESC LIMIT foo, 10 'foo' is my injection and of course gives a syntax error. I know that apostrophes/ticks (as in the ' character) are blocked as a minimum. Does anyone have any experience injecting this late in a query? Any ideas would be greatly received. Regards Chris |
