Re: [sqlmap-users] Bypassing IDS/IPS
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Bypassing IDS/IPS
|
From: Chris O. <chr...@gm...> - 2012-08-30 20:49:48
|
Mentioning live sites on the list... grumble... On 30 August 2012 16:06, Arturs Pavlovs <lva...@in...> wrote: > Hi! > Basically this question is about what Havij does and how to do the same w/ > SQLMap (or better). I made injections and was able to dump database with > Havij in this site - > http://nhl.id.lv/?cat=stats&position=Goalie&sort=saves through parameter > 'sort'. It used MySQL timebased injection (time is usually 4.x seconds or > 3.x - I was not able to set SQLMap to miliseconds or seconds with commas or > points) and retrieved all the needed data using slow guessing letters > method. But it did the job although it was very slow. With SQLMap it > detects MySQL timebased blind, but is not able to retrieve any data. > Payload says that there is a possibility of IDS/IPS defence. What should I > do to get the database name? Any tampering scripts or combinations of them? > Is it possible to get the names of DBs and tables faster than Havij slo-mo > guessing? > There's another site with which I have a similar problem. That's > http://hack-games.com . I set crawling to 2 and use parameters 'doaction' > or 'pmid' . SQLMap finds blind boolean injection, but once again hits the > IDS/IPS defence. Havij on the same page only without crawling (I specified > the page SQLMap found while crawling, but don't remember it :D) found the > DB, but it wasn't able to get normal characters instead of square boxes. > That is probably just an encoding issue. > Could anyone help me to sort out this situation? > > P.S. > Havij also does database name character count retrieval, before guessing > the numbers. I'm not sure if SQLMap has such function. > P.P.S. > I won't use your help to do something illegal with SQLMap, I'm just having > fun from hacking. No harm done to any of higher mentioned or any other > webpages. > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > |
