Re: [sqlmap-users] SQLmap on Microsoft Access
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] SQLmap on Microsoft Access
|
From: Miroslav S. <mir...@gm...> - 2012-10-07 17:46:31
|
Hi Kyle. You can find examples here [1] and here [2]. In short, in one run you'll need --tables to brute force table names and in other(s) --dump -T <table_name> to dump table of interest. Kind regards, Miroslav Stampar [1] http://unconciousmind.blogspot.com/2011/05/sqlmap-vs-testfire-testing-web-server.html [2] http://unconciousmind.blogspot.com/2011/05/sqlmap-vs-webappsecurity-testing-web.html On Fri, Oct 5, 2012 at 1:29 AM, kyle easter <kyl...@gm...> wrote: > I do not really know how to use SQL map on MS access backend. > > I'm trying to test a website, But I'm stuck here > > sqlmap identified the following injection points with a total of 20 > HTTP(s) requests: > --- > Place: GET > Parameter: id > Type: boolean-based blind > Title: AND boolean-based blind - WHERE or HAVING clause > Payload: id=32 AND 1922=1922 > > I would understand what to do if this was just a normal php server, and > bring up the tables but this obviously is not the same. > > Can someone please help me? > > kyl...@gm... > Regards! > > > ------------------------------------------------------------------------------ > Don't let slow site performance ruin your business. Deploy New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and .NET app > Try New Relic at no cost today and get our sweet Data Nerd shirt too! > http://p.sf.net/sfu/newrelic-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
