Re: [sqlmap-users] stacked queries
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] stacked queries
|
From: Miroslav S. <mir...@gm...> - 2012-12-30 10:30:47
|
Hi.
Stacked queries SQLi, or "SQL piggybacking", is a technique where you end
the current injectable SQL command (most often with a standard character
";") and append a new independent SQL command.
E.g. if injectable SQL command (inside page vuln.php) is 'SELECT * FROM
users WHERE id=$_GET("id")' you can try to use stacked query like this:
http://www.target.com/vuln.php?id=1; INSERT INTO users VALUES(1,'admin',
'pass')
Kind regards,
Miroslav Stampar
On Sun, Dec 30, 2012 at 10:25 AM, ml <ml...@sm...> wrote:
> he guys
>
>
> I encounter problems when trying to shell insert into an existing table
>
> the shell warns me of sql warnings on requests stacked queries
>
> I'm trying without success you can take the trouble to explain
> http://comments.gmane.org/gmane.comp.security.sqlmap/2437
> I do not know what is the stacked queries
>
> Please explain to me
>
> --
> gpg --keyserver pgp.mit.edu --recv-key C2626742
> http://about.me/fakessh
>
>
> ------------------------------------------------------------------------------
> Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
> MVPs and experts. ON SALE this month only -- learn more at:
> http://p.sf.net/sfu/learnmore_123012
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
|
