Re: [sqlmap-users] new test
Brought to you by:
inquisb
From: mitchell <mit...@tu...> - 2014-01-21 15:12:32
|
I can hardly call this "detection"; looks more like "intrusion" to me. ~~ # mitchell On Tue, Jan 21, 2014 at 4:43 PM, l.g. <ibo...@go...> wrote: > Miroslav Stampar <miroslav.stampar@...> writes: > > > > > > > So you made a "DROP TABLE" payload :)) > > I am not sure if this is a joke or for real?! > > > > Kind regards, > > Miroslav Stampar > > > > I just made a really simple vulnerable test webapplication with a datagrid > bound to a table and a textbox where the the user types strings to populate > the table; I verified that if I manually enter c'); DROP TABLE [testTable] > - > - into the textbox the table is actually dropped. I think Sqlmap is able to > detect such a vulnerability with a proper extension of payloads.xml. Am I > wrong? > > > > > > ------------------------------------------------------------------------------ > CenturyLink Cloud: The Leader in Enterprise Cloud Services. > Learn Why More Businesses Are Choosing CenturyLink Cloud For > Critical Workloads, Development Environments & Everything In Between. > Get a Quote or Start a Free Trial Today. > > http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |