Re: [sqlmap-users] sql-map sql shell option
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] sql-map sql shell option
|
From: Miroslav S. <mir...@gm...> - 2014-07-09 06:59:55
|
I've already said that there is nothing more than subquerying. Than means
that it works in application layer without any username/password
bye
On Wed, Jul 9, 2014 at 8:33 AM, Sabin Ranjit <thi...@gm...> wrote:
> in which layer does the sqlmap work on for this? does it goes in database
> layer or resides in application layer for finding database user/ password?
>
>
> On Wed, Jul 9, 2014 at 12:02 PM, Miroslav Stampar <
> mir...@gm...> wrote:
>
>> It just uses found SQLi to carry a given SQL (as a subquery). There is no
>> direct connection. There is no brute forcing.
>>
>> Bye
>> On Jul 9, 2014 2:00 AM, "Sharma, Vivek" <viv...@bl...>
>> wrote:
>>
>>> Hi all,
>>>
>>>
>>>
>>> Can someone tell me that how does sql map open a sql shell for me. How
>>> does it come to know the password of the database user. Is it brute force?
>>>
>>>
>>>
>>> Vivek Sharma
>>>
>>> THIS MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL, PROPRIETARY, AND MAY
>>> BE PRIVILEGED. If this message was misdirected, BlackRock, Inc. and its
>>> subsidiaries, ("BlackRock") does not waive any confidentiality or
>>> privilege. If you are not the intended recipient, please notify us
>>> immediately and destroy the message without disclosing its contents to
>>> anyone. Any distribution, use or copying of this e-mail or the information
>>> it contains by other than an intended recipient is unauthorized. The views
>>> and opinions expressed in this e-mail message are the author's own and may
>>> not reflect the views and opinions of BlackRock, unless the author is
>>> authorized by BlackRock to express such views or opinions on its behalf.
>>> All email sent to or from this address is subject to electronic storage and
>>> review by BlackRock. Although BlackRock operates anti-virus programs, it
>>> does not accept responsibility for any damage whatsoever caused by viruses
>>> being passed.
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Open source business process management suite built on Java and Eclipse
>>> Turn processes into business applications with Bonita BPM Community
>>> Edition
>>> Quickly connect people, data, and systems into organized workflows
>>> Winner of BOSSIE, CODIE, OW2 and Gartner awards
>>> http://p.sf.net/sfu/Bonitasoft
>>> _______________________________________________
>>> sqlmap-users mailing list
>>> sql...@li...
>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>
>>>
>>
>> ------------------------------------------------------------------------------
>> Open source business process management suite built on Java and Eclipse
>> Turn processes into business applications with Bonita BPM Community
>> Edition
>> Quickly connect people, data, and systems into organized workflows
>> Winner of BOSSIE, CODIE, OW2 and Gartner awards
>> http://p.sf.net/sfu/Bonitasoft
>> _______________________________________________
>> sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>
--
Miroslav Stampar
http://about.me/stamparm
|
