[sqlmap-users] How sqlmap fetching the current-db and current-user?
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] How sqlmap fetching the current-db and current-user?
|
From: Kaiyi Z. <zky...@gm...> - 2014-10-27 08:34:59
|
Hi, everyone I use sqlmap -u "http://x.x.x.x/testenv/mysql/get_int.php?id=1" -f -b --current-user -v 5 Actully the sql is select * from user where id=$_Get['id'] limit 0,1 Befor I exec this, i rm the sqlmap output directory and open the mysql general_log. I view the sqlmap debug message and mysql.log, there only payloads like "?id=1 xxx" , i think sqlmap fetching the current-db and current-user using error message, but in this example, there should use one payload like "?id=*-1* xxx", Is there somebody explain for me ,Why? Thanks. |
