Re: [sqlmap-users] MsSQL - wait command

[Miroslav S. <mir...@gm...>]

Hi.

1) Shouldn't "waitfor delay '0:0:0'" make no delay?
2) sqlmap says "false positive or unexploitable injection point detected".
Is there a possibility that the character > is filtered?
3) Please run sqlmap with -v 3 and use the payloads that sqlmap tries to
use in "false positive check" phase. Then you'll see what fails.

Bye

On Mon, Dec 8, 2014 at 11:51 AM, hooshmand k <hoo...@gm...> wrote:

> Hi,
>
> There is a website that vulnerable to SQL injection. I have checked and
> I'm sure there is blind sql injection vulnerability but the sqlmap could
> not find this.
> I tried this command:
>  ./sqlmap.py -u 'target' -p search --tor --tor-type=SOCKS5 --random-agent
> --risk 3 --level 3 --technique=T --dbms="MsSQL"
> and the output was something like this:
> [INFO] GET parameter 'search' seems to be 'Microsoft SQL Server/Sybase
> time-based blind' injectable
> [INFO] checking if the injection point on GET parameter 'search' is a
> false positive
> [WARNING] false positive or unexploitable injection point detected
> [WARNING] GET parameter 'search' is not injectable
>
>
> the "search" parameter is vulnerable to this payload: '); waitfor delay
> '0:0:0' --
>
> Did I make a mistake or the sqlmap did not find that?
>
> Best Regards
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
>
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>


-- 
Miroslav Stampar
http://about.me/stamparm