Re: [sqlmap-users] Change Payload ,Insert problem
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Change Payload ,Insert problem
|
From: a d. <deh...@gm...> - 2015-02-08 23:24:37
|
Maybe my question isn't clear , let me try again : I need to change stack query to not using timebase detection ? Sqlmap detect injection there by error base type too, like this : Payload: req=6&senderid=1' AND 9622=CONVERT(INT,(SELECT CHAR(113)+CHAR(101)+CHAR(111)+CHAR(99)+CHAR(113)+(SELECT (CASE WHEN (9622=9622) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(98)+CHAR(102)+CHAR(100)+CHAR(113))) AND 'PkmV'='PkmV How can i have this payload with type of stack query Regards On Mon, Feb 9, 2015 at 2:42 AM, a dehqan <deh...@gm...> wrote: > Guys is there any chance ? > > Thanks in advance > > On Thu, Feb 5, 2015 at 7:31 PM, a dehqan <deh...@gm...> wrote: > >> I mean how may i have custom payload : >> >> Payload: req=6&senderid=1' AND 9622=CONVERT(INT,(SELECT >> CHAR(113)+CHAR(101)+CHAR(111)+CHAR(99)+CHAR(113)+(SELECT (CASE WHEN >> (9622=9622) THEN CHAR(49) ELSE CHAR(48) >> END))+CHAR(113)+CHAR(98)+CHAR(102)+CHAR(100)+CHAR(113))) AND 'PkmV'='PkmV >> >> On Thu, Feb 5, 2015 at 4:42 PM, a dehqan <deh...@gm...> wrote: >> >>> Hi >>> >>> sqlmap gave me shell with injection type of stack queries ,but >>> Payload is like this : >>> >>> id=6&rid=1'; WAITFOR DELAY '0:0:5'-- >>> >>> When i want insert with admin user sqlmap returns NULL and fails , >>> Only says this before trying : >>> >>> [WARNING] time-based comparison requires larger statistical model, >>> please wait.............................. >>> >>> Maybe i should change Payload , with what switch i can change payload ? >>> >>> >>> Regards >>> >> >> > |
