[sqlmap-users] boolean based sqli
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] boolean based sqli
|
From: Marcell F. <fod...@gm...> - 2016-03-14 16:10:32
|
Hi, I have an application where the injection is pretty straightforward: ?asd= (case when(123=123 *) then 1 else 2 end) Problem is, when Sqlmap tries the injection point, it sends query which results in incorrect syntax on the server side and crashes the session. I can make the it working by Burp Marcos, recreating the session prior all sqlmap test requests, and sqlmap will find the injection point working after a few tries. Is there a more elegant way to do this? |
