Re: [sqlmap-users] Problem with a Login
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Problem with a Login
|
From: Daniele B. <bbi...@gm...> - 2016-12-04 17:00:20
|
I found something: the problem is sqlmap don't know when query is true or false. Because when it is true it's redirected to index.php, when it is false Login.php shows an error message. Is there a way to say "IF (you get redirected to index.php) THEN query is true ELSE query is false" or "IF(Login.php shows a error) THEN query is false ELSE query is true"? I tried with no-string option but doesn't seem work. 2016-12-04 17:10 GMT+01:00 Daniele Bianchin <bbi...@gm...>: > anyway...colud anyone take the source and try himself? > > If it can help i'm using phpv7.0 with php-mysql libraries > > 2016-12-04 17:00 GMT+01:00 Daniele Bianchin <bbi...@gm...>: > >> @Miroslav Ah ok...i don't know i tried everything... >> >> 2016-12-04 16:57 GMT+01:00 Miroslav Stampar <mir...@gm...>: >> >>> UA == User-Agent >>> >>> On Dec 4, 2016 16:57, "Daniele Bianchin" <bbi...@gm...> wrote: >>> >>>> @Miroslav. What UA does it mean? >>>> >>>> @Brandon tried with sqlmap -u "127.0.0.1/test/Login.php" >>>> --data="user=lol&password=lol" --dbs --suffix="#" -v 3 --tamper=space2plus >>>> and didn't work. >>>> >>>> 2016-12-04 16:50 GMT+01:00 Miroslav Stampar <mir...@gm... >>>> >: >>>> >>>>> I am kind of confused. You said that it's your application, right? Why >>>>> would your application care about UA. Also, you've sent source code which >>>>> hasn't looked into UA >>>>> >>>>> Bye >>>>> >>>>> On Dec 4, 2016 16:47, "Daniele Bianchin" <bbi...@gm...> wrote: >>>>> >>>>>> Ok, i made a test with BurpSuite as Brandon said. >>>>>> I tried to inject lol'UNION ALL SELECT NULL,NULL# manually and it >>>>>> worked. >>>>>> The same payload with sqlmap not. >>>>>> >>>>>> This is what BurpSuite shows: http://pastebin.com/6ifKNX9k >>>>>> >>>>>> the first is made manually with firefox the second with sqlmap... >>>>>> should i change user-agent in sqlmap? >>>>>> >>>>>> 2016-12-04 16:29 GMT+01:00 Daniele Bianchin <bbi...@gm...>: >>>>>> >>>>>>> Ok, i made a test with BurpSuite as Brandon said. >>>>>>> I tried to inject lol'UNION ALL SELECT NULL,NULL# manually and it >>>>>>> worked. >>>>>>> The same payload with sqlmap not. >>>>>>> >>>>>>> This is what BurpSuite shows: http://pastebin.com/6ifKNX9k >>>>>>> >>>>>>> the first is made manually with firefox the second with sqlmap... >>>>>>> should i change user-agent in sqlmap? >>>>>>> >>>>>>> 2016-12-04 15:39 GMT+01:00 Brandon Perry <bpe...@gm...> >>>>>>> : >>>>>>> >>>>>>>> You can add —proxy and make sqlmap pass all requests through >>>>>>>> burpsuite or another proxy so you can see what the difference is between >>>>>>>> the requests sqlmap creates and the ones you make by hand are. >>>>>>>> >>>>>>>> >>>>>>>> On Dec 4, 2016, at 8:27 AM, Miroslav Stampar < >>>>>>>> mir...@gm...> wrote: >>>>>>>> >>>>>>>> This is a straigthforward case. You are messing something up. >>>>>>>> >>>>>>>> Use username=foobar&password=foobar in POST data. Don't put >>>>>>>> already SQLi payload anywhere. Use --level=3 --risk=3 >>>>>>>> >>>>>>>> As said, you are doing something really really wrong here. >>>>>>>> >>>>>>>> Bye >>>>>>>> >>>>>>>> On Sun, Dec 4, 2016 at 3:06 PM, Daniele Bianchin < >>>>>>>> bbi...@gm...> wrote: >>>>>>>> >>>>>>>>> Hi! >>>>>>>>> I have an issue with sqlmap. >>>>>>>>> I created my own fake login in order to test blind sql injection >>>>>>>>> but everytime i make a test sqlmap says it isn't exploitable. >>>>>>>>> I tried to add a suffix, set level to 5, set risk to 3, set >>>>>>>>> not-string option but sqlmap still not work with it. >>>>>>>>> The login source is: http://pastebin.com/xzKZJNB1 >>>>>>>>> >>>>>>>>> I tried to inject some payloads manually such as ' OR 1=1#, ' >>>>>>>>> UNION ALL SELECT NULL;NULL #, etc... and they work. >>>>>>>>> What should i do? >>>>>>>>> >>>>>>>>> Thanks in advance! >>>>>>>>> >>>>>>>>> >>>>>>>>> Daniele. >>>>>>>>> >>>>>>>>> ------------------------------------------------------------ >>>>>>>>> ------------------ >>>>>>>>> Check out the vibrant tech community on one of the world's most >>>>>>>>> engaging tech sites, SlashDot.org <http://slashdot.org>! >>>>>>>>> http://sdm.link/slashdot >>>>>>>>> _______________________________________________ >>>>>>>>> sqlmap-users mailing list >>>>>>>>> sql...@li... >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Miroslav Stampar >>>>>>>> http://about.me/stamparm >>>>>>>> ------------------------------------------------------------ >>>>>>>> ------------------ >>>>>>>> Check out the vibrant tech community on one of the world's most >>>>>>>> engaging tech sites, SlashDot.org <http://slashdot.org>! >>>>>>>> http://sdm.link/slashdot____________________________________ >>>>>>>> ___________ >>>>>>>> sqlmap-users mailing list >>>>>>>> sql...@li... >>>>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>>> ------------------------------------------------------------ >>>>>> ------------------ >>>>>> Check out the vibrant tech community on one of the world's most >>>>>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot >>>>>> _______________________________________________ >>>>>> sqlmap-users mailing list >>>>>> sql...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>> >>>>>> >>>> >> > |
