sqlmap-users

[sqlmap-users] Addressing data inside the path

[Thomas S. <ts...@go...>]

Hi,

I have discovered an SQL-Injection where the app extracts the parameter for
the SQL query from the URL like this:

www.site.tld/path/category_123/getItem.do

123 is the parameter. Changing this to
www.site.tld/path/category_'/getItem.do leads to an SQL syntax error.

As far as I can see, sqlmap does not support adressing the data in the path
itself. Any ideas?

Thank you
Thomas

Re: [sqlmap-users] Addressing data inside the path

[Bernardo D. A. G. <ber...@gm...>]

Get sqlmap from svn.
Use asterisk to mark the injection point. Eg:
www.site.tld/path/category_123*/getItem.do

Bernardo Damele A. G.

On 24/ott/2010, at 09:12, Thomas Schreiber <ts...@go...> wrote:

> Hi,
>
> I have discovered an SQL-Injection where the app extracts the parameter for the SQL query from the URL like this:
>
> www.site.tld/path/category_123/getItem.do
>
> 123 is the parameter. Changing this to www.site.tld/path/category_'/getItem.do leads to an SQL syntax error.
>
> As far as I can see, sqlmap does not support adressing the data in the path itself. Any ideas?
>
> Thank you
> Thomas
> ------------------------------------------------------------------------------
> Nokia and AT&T present the 2010 Calling All Innovators-North America contest
> Create new apps & games for the Nokia N8 for consumers in  U.S. and Canada
> $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
> Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
> http://p.sf.net/sfu/nokia-dev2dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users