Hi Dan,
Change the parameters to something similar to:
username=test'+OR+'1'='1
password=test'+OR+'1'='1
and find the string with differs in the page content depending on the
valid and not valid login, then provide the valid string with --string
option.
Refer to the sqlmap user's manual for details on --string command line
option.
Cheers,
Bernardo
Dan Guido wrote:
> Hi Bernardo, Daniele,
>
> If I've located a SQL injection in the login form of a website, how
> should I configure sqlmap to exploit it if I don't know the username
> and password of a valid user? The page always fails the sqlmap
> "dynamic" check because I can't get valid authentication credentials,
> however, a SQL error is clearly displayed to the screen.
>
> Thanks.
>
> --
> Dan Guido
--
Bernardo Damele A. G.
E-mail / Jabber: bernardo.damele (at) gmail.com
Mobiles: +39-3493821385 (IT), +44-(0)7788962949 (UK)
PGP Key ID: 0x05F5A30F
|
