The problem is that by (wrong) design, sqlmap checks only for
boolean-based blind SQL injection at first place. It assumes that if
the parameter is not vulnerable by this specific type of SQL
injection, then it's not by any, included inband. This assumpting is
obviously wrong and as I wrote few times recently, the weak part of
sqlmap is as of today the detection. This will be totally rewritten as
soon as possible.
In the meanwhile you can hack around the source code if you want.
Cheers,
Bernardo
On Tue, Dec 22, 2009 at 07:22, Adi Mutu <adi...@ya...> wrote:
>
> Hello,
>
> I have found manually an inband vulnerability which uses ms-sql as a db
> server, however sqlmap is unable to detect it. I've tried creating a log
> file (similar to the one created with -s option by sqlmap), I have filled
> all the data I thought necessary hand, so that sqlmap can read it from
> there......however this doesn't work also and sqlmap goes blind....Any idea
> why? Or can you show me the correct syntax of this log file?
>
> Thanks,
> ps: of course making sqlmap detect the vuln. in the first place, would be
> perfect;)....
>
>
>
> ------------------------------------------------------------------------------
> This SF.Net email is sponsored by the Verizon Developer Community
> Take advantage of Verizon's best-in-class app development support
> A streamlined, 14 day to market process makes app distribution fast and easy
> Join now and get one step closer to millions of Verizon customers
> http://p.sf.net/sfu/verizon-dev2dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Bernardo Damele A. G.
E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)
PGP Key ID: 0x05F5A30F
|
