Hello,
I'm testing a vuln on a site, and the MySQL error printed in the site when
adding a " ' " doesn't print the path where the php is running, so let's
say I want to upload a file to a directory using --file-write and
--file-dest, and I don't know the path that way.
Is there any way of getting w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
> and i believe i can also say great support.
I totally agree! (I especially like your response time.)
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJRSjyqAAoJEJeRHQyF0ukM1lIQALOXfk5Wgnff1zRSyv2y+X0i
YHYPjE9lQCo9Wt7hnsRUB75gPL3UYUv70T+QaLILh1CyULnEu
Thank you, guys, for the invaluable tool!
~~
# m.
On Wed, Mar 20, 2013 at 11:06 PM, André Silva wrote:
> Great tool, great developers and i believe i can also say great support.
>
> Thank you guys.
>
> 2013/3/20 Carlos Albuquerque
>
>> Thanks for your time, guys! Great work!
>>
>>
>> On Wed,
Great tool, great developers and i believe i can also say great support.
Thank you guys.
2013/3/20 Carlos Albuquerque
> Thanks for your time, guys! Great work!
>
>
> On Wed, Mar 20, 2013 at 4:29 PM, Brandon Perry
> wrote:
>
>> Thanks a lot for the hard and great work! You guys rock!
>>
>> On W
Thanks for your time, guys! Great work!
On Wed, Mar 20, 2013 at 4:29 PM, Brandon Perry wrote:
> Thanks a lot for the hard and great work! You guys rock!
>
> On Wed, Mar 20, 2013 at 12:12 PM, Bernardo Damele A. G.
> wrote:
> > Hi fellow sqlmap supporters,
> >
> > After about two years worth of d
Thanks a lot for the hard and great work! You guys rock!
On Wed, Mar 20, 2013 at 12:12 PM, Bernardo Damele A. G.
wrote:
> Hi fellow sqlmap supporters,
>
> After about two years worth of development since the previous
> (supposedly) stable 0.9 release, a couple of hundreds of bug fixes,
> half a h
Hi fellow sqlmap supporters,
After about two years worth of development since the previous
(supposedly) stable 0.9 release, a couple of hundreds of bug fixes,
half a hundred of new features developed, thousands of emails
exchanged, a few public appearances at nerds' conferences and at
stylish soci
Hi buawig,
We have a ticket to address DBMS-specific detection "limitations",
https://github.com/sqlmapproject/sqlmap/issues/1 - Microsoft Access is
indeed one of these cases. We could consider to use the user's
provided database and/or table name when these are needed at detection
phase rather th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
to simply get the job done I changed the table name in:
lib/core/dicts.py:144
after changing MSysAccessObjects to foobar sqlmap detected the union
based sqli but exploitation did not work because it created very long
queries and the server replied w
Hi.
If there is no information_schema, then table names should be brute forced
(no other way around). You can always update txt/common-tables.txt with
your "guesses".
Kind regards,
Miroslav Stampar
On Wed, Mar 20, 2013 at 2:59 PM, Mardian Gunawan
wrote:
> Hi,
>
> Guys, I stumble on couple MySQL
Hi,
Guys, I stumble on couple MySQL < 5.0, version 4.1 exactly, seems
bruteforcing using sqlmap standard existence got me no tables, any
suggestions?
Thanks :))
--
Cheers,
Gunma
http://gunma.rootedker.nl
--
Everyone h
11 matches
Mail list logo
