Re: [sqlmap-users] MySQL error based technique bug

Last one is a benign check for Suhosin patch (having dummy whitespaces): http://192.168.22.128:80/sqlmap/mysql/get_int.php?id=1%20AND%20%28SELECT%208912%20FROM%28SELECT%20COUNT%28%2A%29%2CCONCAT%280x3a62776e3a%2C%28SELECT%20%28CASE%20WHEN%20%288150%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%2

[sqlmap-users] MySQL error based technique bug

A php/mysql system has a simple, integer SQL injection. The only working technique is error based (verified and successfully exploited manually). Any other techniques cause the server to not reply, jus stall. When using sqlmap with --dbms=mysql and --technique=E, sqlmap successfully does 3 requests

Re: [sqlmap-users] feature request: fetch DNS queries from DNS server via HTTP

Hi. I see your point, but this is more a case for a some kind of PoC tool (and not sqlmap). Such scenario would (IMO) involve one more step in already non-simple setup. It's not that it doesn't have any sense, but it doesn't help the automated tool like sqlmap. Kind regards, Miroslav Stampar On