That could work.
On Thu, May 28, 2015 at 2:24 PM, Chris Oakley
wrote:
> "Flex is hard because you have to update the integer that tells flex how
> long a string is"
>
> It might be possible to address this with the --eval option
>
> On 28 May 2015 at 14:59, Brandon Perry wrote:
>
>> Flex is har
"Flex is hard because you have to update the integer that tells flex how
long a string is"
It might be possible to address this with the --eval option
On 28 May 2015 at 14:59, Brandon Perry wrote:
> Flex is hard because you have to update the integer that tells flex how
> long a string is, unle
FWIW here is an exploit a wrote a long while back that partly abuses a weak
AMF endpoint (xxe, not sqli...).
http://packetstormsecurity.com/files/126703/HP-Release-Control-9.20.-Build-395-XXE.html
However, I distinctly remember having to keep the admin password the same
length as my base AMF
Flex is hard because you have to update the integer that tells flex how
long a string is, unless I am mistaken.
If not, you could try with the * marker to tell sqlmap exactly where the
injection point is.
On Thu, May 28, 2015 at 1:21 PM, Christopher Downs <
chris.do...@chromeriver.com> wrote:
>
