hi again.
sorry, i was out of town (without source code) and haven't noticed
that we already do support this in this kind of cases.
also, i've tried to against our testing environment and both methods
do the job correctly.
this means that maybe in your case we do have some bug/problem.
kr
On S
ortes@lpt-rj-015:~/Documents/Proof/Ágora/scan-1106$ sudo sqlmap --update
sqlmap/0.6.4 coded by Bernardo Damele A. G.
and Daniele Bellucci
[*] starting at: 22:51:37
[22:51:37] [INFO] updating sqlmap
[22:51:38] [ERROR] unhandled exception in sqlmap/0.6.4, please copy
Hello,
I've been testing a non-production app from a black-box perspective. The
only SQLi I've found is from the login page. I can bypass the login by
dropping something like: 1' or 1=1-- into the password field.
Unfortunately, sqlmap doesn't find this vulnerability. Well, that's not
quite true
hi Fabio
you are using fairly outdated version (0.6). please checkout the
latest revision from our repository to have it updated (1.0-dev):
svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev
kr
On Sun, Jun 5, 2011 at 3:53 AM, Fabio Portes wrote:
>
> ortes@lpt-rj-015:~/Documents
hi Matt
On Sat, Jun 4, 2011 at 10:47 PM, Matt Gardenghi wrote:
> Hello,
>
> I've been testing a non-production app from a black-box perspective. The
> only SQLi I've found is from the login page. I can bypass the login by
> dropping something like: 1' or 1=1-- into the password field.
> Unfortu
appendix:
"When I get in, I can't extract data. I can get verification that I'm
a DBA, but little to nothing else"
and
"why I would get no data returned?"
for all of you who experience these symptoms here and there, there are
two possibilities:
a) there is something actually wrong with sqlmap an
[02:45:36] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4027), retry
your run with the latest development version from the Subversion repository.
If the exception persists, please send by e-mail to
sqlmap-users@lists.sourceforge.net the following text and any information
required to reproduce
Matt,
About your point a), sqlmap did not identify the or based Boolean
based injection because these are not tested at detection phase by
default. You need to increase --risk 3 and --level value to
appropriate one. Please, refer to the users manual for further
details. There two switches are mand
This Bug is from my laptops sqlmap with python 2.7 The other problem is on another PC with still python 2.6 ;)sqlmap -u "http://website.com/feed.php?s=os&p=48693" --random-agent --retries=6 --level 5 --risk 3 --common-tables -D DatabasePlace: GETParameter: s Type: boolean-based blind Title:
hi Kirill.
Thank you for your report and find it fixed in the last commit.
Kr
On Tue, Jun 7, 2011 at 12:47 AM, Kirill Morozov wrote:
>
> [02:45:36] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4027), retry
> your run with the latest development version from the Subversion repository.
> If
hi nightman.
well, it's not really a bug:
"[04:53:24] [WARNING] if the problem persists please try to lower the
number of used threads (--threads)"
i know that you've already used low number of threads (3) but it seems
that you have some connection issues with your host. so, i am not sure
how we
11 matches
Mail list logo
