Hi.
For such cases where sqlmap doesn't recognize parameters inside (we have a
SOAP parameter parsing but we could probably review it) POST request you
can freely use custom injection mark *.
Also, please update to the latest commit as there was a related "patch" for
your case (https://github.com
p.s. example for such request file could be something like this:
POST /vuln.php HTTP/1.1
Accept-Encoding: identity
Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
Host: www.site.com
Accept-language: en-us,en;q=0.5
Pragma: no-cache
Cache-control: no-cache,no-store
Accept: text/html,application/xhtm
Hi Miroslav and Bernardo:
I just wanted to clear things up regarding the workflow.
What's the preferred method of submitting bugs and feature requests:
this very mailing list or the Github issues one? I'm not rather sure
if someone outside the project could post to the Git one, so I'd
welcome any
Hi Anton
On Fri, Jul 20, 2012 at 10:53 AM, Anton Sazonov wrote:
> Hi Miroslav and Bernardo:
>
> I just wanted to clear things up regarding the workflow.
>
> What's the preferred method of submitting bugs and feature requests:
> this very mailing list or the Github issues one? I'm not rather sure
there is a way for bruteforce the SA password using SQL INJECTION?
this is the Scenario. it is a DataBase Server (Sql Server 2008) without
access to the internet (it has the 1433 port blocked),
the current user is a normal user (low privileges User). cannot get SA hash
password.
the question is,
Hi Juan
If openrowset is enabled then it's possible to attack with a wordlist.
This was disabled by default after sql server 2000 though, so it'd have to
be enabled.
Chris
On 20 July 2012 12:14, juan molina wrote:
> there is a way for bruteforce the SA password using SQL INJECTION?
>
> this is
Hi Anton,
As Miroslav has already said, the preferred way to report bugs/request
features is now via GitHub issues[1], nevertheless, the mailing list
is always a viable vector to discussion and iteract between developers
and users.
We have recently updated our homepage[2] and FAQ wiki page[3] to
Hi Juan,
Microsoft SQL Server has a built-in function called OPENROWSET to
query another DBMS (or the DBMS itself). Back in 2002 Chris Anley
released a paper demonstrating how to abuse this function to perform a
DBMS user's password brute-force attack within the MSSQL instance. A
few years later t
