hi wlad. On Fri, May 6, 2011 at 3:52 PM, W W <wlad0...@list.ru> wrote: > Hi there is some problems with sqlmap. At first only SQL comment character > which is used is #. I tried editing xml/queries.xml manually to enforce > using -- because in some situations injections with # or /* did'nt working. > So nothing happened after editing, and thats why i cant use it successfuly, > but there is union injection 100%.
with how many columns? Second. Some code implies sending http > response header in blind injecton when appears false situation. For example, > http://url/script?id=1 and 1=1 Response code:200(OK) but when > http://url/script?id=1 and 1=0 Response code (404)not found etc. This really > kicks sqlmap out of mission immediatly. this shouldn't be a problem. in blind injections sqlmap uses 404 as a response for FALSE. > > Tested on sqlmap/0.9(stable) and sqlmap/1.0-dev (r3849) > Python 2.7 could you please contact me privately with further details and i could later today help you with this situation? > > Thanks for a great work :) > > ------------------------------------------------------------------------------ > WhatsUp Gold - Download Free Network Management Software > The most intuitive, comprehensive, and cost-effective network > management toolset available today. Delivers lowest initial > acquisition cost and overall TCO of any competing solution. > http://p.sf.net/sfu/whatsupgold-sd > _______________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com PGP Key ID: 0xB5397B1B ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
