try --level 3 --risk 3
On Sun, May 8, 2011 at 11:33 PM, <ja...@ev6.net> wrote:
> Hi,
>
> I was recently messing around with another scanner and I found an
> injection I'd like to play around with in Sqlmap.
>
> The injection found is a POST to something.asp and its "
> action=login&login=whatever'=sleep(15)='&password= ". I verified it
> manually and its good to go, however I've not yet been able to get
> SQLmap to detect and exploit it.
>
> I've been messing with --prefix and --suffix but I cant get any joy.
>
> Any ideas on this boys?
>
> Thanks in advance,
> James
>
>
>
> ------------------------------------------------------------------------------
> WhatsUp Gold - Download Free Network Management Software
> The most intuitive, comprehensive, and cost-effective network
> management toolset available today. Delivers lowest initial
> acquisition cost and overall TCO of any competing solution.
> http://p.sf.net/sfu/whatsupgold-sd
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
- Ahmed Shawky El-Antry
- Pen-tester, Programmer and System administrator
- lnxg33k owner "http://lnxg33k.wordpress.com";
- Isecur1ty team member"http://www.isecur1ty.org";
- Twitter @lnxg33k
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
