I"ve always had trouble dumping Oracle databases. I can usually see the
Databases and columns, whether they come down via Union or time-based or
whatever. But when it comes down to:
./sqlmap.py URL:/parameters/etc/?id=3 --dump -T public -D not_sensitive
I get errors indicating there might only be one entry, and sqlmap fails to
detect it. I can brute some table names, but this occurs every time I
encounter an Oracle database.
Has SQL Injection simply not progressed that far? I've tried --level 5 and
--risk 3 just to be sure.
I'm glad to email some personal detail to help.
Thanks for the quick help, you've never disappointed.
------------------------------------------------------------------------------
10 Tips for Better Web Security
Learn 10 ways to better secure your business today. Topics covered include:
Web security, SSL, hacker attacks & Denial of Service (DoS), private keys,
security Microsoft Exchange, secure Instant Messaging, and much more.
http://www.accelacomm.com/jaw/sfnl/114/51426210/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
