Hi Kafeine. Thing is that we here and there put some "new attribute" into stored injection info making it (unfortunately) unusable in later revisions, but this is the point of "development". Nobody is forced to use "dev" revision as there will be constantly things like this one :(
In your case it would be good if you could contact me privately with the further details so we could somehow "fix" (if there is something to fix) the latest "dev" revision to find the injection point too. Kind regards, Miroslav Stampar On Fri, Oct 7, 2011 at 3:02 AM, Kafeine <sql...@hurel.info> wrote: > Hello all, > I used Sqlmap (sourceforge file 0.9) to test a lab botnet C&C control panel > page. > Sqlmap found an injection. > [09:30:15] [INFO] testing connection to the target url > sqlmap identified the following injection points with a total of 10993 > HTTP(s) requests: > --- > Place: Referer > Parameter: Referer > Type: boolean-based blind > Title: AND boolean-based blind - WHERE or HAVING clause > Payload: http://192.168.186.166:80/mypage.php) AND 1234=1234 > --- > I was not able to send a payload file on the server, after trying to create > a writeable folder, etc.., i checked related problem on internet. > Look like sqlmap saw a Linux where it was a windows (even when i forced > --os="Windows") I read that this was an issue that was solved... i updated > to SVN version. 1.0 r4395 > After that the session was not usable anymore...so i run the scan again from > scratch and it look like it can't find this injection point anymore. > How is this possible ? > How can i make it find/validate this injection again ? > Regards > (sorry for my english...) > Kafeine > > > ------------------------------------------------------------------------------ > All of the data generated in your IT infrastructure is seriously valuable. > Why? It contains a definitive record of application performance, security > threats, fraudulent activity, and more. Splunk takes this data and makes > sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-d2dcopy2 > _______________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2dcopy2 _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users