Re: [sqlmap-users] "union all select" vs. "union select"

Wed, 22 Feb 2012 01:30:42 -0800 

Hi buawig.

As UNION ALL SELECT is usable only when joining two datasets (like in FULL
inband/union injection) with the latest commit (r4776), UNION SELECT is
used automatically in partial inband/union injection (solving your problem
and maybe some other related) (e.g. id=-1 UNION SELECT ....) as there is no
need for UNION ALL SELECT there (first dataset is dropped by that negative
and/or random value).

Kind regards,
Miroslav Stampar

p.s. more info about the difference between the two:
http://blog.sqlauthority.com/2007/03/10/sql-server-union-vs-union-all-which-is-better-for-performance/

On Tue, Feb 21, 2012 at 9:12 PM, <bua...@gmail.com> wrote:

> Hi,
>
> recently I had a union based sqli vulnerability that sqlmap was not able
> to detect (I'm not sure if I used --level=4 but I think so).
>
> After having a look at sqlmap's requests by routing them through a proxy
> I saw that the only difference between my manual tests and sqlmap's was
> that sqlmap used "union all select" and I used "union select"
> and it was only detectable/exploitable using "union select".
>
> My quick and dirty 'fix' was to do a automatic on-the-fly search and
> replace of sqlmap's traffic with burp (replacing "union all select" with
> "union select"), but I wanted to share this case with you  and I thought
> you might want to add some "union select" testcases if there are none.
> (I'm sorry I don't remember the DBMS in question - it probably was mssql
> but I'm not sure anymore.)
>
> kind regards,
> buawig
>
>
> ------------------------------------------------------------------------------
> Keep Your Developer Skills Current with LearnDevNow!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-d2d
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to