Hi all i am using sqlmap/1.0-dev (r5020) for a pentesting of a real web app.I found that sqlmap is not able to found a tricky vulnerability lies in the web app. the scenarion is like that.. url; www.asdsad.com/page.asp?id=string sqlmap is able to found the error based injection in the parametre id but is not able to found stacked based which is also there. i tried every possible configuration but no success. at last i edit the /xml/payload.xml and it was found.. Actually sqlmap payload was like that. id=string';wait for delay '0:0:5;-- AND 'asd'='asd which will cause internal server error (500) "ADODB.Command error '800a0d5d' Application uses a value of the wrong type for the current operation" i changed the payload.xml so that itĀ also add # after the -- <comment> and it become able and also the errorĀ was dissapeared. the query becomes: id=string';wait for delay '0:0:5;-- # AND 'asd'='asd Actually the AND and stuff after that is causing the error. this query is also able too.:id=string';wait for delay '0:0:5;-- So how about adding this.. may be it save 48 hour of anybody.. "The sql server is 2000 sp2. web server is iis 6.0 and the technology is asp.net 2.0.... So anyway many many thanks. sqlmap is a great tool and the developers rocks and big hearts guys. love
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
