Hi.
Could you please send traffic file (-t traffic.txt) for that case?
Also, have you tried --level=3 --risk=3
Also, have you tried yourself bypassing that script manually? I believe
that would be the best way how to actually see what's wrong.
Kind regards
On Sat, Apr 28, 2012 at 5:02 PM, Ahmed Shawky <ah...@isecur1ty.org> wrote:
> sqlmap couldn't the vulnerability in the following code:
>
> <html>
> <body style='text-align: center;'>
> <br><br>
> <u style='font-family: Verdana; color:
> -moz-visitedhyperlinktext;'><a href='/login.php'>Welcome to admin
> area</a></u>
> <br><br>
> <form action='' method='GET'>
> Username<br><input type='text' name='uname' /><br>
> Password<br><input type='password' name='pwd' /><br>
> <input type='submit' value='Login' />
> </form>
> <br><br>
> <small>Written by Ahmed Shawky <a href='
> https://twitter.com/#!/lnxg33k'>@lnxg33k</a></small>
> <br><br>
> </body>
> </html>
> <?php
> if (isset($_GET['uname']))
> {
> mysql_connect('localhost', 'root', '123456') or die('Could not connect
> sql server');
> mysql_select_db('vulnerable');
>
> if(get_magic_quotes_gpc()){
> // magic_quotes is disabled ;)
> $username = stripslashes($_GET['uname']);
> $password = stripslashes($_GET['pwd']);
> }
> else{
> $username = $_GET['uname'];
> $password = $_GET['pwd'];
> }
> $login = mysql_query("SELECT * FROM members WHERE username='$username'
> and password='$password'"); // Vulnerable query
> if (mysql_numrows($login) > 0){
> //{
> /*
> session_register("username");
> session_register("password");
> header("location:login_success.php");
> */
> echo 'You passed me ;)';
> }
> else
> {
> echo "Wrong Username or Password";
> }
>
> }
> ?>
> --
>
> - Ahmed Shawky El-Antry
> - lnxg33k owner "http://lnxg33k.wordpress.com";
> - Isecur1ty team member"http://www.isecur1ty.org";
> - Twitter @lnxg33k
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
