Hello there! :-) Just a quick question. Does sqlmap currently handle injections like this?
http://example.com?someparam=1/*!and 1=1*/ That is, if there is a filter that prevents a more common injection like someparam=1 AND 1=1 from working, then using this type of commenting would execute it and sometimes bypass the filter. Reason I ask is because I was recently testing out a new web application using sqlmap, and it didn't seem to detect this injection even though I know it's there (The server doesn't respond if it detects an injection, thus sqlmap keeps timing out). Thanks for any response in advance :-) ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
