Hi All
I have found that an application has a rewritten URL element that ends up
in a SQL query. The error message tells me that I'm injecting into the
LIMIT number at the end of the query. This appears to be the only point of
injection for now.
A simplified version of the query that's being injected into is:
SELECT * FROM posts WHERE site_id = '1' ORDER BY post_date DESC,
created_date DESC LIMIT foo, 10
'foo' is my injection and of course gives a syntax error.
I know that apostrophes/ticks (as in the ' character) are blocked as a
minimum.
Does anyone have any experience injecting this late in a query? Any ideas
would be greatly received.
Regards
Chris
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
