Hello,

I found SQL injection vulnerability. I want to know the database
server IP address. From the fingerprint result, the database server is
MySQL. How should I write the --sql-query so that I could retrieve the
MySQL database server IP address? It's n-tier web appliction.

$ python sqlmap.py -u something --sql-query=""

Just an idea: maybe it's possible to add a built-in sql query function
to retrieve database server IP address whatever the databases is used
(or I am the one who didn't know it?)

Thanks,
-- 
Zaki Akhmad

------------------------------------------------------------------------------
Keep yourself connected to Go Parallel: 
INSIGHTS What's next for parallel hardware, programming and related areas?
Interviews and blogs by thought leaders keep you ahead of the curve.
http://goparallel.sourceforge.net
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to