Hi all,
my current test is a web application that redirects me to a generic page,
whenever < or > is present in a parameter - before the query gets to the
application logic.
The application is injectable with a blind injection (MSSQL, proven by manual
checking and also found by sqlmap). But if I try e.g. --current-user, sqlmap
uses a query
with greater than ">" in the where clause :-(
Is it possible to use other queries (like only "=" or "!=" or contains)?
I'm to lazy to program this myself - or try to understand the perl - programs I
used ages ago ;-)
Kind regards,
Chris
------------------------------------------------------------------------------
Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and
much more. Get web development skills now with LearnDevNow -
350+ hours of step-by-step video tutorials by Microsoft MVPs and experts.
SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122812
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users