Hi Buawig.
It was probably a problem with comma processing (e.g. some kind of field
splitting)
Nevertheless, went through PgSQL manuals and spotted no difference in both
functionality and compatibility.
Replace with the latest commit [1]
Kind regards,
Miroslav Stampar
[1]
https://github.com/sqlmapproject/sqlmap/commit/ff62b0d3eaee311c786cd5b9ad5b1cbf1d28c3a3
On Wed, Apr 24, 2013 at 9:24 PM, buawig <bua...@gmail.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi,
>
> on a recent blind SQLi (PostgreSQL 8.4) I had problems using sqlmap to
> extract data.
>
> After having a deeper look at it I noticed that the DB did like the
> function substr() (I can not entirely exclude it but I do not think
> that this problem was introduced by some kind of weird anti sqli
> filtering).
> To work around that issue I replaced the substr() function in
>
> xml/queries.xml
>
> with substring( .. from N for 1) and everything worked fine.
>
> I thought you might want to add that possibility as a second option
> (query2= ?) to automatically detect/workaround that issue?
> -----BEGIN PGP SIGNATURE-----
>
> iQIcBAEBCgAGBQJReDF6AAoJEJeRHQyF0ukMOjQQAKIATbP/WL2LkgOdjVAZ5kG+
> Yafdgrp8Cn1oL2X9AdOZL/Xr2dh67GsbV6sgCc6uv35I8rqMtfs81FlqplvLD0h0
> 7sb/1RXTTrrbmMEZGaGyiZhqEdlr5DDooXM3fEmgkEoXgQ1Ht9sjz3PzNk2bWCUB
> EIip1Jrp2EbZPAkNgfcXNcpq3ojSULkvEua0WawxR1voAI1YiWpYBAUI+LHheUVG
> 3PGPb5MHjGEBs1m3Hhw/hSHtlR7YhPzsx+Mk99pJkcluardzEsyucLax3MevLI1i
> KCWxDP0QT3MmVdBk89/ETOxhWbka1NeCDEv7gVBzYG3DHptD4PfSbsInUdJGQtZ8
> bd0GjJdi9Ie4Rl3KMNXPt3j2VLq1neuLsTm/r8xwDqdLfpSeZ5eTiy1W5/usAz+o
> 4VDfHp7vZRMooL3PPi6Ie+l0mfY5KtFE2pcXF3EZ2DyUl9xB38v9tfgMZ8dXVa/Q
> mpH5Zp5V82soa+Xdb+LLkzRTuhIJg0sScvINrPbDyzQOQiTaVZXjL++pa7sOeoYJ
> Ag4+QIt+FvhIKog0zlc53qc7J/M3R2H3DH3G/2+FevxWTvR+m/NqsbWFujuYnu3j
> pCyIc9+dScBnTgk1SjCsa7HdKBeuSOwVTJiE3FY6jLmfP2JwChKC/IgxxBM9AQOY
> GcuFPtVicifZihtWaqwa
> =VzEN
> -----END PGP SIGNATURE-----
>
>
> ------------------------------------------------------------------------------
> Try New Relic Now & We'll Send You this Cool Shirt
> New Relic is the only SaaS-based application performance monitoring service
> that delivers powerful full stack analytics. Optimize and monitor your
> browser, app, & servers with just a few lines of code. Try New Relic
> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
