Hi,

sqlmap/1.0-dev-25eca9d

I don't manage to get Sqlmap generating the good payload !

Here is my entry point :
(dbms = MSSQL)

I got this with manual tries in burp :

param value : (select name from sysusers where udi=-1)
- if the select returns no value => HTTP request returns 200
- otherwise returns 302 to an error page

so
with param value : (select name from sysusers where udi=-1 or 1=1) =>
returns error
with param value : (select name from sysusers where udi=-1 or 1=2) =>
returns 200

I thought I could make Sqlmap find a boolean based blind test with OR
statements
So I tried this command :
./sqlmap.py -r myreq.txt -p param --level=3 --risk=3 --prefix="(select name
from sysusers where udi=-1 " --suffix=")"

nothing is founded
but when I look at generated payloads, I get
[PAYLOAD] -9402(select name from sysusers where udi=-1 OR (9544=9561))

so I always get a number generated before my command

Where am I wrong ?

Thanks
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to