I can hardly call this "detection"; looks more like "intrusion" to me.
~~
# mitchell
On Tue, Jan 21, 2014 at 4:43 PM, l.g. <ibozoo...@googlemail.com> wrote:
> Miroslav Stampar <miroslav.stampar@...> writes:
>
> >
> >
> > So you made a "DROP TABLE" payload :))
> > I am not sure if this is a joke or for real?!
> >
> > Kind regards,
> > Miroslav Stampar
> >
>
> I just made a really simple vulnerable test webapplication with a datagrid
> bound to a table and a textbox where the the user types strings to populate
> the table; I verified that if I manually enter c'); DROP TABLE [testTable]
> -
> - into the textbox the table is actually dropped. I think Sqlmap is able to
> detect such a vulnerability with a proper extension of payloads.xml. Am I
> wrong?
>
>
>
>
>
> ------------------------------------------------------------------------------
> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> Learn Why More Businesses Are Choosing CenturyLink Cloud For
> Critical Workloads, Development Environments & Everything In Between.
> Get a Quote or Start a Free Trial Today.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
