I've got the following vulnerable querystring value:
string=the%%22/**/and/**/1=1/**/and/**/%22%%22=%22
Where with 1=1 I get data back, 1=0 is false so no data.
I can't use spaces which is why I've have to go for /**/.
How do I tell sqlmap where the injection point is and to use /**/ instead
of spaces?
Robin
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
