Hi all,
Just looking for any tips on exploiting MySQL 3.x with sqlmap. It's a
pretty standard injection, but the best I've been able to do is extract the
database name with sqlmap. I'm using the B technique, have tried --hex,
--no-cast, etc, but none of the functions sqlmap is using exist in MySQL
3.x, e.g. union, cast, convert, so I'm reduced to manual exploitation with
scripts and mid(), char(), etc.
No big deal, just wondering if there's a quick way to get a bit further
with sqlmap before I go back to manual exploitation through Burp.
Thanks
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
