Hi
Thanks;
Yes of course it's exploitable .
As you see i have used --risk=3 before.
I think Sqlmap isn't able to handle it properly because there is custom
injection in name of parameter and also name is an array .
Any Opinion ?
Regards dehqan
On Fri, Oct 24, 2014 at 4:00 AM, Ryan Sears <rdse...@mtu.edu> wrote:
> // Grrr, stupid gmail. Didn't reply-all first time :-P
>
> Are you sure it's exploitable? Try upping the --level and --risk.
>
> The #1* means the first * character you put into the --data parameter.
> It's in lieu of saying something like "POST parameter 'derp' is not
> exploitable" if you pass in --data="derp=testme" and ask it to test the
> "derp" parameter.
>
> Ryan
>
> On Thu, Oct 23, 2014 at 5:14 AM, a dehqan <dehqa...@gmail.com> wrote:
>
>> Thanks man ;
>>
>> I want to send an array with query in its index as value of "name" POST
>> variable .
>>
>> Remember if i want inject it manually should try >
>> <input type="text" id="edit-name" name="name[1 ;UPDATE {users} SET pass=
>> 'test123'; -- ]" value="" size="60" maxlength="60" class="form-text
>> required error">
>>
>> So tried (sqlmap/1.0-dev) :
>>
>> python sqlmap.py -u "http://localhost//?id=n&ssid=w";
>> --data="name[0*]=name" --risk=3 --flush-session --dbms=mysql
>>
>>
>> Sqlmap returns this error:
>>
>> [WARNING] (custom) POST parameter '#1*' is not injectable
>>
>> What does # mean here ?
>>
>> And how to make it work under sqlmap ?
>>
>> Regards
>>
>> On Thu, Oct 23, 2014 at 11:00 AM, Miroslav Stampar <
>> miroslav.stam...@gmail.com> wrote:
>>
>>> Hi.
>>>
>>> You need to put a custom injection mark * at the place where you want
>>> sqlmap to inject. For example:
>>>
>>> ...name[1*]
>>>
>>> Bye
>>>
>>> p.s. your example with SELECT is not a proper one as queries are usually
>>> not supported in stacking
>>>
>>> On Thu, Oct 23, 2014 at 7:43 AM, a dehqan <dehqa...@gmail.com> wrote:
>>>
>>>> Hi Guys ,
>>>>
>>>> Is Sqlmap able to send an array instead of string while injecting?
>>>>
>>>> Like situation we have html form and we want manually send post
>>>> variable 'name' this way (value is obtained from array) :
>>>>
>>>> name="name[1 ;select * from users -- ]
>>>>
>>>> I want do it with Sqlmap , but how ?
>>>>
>>>>
>>>> Regards dehqan
>>>>
>>>
>>>
>>>
>>> --
>>> Miroslav Stampar
>>> http://about.me/stamparm
>>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>>
>> _______________________________________________
>> sqlmap-users mailing list
>> sqlmap-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>
------------------------------------------------------------------------------
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
