Hi.
Just added new tamper script to the HEAD. Please update and try
--tamper=0x2char
p.s. There is no need for unhex (as you'll see by running this new tamper
script)
Kind regards,
Miroslav Stampar
On Wed, May 30, 2018 at 12:49 PM, Brandon Perry <bperry.volat...@gmail.com>
wrote:
> I’ve come across a SQL injection that uppercases the input, so that 0xaaaa
> becomes 0XAAAA. This isn’t a valid hex value in MySQL since 0X is required
> to use a lowercase x. I attempted to use a quick —eval argument to change
> the syntax from 0x to X’’, but the single quotes in the X’' syntax end up
> being escaped with double slashes so the syntax is still broken (X’’ ->
> X\\’\\’).
>
> What are the chances a different encoding using UNHEX and CONCAT be used
> instead of 0x when using BENCHMARK?
>
> For instance:
>
> BENCHMARK(5000000,MD5(0xaaaa))
>
> Could be rewritten as:
>
> BENCHMARK(5000000,MD5(UNHEX(CONCAT(CHAR(65),CHAR(65),CHAR(65),CHAR(65))
>
> Perhaps this is attainable with a tamper script and I am missing it? This
> would prevent the application from breaking the SQL syntax by changing 0x
> to 0X.
>
> Any thoughts are appreciated!
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
