Hello!
Consider following example of vulnerability.
Server has PHP and MySQL 5.X. URL
http://example.com/list.php?filter=text outputs list of items that match
filter and is vulnerable to following SQL injection:
http://example.com/list.php?filter=' UNION SELECT 1,2,3 --
This will show one row
hi John.
thank you for your report. find it fixed in the latest commit.
kr
On Mon, Aug 8, 2011 at 8:46 AM, John Cobb wrote:
> [23:07:56] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4332), retry
> your run with the latest development version from the Subversion repository.
> If the except
Please discard my last report...it was my mistake... :((
2011/8/9 machak machakowitz
>
>
> C:\Users\Giga\Desktop\sqlmap1> sqlmap.py -u
> "http://***.php?show=galleries&gallery=252§ion=8";
> --auth-type=basic --auth-cred "*:" --dbm
> s=mysql -o --random-agent -D **
C:\Users\Giga\Desktop\sqlmap1> sqlmap.py -u
"http://***.php?show=galleries&gallery=252§ion=8";
--auth-type=basic --auth-cred "*:" --dbm
s=mysql -o --random-agent -D ** -T users --columns
sqlmap/1.0-dev (r4332) - automatic SQL injection and database takeover tool
