hi
i guess it's time based technique here we are talking about. if yes,
then the answer to your question is yes, network lag is it's greatest
nemesis.
have you tried increasing --time-sec to something like 10?
kind regards
2011/9/7 root :
> hi guys
> when i use sqlmap to get database data,like
hi guys
when i use sqlmap to get database data,like this
[*] "C?FCODB"
[*] "COFC?DB_YW"
[*] "COFCOVH?DB"
[*] "D?SYS"
[*] "DB?NMP"
[*] "E?FSYS"
[*] "OL?PSYS"
[*] "O�yTLN"
[*] "S`OTT"
[*] "SH\x7f"
[*] "SYSMAY\x11"
[*] "SYS}"
[*] "WMS`S"
[*] CTXSYS
[*] HR
[*] IX
[*] MpSYS
[*] OE
[*] ORDSYS
[*] PM
[*]
p.s. --os-shell appears to work properly in our LAMP testing
environment (tested for full union and partial union techniques)
On Tue, Sep 6, 2011 at 10:13 AM, Miroslav Stampar
wrote:
> hi Ahmed.
>
> from the traffic file you've sent to me it seems that php shell was
> indeed uploaded in request #
hi Ahmed.
from the traffic file you've sent to me it seems that php shell was
indeed uploaded in request #21 but for some reason nothing was
returned in validation request #22.
could you please:
1) check what do you get in web browser with:
http://172.16.171.134:80/hackable/uploads/tmpupgiv.php
