Hi.
sqlmap hasn't been able to detect that it's exploitable through stacking.
Maybe some characters are filtered out. Maybe you are using --proxy or
--tor which introduce lagging which are causing problems like yours.
Use --flush-session --time-sec=20 if you are going to retry.
The best way how
hi,all
sqlmap can not support stacked queries in aspx+mssql?
[11:42:43] [CRITICAL] unable to prompt for an interactive operating system shell
via the back-end DBMS because stacked queries SQL injection is not supported
SQlmap is able to extract db names, current user and backend info, but
when I try to get tables I end up with junk data or nothing at all. I
find this strange because SQLmap has identified multiple injection
methods and I am on a fast local connection with the target server.
This is the log fi
Hi.
You haven't told anything that could help. Neither switches/options used,
neither tamper scripts used, nothing.
You are using some custom tamper script(s) as I can see "/*!5" in
payload (we don't have this in our tamper scripts).
Nevertheless, I've tried to reproduce your run with --tech
Hello, all.
I'm trying to exploit the blind injection in the following query:
$var = $_GET['var'];
SELECT id,name FROM people ORDER BY $var
sqlmap find vulnerabilities, but can not be used.
sqmap sends the following query:
name AND 561/*!5=*/IF((ORD(MID((/*!5SELECT*/
IF(ISNULL(/*!5
