I've used that same request file without any problems (with latest
patches/revision). Will retest tomorrow. Please retry everything with
--flush-session
Bye
On Oct 10, 2015 1:17 AM, "Vojtěch Polášek" wrote:
> Greetings,
> thanks for your prompt response.
> Unfortunatelly, it is still not working
Greetings,
thanks for your prompt response.
Unfortunatelly, it is still not working as expected.
There is problem with retrieving of current user and information from
HSQL database in general.
Moreover, when using following request file from the same application,
Sqlmap identified backend database
Fixed tons of bugs and pushed. Please retry it again.
Bye
On Fri, Oct 9, 2015 at 3:55 PM, Miroslav Stampar wrote:
> Please wait a bit. There are tons of bugs for HSQLDB in sqlmap. On it
> right now.
>
> Bye
>
> On Fri, Oct 9, 2015 at 2:20 PM, Miroslav Stampar <
> miroslav.stam...@gmail.com> wro
Please wait a bit. There are tons of bugs for HSQLDB in sqlmap. On it right
now.
Bye
On Fri, Oct 9, 2015 at 2:20 PM, Miroslav Stampar wrote:
> Hi again.
>
> Please update to the latest revision and retry it again (with
> --flush-session).
>
> Backend used is HSQLDB while the sqlmap wrongly reco
Hi again.
Please update to the latest revision and retry it again (with
--flush-session).
Backend used is HSQLDB while the sqlmap wrongly recognized it as MySQL
(because HSQLDB is MySQL look-alike)
Bye
On Fri, Oct 9, 2015 at 12:49 PM, Vojtěch Polášek wrote:
> Hi,
> You can download Webgoat he
Have you tried to manually extract some data? If not then give it a
try, from doing it you'll be able to work out if you need any
tampering or if there are any other special requirements.
Robin
On 9 October 2015 at 11:49, Vojtěch Polášek wrote:
> Hi,
> You can download Webgoat here:
> https://we
Hi,
You can download Webgoat here:
https://webgoat.atlassian.net/builds/browse/WEB-WGM/latestSuccessful/artifact/shared/WebGoat-Embedded-Tomcat/WebGoat-6.0.1-war-exec.jar
Just run java- jar WebGoat-6.0.1-war-exec.jar
And you can login at localhost:8080/WebGoat with name webgoat and
password webgoat
p.s. you can always use something like
http://testphp.vulnweb.com/artists.php?artist=1 for a quick test/show off
On Fri, Oct 9, 2015 at 11:16 AM, Miroslav Stampar <
miroslav.stam...@gmail.com> wrote:
> Hi.
>
> Can you please send a used sqlmap command along with the basic info on
> vulnerable env
Hi.
Can you please send a used sqlmap command along with the basic info on
vulnerable environment (e.g. just a plain Webgoat, URL this and that)?
Bye
On Thu, Oct 8, 2015 at 10:52 PM, Vojtěch Polášek wrote:
> Greetings,
> I am running Webgoat from standalone jar file, so I can't see any logs.
>
