r, and is precisely this function that
> is making the injection a false positive, I think. I thought enough of
> something to get around it, including, I believe, some to use this form of
> defense against sql injection.
>
> ------
> Date: Wed, 12 J
07 +0200
Subject: Re: [sqlmap-users] error or bug
From: miroslav.stam...@gmail.com
To: jonatah-rom...@hotmail.com
CC: sqlmap-users@lists.sourceforge.net
Most probably it has a dynamic content inside (changing between each response).
I can't tell you more because I don't know the details
lters sanitize, or some function
> decode () making sure the ID explicitly safe? Or some other reason?
>
> --
> Date: Wed, 12 Jun 2013 06:02:23 +0200
> Subject: Re: [sqlmap-users] error or bug
> From: miroslav.stam...@gmail.com
> To: j
It is a false positive because of filters sanitize, or some function decode ()
making sure the ID explicitly safe? Or some other reason?
Date: Wed, 12 Jun 2013 06:02:23 +0200
Subject: Re: [sqlmap-users] error or bug
From: miroslav.stam...@gmail.com
To: jonatah-rom...@hotmail.com
CC: sqlmap-users
Hi.
It's a false positive.
Kind regards,
Miroslav Stampar
On Jun 12, 2013 2:42 AM, "Jonatah Romero"
wrote:
> Hello guys, i made 3 attempts injection, all 3 have unequal information,
> one said there was no injection, the other said through heuristics to be
> Firebird DBMS, and the DBMS be anoth
Hello guys, i made 3 attempts injection, all 3 have unequal information, one
said there was no injection, the other said through heuristics to be Firebird
DBMS, and the DBMS be another SAP MaxDB. I also tested it with --tamper, and
--string, as stated sqlmap, stated that it was a false positive.
