Forum Thread: Help me about SQLMAP ???

I wonder if SQLMAP support vulnerable sites to "Time-Based Blind SQL Injection using Heavy Queries" ???

For example:
////// and (SELECT count() FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7, sysusers AS sys8)>1 and 300>(select top 1 ascii(substring(name,1,1)) from sysusers)


Are we may enter a database of a vulnerable site SQL Injection time-based by queries heavy as the example above using SQLMAP ???

Thank you to inform me please.

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

1 Response

This seems like something more for the forums but I can help you anyway. Yes sqlmap can perform time based sql injections with using heavy queries. Can you provide another example of what you are trying to accomplish and not just a copy and paste from an old Black-hat document? (yes I have read it before, did you?)

Share Your Thoughts

  • Hot
  • Active