[Owasp-testing] Database Fingerprinting

Zaki Akhmad zakiakhmad at gmail.com
Wed Dec 16 02:56:49 EST 2009


Thanks for all the responses

I haven't got any error messages. This site doesn't have many form except:
- authentication: userid and password
- quantity of the goods

I have tried both, inserting SQL injection command and it failed.
Sigh, this web applicationis good at handling input.

How do I do sqlmap to authenticated page?

This site has dynamic GET parameters. This web application
automatically redirects to its home address if I hit this URL[1]
without being succesfully authenticated.

-za,
[1]https://tralalaxxx.com/?act=shop&page=5


More information about the Owasp-testing mailing list