I’m very confused on “Detecting the current DB User”. Under “Detecting the first character” they list some information:
- Character interval: [a-z] - The only part that makes sense to me
- ASCII interval: [97 - 122] - ASCII interval?
- ASCII flag: 109 - Don’t think I’ve seen this anywhere before. I see 109 down in the payload? But what’s 109?
- Character flag: m - Same here. Character flag?
' OR ASCII(SUBSTRING(user(),1,1))<=109 #
I have no idea what’s going on here. The payload returns False. Which confuses me because I thought we were checking for characters between a-z?
The next payload says it’s checking between n-z? Why n? The following says u-z and so on. I’m just very confused with this manual enumeration section.
I can get the exploit working with SQLMap but the goal here isn’t to be a script kiddie.