HQLmap icon indicating copy to clipboard operation
HQLmap copied to clipboard

Published 20 hours ago verified publisher icon PaulSec

Metadata

(Deprecated) HQLmap, Automatic tool to exploit HQL injections

Results 5 HQLmap issues
Sort by recently updated
recently updated
newest added

Update of HQLmap.py to parse JSON params in POST data

dtrizna avatar dtrizna

table_exists methed is not perfect

``` def table_exists(message): if ('is not mapped' in message): return False else: return True ``` The method of checking table exists is check if 'is not mapped' string in response....

nibiwodong avatar nibiwodong

Clean URL support

Hello, Is it possible to test for HQL injection vulnerabilities with using HQLmap with a url that is using mod rewrite (or something like it) to make the urls clean?...

Comancheroo avatar Comancheroo

Eliminate False Positives

Hello @PaulSec , I tried running this one on my very own Apache Server which doesn't have a db on but just a static page and here is the output:...

shipcod3 avatar shipcod3

parameter '--columns' and '--C' do not work without parameter '--tables'

### Description There is some Logical problems with parameter '--tables'. The problem just as the issues' title. ### Detail ``` x:\hqlmap>HQLmap.py -v -u "http://hql-injection-site/doSysLogin.action" --data "hdu.hdUsersNmae=admin&hdu.hdPassWord=password&verifyCode=jgnb" -p hdu.hdPassWord --T com_recruit.entity.sysuser.hdzuser...

L34Rn avatar L34Rn

Metadata

224
Stars
51
Forks
Watchers

Owner

verified publisher icon PaulSec

Metadata

(Deprecated) HQLmap, Automatic tool to exploit HQL injections

Back