I am in a web application lab environment that has SQL injection vulnerability in it. From sqlmap I have enumerated that SQLite has version 3.8.2 . I am able to retrieve database contents via sqlmap but I cannot run OS SHELL commands on attacked system. I do not know if SQLite injections has capability to execute system commands. Can anybody explain the reason why we can not run system commands on SQLite ?
Aucun commentaire:
Enregistrer un commentaire