SQL injection on integer field
I have an application and a username field converts any given value to an integer value using
. The application uses JSP and Oracle database.
The url has been tested with SQLMap and is not dynamic. So the only way I can try is to get the registration form, but I couldn't get around it.
When I place
-, the server returns an error
error for input string
I want to enter a field, so how can I do it?
I don't know if I can use an alternative encoding because it will convert it to integer anyway.
source to share