[Sqlmap - Coldfusion Case When ?]

Thank you very much for your help! I will have a play around to see if closing the ( works the issues out.

Dan

[Sqlmap - Coldfusion Case When ?]

I'm very new at using SqlMap and Sql in general, so I'm hoping you'll be able to offer some advice please.

I have a vulnerable site where I can get the database names and table names, but I am unable to retrieve any entries. An internal 500 error crops up saying there is "[Macromedia][sqlServer JDBC Driver][sqlServer]Incorrect syntax near '('. ".

I'm thinking that it's because the payload is using a CASE WHEN statement but reading about it ColdFusion doesn't allow them.

The payload is:

(SELECT CHAR(113)+CHAR(120)+CHAR(112)+CHAR(122)+CHAR(113)+(SELECT (CASE WHEN (4281=4281) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(106)+CHAR(122)+CHAR(113)+CHAR(113)

Is there any way this can be turned into a statement that can be used with ColdFusion? - Such as using UNION SELECT or something? - I don't yet know enough to be able to change it myself.

Thank you in advance