[sqlmap-users] sqlmap bug
Brought to you by:
inquisb
From: Joe <jo...@sh...> - 2009-01-31 17:08:32
|
I'm having problems with sqlmap. I've confirmed the bug manually with union all select, but sqlmap is still reporting it as a blind hole. Additionally: I get this message: [17:39:46] [WARNING] missing database parameter, sqlmap is going to use the current database to enumerate table 'roller_fantasy' columns [17:39:46] [INFO] fetching current database [17:39:46] [INFO] query: UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, CONCAT(CHAR(79,114,82,88,78,80),IFNULL(CAST(DATABASE() AS CHAR(10000)), CHAR(32)),CHAR(117,108,90,77,81,80)), NULL, NULL# %23 [17:39:46] [WARNING] for some reasons it was not possible to retrieve the query output through inband SQL injection technique, sqlmap is going blind [17:39:46] [INFO] query: IFNULL(CAST(DATABASE() AS CHAR(10000)), CHAR(32)) [17:39:46] [INFO] retrieved: [17:39:46] [ERROR] unhandled exception in sqlmap/0. 6.3, please copy the command line and the following text and send by e-mail to sql...@li.... The developers will fix it as soon as possible: sqlmap version: 0.6.3 Python version: 2.5.1 Operating system: win32 Traceback (most recent call last): File "sqlmap.py", line 81, in main File "lib\controller\controller.pyc", line 267, in start File "lib\controller\action.pyc", line 111, in action File "plugins\generic\enumeration.pyc", line 734, in getColumns File "plugins\generic\enumeration.pyc", line 114, in getCurrentDb File "lib\request\inject.pyc", line 329, in getValue File "lib\request\inject.pyc", line 265, in __goInferenceProxy File "lib\request\inject.pyc", line 88, in __goInferenceFields File "lib\request\inject.pyc", line 60, in __goInference File "lib\techniques\blind\inference.pyc", line 233, in bisection File "lib\techniques\blind\inference.pyc", line 102, in getChar ValueError: incomplete format [*] shutting down at: 17:39:46 I hope it helps. -Joe |