[sqlmap-users] regex error
Brought to you by:
inquisb
From: Ignacio H. <nac...@gm...> - 2009-08-24 19:10:03
|
Hi all, There is an error in one of the regex used to find absolute file paths in order to upload a shell when there is not available the ' stacked queries' on the parameter. The regex is "([\w]\:[\/\\\\]+)" located at line 76 of file /sqlmap/lib/request. I dont know why (because i dont understand that regex) but it always find a positive match in "p:" and sometimes in "s:" and gives it back as absolute file paths. I think is due to url strings in the page code. The regex matches things like "http:\\domain.com/whatever" and returns "p:" as a valid absolute path (or "s:" if the url is ssl). To avoid this maybe the regex can be changed to "([\r\w]\:[\/\\\\]+)" if the real absolute file path is at the begining of a word. This happens in version 7.0 and 0.8-dev1 and in version 0.8-dev1 there is also someting else wrong with --os-shell: after providing full paths and the language that server supports it just cant connect the server. This is the output: [20:25:18] [WARNING] unable to retrieve the web server document root please provide the web server document root [/var/www/]: [20:26:09] [WARNING] unable to retrieve any web server path please provide any additional web server full path to try to upload the agent [/var/www/test/]: [20:26:51] [INFO] trying to upload the uploader agent which web application language does the web server support? [1] ASP [2] PHP (default) [3] JSP > 2 [20:26:57] [WARNING] unable to connect to the target url or proxy, sqlmap is going to retry the request [20:26:58] [WARNING] unable to connect to the target url or proxy, sqlmap is going to retry the request [20:26:59] [WARNING] unable to connect to the target url or proxy, sqlmap is going to retry the request [20:27:00] [ERROR] unable to connect to the target url or proxy This doesnt happens in version 7.0. Cheers, Nacho |