Re: [sqlmap-users] Unhandled Exception while Banner Grabbing
Brought to you by:
inquisb
From: Miroslav S. <mir...@gm...> - 2010-03-01 10:53:28
|
Hi Daniel. Thank you for reporting this issue. We've found it inside the code and fixed it. Now, there shouldn't be crashes like this anymore and we've also improved (hope so) the MSSQL version parsing and recognition routine. Kind regards, Miroslav Stampar On 28.2.2010 10:23, Daniel Hückmann wrote: > Running SVN revision 1347 (latest) and using the most up to date XML > versions file. System environment is as follows: > > Python 2.6.4 (r264:75706, Dec 7 2009, 18:45:15) [GCC 4.4.1] on linux2 > Ubuntu 9.10 (Karmic - x86/32bit) 2.6.31-19-generic > > The initial enumeration without banner grabbing, returns and then > confirms that the DBMS is Microsoft SQL server (expected behaviour). > However running any subsequent operations (including -f and/or -b) > returns: > > [00:35:51] [ERROR] sqlmap was not able to fingerprint the back-end > database management system. Support for this DBMS will be implemented > if you ask, just drop us an email > > If I erase the output folder for that scan, it works once again, but > only for the first scan. However if I erase the output folder, and > then try to banner grab, the following happens: > > sbit@hati:/opt/sqlmap$ ./sqlmap.py -u > "http://www.[REDACTED].com/[REDACTED].asp?[REDACTED]=[REDACTED]" -f > --banner > > sqlmap/0.8-rc7 - automatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > > [*] starting at: 00:40:16 > > [00:40:16] [INFO] using > '/opt/sqlmap/output/www.[REDACTED].com/session' as session file > [00:40:16] [INFO] testing connection to the target url > [00:40:17] [INFO] testing if the url is stable, wait a few seconds > [00:40:19] [INFO] url is stable > [00:40:19] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic > [00:40:20] [WARNING] User-Agent parameter 'User-Agent' is not dynamic > [00:40:20] [INFO] testing if Cookie parameter 'ASPSESSIONIDCSCDTATD' > is dynamic > [00:40:21] [WARNING] Cookie parameter 'ASPSESSIONIDCSCDTATD' is not > dynamic > [00:40:21] [INFO] testing if GET parameter '[REDACTED]' is dynamic > [00:40:21] [INFO] confirming that GET parameter '[REDACTED]' is dynamic > [00:40:22] [INFO] GET parameter '[REDACTED]' is dynamic > [00:40:22] [INFO] testing sql injection on GET parameter '[REDACTED]' > with 0 parenthesis > [00:40:22] [INFO] testing unescaped numeric injection on GET parameter > '[REDACTED]' > [00:40:22] [INFO] GET parameter '[REDACTED]' is not unescaped numeric > injectable > [00:40:22] [INFO] testing single quoted string injection on GET > parameter '[REDACTED]' > [00:40:23] [INFO] confirming single quoted string injection on GET > parameter '[REDACTED]' > [00:40:24] [INFO] GET parameter '[REDACTED]' is single quoted string > injectable with 0 parenthesis > [00:40:24] [INFO] testing for parenthesis on injectable parameter > [00:40:28] [INFO] the injectable parameter requires 0 parenthesis > [00:40:28] [INFO] testing MySQL > [00:40:28] [WARNING] the back-end DMBS is not MySQL > [00:40:28] [INFO] testing Oracle > [00:40:28] [WARNING] the back-end DMBS is not Oracle > [00:40:28] [INFO] testing PostgreSQL > [00:40:28] [WARNING] the back-end DMBS is not PostgreSQL > [00:40:28] [INFO] testing Microsoft SQL Server > [00:40:29] [INFO] confirming Microsoft SQL Server > [00:40:34] [INFO] the back-end DBMS is Microsoft SQL Server > [00:40:34] [INFO] fetching banner > [00:40:34] [INFO] retrieved: Microsoft SQL Server 2008 (SP1) - > 10.0.2531.0 (X64) > Mar 29 2009 10:11:52 > Copyright (c) 1988-2008 Microsoft Corporation > Web Edition (64-bit) on Windows NT 6.0 <X64> (Build 6001: Service > Pack 1) (VM) > > [00:59:32] [INFO] the back-end DBMS operating system is Windows 2003 > Service Pack 1 > [00:59:32] [ERROR] unhandled exception in sqlmap/0.8-rc7 - automatic > SQL injection and database takeover tool, please copy the command line > and the following text and send by e-mail to > sql...@li... > <mailto:sql...@li...>. The developer will fix it > as soon as possible: > sqlmap version: 0.8-rc7 > Python version: 2.6.4 > Operating system: linux2 > Traceback (most recent call last): > File "./sqlmap.py", line 77, in main > start() > File "/opt/sqlmap/lib/controller/controller.py", line 257, in start > action() > File "/opt/sqlmap/lib/controller/action.py", line 68, in action > print "%s\n" % conf.dbmsHandler.getFingerprint() > File "/opt/sqlmap/plugins/dbms/mssqlserver.py", line 152, in > getFingerprint > release = kb.bannerFp["dbmsRelease"] > KeyError: 'dbmsRelease' > > [*] shutting down at: 00:59:32 > > > Daniel Hückmann - Sophsec Intrusion Labs - Silicon Forest (PDX) > -------------------------------------------------------------------------- > http://www.google.com/profiles/sanitybit > http://twitter.com/sanitybit > > > > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |