Re: [sqlmap-users] Bug
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Bug
|
From: Miroslav S. <mir...@gm...> - 2010-06-10 20:25:47
|
Nevertheless, in the associated commit we've put a limitation to this kind of situations so there shouldn't be any more errors like you've reported: "OverflowError: long int too large to convert to int". Thanks for report. Kind regards. On Thu, Jun 10, 2010 at 7:16 PM, David Guimaraes <sk...@gm...> wrote: > Mirolav, my mistake. The problem is that apache is cutting the URI > because of the internal configuration of the server (maximum size is > limited by the apache policy URI LimitRequestLine). As you can see, > the problem occurs only in columns that have big name, so the encode > (with chr() in postgresql) is much greater. > > As the php script allows me to use the POST method for the same > purpose(which is limited by the policy post_max_size in php.ini, which > has a value far greater(=~8MB) than that limited by LimitRequestLine), > I could successfully perform the dump. > > [13:52:41] [INFO] fetching columns for table 'livro' on database 'public' > Database: public > Table: livro > [15 columns] > +-------------------+---------+ > | Column | Type | > +-------------------+---------+ > | ano | int4 | > | autor | varchar | > | dt_cadastro | date | > | edicao | varchar | > | editora | varchar | > | esgotado | bpchar | > | id_area | int4 | > | id_livro | int4 | > | isbn | varchar | > | lancamento | bpchar | > | paginas | int4 | > | preco | float4 | > | preco_promocional | float4 | > | release | text | > | titulo | varchar | > +-------------------+---------+ > > Thanks anyway! =) > > On Thu, Jun 10, 2010 at 1:24 PM, Miroslav Stampar > <mir...@gm...> wrote: >> It would be most helpful if you could send me what should be there (if >> you could do it manually it would be most helpful). >> >> KR >> >> On Thu, Jun 10, 2010 at 6:19 PM, David Guimaraes <sk...@gm...> wrote: >>> ... >>> [12:57:17] [INFO] read from file >>> '/home/skys/sqlmap-dev/output/www.vulnsite.com/session': lancamento >>> [12:57:17] [INFO] retrieving the length of query output >>> [12:57:17] [INFO] retrieved: >>> [12:57:18] [INFO] retrieved: >>> [12:57:19] [INFO] read from file >>> '/home/skys/sqlmap-dev/output/www.vulnsite.com/session': esgotado >>> [12:57:19] [INFO] retrieving the length of query output >>> [12:57:19] [INFO] retrieved: 6 >>> [12:57:20] [INFO] retrieved: bpchar >>> [12:57:20] [INFO] read from file >>> '/home/skys/sqlmap-dev/output/www.vulnsite.com/session': >>> preco_promocional >>> [12:57:20] [INFO] retrieving the length of query output >>> [12:57:20] [INFO] retrieved: >>> [12:57:21] [INFO] retrieved: >>> [12:57:22] [INFO] read from file >>> '/home/skys/sqlmap-dev/output/www.vulnsite.com/session': edicao >>> [12:57:22] [INFO] retrieving the length of query output >>> [12:57:22] [INFO] retrieved: 7 >>> [12:57:24] [INFO] retrieved: varchar >>> [12:57:24] [INFO] read from file >>> '/home/skys/sqlmap-dev/output/www.vulnsite.com/session': isbn >>> [12:57:24] [INFO] retrieving the length of query output >>> [12:57:24] [INFO] retrieved: 7 >>> [12:57:25] [INFO] retrieved: varchar >>> [12:57:25] [INFO] read from file >>> '/home/skys/sqlmap-dev/output/www.vulnsite.com/session': dt_cadastro >>> [12:57:25] [INFO] retrieving the length of query output >>> [12:57:25] [INFO] retrieved: >>> [12:57:25] [INFO] retrieved: >>> [12:57:27] [INFO] read from file >>> '/home/skys/sqlmap-dev/output/www.vulnsite.com/session': editora >>> [12:57:27] [INFO] retrieving the length of query output >>> [12:57:27] [INFO] retrieved: 7 >>> [12:57:28] [INFO] retrieved: varchar >>> Database: public >>> Table: livro >>> [15 columns] >>> +-------------------+---------+ >>> | Column | Type | >>> +-------------------+---------+ >>> | ano | int4 | >>> | autor | varchar | >>> | dt_cadastro | | >>> | edicao | varchar | >>> | editora | varchar | >>> | esgotado | bpchar | >>> | id_area | int4 | >>> | id_livro | int4 | >>> | isbn | varchar | >>> | lancamento | | >>> | paginas | int4 | >>> | preco | float4 | >>> | preco_promocional | | >>> | release | text | >>> | titulo | varchar | >>> +-------------------+---------+ >>> >>> $ svn info >>> Path: . >>> URL: https://svn.sqlmap.org/sqlmap/trunk/sqlmap >>> Repository Root: https://svn.sqlmap.org/sqlmap >>> Repository UUID: 7eb2e9d7-d917-0410-b3c8-b11144ad09fb >>> Revision: 1763 >>> Node Kind: directory >>> Schedule: normal >>> Last Changed Author: inquisb >>> Last Changed Rev: 1763 >>> Last Changed Date: 2010-06-10 12:34:28 -0300 (Thu, 10 Jun 2010) >>> >>> This is ok now (despite for some reason, it failed to retrieve the >>> column type "dt_cadastro", "lancamento", and "preco_promocional") >>> >>> Thanks for solving this in so short notice. >>> >>> On Thu, Jun 10, 2010 at 12:01 PM, Miroslav Stampar >>> <mir...@gm...> wrote: >>>> We've made some modifications regarding your bug report. Could you >>>> please try to run it again with the latest repository version? >>>> >>>> Thanks >>>> >>>> On Thu, Jun 10, 2010 at 4:24 PM, David Guimaraes <sk...@gm...> wrote: >>>>> $ ./sqlmap -c arquivo.conf --threads 10 -D editora -T livro --columns >>>>> >>>>> [11:22:01] [INFO] retrieving the length of query output >>>>> [11:22:01] [INFO] retrieved: 10 >>>>> [11:22:03] [INFO] retrieved: lancamento >>>>> [11:22:03] [INFO] retrieving the length of query output >>>>> [11:22:03] [INFO] retrieved: >>>>> [11:22:17] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy >>>>> the command line and the following text and send by e-mail to >>>>> sql...@li.... The developer will fix it as soon >>>>> as possible: >>>>> sqlmap version: 0.9-dev >>>>> Python version: 2.5.2 >>>>> Operating system: posix >>>>> Traceback (most recent call last): >>>>> File "./sqlmap.py", line 89, in main >>>>> start() >>>>> File "/home/skys/sqlmap-dev/lib/controller/controller.py", line 268, in start >>>>> action() >>>>> File "/home/skys/sqlmap-dev/lib/controller/action.py", line 114, in action >>>>> conf.dumper.dbTableColumns(conf.dbmsHandler.getColumns()) >>>>> File "/home/skys/sqlmap-dev/plugins/generic/enumeration.py", line >>>>> 955, in getColumns >>>>> colType = inject.getValue(query, inband=False) >>>>> File "/home/skys/sqlmap-dev/lib/request/inject.py", line 374, in getValue >>>>> value = __goInferenceProxy(expression, fromUser, expected, batch, >>>>> resumeValue, unpack, charsetType, firstChar, lastChar) >>>>> File "/home/skys/sqlmap-dev/lib/request/inject.py", line 304, in >>>>> __goInferenceProxy >>>>> outputs = __goInferenceFields(expression, expressionFields, >>>>> expressionFieldsList, payload, expected, resumeValue=resumeValue, >>>>> charsetType=charsetType, firstChar=firstChar, lastChar=lastChar) >>>>> File "/home/skys/sqlmap-dev/lib/request/inject.py", line 92, in >>>>> __goInferenceFields >>>>> output = __goInference(payload, expressionReplaced, charsetType, >>>>> firstChar, lastChar) >>>>> File "/home/skys/sqlmap-dev/lib/request/inject.py", line 51, in __goInference >>>>> _, length, _ = queryOutputLength(expression, payload) >>>>> File "/home/skys/sqlmap-dev/lib/utils/resume.py", line 91, in >>>>> queryOutputLength >>>>> count, length = bisection(payload, lengthExprUnescaped, charsetType=2) >>>>> File "/home/skys/sqlmap-dev/lib/techniques/blind/inference.py", line >>>>> 431, in bisection >>>>> val = getChar(index, asciiTbl) >>>>> File "/home/skys/sqlmap-dev/lib/techniques/blind/inference.py", line >>>>> 210, in getChar >>>>> charTbl = xrange(maxChar + 1, (maxChar + 1) << 8) >>>>> OverflowError: long int too large to convert to int >>>>> >>>>> [*] shutting down at: 11:22:17 >>>>> >>>>> $ svn info >>>>> Path: . >>>>> URL: https://svn.sqlmap.org/sqlmap/trunk/sqlmap >>>>> Repository Root: https://svn.sqlmap.org/sqlmap >>>>> Repository UUID: 7eb2e9d7-d917-0410-b3c8-b11144ad09fb >>>>> Revision: 1759 >>>>> Node Kind: directory >>>>> Schedule: normal >>>>> Last Changed Author: inquisb >>>>> Last Changed Rev: 1759 >>>>> Last Changed Date: 2010-06-10 11:15:32 -0300 (Thu, 10 Jun 2010) >>>>> >>>>> >>>>> -- >>>>> David Gomes Guimarães >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> ThinkGeek and WIRED's GeekDad team up for the Ultimate >>>>> GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the >>>>> lucky parental unit. See the prize list and enter to win: >>>>> http://p.sf.net/sfu/thinkgeek-promo >>>>> _______________________________________________ >>>>> sqlmap-users mailing list >>>>> sql...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>> >>>> >>>> >>>> >>>> -- >>>> Miroslav Stampar >>>> >>>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>>> Mobile: +385921010204 (HR 0921010204) >>>> PGP Key ID: 0xB5397B1B >>>> >>> >>> >>> >>> -- >>> David Gomes Guimarães >>> >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> > > > > -- > David Gomes Guimarães > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
