[sqlmap-users] Bug with -d

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I don't know if this is an experimental module, but when using -d
option, sqlmap fail to fetch the name of the databases correctly...

$ ./sqlmap.py -d "mysql://admin:admin@xxx:3306/dauerdb" --dbs

    sqlmap/0.9-dev - automatic SQL injection and database takeover tool
    http://sqlmap.sourceforge.net

[*] starting at: 17:20:09

[17:20:09] [INFO] using '/home/skys/sqlmap-dev/output/xxx/session' as
session file
[17:20:09] [INFO] connection to mysql server xxx:3306 established
[17:20:09] [INFO] testing MySQL
[17:20:09] [INFO] confirming MySQL
[17:20:09] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL < 5.0.0

[17:20:09] [WARNING] information_schema not available, back-end DBMS
is MySQL < 5. database names will be fetched from 'mysql' database
[17:20:09] [INFO] fetching database names
available databases [5]:
[*] %
[*] e
[*] s
[*] t

[17:20:09] [INFO] connection to mysql server xxx:3306 closed

[*] shutting down at: 17:20:09

The right one:
mysql> show databases;
+------------+
| Database   |
+------------+
| dauerdb    |
| mysql      |
| tcl        |
| tcl_antigo |
| test       |
+------------+
5 rows in set (0.00 sec)

Another thing I noticed is that using the --read-file option:

$ ./sqlmap.py -d "mysql://admin:admin@xxx:3306/dauerdb" --read-file
'c:\windows\system32\a.txt'

    sqlmap/0.9-dev - automatic SQL injection and database takeover tool
    http://sqlmap.sourceforge.net

[*] starting at: 17:18:33

[17:18:33] [INFO] using '/home/skys/sqlmap-dev/output/xxx/session' as
session file
[17:18:33] [INFO] connection to mysql server xxx:3306 established
[17:18:33] [INFO] testing MySQL
[17:18:33] [INFO] confirming MySQL
[17:18:33] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL < 5.0.0

[17:18:33] [INFO] fingerprinting the back-end DBMS operating system
[17:18:33] [INFO] the back-end DBMS operating system is Windows
[17:18:33] [INFO] fetching file: 'c:/windows/system32/a.txt'

[17:18:34] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy
the command line and the following text and send by e-mail to
sql...@li.... The developer will fix it as soon
as possible:
sqlmap version: 0.9-dev
Python version: 2.5.2
Operating system: posix
Traceback (most recent call last):
  File "./sqlmap.py", line 89, in main
    start()
  File "/home/skys/sqlmap-dev/lib/controller/controller.py", line 99, in start
    action()
  File "/home/skys/sqlmap-dev/lib/controller/action.py", line 137, in action
    conf.dumper.rFile(conf.rFile, conf.dbmsHandler.readFile(conf.rFile))
  File "/home/skys/sqlmap-dev/plugins/generic/filesystem.py", line
288, in readFile
    fileContent = self.stackedReadFile(rFile)
  File "/home/skys/sqlmap-dev/plugins/dbms/mysql/filesystem.py", line
69, in stackedReadFile
    if not length.isdigit() or not len(length) or length in ( "0", "1" ):
AttributeError: 'NoneType' object has no attribute 'isdigit'

[*] shutting down at: 17:18:34

$ svn info
Path: .
URL: https://svn.sqlmap.org/sqlmap/trunk/sqlmap
Repository Root: https://svn.sqlmap.org/sqlmap
Repository UUID: 7eb2e9d7-d917-0410-b3c8-b11144ad09fb
Revision: 1774
Node Kind: directory
Schedule: normal
Last Changed Author: stamparm
Last Changed Rev: 1774
Last Changed Date: 2010-06-23 04:30:15 -0300 (Wed, 23 Jun 2010)

Mysql version:
3306/tcp open  mysql         MySQL 4.0.18-nt
|  mysql-info: Protocol: 10
|  Version: 4.0.18-nt
|  Thread ID: 42
|  Some Capabilities: Connect with DB, Compress, Transactions
|  Status: Autocommit
|_ Salt: 0EHyJF`1

-- 
David Gomes Guimarães