Re: [sqlmap-users] SQL MS-Access report bug
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] SQL MS-Access report bug
|
From: Miroslav S. <mir...@gm...> - 2010-11-06 00:47:49
|
well, SELECT Name FROM MSysObjects WHERE Type = 1 (we already have it in ./xml/queries.xml) should basically get you this kind of information, but as I've understood querying it from outside the MS Access environment (web browser, ODBC connection) should result in: .....id=1 AND EXISTS(SELECT * FROM MSysObjects) Warning: odbc_exec() [function.odbc-exec]: SQL error: [Microsoft][ODBC Microsoft Access Driver] Record(s) cannot be read; no read permission on 'MSysObjects'., SQL state 42000 in SQLExecDirect in ....php on line 33 SQL error: [Microsoft][ODBC Microsoft Access Driver] Record(s) cannot be read; no read permission on 'MSysObjects'. i haven't tested this against ASP environment, though. On Fri, Nov 5, 2010 at 7:17 PM, Carlos Gabriel Vergara <car...@gm...> wrote: > I was working with access some time ago, and now that you mention, i > was working on getting metadata for the db. As far as i know, there > are some "system tables", equivalent to sysobjects (mssql) or > information_schema (mysql). Take a look at this article: > > http://www.datanumen.com/aar/articles/system-object.htm > > If i can find my test scripts, i will attach some to the list. > > Best regards, > > > 2010/11/4 Miroslav Stampar <mir...@gm...>: >> hi Ulises. >> >> i am glad to see that someone has started using sqlmap against Access >> databases :) >> >> we've done necessary patches to prevent sqlmap crash in this kind of >> situations, but still, we don't have implemented dumping of tables for >> MS Access (due to non existent way for column enumeration - if someone >> has some idea non-brute force related, please say and we'll try to >> implement it). also, support for this DBMS is still in (early) >> development phase and we hope that we'll finish it in some reasonable >> time. >> >> kr >> >> On Thu, Nov 4, 2010 at 8:05 PM, Ulises2k <uli...@gm...> wrote: >>> >>> [15:30:49] [INFO] using '/root/sqlmap-dev/output/xxxx/session' as session >>> file >>> [15:30:49] [INFO] resuming injection point 'GET' from session file >>> [15:30:49] [INFO] resuming injection parameter 'Id' from session file >>> [15:30:49] [INFO] resuming injection type 'numeric' from session file >>> [15:30:49] [INFO] resuming match ratio '0.9' from session file >>> [15:30:49] [INFO] resuming 0 number of parenthesis from session file >>> [15:30:49] [INFO] resuming back-end DBMS 'microsoft access' from session >>> file >>> [15:30:49] [INFO] testing connection to the target url >>> [15:30:50] [INFO] testing for parenthesis on injectable parameter >>> [15:30:50] [INFO] the back-end DBMS is Microsoft Access >>> web server operating system: Windows 2008 >>> web application technology: ASP.NET, Microsoft IIS 7.5, ASP >>> back-end DBMS: Microsoft Access >>> [15:30:50] [ERROR] cannot retrieve table names, back-end DBMS is Access >>> do you want to use common table existance check? [Y/n/q]Y >>> [15:30:52] [INFO] checking tables existence using items from >>> '/root/sqlmap-dev/txt/common-tables.txt' >>> [15:32:06] [INFO] retrieved: >>> notas >>> [15:57:55] [INFO] tried: 1780/1780 items (100%) >>> >>> [15:57:55] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry your run >>> with the latest development version from the Subversion repository. If the >>> exception persists, please send by e-mail to >>> sql...@li... the command line, the following text and >>> any information needed to reproduce the bug. The developers will try to >>> reproduce the bug, fix it accordingly and get back to you. >>> sqlmap version: 0.9-dev (r2265) >>> Python version: 2.5.2 >>> Operating system: posix >>> Traceback (most recent call last): >>> File "./sqlmap.py", line 79, in main >>> start() >>> File "/root/sqlmap-dev/lib/controller/controller.py", line 298, in start >>> action() >>> File "/root/sqlmap-dev/lib/controller/action.py", line 117, in action >>> conf.dbmsHandler.dumpAll() >>> File "/root/sqlmap-dev/plugins/generic/enumeration.py", line 1263, in >>> dumpAll >>> for db, tables in kb.data.cachedTables.items(): >>> AttributeError: 'list' object has no attribute 'items' >>> >>> >>> ------------------------------------------------------------------------------ >>> The Next 800 Companies to Lead America's Growth: New Video Whitepaper >>> David G. Thomson, author of the best-selling book "Blueprint to a >>> Billion" shares his insights and actions to help propel your >>> business during the next growth cycle. Listen Now! >>> http://p.sf.net/sfu/SAP-dev2dev >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> Location: Zagreb, Croatia >> >> ------------------------------------------------------------------------------ >> The Next 800 Companies to Lead America's Growth: New Video Whitepaper >> David G. Thomson, author of the best-selling book "Blueprint to a >> Billion" shares his insights and actions to help propel your >> business during the next growth cycle. Listen Now! >> http://p.sf.net/sfu/SAP-dev2dev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > --------8<-------- > Carlos Gabriel Vergara > http://www.ThorSecurity.com.ar > > PGP: http://www.ThorSecurity.com.ar/gabrielvergara.pgp > -------->8-------- > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
