Re: [sqlmap-users] SQL MS-Access report bug
Brought to you by:
inquisb
From: Miroslav S. <mir...@gm...> - 2010-11-06 00:54:43
|
according to http://forums.aspfree.com/microsoft-sql-server-14/what-prevents-me-from-reading-the-msysobjects-tbl-17321.html user needs to explicitly add permissions for querying of system tables (to all). as I am not fully aware how much people do this, I am left pretty undecided :) On Sat, Nov 6, 2010 at 1:47 AM, Miroslav Stampar <mir...@gm...> wrote: > well, > > SELECT Name FROM MSysObjects WHERE Type = 1 > > (we already have it in ./xml/queries.xml) > > should basically get you this kind of information, but as I've > understood querying it from outside the MS Access environment (web > browser, ODBC connection) should result in: > > .....id=1 AND EXISTS(SELECT * FROM MSysObjects) > > Warning: odbc_exec() [function.odbc-exec]: SQL error: [Microsoft][ODBC > Microsoft Access Driver] Record(s) cannot be read; no read permission > on 'MSysObjects'., SQL state 42000 in SQLExecDirect in ....php on line > 33 > SQL error: [Microsoft][ODBC Microsoft Access Driver] Record(s) cannot > be read; no read permission on 'MSysObjects'. > > i haven't tested this against ASP environment, though. > > On Fri, Nov 5, 2010 at 7:17 PM, Carlos Gabriel Vergara > <car...@gm...> wrote: >> I was working with access some time ago, and now that you mention, i >> was working on getting metadata for the db. As far as i know, there >> are some "system tables", equivalent to sysobjects (mssql) or >> information_schema (mysql). Take a look at this article: >> >> http://www.datanumen.com/aar/articles/system-object.htm >> >> If i can find my test scripts, i will attach some to the list. >> >> Best regards, >> >> >> 2010/11/4 Miroslav Stampar <mir...@gm...>: >>> hi Ulises. >>> >>> i am glad to see that someone has started using sqlmap against Access >>> databases :) >>> >>> we've done necessary patches to prevent sqlmap crash in this kind of >>> situations, but still, we don't have implemented dumping of tables for >>> MS Access (due to non existent way for column enumeration - if someone >>> has some idea non-brute force related, please say and we'll try to >>> implement it). also, support for this DBMS is still in (early) >>> development phase and we hope that we'll finish it in some reasonable >>> time. >>> >>> kr >>> >>> On Thu, Nov 4, 2010 at 8:05 PM, Ulises2k <uli...@gm...> wrote: >>>> >>>> [15:30:49] [INFO] using '/root/sqlmap-dev/output/xxxx/session' as session >>>> file >>>> [15:30:49] [INFO] resuming injection point 'GET' from session file >>>> [15:30:49] [INFO] resuming injection parameter 'Id' from session file >>>> [15:30:49] [INFO] resuming injection type 'numeric' from session file >>>> [15:30:49] [INFO] resuming match ratio '0.9' from session file >>>> [15:30:49] [INFO] resuming 0 number of parenthesis from session file >>>> [15:30:49] [INFO] resuming back-end DBMS 'microsoft access' from session >>>> file >>>> [15:30:49] [INFO] testing connection to the target url >>>> [15:30:50] [INFO] testing for parenthesis on injectable parameter >>>> [15:30:50] [INFO] the back-end DBMS is Microsoft Access >>>> web server operating system: Windows 2008 >>>> web application technology: ASP.NET, Microsoft IIS 7.5, ASP >>>> back-end DBMS: Microsoft Access >>>> [15:30:50] [ERROR] cannot retrieve table names, back-end DBMS is Access >>>> do you want to use common table existance check? [Y/n/q]Y >>>> [15:30:52] [INFO] checking tables existence using items from >>>> '/root/sqlmap-dev/txt/common-tables.txt' >>>> [15:32:06] [INFO] retrieved: >>>> notas >>>> [15:57:55] [INFO] tried: 1780/1780 items (100%) >>>> >>>> [15:57:55] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry your run >>>> with the latest development version from the Subversion repository. If the >>>> exception persists, please send by e-mail to >>>> sql...@li... the command line, the following text and >>>> any information needed to reproduce the bug. The developers will try to >>>> reproduce the bug, fix it accordingly and get back to you. >>>> sqlmap version: 0.9-dev (r2265) >>>> Python version: 2.5.2 >>>> Operating system: posix >>>> Traceback (most recent call last): >>>> File "./sqlmap.py", line 79, in main >>>> start() >>>> File "/root/sqlmap-dev/lib/controller/controller.py", line 298, in start >>>> action() >>>> File "/root/sqlmap-dev/lib/controller/action.py", line 117, in action >>>> conf.dbmsHandler.dumpAll() >>>> File "/root/sqlmap-dev/plugins/generic/enumeration.py", line 1263, in >>>> dumpAll >>>> for db, tables in kb.data.cachedTables.items(): >>>> AttributeError: 'list' object has no attribute 'items' >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> The Next 800 Companies to Lead America's Growth: New Video Whitepaper >>>> David G. Thomson, author of the best-selling book "Blueprint to a >>>> Billion" shares his insights and actions to help propel your >>>> business during the next growth cycle. Listen Now! >>>> http://p.sf.net/sfu/SAP-dev2dev >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> Mobile: +385921010204 (HR 0921010204) >>> PGP Key ID: 0xB5397B1B >>> Location: Zagreb, Croatia >>> >>> ------------------------------------------------------------------------------ >>> The Next 800 Companies to Lead America's Growth: New Video Whitepaper >>> David G. Thomson, author of the best-selling book "Blueprint to a >>> Billion" shares his insights and actions to help propel your >>> business during the next growth cycle. Listen Now! >>> http://p.sf.net/sfu/SAP-dev2dev >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >> >> >> >> -- >> --------8<-------- >> Carlos Gabriel Vergara >> http://www.ThorSecurity.com.ar >> >> PGP: http://www.ThorSecurity.com.ar/gabrielvergara.pgp >> -------->8-------- >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |