[sqlmap-users] Bug
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Bug
|
From: <nig...@em...> - 2011-01-11 00:28:19
|
Hi, I found a new bug ;) C:\pentest\p\sqlmap-0.9-1>sqlmap -u "http://xxxxxxx.xxx/favorites.php?id=1219&action=0&t=p&u=2433" --auth-type=basic --auth-cred=xxxx:xxxx -a C:\user-agents.txt --level 5 --risk 3 --dump -D xxxxxx -T user -C xxxxx,xxxx,xxxx [01:08:12] [WARNING] Ctrl+C detected in dumping phase recognized possible password hash values. do you want to use dictionary attack on retrieved table it ems? [Y/n/q] y [01:08:17] [INFO] using hash method: 'md5_generic_passwd' what's the dictionary's location? [C:\pentest\p\sqlmap-0.9-1\t xt\wordlist.txt] [01:08:20] [INFO] loading dictionary from: 'C:\pentest\p\sqlma p-0.9-1\txt\wordlist.txt' [01:08:22] [INFO] starting dictionary attack (md5_generic_passwd) [01:12:45] [INFO] 278133/277952 words (100%) [01:12:45] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry your run with the latest developm ent version from the Subversion repository. If the exception persists, please send by e-mail to sqlm ap-...@li... the command line, the following text and any information needed to re produce the bug. The developers will try to reproduce the bug, fix it accordingly and get back to yo u. sqlmap version: 0.9-dev Python version: 2.6.6 Operating system: nt Traceback (most recent call last): File "C:\pentest\p\sqlmap-0.9-1\sqlmap.py", line 83, in main start() File "C:\pentest\p\sqlmap-0.9-1\lib\controller\controller.py ", line 405, in start action() File "C:\pentest\p\sqlmap-0.9-1\lib\controller\action.py", l ine 107, in action conf.dumper.dbTableValues(conf.dbmsHandler.dumpTable()) File "C:\pentest\p\sqlmap-0.9-1\plugins\generic\enumeration. py", line 1383, in dumpTable attackDumpedTable() File "C:\pentest\p\sqlmap-0.9-1\lib\utils\hash.py", line 248 , in attackDumpedTable results = dictionaryAttack(attack_dict) File "C:\pentest\p\sqlmap-0.9-1\lib\utils\hash.py", line 351 , in dictionaryAttack current = __functions__[hash_regex](password = word, uppercase = False) File "C:\pentest\p\sqlmap-0.9-1\lib\utils\hash.py", line 170 , in md5_generic_passwd retVal = md5(password).hexdigest() UnicodeEncodeError: 'ascii' codec can't encode characters in position 0-1: ordinal not in range(128) [*] shutting down at: 01:12:46 |
