Re: [sqlmap-users] Bug
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Bug
|
From: Miroslav S. <mir...@gm...> - 2011-01-11 12:28:28
|
hi nightman. thx again for a bug report. could you please update to the latest revision and try it again. now there should be a "critical" message like this: [13:22:26] [CRITICAL] there was a problem while hashing entry: 'blalblalb'. Please report by e-mail to sql...@li.... i am would really like to know which entry was giving you problems :) kr On Tue, Jan 11, 2011 at 1:28 AM, <nig...@em...> wrote: > Hi, > > I found a new bug ;) > > C:\pentest\p\sqlmap-0.9-1>sqlmap -u " > http://xxxxxxx.xxx/favorites.php?id=1219&action=0&t=p&u=2433" > --auth-type=basic --auth-cred=xxxx:xxxx -a C:\user-agents.txt --level 5 > --risk 3 --dump -D xxxxxx -T user -C xxxxx,xxxx,xxxx > > [01:08:12] [WARNING] Ctrl+C detected in dumping phase > recognized possible password hash values. do you want to use dictionary > attack on retrieved table it > ems? [Y/n/q] y > [01:08:17] [INFO] using hash method: 'md5_generic_passwd' > what's the dictionary's location? [C:\pentest\p\sqlmap-0.9-1\t > xt\wordlist.txt] > [01:08:20] [INFO] loading dictionary from: 'C:\pentest\p\sqlma > p-0.9-1\txt\wordlist.txt' > [01:08:22] [INFO] starting dictionary attack (md5_generic_passwd) > [01:12:45] [INFO] 278133/277952 words (100%) > [01:12:45] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry your run > with the latest developm > ent version from the Subversion repository. If the exception persists, > please send by e-mail to sqlm > ap-...@li... the command line, the following text and > any information needed to re > produce the bug. The developers will try to reproduce the bug, fix it > accordingly and get back to yo > u. > sqlmap version: 0.9-dev > Python version: 2.6.6 > Operating system: nt > Traceback (most recent call last): > File "C:\pentest\p\sqlmap-0.9-1\sqlmap.py", line 83, in main > > start() > File "C:\pentest\p\sqlmap-0.9-1\lib\controller\controller.py > ", line 405, in start > action() > File "C:\pentest\p\sqlmap-0.9-1\lib\controller\action.py", l > ine 107, in action > conf.dumper.dbTableValues(conf.dbmsHandler.dumpTable()) > File "C:\pentest\p\sqlmap-0.9-1\plugins\generic\enumeration. > py", line 1383, in dumpTable > attackDumpedTable() > File "C:\pentest\p\sqlmap-0.9-1\lib\utils\hash.py", line 248 > , in attackDumpedTable > results = dictionaryAttack(attack_dict) > File "C:\pentest\p\sqlmap-0.9-1\lib\utils\hash.py", line 351 > , in dictionaryAttack > current = __functions__[hash_regex](password = word, uppercase = False) > File "C:\pentest\p\sqlmap-0.9-1\lib\utils\hash.py", line 170 > , in md5_generic_passwd > retVal = md5(password).hexdigest() > UnicodeEncodeError: 'ascii' codec can't encode characters in position 0-1: > ordinal not in range(128) > > > [*] shutting down at: 01:12:46 > > > ------------------------------------------------------------------------------ > Gaining the trust of online customers is vital for the success of any > company > that requires sensitive data to be transmitted over the Web. Learn how to > best implement a security strategy that keeps consumers' information secure > and instills the confidence they need to proceed with transactions. > http://p.sf.net/sfu/oracle-sfdevnl > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
