Re: [sqlmap-users] Problem with using Webscarab conversations
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Problem with using Webscarab conversations
|
From: Miroslav S. <mir...@gm...> - 2011-01-19 23:59:22
|
LOL we've stated that we support WebScarab logs, while we don't :) thx for reporting. we'll see what we can do. in the mean time you can try to use Burp which logs we should support most definitely. kr On Wed, Jan 19, 2011 at 10:19 PM, Miroslav Stampar <mir...@gm...> wrote: > Downloading right now. Will report back. > > KR > > On Wed, Jan 19, 2011 at 9:28 PM, Antonios Atlasis > <ant...@gm...> wrote: >> Hi Miroslav and thanks for your answer, >> >> I did reproduce the results a couple of times and you can easily do so. >> >> My target is the ctf6 lampsec security (you can downloaded from >> http://sourceforge.net/projects/lampsecurity/). >> >> After a very fast browsing, I crawled the rest of the site using Webscarab. >> >> I run the command sqlmap --batch -v 2 -l ../webscarab-logs/conversations/ >> >> sqlmap failed to find any sqli. >> >> Then I run sqlmap -u http://192.168.163.128/index.php?id=4 (one of the >> vulnerable urls) and it does find the sqli vulnerability. >> >> please let me know if you want me to send you any logs. >> >> Regards >> >> Antonios >> >> 2011/1/18 Miroslav Stampar <mir...@gm...> >>> >>> Hi Antonios. >>> >>> main question is: are you able to reproduce this kind of behavior again? >>> >>> if yes, then sqlmap really has some "bug" and it would be great if you >>> could (maybe privately) provide is with further details from used >>> logs. >>> >>> if no, thing that comes to my mind and that can screw things up is >>> "dynamicity". we've worked hard to make a good comparison/detection >>> engine together with dynamicity removal, but still, pages with lots of >>> garbaged styles/tags/scripts... can screw things up, especially when >>> only a small part of the page is affected by injection itself. hence >>> there are switches like --string and --text-only (removes all >>> tags/scripts/styles and retrieves only pure text) that can do miracles >>> in those kind of cases. >>> >>> KR >>> >>> On Tue, Jan 18, 2011 at 10:04 PM, Antonios Atlasis >>> <ant...@gm...> wrote: >>> > >>> > Hello to the list, >>> > >>> > after spidering a site that is vulnerable to SQLi with Webscarab, I fed >>> > its >>> > conversations directory to sqlmap using the -l option. >>> > sqlmap didn't find any SQLi vulnerable. >>> > >>> > Then, I fed a vulnerable URL to sqlmap with the -u option (which URL was >>> > also included in the webscarab conversations and it had also been tested >>> > before with sqlmap), and sqlmap did found this time the specific SQLi >>> > vulnerability. >>> > >>> > Has anyone else observed a problem using Webscarab conversations? Is >>> > there >>> > any tip or trick that I can use in order to solve this problem? >>> > >>> > Thanks in advance >>> > >>> > Antonios >>> > >>> > >>> > ------------------------------------------------------------------------------ >>> > Protect Your Site and Customers from Malware Attacks >>> > Learn about various malware tactics and how to avoid them. Understand >>> > malware threats, the impact they can have on your business, and how you >>> > can protect your company and customers by using code signing. >>> > http://p.sf.net/sfu/oracle-sfdevnl >>> > _______________________________________________ >>> > sqlmap-users mailing list >>> > sql...@li... >>> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> > >>> > >>> >>> >>> >>> -- >>> Miroslav Stampar >>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> Mobile: +385921010204 (HR 0921010204) >>> PGP Key ID: 0xB5397B1B >>> Location: Zagreb, Croatia >> >> >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
