Re: [sqlmap-users] Problem with using Webscarab conversations
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Problem with using Webscarab conversations
|
From: Antonios A. <ant...@gm...> - 2011-01-20 11:22:25
|
Thanks for your reply. The problem is that the free version of Burpsuite does not allow to save the spidering results; this is why I rely on webscarab. Thanks again Antonios . 2011/1/20 Miroslav Stampar <mir...@gm...> > LOL > > we've stated that we support WebScarab logs, while we don't :) > > thx for reporting. > > we'll see what we can do. in the mean time you can try to use Burp > which logs we should support most definitely. > > kr > > On Wed, Jan 19, 2011 at 10:19 PM, Miroslav Stampar > <mir...@gm...> wrote: > > Downloading right now. Will report back. > > > > KR > > > > On Wed, Jan 19, 2011 at 9:28 PM, Antonios Atlasis > > <ant...@gm...> wrote: > >> Hi Miroslav and thanks for your answer, > >> > >> I did reproduce the results a couple of times and you can easily do so. > >> > >> My target is the ctf6 lampsec security (you can downloaded from > >> http://sourceforge.net/projects/lampsecurity/). > >> > >> After a very fast browsing, I crawled the rest of the site using > Webscarab. > >> > >> I run the command sqlmap --batch -v 2 -l > ../webscarab-logs/conversations/ > >> > >> sqlmap failed to find any sqli. > >> > >> Then I run sqlmap -u http://192.168.163.128/index.php?id=4 (one of > the > >> vulnerable urls) and it does find the sqli vulnerability. > >> > >> please let me know if you want me to send you any logs. > >> > >> Regards > >> > >> Antonios > >> > >> 2011/1/18 Miroslav Stampar <mir...@gm...> > >>> > >>> Hi Antonios. > >>> > >>> main question is: are you able to reproduce this kind of behavior > again? > >>> > >>> if yes, then sqlmap really has some "bug" and it would be great if you > >>> could (maybe privately) provide is with further details from used > >>> logs. > >>> > >>> if no, thing that comes to my mind and that can screw things up is > >>> "dynamicity". we've worked hard to make a good comparison/detection > >>> engine together with dynamicity removal, but still, pages with lots of > >>> garbaged styles/tags/scripts... can screw things up, especially when > >>> only a small part of the page is affected by injection itself. hence > >>> there are switches like --string and --text-only (removes all > >>> tags/scripts/styles and retrieves only pure text) that can do miracles > >>> in those kind of cases. > >>> > >>> KR > >>> > >>> On Tue, Jan 18, 2011 at 10:04 PM, Antonios Atlasis > >>> <ant...@gm...> wrote: > >>> > > >>> > Hello to the list, > >>> > > >>> > after spidering a site that is vulnerable to SQLi with Webscarab, I > fed > >>> > its > >>> > conversations directory to sqlmap using the -l option. > >>> > sqlmap didn't find any SQLi vulnerable. > >>> > > >>> > Then, I fed a vulnerable URL to sqlmap with the -u option (which URL > was > >>> > also included in the webscarab conversations and it had also been > tested > >>> > before with sqlmap), and sqlmap did found this time the specific SQLi > >>> > vulnerability. > >>> > > >>> > Has anyone else observed a problem using Webscarab conversations? Is > >>> > there > >>> > any tip or trick that I can use in order to solve this problem? > >>> > > >>> > Thanks in advance > >>> > > >>> > Antonios > >>> > > >>> > > >>> > > ------------------------------------------------------------------------------ > >>> > Protect Your Site and Customers from Malware Attacks > >>> > Learn about various malware tactics and how to avoid them. Understand > >>> > malware threats, the impact they can have on your business, and how > you > >>> > can protect your company and customers by using code signing. > >>> > http://p.sf.net/sfu/oracle-sfdevnl > >>> > _______________________________________________ > >>> > sqlmap-users mailing list > >>> > sql...@li... > >>> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > >>> > > >>> > > >>> > >>> > >>> > >>> -- > >>> Miroslav Stampar > >>> > >>> E-mail / Jabber: miroslav.stampar (at) gmail.com > >>> Mobile: +385921010204 (HR 0921010204) > >>> PGP Key ID: 0xB5397B1B > >>> Location: Zagreb, Croatia > >> > >> > >> > > > > > > > > -- > > Miroslav Stampar > > > > E-mail / Jabber: miroslav.stampar (at) gmail.com > > Mobile: +385921010204 (HR 0921010204) > > PGP Key ID: 0xB5397B1B > > Location: Zagreb, Croatia > > > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > |
