Re: [sqlmap-users] Problem with using Webscarab conversations
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Problem with using Webscarab conversations
|
From: Miroslav S. <mir...@gm...> - 2011-01-20 11:32:34
|
hi Antonios. no worry. gonna fix it probably today. kr On Thu, Jan 20, 2011 at 12:22 PM, Antonios Atlasis <ant...@gm...> wrote: > Thanks for your reply. > > The problem is that the free version of Burpsuite does not allow to save the > spidering results; this is why I rely on webscarab. > > Thanks again > > Antonios > . > 2011/1/20 Miroslav Stampar <mir...@gm...> >> >> LOL >> >> we've stated that we support WebScarab logs, while we don't :) >> >> thx for reporting. >> >> we'll see what we can do. in the mean time you can try to use Burp >> which logs we should support most definitely. >> >> kr >> >> On Wed, Jan 19, 2011 at 10:19 PM, Miroslav Stampar >> <mir...@gm...> wrote: >> > Downloading right now. Will report back. >> > >> > KR >> > >> > On Wed, Jan 19, 2011 at 9:28 PM, Antonios Atlasis >> > <ant...@gm...> wrote: >> >> Hi Miroslav and thanks for your answer, >> >> >> >> I did reproduce the results a couple of times and you can easily do so. >> >> >> >> My target is the ctf6 lampsec security (you can downloaded from >> >> http://sourceforge.net/projects/lampsecurity/). >> >> >> >> After a very fast browsing, I crawled the rest of the site using >> >> Webscarab. >> >> >> >> I run the command sqlmap --batch -v 2 -l >> >> ../webscarab-logs/conversations/ >> >> >> >> sqlmap failed to find any sqli. >> >> >> >> Then I run sqlmap -u http://192.168.163.128/index.php?id=4 (one of >> >> the >> >> vulnerable urls) and it does find the sqli vulnerability. >> >> >> >> please let me know if you want me to send you any logs. >> >> >> >> Regards >> >> >> >> Antonios >> >> >> >> 2011/1/18 Miroslav Stampar <mir...@gm...> >> >>> >> >>> Hi Antonios. >> >>> >> >>> main question is: are you able to reproduce this kind of behavior >> >>> again? >> >>> >> >>> if yes, then sqlmap really has some "bug" and it would be great if you >> >>> could (maybe privately) provide is with further details from used >> >>> logs. >> >>> >> >>> if no, thing that comes to my mind and that can screw things up is >> >>> "dynamicity". we've worked hard to make a good comparison/detection >> >>> engine together with dynamicity removal, but still, pages with lots of >> >>> garbaged styles/tags/scripts... can screw things up, especially when >> >>> only a small part of the page is affected by injection itself. hence >> >>> there are switches like --string and --text-only (removes all >> >>> tags/scripts/styles and retrieves only pure text) that can do miracles >> >>> in those kind of cases. >> >>> >> >>> KR >> >>> >> >>> On Tue, Jan 18, 2011 at 10:04 PM, Antonios Atlasis >> >>> <ant...@gm...> wrote: >> >>> > >> >>> > Hello to the list, >> >>> > >> >>> > after spidering a site that is vulnerable to SQLi with Webscarab, I >> >>> > fed >> >>> > its >> >>> > conversations directory to sqlmap using the -l option. >> >>> > sqlmap didn't find any SQLi vulnerable. >> >>> > >> >>> > Then, I fed a vulnerable URL to sqlmap with the -u option (which URL >> >>> > was >> >>> > also included in the webscarab conversations and it had also been >> >>> > tested >> >>> > before with sqlmap), and sqlmap did found this time the specific >> >>> > SQLi >> >>> > vulnerability. >> >>> > >> >>> > Has anyone else observed a problem using Webscarab conversations? Is >> >>> > there >> >>> > any tip or trick that I can use in order to solve this problem? >> >>> > >> >>> > Thanks in advance >> >>> > >> >>> > Antonios >> >>> > >> >>> > >> >>> > >> >>> > ------------------------------------------------------------------------------ >> >>> > Protect Your Site and Customers from Malware Attacks >> >>> > Learn about various malware tactics and how to avoid them. >> >>> > Understand >> >>> > malware threats, the impact they can have on your business, and how >> >>> > you >> >>> > can protect your company and customers by using code signing. >> >>> > http://p.sf.net/sfu/oracle-sfdevnl >> >>> > _______________________________________________ >> >>> > sqlmap-users mailing list >> >>> > sql...@li... >> >>> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >>> > >> >>> > >> >>> >> >>> >> >>> >> >>> -- >> >>> Miroslav Stampar >> >>> >> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >> >>> Mobile: +385921010204 (HR 0921010204) >> >>> PGP Key ID: 0xB5397B1B >> >>> Location: Zagreb, Croatia >> >> >> >> >> >> >> > >> > >> > >> > -- >> > Miroslav Stampar >> > >> > E-mail / Jabber: miroslav.stampar (at) gmail.com >> > Mobile: +385921010204 (HR 0921010204) >> > PGP Key ID: 0xB5397B1B >> > Location: Zagreb, Croatia >> > >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> Location: Zagreb, Croatia > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
