Re: [sqlmap-users] Problem with using Webscarab conversations
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Problem with using Webscarab conversations
|
From: Miroslav S. <mir...@gm...> - 2011-01-20 15:58:04
|
hi. with last commit you can find support for WebScarab log files. if you find any "problems" related please report. only one warning: you won't be able to process POST requests as WebScarab "smartly" stores their bodies in separate files. kr On Thu, Jan 20, 2011 at 12:32 PM, Miroslav Stampar <mir...@gm...> wrote: > hi Antonios. > > no worry. gonna fix it probably today. > > kr > > On Thu, Jan 20, 2011 at 12:22 PM, Antonios Atlasis > <ant...@gm...> wrote: >> Thanks for your reply. >> >> The problem is that the free version of Burpsuite does not allow to save the >> spidering results; this is why I rely on webscarab. >> >> Thanks again >> >> Antonios >> . >> 2011/1/20 Miroslav Stampar <mir...@gm...> >>> >>> LOL >>> >>> we've stated that we support WebScarab logs, while we don't :) >>> >>> thx for reporting. >>> >>> we'll see what we can do. in the mean time you can try to use Burp >>> which logs we should support most definitely. >>> >>> kr >>> >>> On Wed, Jan 19, 2011 at 10:19 PM, Miroslav Stampar >>> <mir...@gm...> wrote: >>> > Downloading right now. Will report back. >>> > >>> > KR >>> > >>> > On Wed, Jan 19, 2011 at 9:28 PM, Antonios Atlasis >>> > <ant...@gm...> wrote: >>> >> Hi Miroslav and thanks for your answer, >>> >> >>> >> I did reproduce the results a couple of times and you can easily do so. >>> >> >>> >> My target is the ctf6 lampsec security (you can downloaded from >>> >> http://sourceforge.net/projects/lampsecurity/). >>> >> >>> >> After a very fast browsing, I crawled the rest of the site using >>> >> Webscarab. >>> >> >>> >> I run the command sqlmap --batch -v 2 -l >>> >> ../webscarab-logs/conversations/ >>> >> >>> >> sqlmap failed to find any sqli. >>> >> >>> >> Then I run sqlmap -u http://192.168.163.128/index.php?id=4 (one of >>> >> the >>> >> vulnerable urls) and it does find the sqli vulnerability. >>> >> >>> >> please let me know if you want me to send you any logs. >>> >> >>> >> Regards >>> >> >>> >> Antonios >>> >> >>> >> 2011/1/18 Miroslav Stampar <mir...@gm...> >>> >>> >>> >>> Hi Antonios. >>> >>> >>> >>> main question is: are you able to reproduce this kind of behavior >>> >>> again? >>> >>> >>> >>> if yes, then sqlmap really has some "bug" and it would be great if you >>> >>> could (maybe privately) provide is with further details from used >>> >>> logs. >>> >>> >>> >>> if no, thing that comes to my mind and that can screw things up is >>> >>> "dynamicity". we've worked hard to make a good comparison/detection >>> >>> engine together with dynamicity removal, but still, pages with lots of >>> >>> garbaged styles/tags/scripts... can screw things up, especially when >>> >>> only a small part of the page is affected by injection itself. hence >>> >>> there are switches like --string and --text-only (removes all >>> >>> tags/scripts/styles and retrieves only pure text) that can do miracles >>> >>> in those kind of cases. >>> >>> >>> >>> KR >>> >>> >>> >>> On Tue, Jan 18, 2011 at 10:04 PM, Antonios Atlasis >>> >>> <ant...@gm...> wrote: >>> >>> > >>> >>> > Hello to the list, >>> >>> > >>> >>> > after spidering a site that is vulnerable to SQLi with Webscarab, I >>> >>> > fed >>> >>> > its >>> >>> > conversations directory to sqlmap using the -l option. >>> >>> > sqlmap didn't find any SQLi vulnerable. >>> >>> > >>> >>> > Then, I fed a vulnerable URL to sqlmap with the -u option (which URL >>> >>> > was >>> >>> > also included in the webscarab conversations and it had also been >>> >>> > tested >>> >>> > before with sqlmap), and sqlmap did found this time the specific >>> >>> > SQLi >>> >>> > vulnerability. >>> >>> > >>> >>> > Has anyone else observed a problem using Webscarab conversations? Is >>> >>> > there >>> >>> > any tip or trick that I can use in order to solve this problem? >>> >>> > >>> >>> > Thanks in advance >>> >>> > >>> >>> > Antonios >>> >>> > >>> >>> > >>> >>> > >>> >>> > ------------------------------------------------------------------------------ >>> >>> > Protect Your Site and Customers from Malware Attacks >>> >>> > Learn about various malware tactics and how to avoid them. >>> >>> > Understand >>> >>> > malware threats, the impact they can have on your business, and how >>> >>> > you >>> >>> > can protect your company and customers by using code signing. >>> >>> > http://p.sf.net/sfu/oracle-sfdevnl >>> >>> > _______________________________________________ >>> >>> > sqlmap-users mailing list >>> >>> > sql...@li... >>> >>> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> > >>> >>> > >>> >>> >>> >>> >>> >>> >>> >>> -- >>> >>> Miroslav Stampar >>> >>> >>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> >>> Mobile: +385921010204 (HR 0921010204) >>> >>> PGP Key ID: 0xB5397B1B >>> >>> Location: Zagreb, Croatia >>> >> >>> >> >>> >> >>> > >>> > >>> > >>> > -- >>> > Miroslav Stampar >>> > >>> > E-mail / Jabber: miroslav.stampar (at) gmail.com >>> > Mobile: +385921010204 (HR 0921010204) >>> > PGP Key ID: 0xB5397B1B >>> > Location: Zagreb, Croatia >>> > >>> >>> >>> >>> -- >>> Miroslav Stampar >>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> Mobile: +385921010204 (HR 0921010204) >>> PGP Key ID: 0xB5397B1B >>> Location: Zagreb, Croatia >> >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
