Re: [sqlmap-users] Problem with using Webscarab conversations
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Problem with using Webscarab conversations
|
From: Miroslav S. <mir...@gm...> - 2011-01-20 16:16:30
|
...nevertheless you can use -r to load them individually (e.g. ./sqlmap.py -r "./logdirectory/conversations/10-request") kr On Thu, Jan 20, 2011 at 4:57 PM, Miroslav Stampar <mir...@gm...> wrote: > hi. > > with last commit you can find support for WebScarab log files. if you > find any "problems" related please report. > > only one warning: you won't be able to process POST requests as > WebScarab "smartly" stores their bodies in separate files. > > kr > > On Thu, Jan 20, 2011 at 12:32 PM, Miroslav Stampar > <mir...@gm...> wrote: >> hi Antonios. >> >> no worry. gonna fix it probably today. >> >> kr >> >> On Thu, Jan 20, 2011 at 12:22 PM, Antonios Atlasis >> <ant...@gm...> wrote: >>> Thanks for your reply. >>> >>> The problem is that the free version of Burpsuite does not allow to save the >>> spidering results; this is why I rely on webscarab. >>> >>> Thanks again >>> >>> Antonios >>> . >>> 2011/1/20 Miroslav Stampar <mir...@gm...> >>>> >>>> LOL >>>> >>>> we've stated that we support WebScarab logs, while we don't :) >>>> >>>> thx for reporting. >>>> >>>> we'll see what we can do. in the mean time you can try to use Burp >>>> which logs we should support most definitely. >>>> >>>> kr >>>> >>>> On Wed, Jan 19, 2011 at 10:19 PM, Miroslav Stampar >>>> <mir...@gm...> wrote: >>>> > Downloading right now. Will report back. >>>> > >>>> > KR >>>> > >>>> > On Wed, Jan 19, 2011 at 9:28 PM, Antonios Atlasis >>>> > <ant...@gm...> wrote: >>>> >> Hi Miroslav and thanks for your answer, >>>> >> >>>> >> I did reproduce the results a couple of times and you can easily do so. >>>> >> >>>> >> My target is the ctf6 lampsec security (you can downloaded from >>>> >> http://sourceforge.net/projects/lampsecurity/). >>>> >> >>>> >> After a very fast browsing, I crawled the rest of the site using >>>> >> Webscarab. >>>> >> >>>> >> I run the command sqlmap --batch -v 2 -l >>>> >> ../webscarab-logs/conversations/ >>>> >> >>>> >> sqlmap failed to find any sqli. >>>> >> >>>> >> Then I run sqlmap -u http://192.168.163.128/index.php?id=4 (one of >>>> >> the >>>> >> vulnerable urls) and it does find the sqli vulnerability. >>>> >> >>>> >> please let me know if you want me to send you any logs. >>>> >> >>>> >> Regards >>>> >> >>>> >> Antonios >>>> >> >>>> >> 2011/1/18 Miroslav Stampar <mir...@gm...> >>>> >>> >>>> >>> Hi Antonios. >>>> >>> >>>> >>> main question is: are you able to reproduce this kind of behavior >>>> >>> again? >>>> >>> >>>> >>> if yes, then sqlmap really has some "bug" and it would be great if you >>>> >>> could (maybe privately) provide is with further details from used >>>> >>> logs. >>>> >>> >>>> >>> if no, thing that comes to my mind and that can screw things up is >>>> >>> "dynamicity". we've worked hard to make a good comparison/detection >>>> >>> engine together with dynamicity removal, but still, pages with lots of >>>> >>> garbaged styles/tags/scripts... can screw things up, especially when >>>> >>> only a small part of the page is affected by injection itself. hence >>>> >>> there are switches like --string and --text-only (removes all >>>> >>> tags/scripts/styles and retrieves only pure text) that can do miracles >>>> >>> in those kind of cases. >>>> >>> >>>> >>> KR >>>> >>> >>>> >>> On Tue, Jan 18, 2011 at 10:04 PM, Antonios Atlasis >>>> >>> <ant...@gm...> wrote: >>>> >>> > >>>> >>> > Hello to the list, >>>> >>> > >>>> >>> > after spidering a site that is vulnerable to SQLi with Webscarab, I >>>> >>> > fed >>>> >>> > its >>>> >>> > conversations directory to sqlmap using the -l option. >>>> >>> > sqlmap didn't find any SQLi vulnerable. >>>> >>> > >>>> >>> > Then, I fed a vulnerable URL to sqlmap with the -u option (which URL >>>> >>> > was >>>> >>> > also included in the webscarab conversations and it had also been >>>> >>> > tested >>>> >>> > before with sqlmap), and sqlmap did found this time the specific >>>> >>> > SQLi >>>> >>> > vulnerability. >>>> >>> > >>>> >>> > Has anyone else observed a problem using Webscarab conversations? Is >>>> >>> > there >>>> >>> > any tip or trick that I can use in order to solve this problem? >>>> >>> > >>>> >>> > Thanks in advance >>>> >>> > >>>> >>> > Antonios >>>> >>> > >>>> >>> > >>>> >>> > >>>> >>> > ------------------------------------------------------------------------------ >>>> >>> > Protect Your Site and Customers from Malware Attacks >>>> >>> > Learn about various malware tactics and how to avoid them. >>>> >>> > Understand >>>> >>> > malware threats, the impact they can have on your business, and how >>>> >>> > you >>>> >>> > can protect your company and customers by using code signing. >>>> >>> > http://p.sf.net/sfu/oracle-sfdevnl >>>> >>> > _______________________________________________ >>>> >>> > sqlmap-users mailing list >>>> >>> > sql...@li... >>>> >>> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>> > >>>> >>> > >>>> >>> >>>> >>> >>>> >>> >>>> >>> -- >>>> >>> Miroslav Stampar >>>> >>> >>>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>>> >>> Mobile: +385921010204 (HR 0921010204) >>>> >>> PGP Key ID: 0xB5397B1B >>>> >>> Location: Zagreb, Croatia >>>> >> >>>> >> >>>> >> >>>> > >>>> > >>>> > >>>> > -- >>>> > Miroslav Stampar >>>> > >>>> > E-mail / Jabber: miroslav.stampar (at) gmail.com >>>> > Mobile: +385921010204 (HR 0921010204) >>>> > PGP Key ID: 0xB5397B1B >>>> > Location: Zagreb, Croatia >>>> > >>>> >>>> >>>> >>>> -- >>>> Miroslav Stampar >>>> >>>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>>> Mobile: +385921010204 (HR 0921010204) >>>> PGP Key ID: 0xB5397B1B >>>> Location: Zagreb, Croatia >>> >>> >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> Location: Zagreb, Croatia >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
