Re: [sqlmap-users] Memory problems
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Memory problems
|
From: Bernardo D. A. G. <ber...@gm...> - 2011-02-02 09:47:05
|
Now also UNION query technique take into account --start and --stop, like other techniques. Bernardo On 28 January 2011 15:12, Miroslav Stampar <mir...@gm...> wrote: > yes, Bernardo warned me about this yesterday night :) > > we'll try to find something > > kr > > On Fri, Jan 28, 2011 at 4:02 PM, David Guimaraes <sk...@gm...> wrote: >> --start and --stop are not working >> >> Sqlmap just ignore these parameter. i think when used with union injection >> technique, these parameters are ignored(??). tried with --start 1 and --stop >> 20. >> >> >> On Thu, Jan 27, 2011 at 6:04 PM, Miroslav Stampar >> <mir...@gm...> wrote: >>> >>> in the mean time you can try to use these: >>> >>> --start=LIMITSTART First query output entry to retrieve >>> --stop=LIMITSTOP Last query output entry to retrieve >>> >>> kr >>> >>> On Thu, Jan 27, 2011 at 8:55 PM, Miroslav Stampar >>> <mir...@gm...> wrote: >>> > http://mail.python.org/pipermail/mailman-users/2005-October/047436.html >>> > >>> > "A MemoryError exception is a built-in Python exception "Raised when an >>> > operation runs out of memory but the situation may still be rescued >>> > (by deleting some objects)." >>> > >>> > How many members does this list have? According to the FAQ, the largest >>> > list reported to date has 147,000 members and presumably works. >>> > Possibly something in the cPanel implementation or your particular >>> > installation limits this to a greater degree." >>> > >>> > now, this messes our concept a bit but we'll try to adapt. >>> > >>> > kr >>> > >>> > On Thu, Jan 27, 2011 at 8:45 PM, Miroslav Stampar >>> > <mir...@gm...> wrote: >>> >> LOL (50,350 entries in the table and 48 columns) >>> >> >>> >> we'll try to make some tests regarding this and report accordingly. >>> >> haven't planed this kind of "huge" data retrievals :) >>> >> >>> >> kr >>> >> >>> >> On Thu, Jan 27, 2011 at 8:40 PM, David Guimaraes <sk...@gm...> >>> >> wrote: >>> >>> # ./sqlmap.py --method post --cookie >>> >>> "PHPSESSID=7i2j7ou46iu4c62xxx4kemiql6" >>> >>> --data "vulnparam=6" -u "http://www.vulnsite.com/intranet/vulnphp.php" >>> >>> -v 3 >>> >>> -D nomes -T class --dump >>> >>> >>> >>> sqlmap/0.9-dev - automatic SQL injection and database takeover >>> >>> tool >>> >>> http://sqlmap.sourceforge.net >>> >>> >>> >>> [*] starting at: 16:58:05 >>> >>> >>> >>> [16:58:05] [DEBUG] cleaning up configuration parameters >>> >>> [16:58:05] [DEBUG] setting the HTTP timeout >>> >>> [16:58:05] [DEBUG] setting the HTTP Cookie header >>> >>> [16:58:05] [DEBUG] setting the HTTP method to POST >>> >>> [16:58:05] [DEBUG] creating HTTP requests opener object >>> >>> [16:58:05] [INFO] using >>> >>> '/home/kkk/sqlmap-dev/output/www.vulnsite.com/session' as session file >>> >>> [16:58:05] [INFO] resuming injection data from session file >>> >>> [16:58:05] [INFO] resuming back-end DBMS 'mysql 5.0' from session file >>> >>> [16:58:05] [INFO] testing connection to the target url >>> >>> you provided an HTTP Cookie header value. The target url provided its >>> >>> own >>> >>> Cookie within the HTTP Set-Cookie header. Do you want to continue >>> >>> using the >>> >>> HTTP Cookie values that you provided? [Y/n] >>> >>> sqlmap identified the following injection points with a total of 0 >>> >>> HTTP(s) >>> >>> requests: >>> >>> --- >>> >>> Place: POST >>> >>> Parameter: vulnparam >>> >>> Type: boolean-based blind >>> >>> Title: AND boolean-based blind - WHERE or HAVING clause >>> >>> Payload: vulnparam=6 AND 5647=5647 >>> >>> >>> >>> Type: error-based >>> >>> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause >>> >>> Payload: vulnparam=6 AND (SELECT 714 FROM(SELECT >>> >>> COUNT(*),CONCAT(CHAR(58,111,106,112,58),(SELECT (CASE WHEN (714=714) >>> >>> THEN 1 >>> >>> ELSE 0 END)),CHAR(58,99,99,109,58),FLOOR(RAND(0)*2))x FROM >>> >>> information_schema.tables GROUP BY x)a) >>> >>> >>> >>> Type: UNION query >>> >>> Title: MySQL UNION query (NULL) - 4 to 7 columns >>> >>> Payload: vulnparam=6 UNION ALL SELECT NULL, NULL, >>> >>> CONCAT(CHAR(58,111,106,112,58),IFNULL(CAST(CHAR(101,76,89,111) AS >>> >>> CHAR), >>> >>> CHAR(32)),CHAR(58,99,99,109,58)), NULL, NULL# >>> >>> >>> >>> Type: AND/OR time-based blind >>> >>> Title: MySQL > 5.0.11 AND time-based blind >>> >>> Payload: vulnparam=6 AND SLEEP(5) >>> >>> --- >>> >>> >>> >>> [16:58:06] [INFO] the back-end DBMS is MySQL >>> >>> >>> >>> web application technology: PHP 5.3.2 >>> >>> back-end DBMS: MySQL 5.0 >>> >>> [16:58:06] [INFO] fetching columns for table 'class' on database >>> >>> 'nomes' >>> >>> [16:58:06] [INFO] read from file >>> >>> '/home/kkk/sqlmap-dev/output/www.vulnsite.com/session': vulncolumns >>> >>> [16:58:06] [INFO] fetching entries for table 'class' on database >>> >>> 'nomes' >>> >>> [16:58:06] [PAYLOAD] 6 UNION ALL SELECT NULL, NULL, >>> >>> CONCAT(CHAR(58,101,110,122,58),XXX,CHAR(58,111,115,122,58)), NULL, >>> >>> NULL FROM >>> >>> nomes.class# >>> >>> [17:00:09] [DEBUG] performed 1 queries in 122 seconds >>> >>> >>> >>> [17:00:13] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry >>> >>> your run >>> >>> with the latest development version from the Subversion repository. If >>> >>> the >>> >>> exception persists, please send by e-mail to >>> >>> sql...@li... the command line, the following >>> >>> text and >>> >>> any information needed to reproduce the bug. The developers will try >>> >>> to >>> >>> reproduce the bug, fix it accordingly and get back to you. >>> >>> sqlmap version: 0.9-dev >>> >>> Python version: 2.6.5 >>> >>> Operating system: posix >>> >>> Traceback (most recent call last): >>> >>> File "./sqlmap.py", line 83, in main >>> >>> start() >>> >>> File "/home/kkk/sqlmap-dev/lib/controller/controller.py", line 414, >>> >>> in >>> >>> start >>> >>> action() >>> >>> File "/home/kkk/sqlmap-dev/lib/controller/action.py", line 103, in >>> >>> action >>> >>> conf.dumper.dbTableValues(conf.dbmsHandler.dumpTable()) >>> >>> File "/home/kkk/sqlmap-dev/plugins/generic/enumeration.py", line >>> >>> 1189, in >>> >>> dumpTable >>> >>> entries = inject.getValue(query, blind=False, dump=True) >>> >>> File "/home/kkk/sqlmap-dev/lib/request/inject.py", line 427, in >>> >>> getValue >>> >>> value = __goInband(query, expected, sort, resumeValue, unpack, >>> >>> dump) >>> >>> File "/home/kkk/sqlmap-dev/lib/request/inject.py", line 384, in >>> >>> __goInband >>> >>> data = parseUnionPage(output, expression, partial, None, sort) >>> >>> File "/home/kkk/sqlmap-dev/lib/core/common.py", line 785, in >>> >>> parseUnionPage >>> >>> dataToSessionFile("[%s][%s][%s][%s][%s]\n" % (conf.url, >>> >>> kb.injection.place, conf.parameters[kb.injection.place], expression, >>> >>> logOutput)) >>> >>> MemoryError >>> >>> >>> >>> [*] shutting down at: 17:00:13 >>> >>> >>> >>> There are about 50,350 entries in the table and 48 columns.I tested >>> >>> the >>> >>> query manually, and returned a page with 600k of information.I think >>> >>> that >>> >>> sqlmap did not support the amount of data...? >>> >>> >>> >>> David >>> >>> >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> >>> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! >>> >>> Finally, a world-class log management solution at an even better >>> >>> price-free! >>> >>> Download using promo code Free_Logger_4_Dev2Dev. Offer expires >>> >>> February 28th, so secure your free ArcSight Logger TODAY! >>> >>> http://p.sf.net/sfu/arcsight-sfd2d >>> >>> _______________________________________________ >>> >>> sqlmap-users mailing list >>> >>> sql...@li... >>> >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >>> >>> >>> >> >>> >> >>> >> >>> >> -- >>> >> Miroslav Stampar >>> >> >>> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> >> Mobile: +385921010204 (HR 0921010204) >>> >> PGP Key ID: 0xB5397B1B >>> >> Location: Zagreb, Croatia >>> >> >>> > >>> > >>> > >>> > -- >>> > Miroslav Stampar >>> > >>> > E-mail / Jabber: miroslav.stampar (at) gmail.com >>> > Mobile: +385921010204 (HR 0921010204) >>> > PGP Key ID: 0xB5397B1B >>> > Location: Zagreb, Croatia >>> > >>> >>> >>> >>> -- >>> Miroslav Stampar >>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> Mobile: +385921010204 (HR 0921010204) >>> PGP Key ID: 0xB5397B1B >>> Location: Zagreb, Croatia >> >> >> >> -- >> David Gomes Guimarães >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > > ------------------------------------------------------------------------------ > Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! > Finally, a world-class log management solution at an even better price-free! > Download using promo code Free_Logger_4_Dev2Dev. Offer expires > February 28th, so secure your free ArcSight Logger TODAY! > http://p.sf.net/sfu/arcsight-sfd2d > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
