Re: [sqlmap-users] Possible bug in enumeration of results
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Possible bug in enumeration of results
|
From: Miroslav S. <mir...@gm...> - 2011-03-24 12:20:33
|
hi is there a possibility to send privately result of that run with switch -t traffic.txt (with --flush-session or --fresh-queries)? kr On Thu, Mar 24, 2011 at 12:21 PM, Alone Shell <alo...@gm...> wrote: > Hi all, > First at all, sorry for my English and congrats for this great tool xD > ok, I'm auditing a web application with iis5 and SQL Server 2000 and in all > the enumeration techniques (--dbs, --users ... ) the number of entities > retrieved is greater than the real retrieved data, resulting in duplicated > entries. > ------ example > $ ./sqlmap.py -u "****************************************************" > --dbs > ....... skipped > [11:48:33] [INFO] the back-end DBMS is Microsoft SQL Server > web server operating system: Windows 2000 > web application technology: PHP 5.2.5, Microsoft IIS 5.0 > back-end DBMS: Microsoft SQL Server 2000 > [11:48:33] [INFO] fetching database names > [11:48:33] [INFO] fetching number of databases > [11:48:33] [INFO] retrieved: 12 > [11:48:43] [INFO] retrieved: master > [11:49:32] [INFO] retrieved: tempdb > [11:50:27] [INFO] retrieved: model > [11:51:14] [INFO] retrieved: msdb > [11:51:54] [INFO] retrieved: *********** > [11:53:34] [INFO] retrieved: *********** > [11:54:23] [INFO] retrieved: *********** > [11:55:02] [INFO] retrieved: *********** > [11:55:52] [INFO] retrieved: master > [11:56:41] [INFO] retrieved: model > [11:57:34] [INFO] retrieved: msdb > [11:58:07] [INFO] retrieved: *********** > available databases [12]: > [*] *********** > [*] *********** > [*] *********** > [*] *********** > [*] master > [*] model > [*] msdb > [*] tempdb > -------- end of example > Regards > > ------------------------------------------------------------------------------ > Enable your software for Intel(R) Active Management Technology to meet the > growing manageability and security demands of your customers. Businesses > are taking advantage of Intel(R) vPro (TM) technology - will your software > be a part of the solution? Download the Intel(R) Manageability Checker > today! http://p.sf.net/sfu/intel-dev2devmar > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com PGP Key ID: 0xB5397B1B |