Re: [sqlmap-users] problem with data retrieval
Brought to you by:
inquisb
From: Miroslav S. <mir...@gm...> - 2012-06-04 07:58:32
|
Hi Chris. I am pretty sure that this was a false positive :) First thing is that you've stumbled upon a rare beast of MySQL stacked :). That was a first hint that something could be wrong. Another thing is that in every case where you have a time or stacked based injection we have a false positive test, but there is a slight chance that false positive falls through it (really small). Now, if you see those random garbage in those cases you have to KNOW that you've stumbled upon a false positive. Please, to make sure, just use --flush-session --time-sec=10 (or some other value greater than default 5). You'll probably see that there won't be any positives in that case. Kind regards, Miroslav Stampar On Sat, Jun 2, 2012 at 9:11 PM, Chris Rowe <pip...@gm...>wrote: > I am doing a test right now and I am receiving unusual output during data > retrieval. I have never seen this from sqlmap before. I have tried using > single or multi threads, --no-cast, and --hex options with no luck. I am > using sqlmap 1.0-dev r5100. Could the data in the database be a different > language that sqlmap can't read? The clinet's site is primarily in > arabic. I need help!! Thanks > * > Here is the output from the log file:* > > Payload: sqlmap/1.0-dev (r5100) (http://www.sqlmap.org)') AND 6574=6574-- > > Type: stacked queries > Title: MySQL < 5.0.12 stacked queries (heavy query) > Payload: sqlmap/1.0-dev (r5100) (http://www.sqlmap.org)'); SELECT > BENCHMARK(10000000,MD5(0x504b774c));-- > --- > > current user: None > > current database: None > > current user is DBA: None > > sqlmap identified the following injection points with a total of 0 HTTP(s) > requests: > --- > Place: User-Agent > Parameter: User-Agent > Type: boolean-based blind > Title: AND boolean-based blind - WHERE or HAVING clause (Generic > comment) > Payload: sqlmap/1.0-dev (r5100) (http://www.sqlmap.org)') AND > 6574=6574-- > > Type: stacked queries > Title: MySQL < 5.0.12 stacked queries (heavy query) > Payload: sqlmap/1.0-dev (r5100) (http://www.sqlmap.org)'); SELECT > BENCHMARK(10000000,MD5(0x504b774c));-- > --- > > current user: 'x?' > > current database: None > > current user is DBA: None > > sqlmap identified the following injection points with a total of 0 HTTP(s) > requests: > --- > Place: User-Agent > Parameter: User-Agent > Type: boolean-based blind > Title: AND boolean-based blind - WHERE or HAVING clause (Generic > comment) > Payload: sqlmap/1.0-dev (r5100) (http://www.sqlmap.org)') AND > 6574=6574-- > > Type: stacked queries > Title: MySQL < 5.0.12 stacked queries (heavy query) > Payload: sqlmap/1.0-dev (r5100) (http://www.sqlmap.org)'); SELECT > BENCHMARK(10000000,MD5(0x504b774c));-- > --- > > current user: 'x?' > > current database: '??n x^}h' > > current user is DBA: None > > > *Here is the command line output during testing:* > > [13:37:28] [INFO] changes made by tampering scripts are not included in > shown payload content(s) > [13:37:28] [INFO] the back-end DBMS is MySQL > web server operating system: Windows Vista > web application technology: Apache, ASP.NET 4.0.30319, ASP.NET, Microsoft > IIS 7.0 > > back-end DBMS: MySQL 5 > [13:37:28] [INFO] fetching current user > [13:37:28] [INFO] retrieving the length of query output > [13:37:28] [INFO] retrieved: > [13:37:32] [INFO] resumed: x? > current user: 'x?' > > [13:37:32] [INFO] fetching current database > [13:37:32] [INFO] retrieving the length of query output > [13:37:32] [INFO] retrieved: 8 > [13:38:32] [INFO] retrieved: ??n x^}h > current database: '??n x^}h' > > [13:38:32] [INFO] testing if current user is DBA > [13:38:32] [INFO] fetching current user > [13:38:32] [INFO] retrieving the length of query output > [13:38:32] [INFO] retrieved: 6 > [13:38:58] [WARNING] there was a problem decoding value '??????' from > expected hexadecimal form > > current user is DBA: None > > [13:38:58] [INFO] fetching database users > [13:38:58] [INFO] fetching number of database users > [13:38:58] [INFO] retrieved: 48 > [13:39:08] [CRITICAL] unable to retrieve the number of database users > [13:39:08] [WARNING] HTTP error codes detected during testing: > 500 (Internal Server Error) - 23 times > > [*] shutting down at 13:39:08 > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |