Re: [sqlmap-users] sqlmap-users Digest, Vol 31, Issue 1
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] sqlmap-users Digest, Vol 31, Issue 1
|
From: Miroslav S. <mir...@gm...> - 2013-05-30 19:00:48
|
Hi. Have you been able to retrieve user names normally? I mean, were they normally been displayed in console output? Also, is boolean technique the only one detected by sqlmap in your case (or maybe UNION)? Kind regards, Miroslav Stampar On Thu, May 30, 2013 at 4:57 PM, Bob <sto...@qq...> wrote: > Hi friend, > > > Could you help me with this bug ? > > > [22:54:12] [CRITICAL] unhandled exception in sqlmap/1.0-dev, retry your > run with the latest development version from the GitHub repository. If the > exception persists, please send by e-mail to ' > sql...@li...' or open a new issue at ' > https://github.com/sqlmapproject/sqlmap/issues/new' with the following > text and any information required to reproduce the bug. The developers will > try to reproduce the bug, fix it accordingly and get back to you. > sqlmap version: 1.0-dev > Python version: 2.7.3 > Operating system: posix > Command line: ./sqlmap -u *********************************************** > --data=__VIEWSTATE=%2FwEPDwUJNzcyNzA5MTcxD2QWAmYPZBYCAgMPZBYCAgUPZBYCAg8PPCsAEQIADxYEHgtfIURhdGFCb3VuZGceC18hSXRlbUNvdW50ZmQBEBYAFgAWAGQYAQUaY3RsMDAkTWFpbkNvbnRlbnQkRGdSZXN1bHQPPCsADAEIZmTqSkxVHfCvk8H514IG2vidRqlanHHD7kZRl389CeOupw%3D%3D&__EVENTVALIDATION=%2FwEWCAK%2BjdvyCQLM8NjFBQKgo%2F%2FzCgKumJP3BALizcLsAwL%2Bq8zvCgKsq6%2F4DwLTytO4BPwtq4Qe7jKJMNFTIKI0vDR6PinuEV%2BLf13FWcmth6Av&ctl00%24MainContent%24TxtContCode=ZAP&ctl00%24MainContent%24TxtItemCode=ZAP&ctl00%24MainContent%24BtnFind=%E6%9F%A5%E8%AF%A2&ctl00%24MainContent%24TxtTestCustname=ZAP&ctl00%24MainContent%24TxtItemName=ZAP&ctl00%24MainContent%24TxtCheckManuCrock=ZAP&ctl00%24MainContent%24TxtCheckNo=ZAP > -p ctl00%24MainContent%24TxtContCode -o --level 3 --risk 5 --dbms=Microsoft > SQL Server --users --passwords > Technique: BOOLEAN > Back-end DBMS: Microsoft SQL Server (fingerprinted) > Traceback (most recent call last): > File "./sqlmap", line 87, in main > start() > File "/usr/share/sqlmap/lib/controller/controller.py", line 572, in start > action() > File "/usr/share/sqlmap/lib/controller/action.py", line 81, in action > conf.dbmsHandler.getPasswordHashes(), "password hash", > CONTENT_TYPE.PASSWORDS) > File "/usr/share/sqlmap/plugins/generic/users.py", line 243, in > getPasswordHashes > if user in retrievedUsers: > TypeError: unhashable type: 'list' > > [*] shutting down at 22:54:12 > Thanks > > BOB > > > > > ------------------ Original ------------------ > *From: * "sqlmap-users-request"<sql...@li... > >; > *Date: * May 29, 2013 > *To: * "sqlmap-users"<sql...@li...>; > *Subject: * sqlmap-users Digest, Vol 31, Issue 1 > > Send sqlmap-users mailing list submissions to > sql...@li... > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > or, via email, send a message with subject or body 'help' to > sql...@li... > > You can reach the person managing the list at > sql...@li... > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of sqlmap-users digest..." > > > Today's Topics: > > 1. Re: Feature request (David Guimaraes) > 2. Re: --load-cookies (Dirk Wetter) > 3. Re: --load-cookies (Miroslav Stampar) > 4. Re: Patch for /task/<task_id>/delete in clean_filesystem > (Miroslav Stampar) > 5. Re: --load-cookies (Dirk Wetter) > 6. --host parameter (co...@5i...) > 7. Sqlmap and direct connect error (???????? ??????) > 8. Re: --host parameter (Miroslav Stampar) > 9. Re: Sqlmap and direct connect error (Miroslav Stampar) > 10. feature request: offline mode for --dns-domain? (buawig) > 11. feature request: --dns-domain for non-root users (--dns-port) > (buawig) > 12. Domain credentials (Brian Milliron) > 13. Re: Domain credentials (Brandon Perry) > 14. Re: feature request: offline mode for --dns-domain? > (Miroslav Stampar) > 15. Re: Domain credentials (Miroslav Stampar) > 16. Re: feature request: fetch DNS queries from DNS server via > HTTP (buawig) > 17. Re: feature request: fetch DNS queries from DNS server via > HTTP (Miroslav Stampar) > 18. MySQL error based technique bug (Konrads Smelkovs) > 19. Re: MySQL error based technique bug (Miroslav Stampar) > 20. SQLmap crashing (Phillip Wylie) > 21. Re: SQLmap crashing (Miroslav Stampar) > 22. Custom injection payload in POST (Marcell Fodor) > 23. Re: SQLmap crashing (Miroslav Stampar) > 24. I got error on windows (warezhacking) > 25. Appending to a dump (Stephen Shkardoon) > 26. Re: Appending to a dump (Miroslav Stampar) > 27. Re: Appending to a dump (Stephen Shkardoon) > 28. Re: Appending to a dump (Miroslav Stampar) > 29. --ignore-404 ? (buawig) > 30. PostgreSQL: substr('string', 1, 1) vs. substring('string' > from 1 for 1) (buawig) > 31. Re: PostgreSQL: substr('string', 1, 1) vs. substring('string' > from 1 for 1) (Miroslav Stampar) > 32. Re: PostgreSQL: substr('string', 1, 1) vs. substring('string' > from 1 for 1) (Miroslav Stampar) > 33. Re: --ignore-404 ? (Miroslav Stampar) > 34. BUG...!!!! o.O (Isai Ofir Juarez Contreras) > 35. Re: BUG...!!!! o.O (Miroslav Stampar) > 36. gun...@gm... wants to follow you. Accept? > (gun...@gm...) > 37. Direct access to mysql database (Marcell Fodor) > 38. Re: Direct access to mysql database (Miroslav Stampar) > 39. ? Sqlmap Users, Marco Mirandola ti ha inviato un messaggio... > (Badoo) > 40. Not getting any sensitive data from database (Marcell Fodor) > 41. Re: Not getting any sensitive data from database > (Miroslav Stampar) > 42. unhandled exception (kvasilopoulos) > 43. [SQLMAP] Unhandled exception for IPv6 > (e.n...@st...) > 44. Re: [SQLMAP] Unhandled exception for IPv6 (Miroslav Stampar) > 45. Re: unhandled exception (Miroslav Stampar) > 46. Passing SOAPAction in --header (Brandon Perry) > 47. Re: Passing SOAPAction in --header (Miroslav Stampar) > 48. Re: [SQLMAP] Unhandled exception for IPv6 (Miroslav Stampar) > 49. Blind SQL Injection question (Guy Dufour) > 50. Re: Blind SQL Injection question (Chris Oakley) > 51. Re: Passing SOAPAction in --header (Brandon Perry) > 52. Re: Passing SOAPAction in --header (Brandon Perry) > 53. Deploy&Create SSH/tunnel with compromised MSSQL server > (Alok Kumar) > 54. Re: Deploy&Create SSH/tunnel with compromised MSSQL server > (Brandon Perry) > 55. Re: Deploy&Create SSH/tunnel with compromised MSSQL server > (Alok Kumar) > 56. Re: Deploy&Create SSH/tunnel with compromised MSSQL server > (Brandon Perry) > 57. SQLMAP Bug (Joe O'Hara) > 58. Re: SQLMAP Bug (Miroslav Stampar) > 59. [CRITICAL] (Thai Thao) > 60. Re: [CRITICAL] (Miroslav Stampar) > 61. Providing multiple dbms (Sebastian Nerz) > 62. Re: Providing multiple dbms (Miroslav Stampar) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sat, 13 Apr 2013 21:40:39 -0300 > From: David Guimaraes <sk...@gm...> > Subject: Re: [sqlmap-users] Feature request > To: Miroslav Stampar <mir...@gm...> > Cc: SqlMap List <sql...@li...> > Message-ID: > <CAJ...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Good question Miroslav.. I tried to think in something that can be > implemented without ruin sqlmap query schema, but I could not come to any > conclusion... =( > > The thing is, sqlsus use a different approch to dump the data, making this > kind of thing possible... > > The solution that I found in this particular scenario is to use sqlsus, > unfortunately... > > Regards. > > David > > > On Mon, Apr 1, 2013 at 6:35 PM, Miroslav Stampar < > mir...@gm... > > wrote: > > > Hi David. > > > > And what do you recommend to be done in case of query with length > > > max_inj_length? > > > > Kind regards, > > Miroslav Stampar > > On Apr 1, 2013 11:14 PM, "David Guimaraes" <sk...@gm...> wrote: > > > >> Hi, I am trying to perform sql injection on a web site but I can not get > >> successful due to a size limitation on the query sent to the server. The > >> server is limiting the size of query in 512 bytes only and sqlmap do not > >> have any customization that allows me to bypass this restriction like > >> sqlsus "max_inj_length" parameter. Sqlsus has a feature called > "autoconf" > >> that measure the permited query size. > >> > >> There is some chance to put this kind of feature in sqlmap? > >> > >> Thanks. > >> > >> -- > >> David Gomes Guimar?es > >> > >> > >> > ------------------------------------------------------------------------------ > >> Own the Future-Intel® Level Up Game Demo Contest 2013 > >> Rise to greatness in Intel's independent game demo contest. > >> Compete for recognition, cash, and the chance to get your game > >> on Steam. $5K grand prize plus 10 genre and skill prizes. > >> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d > >> _______________________________________________ > >> sqlmap-users mailing list > >> sql...@li... > >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > >> > >> > > > -- > David Gomes Guimar?es > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 2 > Date: Mon, 15 Apr 2013 11:36:37 +0200 > From: Dirk Wetter <sp...@dr...> > Subject: Re: [sqlmap-users] --load-cookies > To: Miroslav Stampar <mir...@gm...> > Cc: SqlMap List <sql...@li...> > Message-ID: <516...@dr...> > Content-Type: text/plain; charset=ISO-8859-1 > > > > On 04/14/2013 01:14 AM, Miroslav Stampar wrote: > > Nevertheless, with the latest commit that check should be "neutralized" > now. Could you please retry it now? > > thx, Miroslav. I tried (b6fee63) but this time the cookie parser lib > hiccups, using the same file: > > /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: cookielib bug! > Traceback (most recent call last): > File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in > _really_load > assert domain_specified == initial_dot > AssertionError > > _warn_unhandled_exception() > [11:13:26] [CRITICAL] there was a problem loading cookies file ('invalid > Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': > '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') > > the 999.. looks strange to me. > > > > > > > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < > mir...@gm... <mailto:mir...@gm...>> wrote: > > > > Hi Dirk. > > > > Well, I would say that you have an expired cookie. Do you see that > value 0? That value should be a valid UNIX time representing time of cookie > expiration. Also, I've just tested that cookie of yours and sqlmap says: > "[WARNING] cookie '....' has expired" > > > > that's true but IMO 0 represents just a session cookie. Example: > > prompt% wget -q -O /dev/null --keep-session-cookies > --save-cookies=/dev/stdout bing.com > # HTTP cookie file. > # Generated by Wget on 2013-04-15 11:23:13. > # Edit at your own risk. > > .bing.com TRUE / FALSE 1429089794 SRCHUSR > AUTOREDIR=0&GEOVAR=&DOB=20130415 > .bing.com TRUE / FALSE 1429089794 SRCHD > D=2781203&MS=2781203&AF=NOFORM > .bing.com TRUE / FALSE 1429089794 OrigMUID > 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe > .bing.com TRUE / FALSE 1429089794 MUID > 333995A69E06630B2EB491169F016314 > .bing.com TRUE / FALSE 0 _SS > SID=B954CB7EDF8643CABAD8013F27A241E7 > .bing.com TRUE / FALSE 0 _HOP > .bing.com TRUE / FALSE 0 _FS NU=1 > .bing.com TRUE / FALSE 1429089794 _FP EM=1 > www.bing.com FALSE / FALSE 1429089794 SRCHUID > V=2&GUID=975091780DFF407DA9DD07139FD97C4D > www.bing.com FALSE / FALSE 1429089794 MUIDB > 333995A69E06630B2EB491169F016314 > > prompt% > > Same parser problem btw if I edit the cookie file and put 1429089794 unix > time instead of 0 in there. > > Ok: With the prev rev ed5599f it reads this file ok (no session cookies > but cookies w/ expiration date) and uses the last > cookie only for the first 120 tries. > > Cheers, Dirk > > > > > > Kind regards, > > Miroslav Stampar > > > > > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr...<mailto: > sp...@dr...>> wrote: > > > > > > Hi Miroslav, > > > > thx for your prompt answer. > > > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: > > > Hi Dirk. > > > > > > Could you please get the latest revision and retry it again? > > ed5599f: almost the same: with cookie in the header sqlmap takes > only this one. > > The slight difference seems to be that in the case where I > didn't supply a cookie > > sqlmap doesn't use any cookie at all, i.e. now not the one from > the server anymore. > > > > > > There was a situation where info messages have been wrongly > written that original response contained Set-Cookie in situations like > yours. > > > > > > In case that everything stays as it is, I'll need to ask you > to provide more details. For example, cookie file would be great. > > > > sure, here you go: > > > > --snip > > # Netscape HTTP Cookie File > > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID > \t <Cookie> > > [..] > > --snap > > > > They are all session cookies. For easier reading here I put some > blanks in the line > > above, in "cookie-file" there aren't any though. Cookies were > generated with > > stompy and a shell script (looks he same as with > > wget -S -O /dev/null --keep-session-cookies > --save-cookies=<file> <URL>) > > > > Again: sqlmap doesn't hiccup/complain while eating my cookies > file ;-) > > > > > > > > Also, please make sure that the cookie file contains proper > cookie(s) - domain name should be the same as a domain of target, cookie > needs to have a proper valid time, etc. > > > > see above. > > > > Cheers, > > > > Dirk > > > > > > > > > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>>> wrote: > > > > > > Hi Miroslav, > > > > > > yes unfortunately. > > > > > > If I omit the cookie line in the request header > completely, sqlmap > > > seems to take the first cookie issued by the server with > set-cookie (and > > > put's it silently in). > > > > > > Cheers, > > > > > > Dirk > > > > > > > > > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > > > Hi. > > > > > > > > And this is also happening if you are skipping "Cookie: > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? > > > > > > > > Kind regards, > > > > Miroslav Stampar > > > > > > > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > <mailto:sp...@dr... <mailto:sp...@dr...>>>> wrote: > > > > > > > > > > > > Hi folks, > > > > > > > > .... that doesn't work for me. It always uses the > cookie supplied > > > > (below in $REQUEST, or if I omit the line in > $REQUEST the one > > > > from the 1st server reply is being used) > > > > > > > > So what is wrong in here: > > > > > > > > cd > ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > > > > --level=2 --risk=2 -r $REQUEST > > > > > > > > The content of the file $REQUEST is: > > > > > > > > POST <URL> HTTP/1.1 > > > > Host: <HOST> > > > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; > en-US) AppleWebKit/525.13 (KHTML, like Gecko) > > > > Chrome/0.2.149.6 <http://0.2.149.6> < > http://0.2.149.6> <http://0.2.149.6> Safari/525.13 > > > > Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > > > Accept-Language: en-US,en;q=0.5 > > > > Accept-Encoding: gzip, deflate > > > > Referer: <Referer> > > > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > > > Connection: keep-alive > > > > Content-Type: application/x-www-form-urlencoded > > > > Content-Length: 67 > > > > > > > > <abunchofpostparams> > > > > > > > > > > > > No hints that cookie-file is not in correct format > (I've been through this, > > > > at least I think I so ;) ). > > > > > > > > Any insight would be much appreciated. > > > > > > > > > > > > Cheers, > > > > > > > > Dirk > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > Precog is a next-generation analytics platform > capable of advanced > > > > analytics on semi-structured data. The platform > includes APIs for building > > > > apps and a phenomenal toolset for data science. > Developers can use > > > > our toolset for easy data analysis & visualization. > Get a free account! > > > > > http://www2.precog.com/precogplatform/slashdotnewsletter > > > > _______________________________________________ > > > > sqlmap-users mailing list > > > > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>> <mailto: > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>>> > > > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > > > > > > > > -- > > > > Miroslav Stampar > > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > ------------------------------ > > Message: 3 > Date: Mon, 15 Apr 2013 11:45:19 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] --load-cookies > To: Dirk Wetter <sp...@dr...> > Cc: SqlMap List <sql...@li...> > Message-ID: > <CA+9yoX0yAGFkCiLuycVqdbm8jvnMeEPgJdXoYZi_4NTW-YQo=Q...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Dirk. > > Now that crash should be "patched". > > Could you please retry it now and say if the latest revision suits your > needs? > > Kind regards, > Miroslav Stampar > > > On Mon, Apr 15, 2013 at 11:36 AM, Dirk Wetter <sp...@dr...> wrote: > > > > > > > On 04/14/2013 01:14 AM, Miroslav Stampar wrote: > > > Nevertheless, with the latest commit that check should be "neutralized" > > now. Could you please retry it now? > > > > thx, Miroslav. I tried (b6fee63) but this time the cookie parser lib > > hiccups, using the same file: > > > > /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: cookielib > bug! > > Traceback (most recent call last): > > File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in > > _really_load > > assert domain_specified == initial_dot > > AssertionError > > > > _warn_unhandled_exception() > > [11:13:26] [CRITICAL] there was a problem loading cookies file ('invalid > > Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': > > > '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') > > > > the 999.. looks strange to me. > > > > > > > > > > > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < > > mir...@gm... <mailto:mir...@gm...>> wrote: > > > > > > Hi Dirk. > > > > > > Well, I would say that you have an expired cookie. Do you see that > > value 0? That value should be a valid UNIX time representing time of > cookie > > expiration. Also, I've just tested that cookie of yours and sqlmap says: > > "[WARNING] cookie '....' has expired" > > > > > > > that's true but IMO 0 represents just a session cookie. Example: > > > > prompt% wget -q -O /dev/null --keep-session-cookies > > --save-cookies=/dev/stdout bing.com > > # HTTP cookie file. > > # Generated by Wget on 2013-04-15 11:23:13. > > # Edit at your own risk. > > > > .bing.com TRUE / FALSE 1429089794 SRCHUSR > > AUTOREDIR=0&GEOVAR=&DOB=20130415 > > .bing.com TRUE / FALSE 1429089794 SRCHD > > D=2781203&MS=2781203&AF=NOFORM > > .bing.com TRUE / FALSE 1429089794 OrigMUID > > 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe > > .bing.com TRUE / FALSE 1429089794 MUID > > 333995A69E06630B2EB491169F016314 > > .bing.com TRUE / FALSE 0 _SS > > SID=B954CB7EDF8643CABAD8013F27A241E7 > > .bing.com TRUE / FALSE 0 _HOP > > .bing.com TRUE / FALSE 0 _FS NU=1 > > .bing.com TRUE / FALSE 1429089794 _FP EM=1 > > www.bing.com FALSE / FALSE 1429089794 SRCHUID > > V=2&GUID=975091780DFF407DA9DD07139FD97C4D > > www.bing.com FALSE / FALSE 1429089794 MUIDB > > 333995A69E06630B2EB491169F016314 > > > > prompt% > > > > Same parser problem btw if I edit the cookie file and put 1429089794 unix > > time instead of 0 in there. > > > > Ok: With the prev rev ed5599f it reads this file ok (no session cookies > > but cookies w/ expiration date) and uses the last > > cookie only for the first 120 tries. > > > > Cheers, Dirk > > > > > > > > > > Kind regards, > > > Miroslav Stampar > > > > > > > > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr... > <mailto: > > sp...@dr...>> wrote: > > > > > > > > > Hi Miroslav, > > > > > > thx for your prompt answer. > > > > > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: > > > > Hi Dirk. > > > > > > > > Could you please get the latest revision and retry it again? > > > ed5599f: almost the same: with cookie in the header sqlmap > takes > > only this one. > > > The slight difference seems to be that in the case where I > > didn't supply a cookie > > > sqlmap doesn't use any cookie at all, i.e. now not the one from > > the server anymore. > > > > > > > > There was a situation where info messages have been wrongly > > written that original response contained Set-Cookie in situations like > > yours. > > > > > > > > In case that everything stays as it is, I'll need to ask you > > to provide more details. For example, cookie file would be great. > > > > > > sure, here you go: > > > > > > --snip > > > # Netscape HTTP Cookie File > > > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID > > \t <Cookie> > > > [..] > > > --snap > > > > > > They are all session cookies. For easier reading here I put > some > > blanks in the line > > > above, in "cookie-file" there aren't any though. Cookies were > > generated with > > > stompy and a shell script (looks he same as with > > > wget -S -O /dev/null --keep-session-cookies > > --save-cookies=<file> <URL>) > > > > > > Again: sqlmap doesn't hiccup/complain while eating my cookies > > file ;-) > > > > > > > > > > > Also, please make sure that the cookie file contains proper > > cookie(s) - domain name should be the same as a domain of target, cookie > > needs to have a proper valid time, etc. > > > > > > see above. > > > > > > Cheers, > > > > > > Dirk > > > > > > > > > > > > > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter < > > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... > <mailto: > > sp...@dr...>>> wrote: > > > > > > > > Hi Miroslav, > > > > > > > > yes unfortunately. > > > > > > > > If I omit the cookie line in the request header > > completely, sqlmap > > > > seems to take the first cookie issued by the server with > > set-cookie (and > > > > put's it silently in). > > > > > > > > Cheers, > > > > > > > > Dirk > > > > > > > > > > > > > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > > > > Hi. > > > > > > > > > > And this is also happening if you are skipping "Cookie: > > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? > > > > > > > > > > Kind regards, > > > > > Miroslav Stampar > > > > > > > > > > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter < > > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... > <mailto: > > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > > <mailto:sp...@dr... <mailto:sp...@dr...>>>> wrote: > > > > > > > > > > > > > > > Hi folks, > > > > > > > > > > .... that doesn't work for me. It always uses the > > cookie supplied > > > > > (below in $REQUEST, or if I omit the line in > > $REQUEST the one > > > > > from the 1st server reply is being used) > > > > > > > > > > So what is wrong in here: > > > > > > > > > > cd > > ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > > > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > > > > > --level=2 --risk=2 -r $REQUEST > > > > > > > > > > The content of the file $REQUEST is: > > > > > > > > > > POST <URL> HTTP/1.1 > > > > > Host: <HOST> > > > > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT > 5.2; > > en-US) AppleWebKit/525.13 (KHTML, like Gecko) > > > > > Chrome/0.2.149.6 <http://0.2.149.6> < > > http://0.2.149.6> <http://0.2.149.6> Safari/525.13 > > > > > Accept: > > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > > > > Accept-Language: en-US,en;q=0.5 > > > > > Accept-Encoding: gzip, deflate > > > > > Referer: <Referer> > > > > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > > > > Connection: keep-alive > > > > > Content-Type: application/x-www-form-urlencoded > > > > > Content-Length: 67 > > > > > > > > > > <abunchofpostparams> > > > > > > > > > > > > > > > No hints that cookie-file is not in correct format > > (I've been through this, > > > > > at least I think I so ;) ). > > > > > > > > > > Any insight would be much appreciated. > > > > > > > > > > > > > > > Cheers, > > > > > > > > > > Dirk > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > Precog is a next-generation analytics platform > > capable of advanced > > > > > analytics on semi-structured data. The platform > > includes APIs for building > > > > > apps and a phenomenal toolset for data science. > > Developers can use > > > > > our toolset for easy data analysis & visualization. > > Get a free account! > > > > > > > http://www2.precog.com/precogplatform/slashdotnewsletter > > > > > _______________________________________________ > > > > > sqlmap-users mailing list > > > > > sql...@li... <mailto: > > sql...@li...> <mailto: > > sql...@li... <mailto: > > sql...@li...>> <mailto: > > sql...@li... <mailto: > > sql...@li...> <mailto: > > sql...@li... <mailto: > > sql...@li...>>> > > > > > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Miroslav Stampar > > > > > http://about.me/stamparm > > > > > > > > > > > > > > > > > > > > -- > > > > Miroslav Stampar > > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 4 > Date: Mon, 15 Apr 2013 11:46:21 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] Patch for /task/<task_id>/delete in > clean_filesystem > To: Brandon Perry <bpe...@gm...> > Cc: sqlmap users <sql...@li...> > Message-ID: > <CA+9yoX3RNQDm=PqT...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Brandon. > > Thank you for your patch and find it now included [1]. > > Kind regards, > Miroslav Stampar > > [1] > > https://github.com/sqlmapproject/sqlmap/commit/8853e43616e89f26cfd6d1c1540e02ed6b4ca224 > > > On Sat, Apr 13, 2013 at 8:36 PM, Brandon Perry <bpe...@gm... > >wrote: > > > Hi, the attached patch fixes an issue with the /task/<task_id>/delete api > > call when self.output_directory is NoneType and clean_system() is called. > > > > -- > > http://volatile-minds.blogspot.com -- blog > > http://www.volatileminds.net -- website > > > > > > > ------------------------------------------------------------------------------ > > Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for > building > > apps and a phenomenal toolset for data science. Developers can use > > our toolset for easy data analysis & visualization. Get a free account! > > http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 5 > Date: Mon, 15 Apr 2013 12:19:13 +0200 > From: Dirk Wetter <sp...@dr...> > Subject: Re: [sqlmap-users] --load-cookies > To: Miroslav Stampar <mir...@gm...> > Cc: SqlMap List <sql...@li...> > Message-ID: <516...@dr...> > Content-Type: text/plain; charset=ISO-8859-1 > > Hi Miroslav, > > On 04/15/2013 11:45 AM, Miroslav Stampar wrote: > > Hi Dirk. > > > > Now that crash should be "patched". > > > > Could you please retry it now and say if the latest revision suits your > needs? > > cool, thx. Works! > > However (sorry): > > One needs to omit the cookie in the request header, otherwise it just uses > the one > supplied by the request. > > Then: It doesn't change the cookie. Maybe I was interpreting that not > correctly > but my point was using the load-cookies option to direct sqlmap to change > cookies once in a while (whenever that's gonna be). This is to circumvent > restrictions one can encounter otherwise.... > > Cheers, > > Dirk > > > > > > Kind regards, > > Miroslav Stampar > > > > > > On Mon, Apr 15, 2013 at 11:36 AM, Dirk Wetter <sp...@dr...<mailto: > sp...@dr...>> wrote: > > > > > > > > On 04/14/2013 01:14 AM, Miroslav Stampar wrote: > > > Nevertheless, with the latest commit that check should be > "neutralized" now. Could you please retry it now? > > > > thx, Miroslav. I tried (b6fee63) but this time the cookie parser > lib hiccups, using the same file: > > > > /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: > cookielib bug! > > Traceback (most recent call last): > > File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in > _really_load > > assert domain_specified == initial_dot > > AssertionError > > > > _warn_unhandled_exception() > > [11:13:26] [CRITICAL] there was a problem loading cookies file > ('invalid Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': > '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') > > > > the 999.. looks strange to me. > > > > > > > > > > > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < > mir...@gm... <mailto:mir...@gm...> <mailto: > mir...@gm... <mailto:mir...@gm...>>> wrote: > > > > > > Hi Dirk. > > > > > > Well, I would say that you have an expired cookie. Do you see > that value 0? That value should be a valid UNIX time representing time of > cookie expiration. Also, I've just tested that cookie of yours and sqlmap > says: "[WARNING] cookie '....' has expired" > > > > > > > that's true but IMO 0 represents just a session cookie. Example: > > > > prompt% wget -q -O /dev/null --keep-session-cookies > --save-cookies=/dev/stdout bing.com <http://bing.com> > > # HTTP cookie file. > > # Generated by Wget on 2013-04-15 11:23:13. > > # Edit at your own risk. > > > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 SRCHUSR AUTOREDIR=0&GEOVAR=&DOB=20130415 > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 SRCHD D=2781203&MS=2781203&AF=NOFORM > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 OrigMUID > 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 MUID 333995A69E06630B2EB491169F016314 > > .bing.com <http://bing.com> TRUE / FALSE 0 > _SS SID=B954CB7EDF8643CABAD8013F27A241E7 > > .bing.com <http://bing.com> TRUE / FALSE 0 > _HOP > > .bing.com <http://bing.com> TRUE / FALSE 0 > _FS NU=1 > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 _FP EM=1 > > www.bing.com <http://www.bing.com> FALSE / FALSE > 1429089794 SRCHUID V=2&GUID=975091780DFF407DA9DD07139FD97C4D > > www.bing.com <http://www.bing.com> FALSE / FALSE > 1429089794 MUIDB 333995A69E06630B2EB491169F016314 > > > > prompt% > > > > Same parser problem btw if I edit the cookie file and put 1429089794 > unix time instead of 0 in there. > > > > Ok: With the prev rev ed5599f it reads this file ok (no session > cookies but cookies w/ expiration date) and uses the last > > cookie only for the first 120 tries. > > > > Cheers, Dirk > > > > > > > > > > Kind regards, > > > Miroslav Stampar > > > > > > > > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>>> wrote: > > > > > > > > > Hi Miroslav, > > > > > > thx for your prompt answer. > > > > > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: > > > > Hi Dirk. > > > > > > > > Could you please get the latest revision and retry it > again? > > > ed5599f: almost the same: with cookie in the header sqlmap > takes only this one. > > > The slight difference seems to be that in the case where I > didn't supply a cookie > > > sqlmap doesn't use any cookie at all, i.e. now not the one > from the server anymore. > > > > > > > > There was a situation where info messages have been > wrongly written that original response contained Set-Cookie in situations > like yours. > > > > > > > > In case that everything stays as it is, I'll need to ask > you to provide more details. For example, cookie file would be great. > > > > > > sure, here you go: > > > > > > --snip > > > # Netscape HTTP Cookie File > > > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t > JSESSIONID \t <Cookie> > > > [..] > > > --snap > > > > > > They are all session cookies. For easier reading here I > put some blanks in the line > > > above, in "cookie-file" there aren't any though. Cookies > were generated with > > > stompy and a shell script (looks he same as with > > > wget -S -O /dev/null --keep-session-cookies > --save-cookies=<file> <URL>) > > > > > > Again: sqlmap doesn't hiccup/complain while eating my > cookies file ;-) > > > > > > > > > > > Also, please make sure that the cookie file contains > proper cookie(s) - domain name should be the same as a domain of target, > cookie needs to have a proper valid time, etc. > > > > > > see above. > > > > > > Cheers, > > > > > > Dirk > > > > > > > > > > > > > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > <mailto:sp...@dr... <mailto:sp...@dr...>>>> wrote: > > > > > > > > Hi Miroslav, > > > > > > > > yes unfortunately. > > > > > > > > If I omit the cookie line in the request header > completely, sqlmap > > > > seems to take the first cookie issued by the server > with set-cookie (and > > > > put's it silently in). > > > > > > > > Cheers, > > > > > > > > Dirk > > > > > > > > > > > > > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > > > > Hi. > > > > > > > > > > And this is also happening if you are skipping > "Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original > request? > > > > > > > > > > Kind regards, > > > > > Miroslav Stampar > > > > > > > > > > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > <mailto:sp...@dr... <mailto:sp...@dr...>>> <mailto: > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > <mailto:sp...@dr... <mailto:sp...@dr...>>>>> wrote: > > > > > > > > > > > > > > > Hi folks, > > > > > > > > > > .... that doesn't work for me. It always uses > the cookie supplied > > > > > (below in $REQUEST, or if I omit the line in > $REQUEST the one > > > > > from the 1st server reply is being used) > > > > > > > > > > So what is wrong in here: > > > > > > > > > > cd > ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > > > > --threads=8 -v 6 > --load-cookies=$WD/cookie-file \ > > > > > --level=2 --risk=2 -r $REQUEST > > > > > > > > > > The content of the file $REQUEST is: > > > > > > > > > > POST <URL> HTTP/1.1 > > > > > Host: <HOST> > > > > > User-Agent: Mozilla/5.0 (Windows; U; Windows > NT 5.2; en-US) AppleWebKit/525.13 (KHTML, like Gecko) > > > > > Chrome/0.2.149.6 <http://0.2.149.6> < > http://0.2.149.6> <http://0.2.149.6> <http://0.2.149.6> Safari/525.13 > > > > > Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > > > > Accept-Language: en-US,en;q=0.5 > > > > > Accept-Encoding: gzip, deflate > > > > > Referer: <Referer> > > > > > Cookie: > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > > > > Connection: keep-alive > > > > > Content-Type: application/x-www-form-urlencoded > > > > > Content-Length: 67 > > > > > > > > > > <abunchofpostparams> > > > > > > > > > > > > > > > No hints that cookie-file is not in correct > format (I've been through this, > > > > > at least I think I so ;) ). > > > > > > > > > > Any insight would be much appreciated. > > > > > > > > > > > > > > > Cheers, > > > > > > > > > > Dirk > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > Precog is a next-generation analytics platform > capable of advanced > > > > > analytics on semi-structured data. The > platform includes APIs for building > > > > > apps and a phenomenal toolset for data > science. Developers can use > > > > > our toolset for easy data analysis & > visualization. Get a free account! > > > > > > http://www2.precog.com/precogplatform/slashdotnewsletter > > > > > _______________________________________________ > > > > > sqlmap-users mailing list > > > > > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>> <mailto: > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>>> <mailto: > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>> <mailto: > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>>>> > > > > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Miroslav Stampar > > > > > http://about.me/stamparm > > > > > > > > > > > > > > > > > > > > -- > > > > Miroslav Stampar > > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > ------------------------------ > > Message: 6 > Date: Mon, 15 Apr 2013 14:01:01 -0700 > From: <co...@5i...> > Subject: [sqlmap-users] --host parameter > To: sql...@li... > Message-ID: > < > 201...@em... > > > > Content-Type: text/plain; charset="utf-8" > > Hello, > the --host doesn't work as expected, or I am doing something wrong: > > > this works as expected: > > ./sqlmap.py --url='http://i.csland.ro/index.php?id=0' > > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database > takeover tool > http://sqlmap.org > > [!] legal disclaimer: Usage of sqlmap for attacking targets without > prior mutual consent is illegal. It is the end user's responsibility to > obey all applicable local, state and federal laws. Developers assume no > liability and are not responsible for any misuse or damage caused by > this program > > [*] starting at 23:57:15 > > [23:57:15] [INFO] testing connection to the target URL > [23:57:15] [INFO] heuristics detected web page charset 'ascii' > [23:57:15] [INFO] testing if the target URL is stable. This can take a > couple of seconds > [23:57:16] [INFO] target URL is stable > [23:57:16] [INFO] testing if GET parameter 'id' is dynamic > [23:57:16] [INFO] confirming that GET parameter 'id' is dynamic > [23:57:16] [INFO] GET parameter 'id' is dynamic > [23:57:16] [INFO] heuristic (basic) test shows that GET parameter 'id' > might be injectable (possible DBMS: 'MySQL') > [23:57:16] [INFO] testing for SQL injection on GET parameter 'id' > > > .... > > > this doesn't work as expected: > > ./sqlmap.py --host='i.csland.ro' > --url='http://188.240.236.15/index.php?id=0' > > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database > takeover tool > http://sqlmap.org > > [!] legal disclaimer: Usage of sqlmap for attacking targets without > prior mutual consent is illegal. It is the end user's responsibility to > obey all applicable local, state and federal laws. Developers assume no > liability and are not responsible for any misuse or damage caused by > this program > > [*] starting at 23:58:03 > > [23:58:03] [INFO] testing connection to the target URL > [23:58:03] [CRITICAL] page not found (404) > it is not recommended to continue in this kind of cases. Do you want to > quit and make sure that everything is set up properly? [Y/n] > [23:58:05] [WARNING] HTTP error codes detected during run: > > ............ > > > Of course i.csland.ro resolves to 188.240.236.15. Any idea? > > Thanks. > > > > > ------------------------------ > > Message: 7 > Date: Tue, 16 Apr 2013 09:12:05 +1100 > From: ???????? ?????? <vo...@s2...> > Subject: [sqlmap-users] Sqlmap and direct connect error > To: sql...@li... > Message-ID: <C59...@s2...> > Content-Type: text/plain; charset=us-ascii > > Hi! > > This bug detected if add direct param. > > python sqlmap.py -d "mysql://yakimov:pass@127.0.0.1:3306/tech" -u " > http://s25.ru/index.phtml?center=7&id=186" --random-agent --tor > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables > --exclude-sysdbs > > > [01:48:28] [CRITICAL] unhandled exception in sqlmap/1.0-dev-de99717, retry > your run with the latest development version from the GitHub repository. If > the exception persists, please send by e-mail to ' > sql...@li...' or open a new issue at ' > https://github.com/sqlmapproject/sqlmap/issues/new' with the following > text and any information required to reproduce the bug. The developers will > try to reproduce the bug, fix it accordingly and get back to you. > sqlmap version: 1.0-dev-de99717 > Python version: 2.7.3 > Operating system: posix > Command line: sqlmap.py -d > **************************************************** -u > http://s25.ru/index.phtml?center=7&id=186 --random-agent --tor > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables > --exclude-sysdbs > Technique: None > Back-end DBMS: MySQL (identified) > Traceback (most recent call last): > File "sqlmap.py", line 87, in main > start() > File "/home/yakimov/sqlmap/lib/controller/controller.py", line 248, in > start > action() > File "/home/yakimov/sqlmap/lib/controller/action.py", line 32, in action > setHandler() > File "/home/yakimov/sqlmap/lib/controller/handler.py", line 95, in > setHandler > conf.dbmsConnector.connect() > File "/home/yakimov/sqlmap/plugins/dbms/mysql/connector.py", line 38, in > connect > self.connector = pymysql.connect(host=self.hostname, user=self.user, > passwd=self.password, db=self.db, port=self.port, > connect_timeout=conf.timeout, use_unicode=True) > File > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/__init__.py", > line 93, in Connect > return Connection(*args, **kwargs) > File > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", > line 584, in __init__ > self._connect() > File > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", > line 739, in _connect > sock.connect((self.host, self.port)) > File "/home/yakimov/sqlmap/thirdparty/socks/socks.py", line 365, in > connect > raise GeneralProxyError((5, _generalerrors[5])) > GeneralProxyError: (5, 'bad input') > > > > > ------------------------------ > > Message: 8 > Date: Tue, 16 Apr 2013 14:19:18 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] --host parameter > To: co...@5i... > Cc: SqlMap List <sql...@li...> > Message-ID: > <CA+...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi. > > Thank you for your report and find it fixed with the latest commit [1]. > > Kind regards, > Miroslav Stampar > > [1] > > https://github.com/sqlmapproject/sqlmap/commit/6fed1921edf1baaf23a54fbe340ff3781fc05c86 > > > On Mon, Apr 15, 2013 at 11:01 PM, <co...@5i...> wrote: > > > Hello, > > the --host doesn't work as expected, or I am doing something wrong: > > > > > > this works as expected: > > > > ./sqlmap.py --url='http://i.csland.ro/index.php?id=0' > > > > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database > > takeover tool > > http://sqlmap.org > > > > [!] legal disclaimer: Usage of sqlmap for attacking targets without > > prior mutual consent is illegal. It is the end user's responsibility to > > obey all applicable local, state and federal laws. Developers assume no > > liability and are not responsible for any misuse or damage caused by > > this program > > > > [*] starting at 23:57:15 > > > > [23:57:15] [INFO] testing connection to the target URL > > [23:57:15] [INFO] heuristics detected web page charset 'ascii' > > [23:57:15] [INFO] testing if the target URL is stable. This can take a > > couple of seconds > > [23:57:16] [INFO] target URL is stable > > [23:57:16] [INFO] testing if GET parameter 'id' is dynamic > > [23:57:16] [INFO] confirming that GET parameter 'id' is dynamic > > [23:57:16] [INFO] GET parameter 'id' is dynamic > > [23:57:16] [INFO] heuristic (basic) test shows that GET parameter 'id' > > might be injectable (possible DBMS: 'MySQL') > > [23:57:16] [INFO] testing for SQL injection on GET parameter 'id' > > > > > > .... > > > > > > this doesn't work as expected: > > > > ./sqlmap.py --host='i.csland.ro' > > --url='http://188.240.236.15/index.php?id=0' > > > > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database > > takeover tool > > http://sqlmap.org > > > > [!] legal disclaimer: Usage of sqlmap for attacking targets without > > prior mutual consent is illegal. It is the end user's responsibility to > > obey all applicable local, state and federal laws. Developers assume no > > liability and are not responsible for any misuse or damage caused by > > this program > > > > [*] starting at 23:58:03 > > > > [23:58:03] [INFO] testing connection to the target URL > > [23:58:03] [CRITICAL] page not found (404) > > it is not recommended to continue in this kind of cases. Do you want to > > quit and make sure that everything is set up properly? [Y/n] > > [23:58:05] [WARNING] HTTP error codes detected during run: > > > > ............ > > > > > > Of course i.csland.ro resolves to 188.240.236.15. Any idea? > > > > Thanks. > > > > > > > > > ------------------------------------------------------------------------------ > > Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for > building > > apps and a phenomenal toolset for data science. Developers can use > > our toolset for easy data analysis & visualization. Get a free account! > > http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 9 > Date: Tue, 16 Apr 2013 14:33:33 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] Sqlmap and direct connect error > To: ???????? ?????? <vo...@s2...> > Cc: SqlMap List <sql...@li...> > Message-ID: > <CA+9yoX0rxH+=vZuYiArFNZhK1xhwos=SNhMqEmFmnCafw-ot=g...@ma...> > Content-Type: text/plain; charset="koi8-r" > > Hi Vladimir. > > Find it "patched" with the latest commit [1]. Basically, those combinations > should not be allowed (-d and --url; -d and --tor; etc.) and now we've > added new option validation checks for this kind of cases. > > Kind regards, > Miroslav Stampar > > [1] > > https://github.com/sqlmapproject/sqlmap/commit/c73489aff3861f1cac7de41494a296c1095e141a > > > On Tue, Apr 16, 2013 at 12:12 AM, ???????? ?????? <vo...@s2...> wrote: > > > Hi! > > > > This bug detected if add direct param. > > > > python sqlmap.py -d "mysql://yakimov:pass@127.0.0.1:3306/tech" -u " > > http://s25.ru/index.phtml?center=7&id=186" --random-agent --tor > > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables > > --exclude-sysdbs > > > > > > [01:48:28] [CRITICAL] unhandled exception in sqlmap/1.0-dev-de99717, > retry > > your run with the latest development version from the GitHub repository. > If > > the exception persists, please send by e-mail to ' > > sql...@li...' or open a new issue at ' > > https://github.com/sqlmapproject/sqlmap/issues/new' with the following > > text and any information required to reproduce the bug. The developers > will > > try to reproduce the bug, fix it accordingly and get back to you. > > sqlmap version: 1.0-dev-de99717 > > Python version: 2.7.3 > > Operating system: posix > > Command line: sqlmap.py -d > > **************************************************** -u > > http://s25.ru/index.phtml?center=7&id=186 --random-agent --tor > > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables > > --exclude-sysdbs > > Technique: None > > Back-end DBMS: MySQL (identified) > > Traceback (most recent call last): > > File "sqlmap.py", line 87, in main > > start() > > File "/home/yakimov/sqlmap/lib/controller/controller.py", line 248, in > > start > > action() > > File "/home/yakimov/sqlmap/lib/controller/action.py", line 32, in > action > > setHandler() > > File "/home/yakimov/sqlmap/lib/controller/handler.py", line 95, in > > setHandler > > conf.dbmsConnector.connect() > > File "/home/yakimov/sqlmap/plugins/dbms/mysql/connector.py", line 38, > in > > connect > > self.connector = pymysql.connect(host=self.hostname, user=self.user, > > passwd=self.password, db=self.db, port=self.port, > > connect_timeout=conf.timeout, use_unicode=True) > > File > > > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/__init__.py", > > line 93, in Connect > > return Connection(*args, **kwargs) > > File > > > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", > > line 584, in __init__ > > self._connect() > > File > > > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", > > line 739, in _connect > > sock.connect((self.host, self.port)) > > File "/home/yakimov/sqlmap/thirdparty/socks/socks.py", line 365, in > > connect > > raise GeneralProxyError((5, _generalerrors[5])) > > GeneralProxyError: (5, 'bad input') > > > > > > > > > ------------------------------------------------------------------------------ > > Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for > building > > apps and a phenomenal toolset for data science. Developers can use > > our toolset for easy data analysis & visualization. Get a free account! > > http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 10 > Date: Tue, 16 Apr 2013 23:26:39 +0200 > From: buawig <bu...@gm...> > Subject: [sqlmap-users] feature request: offline mode for > --dns-domain? > To: SqlMap List <sql...@li...> > Message-ID: <516...@gm...> > Content-Type: text/plain; charset=UTF-8 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > in cases where sqlmap is run against targets on internal networks it > would be great if one could tell sqlmap to simply proceed without > expecting incoming DNS requests, because sqlmap can not be executed > directly on the DNS server (which can't reach the target, but the > target can reach the DNS server). > > For me it would be enough to simply run something like > - -u ... --dns-domain=attacker.com --dns-port=0 > (--dns-port does not exist [yet]) > > to let sqlmap know that it doesn't need to start a DNS listener. > > I would then collect and decode the DNS querries on the DNS server > manually, but I could also envision runni... [truncated message content] |
