Re: [sqlmap-users] sqlmap-users Digest, Vol 31, Issue 1
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] sqlmap-users Digest, Vol 31, Issue 1
|
From: Miroslav S. <mir...@gm...> - 2013-06-01 11:46:06
|
Hi. This should be "patched" now. Bye On Thu, May 30, 2013 at 4:57 PM, Bob <sto...@qq...> wrote: > Hi friend, > > > Could you help me with this bug ? > > > [22:54:12] [CRITICAL] unhandled exception in sqlmap/1.0-dev, retry your > run with the latest development version from the GitHub repository. If the > exception persists, please send by e-mail to ' > sql...@li...' or open a new issue at ' > https://github.com/sqlmapproject/sqlmap/issues/new' with the following > text and any information required to reproduce the bug. The developers will > try to reproduce the bug, fix it accordingly and get back to you. > sqlmap version: 1.0-dev > Python version: 2.7.3 > Operating system: posix > Command line: ./sqlmap -u *********************************************** > --data=__VIEWSTATE=%2FwEPDwUJNzcyNzA5MTcxD2QWAmYPZBYCAgMPZBYCAgUPZBYCAg8PPCsAEQIADxYEHgtfIURhdGFCb3VuZGceC18hSXRlbUNvdW50ZmQBEBYAFgAWAGQYAQUaY3RsMDAkTWFpbkNvbnRlbnQkRGdSZXN1bHQPPCsADAEIZmTqSkxVHfCvk8H514IG2vidRqlanHHD7kZRl389CeOupw%3D%3D&__EVENTVALIDATION=%2FwEWCAK%2BjdvyCQLM8NjFBQKgo%2F%2FzCgKumJP3BALizcLsAwL%2Bq8zvCgKsq6%2F4DwLTytO4BPwtq4Qe7jKJMNFTIKI0vDR6PinuEV%2BLf13FWcmth6Av&ctl00%24MainContent%24TxtContCode=ZAP&ctl00%24MainContent%24TxtItemCode=ZAP&ctl00%24MainContent%24BtnFind=%E6%9F%A5%E8%AF%A2&ctl00%24MainContent%24TxtTestCustname=ZAP&ctl00%24MainContent%24TxtItemName=ZAP&ctl00%24MainContent%24TxtCheckManuCrock=ZAP&ctl00%24MainContent%24TxtCheckNo=ZAP > -p ctl00%24MainContent%24TxtContCode -o --level 3 --risk 5 --dbms=Microsoft > SQL Server --users --passwords > Technique: BOOLEAN > Back-end DBMS: Microsoft SQL Server (fingerprinted) > Traceback (most recent call last): > File "./sqlmap", line 87, in main > start() > File "/usr/share/sqlmap/lib/controller/controller.py", line 572, in start > action() > File "/usr/share/sqlmap/lib/controller/action.py", line 81, in action > conf.dbmsHandler.getPasswordHashes(), "password hash", > CONTENT_TYPE.PASSWORDS) > File "/usr/share/sqlmap/plugins/generic/users.py", line 243, in > getPasswordHashes > if user in retrievedUsers: > TypeError: unhashable type: 'list' > > [*] shutting down at 22:54:12 > Thanks > > BOB > > > > > ------------------ Original ------------------ > *From: * "sqlmap-users-request"<sql...@li... > >; > *Date: * May 29, 2013 > *To: * "sqlmap-users"<sql...@li...>; > *Subject: * sqlmap-users Digest, Vol 31, Issue 1 > > Send sqlmap-users mailing list submissions to > sql...@li... > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > or, via email, send a message with subject or body 'help' to > sql...@li... > > You can reach the person managing the list at > sql...@li... > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of sqlmap-users digest..." > > > Today's Topics: > > 1. Re: Feature request (David Guimaraes) > 2. Re: --load-cookies (Dirk Wetter) > 3. Re: --load-cookies (Miroslav Stampar) > 4. Re: Patch for /task/<task_id>/delete in clean_filesystem > (Miroslav Stampar) > 5. Re: --load-cookies (Dirk Wetter) > 6. --host parameter (co...@5i...) > 7. Sqlmap and direct connect error (???????? ??????) > 8. Re: --host parameter (Miroslav Stampar) > 9. Re: Sqlmap and direct connect error (Miroslav Stampar) > 10. feature request: offline mode for --dns-domain? (buawig) > 11. feature request: --dns-domain for non-root users (--dns-port) > (buawig) > 12. Domain credentials (Brian Milliron) > 13. Re: Domain credentials (Brandon Perry) > 14. Re: feature request: offline mode for --dns-domain? > (Miroslav Stampar) > 15. Re: Domain credentials (Miroslav Stampar) > 16. Re: feature request: fetch DNS queries from DNS server via > HTTP (buawig) > 17. Re: feature request: fetch DNS queries from DNS server via > HTTP (Miroslav Stampar) > 18. MySQL error based technique bug (Konrads Smelkovs) > 19. Re: MySQL error based technique bug (Miroslav Stampar) > 20. SQLmap crashing (Phillip Wylie) > 21. Re: SQLmap crashing (Miroslav Stampar) > 22. Custom injection payload in POST (Marcell Fodor) > 23. Re: SQLmap crashing (Miroslav Stampar) > 24. I got error on windows (warezhacking) > 25. Appending to a dump (Stephen Shkardoon) > 26. Re: Appending to a dump (Miroslav Stampar) > 27. Re: Appending to a dump (Stephen Shkardoon) > 28. Re: Appending to a dump (Miroslav Stampar) > 29. --ignore-404 ? (buawig) > 30. PostgreSQL: substr('string', 1, 1) vs. substring('string' > from 1 for 1) (buawig) > 31. Re: PostgreSQL: substr('string', 1, 1) vs. substring('string' > from 1 for 1) (Miroslav Stampar) > 32. Re: PostgreSQL: substr('string', 1, 1) vs. substring('string' > from 1 for 1) (Miroslav Stampar) > 33. Re: --ignore-404 ? (Miroslav Stampar) > 34. BUG...!!!! o.O (Isai Ofir Juarez Contreras) > 35. Re: BUG...!!!! o.O (Miroslav Stampar) > 36. gun...@gm... wants to follow you. Accept? > (gun...@gm...) > 37. Direct access to mysql database (Marcell Fodor) > 38. Re: Direct access to mysql database (Miroslav Stampar) > 39. ? Sqlmap Users, Marco Mirandola ti ha inviato un messaggio... > (Badoo) > 40. Not getting any sensitive data from database (Marcell Fodor) > 41. Re: Not getting any sensitive data from database > (Miroslav Stampar) > 42. unhandled exception (kvasilopoulos) > 43. [SQLMAP] Unhandled exception for IPv6 > (e.n...@st...) > 44. Re: [SQLMAP] Unhandled exception for IPv6 (Miroslav Stampar) > 45. Re: unhandled exception (Miroslav Stampar) > 46. Passing SOAPAction in --header (Brandon Perry) > 47. Re: Passing SOAPAction in --header (Miroslav Stampar) > 48. Re: [SQLMAP] Unhandled exception for IPv6 (Miroslav Stampar) > 49. Blind SQL Injection question (Guy Dufour) > 50. Re: Blind SQL Injection question (Chris Oakley) > 51. Re: Passing SOAPAction in --header (Brandon Perry) > 52. Re: Passing SOAPAction in --header (Brandon Perry) > 53. Deploy&Create SSH/tunnel with compromised MSSQL server > (Alok Kumar) > 54. Re: Deploy&Create SSH/tunnel with compromised MSSQL server > (Brandon Perry) > 55. Re: Deploy&Create SSH/tunnel with compromised MSSQL server > (Alok Kumar) > 56. Re: Deploy&Create SSH/tunnel with compromised MSSQL server > (Brandon Perry) > 57. SQLMAP Bug (Joe O'Hara) > 58. Re: SQLMAP Bug (Miroslav Stampar) > 59. [CRITICAL] (Thai Thao) > 60. Re: [CRITICAL] (Miroslav Stampar) > 61. Providing multiple dbms (Sebastian Nerz) > 62. Re: Providing multiple dbms (Miroslav Stampar) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sat, 13 Apr 2013 21:40:39 -0300 > From: David Guimaraes <sk...@gm...> > Subject: Re: [sqlmap-users] Feature request > To: Miroslav Stampar <mir...@gm...> > Cc: SqlMap List <sql...@li...> > Message-ID: > <CAJ...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Good question Miroslav.. I tried to think in something that can be > implemented without ruin sqlmap query schema, but I could not come to any > conclusion... =( > > The thing is, sqlsus use a different approch to dump the data, making this > kind of thing possible... > > The solution that I found in this particular scenario is to use sqlsus, > unfortunately... > > Regards. > > David > > > On Mon, Apr 1, 2013 at 6:35 PM, Miroslav Stampar < > mir...@gm... > > wrote: > > > Hi David. > > > > And what do you recommend to be done in case of query with length > > > max_inj_length? > > > > Kind regards, > > Miroslav Stampar > > On Apr 1, 2013 11:14 PM, "David Guimaraes" <sk...@gm...> wrote: > > > >> Hi, I am trying to perform sql injection on a web site but I can not get > >> successful due to a size limitation on the query sent to the server. The > >> server is limiting the size of query in 512 bytes only and sqlmap do not > >> have any customization that allows me to bypass this restriction like > >> sqlsus "max_inj_length" parameter. Sqlsus has a feature called > "autoconf" > >> that measure the permited query size. > >> > >> There is some chance to put this kind of feature in sqlmap? > >> > >> Thanks. > >> > >> -- > >> David Gomes Guimar?es > >> > >> > >> > ------------------------------------------------------------------------------ > >> Own the Future-Intel® Level Up Game Demo Contest 2013 > >> Rise to greatness in Intel's independent game demo contest. > >> Compete for recognition, cash, and the chance to get your game > >> on Steam. $5K grand prize plus 10 genre and skill prizes. > >> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d > >> _______________________________________________ > >> sqlmap-users mailing list > >> sql...@li... > >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > >> > >> > > > -- > David Gomes Guimar?es > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 2 > Date: Mon, 15 Apr 2013 11:36:37 +0200 > From: Dirk Wetter <sp...@dr...> > Subject: Re: [sqlmap-users] --load-cookies > To: Miroslav Stampar <mir...@gm...> > Cc: SqlMap List <sql...@li...> > Message-ID: <516...@dr...> > Content-Type: text/plain; charset=ISO-8859-1 > > > > On 04/14/2013 01:14 AM, Miroslav Stampar wrote: > > Nevertheless, with the latest commit that check should be "neutralized" > now. Could you please retry it now? > > thx, Miroslav. I tried (b6fee63) but this time the cookie parser lib > hiccups, using the same file: > > /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: cookielib bug! > Traceback (most recent call last): > File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in > _really_load > assert domain_specified == initial_dot > AssertionError > > _warn_unhandled_exception() > [11:13:26] [CRITICAL] there was a problem loading cookies file ('invalid > Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': > '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') > > the 999.. looks strange to me. > > > > > > > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < > mir...@gm... <mailto:mir...@gm...>> wrote: > > > > Hi Dirk. > > > > Well, I would say that you have an expired cookie. Do you see that > value 0? That value should be a valid UNIX time representing time of cookie > expiration. Also, I've just tested that cookie of yours and sqlmap says: > "[WARNING] cookie '....' has expired" > > > > that's true but IMO 0 represents just a session cookie. Example: > > prompt% wget -q -O /dev/null --keep-session-cookies > --save-cookies=/dev/stdout bing.com > # HTTP cookie file. > # Generated by Wget on 2013-04-15 11:23:13. > # Edit at your own risk. > > .bing.com TRUE / FALSE 1429089794 SRCHUSR > AUTOREDIR=0&GEOVAR=&DOB=20130415 > .bing.com TRUE / FALSE 1429089794 SRCHD > D=2781203&MS=2781203&AF=NOFORM > .bing.com TRUE / FALSE 1429089794 OrigMUID > 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe > .bing.com TRUE / FALSE 1429089794 MUID > 333995A69E06630B2EB491169F016314 > .bing.com TRUE / FALSE 0 _SS > SID=B954CB7EDF8643CABAD8013F27A241E7 > .bing.com TRUE / FALSE 0 _HOP > .bing.com TRUE / FALSE 0 _FS NU=1 > .bing.com TRUE / FALSE 1429089794 _FP EM=1 > www.bing.com FALSE / FALSE 1429089794 SRCHUID > V=2&GUID=975091780DFF407DA9DD07139FD97C4D > www.bing.com FALSE / FALSE 1429089794 MUIDB > 333995A69E06630B2EB491169F016314 > > prompt% > > Same parser problem btw if I edit the cookie file and put 1429089794 unix > time instead of 0 in there. > > Ok: With the prev rev ed5599f it reads this file ok (no session cookies > but cookies w/ expiration date) and uses the last > cookie only for the first 120 tries. > > Cheers, Dirk > > > > > > Kind regards, > > Miroslav Stampar > > > > > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr...<mailto: > sp...@dr...>> wrote: > > > > > > Hi Miroslav, > > > > thx for your prompt answer. > > > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: > > > Hi Dirk. > > > > > > Could you please get the latest revision and retry it again? > > ed5599f: almost the same: with cookie in the header sqlmap takes > only this one. > > The slight difference seems to be that in the case where I > didn't supply a cookie > > sqlmap doesn't use any cookie at all, i.e. now not the one from > the server anymore. > > > > > > There was a situation where info messages have been wrongly > written that original response contained Set-Cookie in situations like > yours. > > > > > > In case that everything stays as it is, I'll need to ask you > to provide more details. For example, cookie file would be great. > > > > sure, here you go: > > > > --snip > > # Netscape HTTP Cookie File > > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID > \t <Cookie> > > [..] > > --snap > > > > They are all session cookies. For easier reading here I put some > blanks in the line > > above, in "cookie-file" there aren't any though. Cookies were > generated with > > stompy and a shell script (looks he same as with > > wget -S -O /dev/null --keep-session-cookies > --save-cookies=<file> <URL>) > > > > Again: sqlmap doesn't hiccup/complain while eating my cookies > file ;-) > > > > > > > > Also, please make sure that the cookie file contains proper > cookie(s) - domain name should be the same as a domain of target, cookie > needs to have a proper valid time, etc. > > > > see above. > > > > Cheers, > > > > Dirk > > > > > > > > > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>>> wrote: > > > > > > Hi Miroslav, > > > > > > yes unfortunately. > > > > > > If I omit the cookie line in the request header > completely, sqlmap > > > seems to take the first cookie issued by the server with > set-cookie (and > > > put's it silently in). > > > > > > Cheers, > > > > > > Dirk > > > > > > > > > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > > > Hi. > > > > > > > > And this is also happening if you are skipping "Cookie: > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? > > > > > > > > Kind regards, > > > > Miroslav Stampar > > > > > > > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > <mailto:sp...@dr... <mailto:sp...@dr...>>>> wrote: > > > > > > > > > > > > Hi folks, > > > > > > > > .... that doesn't work for me. It always uses the > cookie supplied > > > > (below in $REQUEST, or if I omit the line in > $REQUEST the one > > > > from the 1st server reply is being used) > > > > > > > > So what is wrong in here: > > > > > > > > cd > ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > > > > --level=2 --risk=2 -r $REQUEST > > > > > > > > The content of the file $REQUEST is: > > > > > > > > POST <URL> HTTP/1.1 > > > > Host: <HOST> > > > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; > en-US) AppleWebKit/525.13 (KHTML, like Gecko) > > > > Chrome/0.2.149.6 <http://0.2.149.6> < > http://0.2.149.6> <http://0.2.149.6> Safari/525.13 > > > > Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > > > Accept-Language: en-US,en;q=0.5 > > > > Accept-Encoding: gzip, deflate > > > > Referer: <Referer> > > > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > > > Connection: keep-alive > > > > Content-Type: application/x-www-form-urlencoded > > > > Content-Length: 67 > > > > > > > > <abunchofpostparams> > > > > > > > > > > > > No hints that cookie-file is not in correct format > (I've been through this, > > > > at least I think I so ;) ). > > > > > > > > Any insight would be much appreciated. > > > > > > > > > > > > Cheers, > > > > > > > > Dirk > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > Precog is a next-generation analytics platform > capable of advanced > > > > analytics on semi-structured data. The platform > includes APIs for building > > > > apps and a phenomenal toolset for data science. > Developers can use > > > > our toolset for easy data analysis & visualization. > Get a free account! > > > > > http://www2.precog.com/precogplatform/slashdotnewsletter > > > > _______________________________________________ > > > > sqlmap-users mailing list > > > > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>> <mailto: > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>>> > > > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > > > > > > > > -- > > > > Miroslav Stampar > > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > ------------------------------ > > Message: 3 > Date: Mon, 15 Apr 2013 11:45:19 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] --load-cookies > To: Dirk Wetter <sp...@dr...> > Cc: SqlMap List <sql...@li...> > Message-ID: > <CA+9yoX0yAGFkCiLuycVqdbm8jvnMeEPgJdXoYZi_4NTW-YQo=Q...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Dirk. > > Now that crash should be "patched". > > Could you please retry it now and say if the latest revision suits your > needs? > > Kind regards, > Miroslav Stampar > > > On Mon, Apr 15, 2013 at 11:36 AM, Dirk Wetter <sp...@dr...> wrote: > > > > > > > On 04/14/2013 01:14 AM, Miroslav Stampar wrote: > > > Nevertheless, with the latest commit that check should be "neutralized" > > now. Could you please retry it now? > > > > thx, Miroslav. I tried (b6fee63) but this time the cookie parser lib > > hiccups, using the same file: > > > > /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: cookielib > bug! > > Traceback (most recent call last): > > File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in > > _really_load > > assert domain_specified == initial_dot > > AssertionError > > > > _warn_unhandled_exception() > > [11:13:26] [CRITICAL] there was a problem loading cookies file ('invalid > > Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': > > > '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') > > > > the 999.. looks strange to me. > > > > > > > > > > > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < > > mir...@gm... <mailto:mir...@gm...>> wrote: > > > > > > Hi Dirk. > > > > > > Well, I would say that you have an expired cookie. Do you see that > > value 0? That value should be a valid UNIX time representing time of > cookie > > expiration. Also, I've just tested that cookie of yours and sqlmap says: > > "[WARNING] cookie '....' has expired" > > > > > > > that's true but IMO 0 represents just a session cookie. Example: > > > > prompt% wget -q -O /dev/null --keep-session-cookies > > --save-cookies=/dev/stdout bing.com > > # HTTP cookie file. > > # Generated by Wget on 2013-04-15 11:23:13. > > # Edit at your own risk. > > > > .bing.com TRUE / FALSE 1429089794 SRCHUSR > > AUTOREDIR=0&GEOVAR=&DOB=20130415 > > .bing.com TRUE / FALSE 1429089794 SRCHD > > D=2781203&MS=2781203&AF=NOFORM > > .bing.com TRUE / FALSE 1429089794 OrigMUID > > 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe > > .bing.com TRUE / FALSE 1429089794 MUID > > 333995A69E06630B2EB491169F016314 > > .bing.com TRUE / FALSE 0 _SS > > SID=B954CB7EDF8643CABAD8013F27A241E7 > > .bing.com TRUE / FALSE 0 _HOP > > .bing.com TRUE / FALSE 0 _FS NU=1 > > .bing.com TRUE / FALSE 1429089794 _FP EM=1 > > www.bing.com FALSE / FALSE 1429089794 SRCHUID > > V=2&GUID=975091780DFF407DA9DD07139FD97C4D > > www.bing.com FALSE / FALSE 1429089794 MUIDB > > 333995A69E06630B2EB491169F016314 > > > > prompt% > > > > Same parser problem btw if I edit the cookie file and put 1429089794 unix > > time instead of 0 in there. > > > > Ok: With the prev rev ed5599f it reads this file ok (no session cookies > > but cookies w/ expiration date) and uses the last > > cookie only for the first 120 tries. > > > > Cheers, Dirk > > > > > > > > > > Kind regards, > > > Miroslav Stampar > > > > > > > > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr... > <mailto: > > sp...@dr...>> wrote: > > > > > > > > > Hi Miroslav, > > > > > > thx for your prompt answer. > > > > > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: > > > > Hi Dirk. > > > > > > > > Could you please get the latest revision and retry it again? > > > ed5599f: almost the same: with cookie in the header sqlmap > takes > > only this one. > > > The slight difference seems to be that in the case where I > > didn't supply a cookie > > > sqlmap doesn't use any cookie at all, i.e. now not the one from > > the server anymore. > > > > > > > > There was a situation where info messages have been wrongly > > written that original response contained Set-Cookie in situations like > > yours. > > > > > > > > In case that everything stays as it is, I'll need to ask you > > to provide more details. For example, cookie file would be great. > > > > > > sure, here you go: > > > > > > --snip > > > # Netscape HTTP Cookie File > > > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID > > \t <Cookie> > > > [..] > > > --snap > > > > > > They are all session cookies. For easier reading here I put > some > > blanks in the line > > > above, in "cookie-file" there aren't any though. Cookies were > > generated with > > > stompy and a shell script (looks he same as with > > > wget -S -O /dev/null --keep-session-cookies > > --save-cookies=<file> <URL>) > > > > > > Again: sqlmap doesn't hiccup/complain while eating my cookies > > file ;-) > > > > > > > > > > > Also, please make sure that the cookie file contains proper > > cookie(s) - domain name should be the same as a domain of target, cookie > > needs to have a proper valid time, etc. > > > > > > see above. > > > > > > Cheers, > > > > > > Dirk > > > > > > > > > > > > > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter < > > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... > <mailto: > > sp...@dr...>>> wrote: > > > > > > > > Hi Miroslav, > > > > > > > > yes unfortunately. > > > > > > > > If I omit the cookie line in the request header > > completely, sqlmap > > > > seems to take the first cookie issued by the server with > > set-cookie (and > > > > put's it silently in). > > > > > > > > Cheers, > > > > > > > > Dirk > > > > > > > > > > > > > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > > > > Hi. > > > > > > > > > > And this is also happening if you are skipping "Cookie: > > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? > > > > > > > > > > Kind regards, > > > > > Miroslav Stampar > > > > > > > > > > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter < > > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... > <mailto: > > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > > <mailto:sp...@dr... <mailto:sp...@dr...>>>> wrote: > > > > > > > > > > > > > > > Hi folks, > > > > > > > > > > .... that doesn't work for me. It always uses the > > cookie supplied > > > > > (below in $REQUEST, or if I omit the line in > > $REQUEST the one > > > > > from the 1st server reply is being used) > > > > > > > > > > So what is wrong in here: > > > > > > > > > > cd > > ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > > > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > > > > > --level=2 --risk=2 -r $REQUEST > > > > > > > > > > The content of the file $REQUEST is: > > > > > > > > > > POST <URL> HTTP/1.1 > > > > > Host: <HOST> > > > > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT > 5.2; > > en-US) AppleWebKit/525.13 (KHTML, like Gecko) > > > > > Chrome/0.2.149.6 <http://0.2.149.6> < > > http://0.2.149.6> <http://0.2.149.6> Safari/525.13 > > > > > Accept: > > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > > > > Accept-Language: en-US,en;q=0.5 > > > > > Accept-Encoding: gzip, deflate > > > > > Referer: <Referer> > > > > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > > > > Connection: keep-alive > > > > > Content-Type: application/x-www-form-urlencoded > > > > > Content-Length: 67 > > > > > > > > > > <abunchofpostparams> > > > > > > > > > > > > > > > No hints that cookie-file is not in correct format > > (I've been through this, > > > > > at least I think I so ;) ). > > > > > > > > > > Any insight would be much appreciated. > > > > > > > > > > > > > > > Cheers, > > > > > > > > > > Dirk > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > Precog is a next-generation analytics platform > > capable of advanced > > > > > analytics on semi-structured data. The platform > > includes APIs for building > > > > > apps and a phenomenal toolset for data science. > > Developers can use > > > > > our toolset for easy data analysis & visualization. > > Get a free account! > > > > > > > http://www2.precog.com/precogplatform/slashdotnewsletter > > > > > _______________________________________________ > > > > > sqlmap-users mailing list > > > > > sql...@li... <mailto: > > sql...@li...> <mailto: > > sql...@li... <mailto: > > sql...@li...>> <mailto: > > sql...@li... <mailto: > > sql...@li...> <mailto: > > sql...@li... <mailto: > > sql...@li...>>> > > > > > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Miroslav Stampar > > > > > http://about.me/stamparm > > > > > > > > > > > > > > > > > > > > -- > > > > Miroslav Stampar > > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 4 > Date: Mon, 15 Apr 2013 11:46:21 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] Patch for /task/<task_id>/delete in > clean_filesystem > To: Brandon Perry <bpe...@gm...> > Cc: sqlmap users <sql...@li...> > Message-ID: > <CA+9yoX3RNQDm=PqT...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Brandon. > > Thank you for your patch and find it now included [1]. > > Kind regards, > Miroslav Stampar > > [1] > > https://github.com/sqlmapproject/sqlmap/commit/8853e43616e89f26cfd6d1c1540e02ed6b4ca224 > > > On Sat, Apr 13, 2013 at 8:36 PM, Brandon Perry <bpe...@gm... > >wrote: > > > Hi, the attached patch fixes an issue with the /task/<task_id>/delete api > > call when self.output_directory is NoneType and clean_system() is called. > > > > -- > > http://volatile-minds.blogspot.com -- blog > > http://www.volatileminds.net -- website > > > > > > > ------------------------------------------------------------------------------ > > Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for > building > > apps and a phenomenal toolset for data science. Developers can use > > our toolset for easy data analysis & visualization. Get a free account! > > http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 5 > Date: Mon, 15 Apr 2013 12:19:13 +0200 > From: Dirk Wetter <sp...@dr...> > Subject: Re: [sqlmap-users] --load-cookies > To: Miroslav Stampar <mir...@gm...> > Cc: SqlMap List <sql...@li...> > Message-ID: <516...@dr...> > Content-Type: text/plain; charset=ISO-8859-1 > > Hi Miroslav, > > On 04/15/2013 11:45 AM, Miroslav Stampar wrote: > > Hi Dirk. > > > > Now that crash should be "patched". > > > > Could you please retry it now and say if the latest revision suits your > needs? > > cool, thx. Works! > > However (sorry): > > One needs to omit the cookie in the request header, otherwise it just uses > the one > supplied by the request. > > Then: It doesn't change the cookie. Maybe I was interpreting that not > correctly > but my point was using the load-cookies option to direct sqlmap to change > cookies once in a while (whenever that's gonna be). This is to circumvent > restrictions one can encounter otherwise.... > > Cheers, > > Dirk > > > > > > Kind regards, > > Miroslav Stampar > > > > > > On Mon, Apr 15, 2013 at 11:36 AM, Dirk Wetter <sp...@dr...<mailto: > sp...@dr...>> wrote: > > > > > > > > On 04/14/2013 01:14 AM, Miroslav Stampar wrote: > > > Nevertheless, with the latest commit that check should be > "neutralized" now. Could you please retry it now? > > > > thx, Miroslav. I tried (b6fee63) but this time the cookie parser > lib hiccups, using the same file: > > > > /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: > cookielib bug! > > Traceback (most recent call last): > > File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in > _really_load > > assert domain_specified == initial_dot > > AssertionError > > > > _warn_unhandled_exception() > > [11:13:26] [CRITICAL] there was a problem loading cookies file > ('invalid Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': > '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') > > > > the 999.. looks strange to me. > > > > > > > > > > > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < > mir...@gm... <mailto:mir...@gm...> <mailto: > mir...@gm... <mailto:mir...@gm...>>> wrote: > > > > > > Hi Dirk. > > > > > > Well, I would say that you have an expired cookie. Do you see > that value 0? That value should be a valid UNIX time representing time of > cookie expiration. Also, I've just tested that cookie of yours and sqlmap > says: "[WARNING] cookie '....' has expired" > > > > > > > that's true but IMO 0 represents just a session cookie. Example: > > > > prompt% wget -q -O /dev/null --keep-session-cookies > --save-cookies=/dev/stdout bing.com <http://bing.com> > > # HTTP cookie file. > > # Generated by Wget on 2013-04-15 11:23:13. > > # Edit at your own risk. > > > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 SRCHUSR AUTOREDIR=0&GEOVAR=&DOB=20130415 > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 SRCHD D=2781203&MS=2781203&AF=NOFORM > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 OrigMUID > 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 MUID 333995A69E06630B2EB491169F016314 > > .bing.com <http://bing.com> TRUE / FALSE 0 > _SS SID=B954CB7EDF8643CABAD8013F27A241E7 > > .bing.com <http://bing.com> TRUE / FALSE 0 > _HOP > > .bing.com <http://bing.com> TRUE / FALSE 0 > _FS NU=1 > > .bing.com <http://bing.com> TRUE / FALSE > 1429089794 _FP EM=1 > > www.bing.com <http://www.bing.com> FALSE / FALSE > 1429089794 SRCHUID V=2&GUID=975091780DFF407DA9DD07139FD97C4D > > www.bing.com <http://www.bing.com> FALSE / FALSE > 1429089794 MUIDB 333995A69E06630B2EB491169F016314 > > > > prompt% > > > > Same parser problem btw if I edit the cookie file and put 1429089794 > unix time instead of 0 in there. > > > > Ok: With the prev rev ed5599f it reads this file ok (no session > cookies but cookies w/ expiration date) and uses the last > > cookie only for the first 120 tries. > > > > Cheers, Dirk > > > > > > > > > > Kind regards, > > > Miroslav Stampar > > > > > > > > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>>> wrote: > > > > > > > > > Hi Miroslav, > > > > > > thx for your prompt answer. > > > > > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: > > > > Hi Dirk. > > > > > > > > Could you please get the latest revision and retry it > again? > > > ed5599f: almost the same: with cookie in the header sqlmap > takes only this one. > > > The slight difference seems to be that in the case where I > didn't supply a cookie > > > sqlmap doesn't use any cookie at all, i.e. now not the one > from the server anymore. > > > > > > > > There was a situation where info messages have been > wrongly written that original response contained Set-Cookie in situations > like yours. > > > > > > > > In case that everything stays as it is, I'll need to ask > you to provide more details. For example, cookie file would be great. > > > > > > sure, here you go: > > > > > > --snip > > > # Netscape HTTP Cookie File > > > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t > JSESSIONID \t <Cookie> > > > [..] > > > --snap > > > > > > They are all session cookies. For easier reading here I > put some blanks in the line > > > above, in "cookie-file" there aren't any though. Cookies > were generated with > > > stompy and a shell script (looks he same as with > > > wget -S -O /dev/null --keep-session-cookies > --save-cookies=<file> <URL>) > > > > > > Again: sqlmap doesn't hiccup/complain while eating my > cookies file ;-) > > > > > > > > > > > Also, please make sure that the cookie file contains > proper cookie(s) - domain name should be the same as a domain of target, > cookie needs to have a proper valid time, etc. > > > > > > see above. > > > > > > Cheers, > > > > > > Dirk > > > > > > > > > > > > > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > <mailto:sp...@dr... <mailto:sp...@dr...>>>> wrote: > > > > > > > > Hi Miroslav, > > > > > > > > yes unfortunately. > > > > > > > > If I omit the cookie line in the request header > completely, sqlmap > > > > seems to take the first cookie issued by the server > with set-cookie (and > > > > put's it silently in). > > > > > > > > Cheers, > > > > > > > > Dirk > > > > > > > > > > > > > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > > > > Hi. > > > > > > > > > > And this is also happening if you are skipping > "Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original > request? > > > > > > > > > > Kind regards, > > > > > Miroslav Stampar > > > > > > > > > > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter < > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > <mailto:sp...@dr... <mailto:sp...@dr...>>> <mailto: > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr...<mailto: > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> > <mailto:sp...@dr... <mailto:sp...@dr...>>>>> wrote: > > > > > > > > > > > > > > > Hi folks, > > > > > > > > > > .... that doesn't work for me. It always uses > the cookie supplied > > > > > (below in $REQUEST, or if I omit the line in > $REQUEST the one > > > > > from the 1st server reply is being used) > > > > > > > > > > So what is wrong in here: > > > > > > > > > > cd > ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > > > > --threads=8 -v 6 > --load-cookies=$WD/cookie-file \ > > > > > --level=2 --risk=2 -r $REQUEST > > > > > > > > > > The content of the file $REQUEST is: > > > > > > > > > > POST <URL> HTTP/1.1 > > > > > Host: <HOST> > > > > > User-Agent: Mozilla/5.0 (Windows; U; Windows > NT 5.2; en-US) AppleWebKit/525.13 (KHTML, like Gecko) > > > > > Chrome/0.2.149.6 <http://0.2.149.6> < > http://0.2.149.6> <http://0.2.149.6> <http://0.2.149.6> Safari/525.13 > > > > > Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > > > > Accept-Language: en-US,en;q=0.5 > > > > > Accept-Encoding: gzip, deflate > > > > > Referer: <Referer> > > > > > Cookie: > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > > > > Connection: keep-alive > > > > > Content-Type: application/x-www-form-urlencoded > > > > > Content-Length: 67 > > > > > > > > > > <abunchofpostparams> > > > > > > > > > > > > > > > No hints that cookie-file is not in correct > format (I've been through this, > > > > > at least I think I so ;) ). > > > > > > > > > > Any insight would be much appreciated. > > > > > > > > > > > > > > > Cheers, > > > > > > > > > > Dirk > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > Precog is a next-generation analytics platform > capable of advanced > > > > > analytics on semi-structured data. The > platform includes APIs for building > > > > > apps and a phenomenal toolset for data > science. Developers can use > > > > > our toolset for easy data analysis & > visualization. Get a free account! > > > > > > http://www2.precog.com/precogplatform/slashdotnewsletter > > > > > _______________________________________________ > > > > > sqlmap-users mailing list > > > > > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>> <mailto: > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>>> <mailto: > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>> <mailto: > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>>>> > > > > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Miroslav Stampar > > > > > http://about.me/stamparm > > > > > > > > > > > > > > > > > > > > -- > > > > Miroslav Stampar > > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > ------------------------------ > > Message: 6 > Date: Mon, 15 Apr 2013 14:01:01 -0700 > From: <co...@5i...> > Subject: [sqlmap-users] --host parameter > To: sql...@li... > Message-ID: > < > 201...@em... > > > > Content-Type: text/plain; charset="utf-8" > > Hello, > the --host doesn't work as expected, or I am doing something wrong: > > > this works as expected: > > ./sqlmap.py --url='http://i.csland.ro/index.php?id=0' > > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database > takeover tool > http://sqlmap.org > > [!] legal disclaimer: Usage of sqlmap for attacking targets without > prior mutual consent is illegal. It is the end user's responsibility to > obey all applicable local, state and federal laws. Developers assume no > liability and are not responsible for any misuse or damage caused by > this program > > [*] starting at 23:57:15 > > [23:57:15] [INFO] testing connection to the target URL > [23:57:15] [INFO] heuristics detected web page charset 'ascii' > [23:57:15] [INFO] testing if the target URL is stable. This can take a > couple of seconds > [23:57:16] [INFO] target URL is stable > [23:57:16] [INFO] testing if GET parameter 'id' is dynamic > [23:57:16] [INFO] confirming that GET parameter 'id' is dynamic > [23:57:16] [INFO] GET parameter 'id' is dynamic > [23:57:16] [INFO] heuristic (basic) test shows that GET parameter 'id' > might be injectable (possible DBMS: 'MySQL') > [23:57:16] [INFO] testing for SQL injection on GET parameter 'id' > > > .... > > > this doesn't work as expected: > > ./sqlmap.py --host='i.csland.ro' > --url='http://188.240.236.15/index.php?id=0' > > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database > takeover tool > http://sqlmap.org > > [!] legal disclaimer: Usage of sqlmap for attacking targets without > prior mutual consent is illegal. It is the end user's responsibility to > obey all applicable local, state and federal laws. Developers assume no > liability and are not responsible for any misuse or damage caused by > this program > > [*] starting at 23:58:03 > > [23:58:03] [INFO] testing connection to the target URL > [23:58:03] [CRITICAL] page not found (404) > it is not recommended to continue in this kind of cases. Do you want to > quit and make sure that everything is set up properly? [Y/n] > [23:58:05] [WARNING] HTTP error codes detected during run: > > ............ > > > Of course i.csland.ro resolves to 188.240.236.15. Any idea? > > Thanks. > > > > > ------------------------------ > > Message: 7 > Date: Tue, 16 Apr 2013 09:12:05 +1100 > From: ???????? ?????? <vo...@s2...> > Subject: [sqlmap-users] Sqlmap and direct connect error > To: sql...@li... > Message-ID: <C59...@s2...> > Content-Type: text/plain; charset=us-ascii > > Hi! > > This bug detected if add direct param. > > python sqlmap.py -d "mysql://yakimov:pass@127.0.0.1:3306/tech" -u " > http://s25.ru/index.phtml?center=7&id=186" --random-agent --tor > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables > --exclude-sysdbs > > > [01:48:28] [CRITICAL] unhandled exception in sqlmap/1.0-dev-de99717, retry > your run with the latest development version from the GitHub repository. If > the exception persists, please send by e-mail to ' > sql...@li...' or open a new issue at ' > https://github.com/sqlmapproject/sqlmap/issues/new' with the following > text and any information required to reproduce the bug. The developers will > try to reproduce the bug, fix it accordingly and get back to you. > sqlmap version: 1.0-dev-de99717 > Python version: 2.7.3 > Operating system: posix > Command line: sqlmap.py -d > **************************************************** -u > http://s25.ru/index.phtml?center=7&id=186 --random-agent --tor > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables > --exclude-sysdbs > Technique: None > Back-end DBMS: MySQL (identified) > Traceback (most recent call last): > File "sqlmap.py", line 87, in main > start() > File "/home/yakimov/sqlmap/lib/controller/controller.py", line 248, in > start > action() > File "/home/yakimov/sqlmap/lib/controller/action.py", line 32, in action > setHandler() > File "/home/yakimov/sqlmap/lib/controller/handler.py", line 95, in > setHandler > conf.dbmsConnector.connect() > File "/home/yakimov/sqlmap/plugins/dbms/mysql/connector.py", line 38, in > connect > self.connector = pymysql.connect(host=self.hostname, user=self.user, > passwd=self.password, db=self.db, port=self.port, > connect_timeout=conf.timeout, use_unicode=True) > File > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/__init__.py", > line 93, in Connect > return Connection(*args, **kwargs) > File > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", > line 584, in __init__ > self._connect() > File > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", > line 739, in _connect > sock.connect((self.host, self.port)) > File "/home/yakimov/sqlmap/thirdparty/socks/socks.py", line 365, in > connect > raise GeneralProxyError((5, _generalerrors[5])) > GeneralProxyError: (5, 'bad input') > > > > > ------------------------------ > > Message: 8 > Date: Tue, 16 Apr 2013 14:19:18 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] --host parameter > To: co...@5i... > Cc: SqlMap List <sql...@li...> > Message-ID: > <CA+...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi. > > Thank you for your report and find it fixed with the latest commit [1]. > > Kind regards, > Miroslav Stampar > > [1] > > https://github.com/sqlmapproject/sqlmap/commit/6fed1921edf1baaf23a54fbe340ff3781fc05c86 > > > On Mon, Apr 15, 2013 at 11:01 PM, <co...@5i...> wrote: > > > Hello, > > the --host doesn't work as expected, or I am doing something wrong: > > > > > > this works as expected: > > > > ./sqlmap.py --url='http://i.csland.ro/index.php?id=0' > > > > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database > > takeover tool > > http://sqlmap.org > > > > [!] legal disclaimer: Usage of sqlmap for attacking targets without > > prior mutual consent is illegal. It is the end user's responsibility to > > obey all applicable local, state and federal laws. Developers assume no > > liability and are not responsible for any misuse or damage caused by > > this program > > > > [*] starting at 23:57:15 > > > > [23:57:15] [INFO] testing connection to the target URL > > [23:57:15] [INFO] heuristics detected web page charset 'ascii' > > [23:57:15] [INFO] testing if the target URL is stable. This can take a > > couple of seconds > > [23:57:16] [INFO] target URL is stable > > [23:57:16] [INFO] testing if GET parameter 'id' is dynamic > > [23:57:16] [INFO] confirming that GET parameter 'id' is dynamic > > [23:57:16] [INFO] GET parameter 'id' is dynamic > > [23:57:16] [INFO] heuristic (basic) test shows that GET parameter 'id' > > might be injectable (possible DBMS: 'MySQL') > > [23:57:16] [INFO] testing for SQL injection on GET parameter 'id' > > > > > > .... > > > > > > this doesn't work as expected: > > > > ./sqlmap.py --host='i.csland.ro' > > --url='http://188.240.236.15/index.php?id=0' > > > > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database > > takeover tool > > http://sqlmap.org > > > > [!] legal disclaimer: Usage of sqlmap for attacking targets without > > prior mutual consent is illegal. It is the end user's responsibility to > > obey all applicable local, state and federal laws. Developers assume no > > liability and are not responsible for any misuse or damage caused by > > this program > > > > [*] starting at 23:58:03 > > > > [23:58:03] [INFO] testing connection to the target URL > > [23:58:03] [CRITICAL] page not found (404) > > it is not recommended to continue in this kind of cases. Do you want to > > quit and make sure that everything is set up properly? [Y/n] > > [23:58:05] [WARNING] HTTP error codes detected during run: > > > > ............ > > > > > > Of course i.csland.ro resolves to 188.240.236.15. Any idea? > > > > Thanks. > > > > > > > > > ------------------------------------------------------------------------------ > > Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for > building > > apps and a phenomenal toolset for data science. Developers can use > > our toolset for easy data analysis & visualization. Get a free account! > > http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 9 > Date: Tue, 16 Apr 2013 14:33:33 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] Sqlmap and direct connect error > To: ???????? ?????? <vo...@s2...> > Cc: SqlMap List <sql...@li...> > Message-ID: > <CA+9yoX0rxH+=vZuYiArFNZhK1xhwos=SNhMqEmFmnCafw-ot=g...@ma...> > Content-Type: text/plain; charset="koi8-r" > > Hi Vladimir. > > Find it "patched" with the latest commit [1]. Basically, those combinations > should not be allowed (-d and --url; -d and --tor; etc.) and now we've > added new option validation checks for this kind of cases. > > Kind regards, > Miroslav Stampar > > [1] > > https://github.com/sqlmapproject/sqlmap/commit/c73489aff3861f1cac7de41494a296c1095e141a > > > On Tue, Apr 16, 2013 at 12:12 AM, ???????? ?????? <vo...@s2...> wrote: > > > Hi! > > > > This bug detected if add direct param. > > > > python sqlmap.py -d "mysql://yakimov:pass@127.0.0.1:3306/tech" -u " > > http://s25.ru/index.phtml?center=7&id=186" --random-agent --tor > > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables > > --exclude-sysdbs > > > > > > [01:48:28] [CRITICAL] unhandled exception in sqlmap/1.0-dev-de99717, > retry > > your run with the latest development version from the GitHub repository. > If > > the exception persists, please send by e-mail to ' > > sql...@li...' or open a new issue at ' > > https://github.com/sqlmapproject/sqlmap/issues/new' with the following > > text and any information required to reproduce the bug. The developers > will > > try to reproduce the bug, fix it accordingly and get back to you. > > sqlmap version: 1.0-dev-de99717 > > Python version: 2.7.3 > > Operating system: posix > > Command line: sqlmap.py -d > > **************************************************** -u > > http://s25.ru/index.phtml?center=7&id=186 --random-agent --tor > > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables > > --exclude-sysdbs > > Technique: None > > Back-end DBMS: MySQL (identified) > > Traceback (most recent call last): > > File "sqlmap.py", line 87, in main > > start() > > File "/home/yakimov/sqlmap/lib/controller/controller.py", line 248, in > > start > > action() > > File "/home/yakimov/sqlmap/lib/controller/action.py", line 32, in > action > > setHandler() > > File "/home/yakimov/sqlmap/lib/controller/handler.py", line 95, in > > setHandler > > conf.dbmsConnector.connect() > > File "/home/yakimov/sqlmap/plugins/dbms/mysql/connector.py", line 38, > in > > connect > > self.connector = pymysql.connect(host=self.hostname, user=self.user, > > passwd=self.password, db=self.db, port=self.port, > > connect_timeout=conf.timeout, use_unicode=True) > > File > > > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/__init__.py", > > line 93, in Connect > > return Connection(*args, **kwargs) > > File > > > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", > > line 584, in __init__ > > self._connect() > > File > > > "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", > > line 739, in _connect > > sock.connect((self.host, self.port)) > > File "/home/yakimov/sqlmap/thirdparty/socks/socks.py", line 365, in > > connect > > raise GeneralProxyError((5, _generalerrors[5])) > > GeneralProxyError: (5, 'bad input') > > > > > > > > > ------------------------------------------------------------------------------ > > Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for > building > > apps and a phenomenal toolset for data science. Developers can use > > our toolset for easy data analysis & visualization. Get a free account! > > http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 10 > Date: Tue, 16 Apr 2013 23:26:39 +0200 > From: buawig <bu...@gm...> > Subject: [sqlmap-users] feature request: offline mode for > --dns-domain? > To: SqlMap List <sql...@li...> > Message-ID: <516...@gm...> > Content-Type: text/plain; charset=UTF-8 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > in cases where sqlmap is run against targets on internal networks it > would be great if one could tell sqlmap to simply proceed without > expecting incoming DNS requests, because sqlmap can not be executed > directly on the DNS server (which can't reach the target, but the > target can reach the DNS server). > > For me it would be enough to simply run something like > - -u ... --dns-domain=attacker.com --dns-port=0 > (--dns-port does not exist [yet]) > > to let sqlmap know that it doesn't need to start a DNS listener. > > I would then collect and decode the DNS querries on the DNS server > manually, but I could also envision running a second sqlmap instance > on the DNS server with --dns-domain (but without -u) doing that job. > > -----BEGIN PGP SIGNATURE----- > > iQIcBAEBCgAGBQJRbcIPAAoJEJeRHQyF0ukM/VwQAKlZKRyuk55ZbiOzbRPztw/p... [truncated message content] |
