Re: [sqlmap-users] Fwd: Bad Encoding
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Fwd: Bad Encoding
|
From: Miroslav S. <mir...@gm...> - 2013-08-20 19:07:37
|
Hi. Use --binary-fields option for retrieving binary data. It will retrieve and represent data in it's hexadecimal form. Afterwards you can decode that data into it's binary form by yourself. Example: python sqlmap.py -u "http://testphp.vulnweb.com/artists.php?artist=2" --technique=BU --dump -T artists -D acuart --binary-fields=adesc | artist_id | aname | adesc ........... | 1 | r4w8173 | 3C703E0A4C6F72656D20697073756D20646F6C6F722073697420616D65742C20636F6E7365637465747565722061646970697363696E6720656C69742E20446F6E6563206D6F6C65737469652E0A2020202053656420616C697175616D2073656D20757420617263752E2050686173656C6C757320736F6C6C696369747564696E2E20566573746962756C756D20636F6E64696D656E74756D20666163696C697369730A202020206E756C6C612E20496E206861632068616269746173736520706C617465612064696374756D73742E204E756C6C61206E6F6E756D6D792E20437261732071756973206C696265726F2E0A20202020437261732076656E656E617469732E20416C697175616D20706F7375657265206C6F626F7274697320706564652E204E756C6C616D206672696E67696C6C612075726E61206964206C656F2E0A202020205072616573656E7420616C6971756574207072657469756D20657261742E205072616573656E74206E6F6E206F64696F2E2050656C6C656E7465737175652061206D61676E6120610A202020206D61757269732076756C707574617465206C6163696E69612E2041............. Example of manual decoding: python -c "print '3C703E0A4C6F72656D20697073756D20646F'.decode('hex')" <p> Lorem ipsum do Kind regards, Miroslav Stampar On Tue, Aug 20, 2013 at 8:04 PM, Brandon Perry <bpe...@gm...>wrote: > The hash will be stored as binary data, so the pairs (0xab0xcd0xef) will > give you the actual hash (abcdef) instead of expecting the 0xab to be an > ASCII printable representation of a byte of the hash. > > Make sense? > > Sent from a computer > > On Aug 20, 2013, at 12:48, Douglas Brancaglion <dou...@gm...> > wrote: > > > Brandon, you know how I can extract a hash (md5 or sha) that? > > Tks! > > 2013/8/20 Brandon Perry <bpe...@gm...> > >> Or binary md5 >> >> Sent from a computer >> >> On Aug 20, 2013, at 7:56, Douglas Brancaglion <dou...@gm...> >> wrote: >> >> >> Hello guys, I have researched a lot about my case even more could not get an >> answer that resolves my problem. >> >> In some tests I came across a possible "hash" that is within a table in a >> microsoft sql server that is coming with the hash sooo weird, I >> personally have never seen. >> >> I've tried to convert it in several encodes, however no success. >> >> Does anyone of you have seen similar case? >> >> Below is an example of this "hash" >> >> \ \ x8cĐ \ \ x14Z \ \ xa8 \ \ xd7 # | ż \ \ x04YŚ \ \ xfa? \ \ x82Ę \ \ >> x18] Š \ \ x02E \ \ x8A \ \ xdf \ \ x80Ĺ \ \ x08P \ \ x9eă >> >> -- >> Douglas Brancaglion >> Security Analist >> >> >> ------------------------------------------------------------------------------ >> >> Introducing Performance Central, a new site from SourceForge and >> AppDynamics. Performance Central is your source for news, insights, >> analysis and resources for efficient Application Performance Management. >> Visit us today! >> >> http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk >> >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Douglas Brancaglion > Security Analist > > > > ------------------------------------------------------------------------------ > Introducing Performance Central, a new site from SourceForge and > AppDynamics. Performance Central is your source for news, insights, > analysis and resources for efficient Application Performance Management. > Visit us today! > http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
