Re: [sqlmap-users] Direct connection to Oracle supported?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi.

"Does sqlmap need a specifc version of these files?" - not really. It just
needs to be compatible with the current Python version.

Kind regards,
Miroslav Stampar

On Thu, Oct 24, 2013 at 4:55 PM, Brian Milliron <Br...@ec...>wrote:

> Thanks for the sample command and output.  It turns out there was a case
> sensitivity issue.  oracle:// vs Oracle://  Once I solved that, sqlmap
> began complaining about a missing cx_Oracle.py  The Kali installation it
> seems is missing the Oracle client and python libraries.  Does sqlmap
> need a specifc version of these files?
>
>
> > Hi.
> >
> > sqlmap supports it. Sample console output:
> >
> > $ python sqlmap.py -d "oracle://SYSTEM:testpass@192.168.5.27:1521/testdb
> "
> > -v 5 --banner
> >
> >     sqlmap/1.0-dev-8dac47f - automatic SQL injection and database
> takeover
> > tool
> >     http://sqlmap.org
> >
> > [!] legal disclaimer: Usage of sqlmap for attacking targets without prior
> > mutual consent is illegal. It is the end user's responsibility to obey
> all
> > applicable local, state and federal laws. Developers assume no liability
> > and are not responsible for any misuse or damage caused by this program
> >
> > [*] starting at 20:15:37
> >
> > [20:15:37] [DEBUG] cleaning up configuration parameters
> > [20:15:37] [DEBUG] forcing timeout to 10 seconds
> > [20:15:37] [INFO] connection to oracle server 192.168.5.27:1521established
> > [20:15:37] [INFO] the back-end DBMS is Oracle
> > [20:15:37] [INFO] fetching banner
> > [20:15:37] [PAYLOAD] SELECT NVL(CAST(banner AS VARCHAR(4000)),' ') FROM
> > v$version WHERE ROWNUM=1
> > back-end DBMS: Oracle
> > banner:    'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 -
> > Prod'
> > [20:15:37] [INFO] connection to oracle server 192.168.5.27:1521 closed
> >
> > [*] shutting down at 20:15:37
> >
> > Could you please check that you run the latest revision from the Github
> > repository and try to run it with -v 5? Strange thing with your case is
> > "sqlmap was not able to fingerprint..." while there is no fingerprinting
> in
> > sqlmap's direct mode (at least in HEAD revision).
> >
> > Kind regards,
> > Miroslav Stampar
>
>
>
>
>

-- 
Miroslav Stampar
http://about.me/stamparm