[sqlmap-users] Ms09-004 on W2K3SP2
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Ms09-004 on W2K3SP2
|
From: Luis R. <lui...@gm...> - 2013-11-30 19:07:40
|
Hello All, Since this is my first post I want to make sure that I write that sqlmap is a brilliant tool and congratulations to the devteam! I have a question that you might know. I am using sqlmap version 1.0-dev-cda27ec. Consider a victim system running Windows 2003 SP2 English version with HAL version : 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) with MSSQL2005 on VMware Workstation. >From the attacker I am trying to take advantage of the MS09-004 and when I try to execute the ./sqlmap.py -u 'http://vulnerable/page.aspx' --data=`cat data` --prefix="1', 1);" --suffix="--" --fresh-queries --os-bof it generates an error: [13:17:51] [CRITICAL] sqlmap can not exploit the stored procedure buffer overflow because it does not have a valid return code for the underlying operating system (Windows 2003 Service Pack 0) I took a look at the file /plugins/dbms/mssqlserver/takeover.py and saw the following lines commented out: 2003 Service Pack 2 updated at 12/2008 (....) 2003 Service Pack 2 updated at 09/2009 (....) I remove the comment but still the same problem. ...the tool seems to determine that the OS does not contain any SP when in fact it has SP2... Any ideas? Thank you, Luis |
