Re: [sqlmap-users] Ms09-004 on W2K3SP2
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Ms09-004 on W2K3SP2
|
From: Luis R. <lui...@gm...> - 2013-12-01 20:09:56
|
Yes, its the following: --- Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86) Oct 14 2005 00:33:37 Copyright (c) 1988-2005 Microsoft Corporation Express Edition on Windows NT 5.2 (Build 3790: Service Pack 2) --- Thank you, Luis On Sun, Dec 1, 2013 at 8:46 PM, Miroslav Stampar <mir...@gm... > wrote: > Hi. > > It seems that sqlmap was not able to parse "service pack" information from > retrieved banner. > > Can you please write back what do you get for --banner? > > Kind regards, > Miroslav Stampar > > > On Sat, Nov 30, 2013 at 8:07 PM, Luis Rocha <lui...@gm...> wrote: > >> Hello All, >> >> Since this is my first post I want to make sure that I write that sqlmap >> is a brilliant tool and congratulations to the devteam! >> >> >> I have a question that you might know. I am using sqlmap version >> 1.0-dev-cda27ec. >> >> >> Consider a victim system running Windows 2003 SP2 English version with >> HAL version : 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) with MSSQL2005 on >> VMware Workstation. >> >> >> From the attacker I am trying to take advantage of the MS09-004 and when >> I try to execute the ./sqlmap.py -u 'http://vulnerable/page.aspx' >> --data=`cat data` --prefix="1', 1);" --suffix="--" --fresh-queries >> --os-bof it generates an error: >> >> [13:17:51] [CRITICAL] sqlmap can not exploit the stored procedure buffer >> overflow because it does not have a valid return code for the underlying >> operating system (Windows 2003 Service Pack 0) >> >> >> I took a look at the file /plugins/dbms/mssqlserver/takeover.py and saw >> the following lines commented out: >> >> 2003 Service Pack 2 updated at 12/2008 (....) >> >> 2003 Service Pack 2 updated at 09/2009 (....) >> >> >> I remove the comment but still the same problem. ...the tool seems to >> determine that the OS does not contain any SP when in fact it has SP2... >> >> >> Any ideas? >> >> >> Thank you, >> >> Luis >> >> >> ------------------------------------------------------------------------------ >> Rapidly troubleshoot problems before they affect your business. Most IT >> organizations don't have a clear picture of how application performance >> affects their revenue. With AppDynamics, you get 100% visibility into your >> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics >> Pro! >> >> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > |
