Re: [sqlmap-users] How does sqlmap detect the OS?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi.

There are two ways:

1) From DBMS banner (e.g. banner "Microsoft SQL Server 2005 - 9.00.1399.06
(Intel X86) Oct 14 2005 00:33:37 Copyright (c) 1988-2005 Microsoft
Corporation Express Edition on *Windows NT 5.2* (Build 3790: Service Pack
2)" -> Windows 2003) [1]
2) Heuristically/guessing from IIS version (e.g. HTTP response header
"Server: Microsoft-IIS/6.0" -> Windows 2003) [2]

Kind regards,
Miroslav Stampar

Reference:
[1] sqlmap/plugins/dbms/mssqlserver/fingerprint.py
[2] sqlmap/xml/banner/server.xml

On Sun, Jan 12, 2014 at 1:53 PM, <du...@al...> wrote:

> No, the site displays custom error pages.
>
>
> On 2014-01-12 13:43, Miroslav Stampar wrote:
>
>> Are error messages turned on on the target server?
>>
>> Bye
>> On Jan 12, 2014 1:19 PM, <du...@al...> wrote:
>>
>>  Well I checked the HTTP headers on the server and it only says
>>> "Microsoft/IIS6.0".
>>> And I can't figure out how to via the SQL injection determine the
>>> OS.
>>>
>>> Anymore information would be greatly appreciated.
>>> No rush though, I'm mostly curious on how it does it :)
>>> Maybe some sort of example?
>>>
>>> Regards
>>>
>>> On 2014-01-12 12:55, Miroslav Stampar wrote:
>>> Hi.
>>>
>>> There are multiple vectors sqlmap uses. For example, it usually
>>> uses
>>> DBMS banner if available and HTTP header values (e.g. Server). Do
>>> you
>>> need more specific info?
>>>
>>> Bye
>>> On Jan 11, 2014 10:17 PM, <du...@al...> wrote:
>>>
>>> I tried sqlmap on a site running on Windows Server 2003, and it
>>> could
>>> detect the OS.
>>> How does sqlmap go about doing that?
>>>
>>> Regards, Jimmy
>>>
>>>
>>>  ------------------------------------------------------------
>> ------------------
>>
>>> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
>>> Learn Why More Businesses Are Choosing CenturyLink Cloud For
>>> Critical Workloads, Development Environments & Everything In
>>> Between.
>>> Get a Quote or Start a Free Trial Today.
>>>
>>>
>>>  http://pubads.g.doubleclick.net/gampad/clk?id=119420431&
>> iu=/4140/ostg.clktrk
>>
>>> [1]
>>> [1]
>>> _______________________________________________
>>> sqlmap-users mailing list
>>> sql...@li...
>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users [2] [2]
>>>
>>> Links:
>>> ------
>>> [1]
>>>
>>>  http://pubads.g.doubleclick.net/gampad/clk?id=119420431&
>> amp;iu=/4140/ostg.clktrk<http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk>
>>
>>> [1]
>>> [2] https://lists.sourceforge.net/lists/listinfo/sqlmap-users [2]
>>>
>>
>>
>> Links:
>> ------
>> [1]
>> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&
>> amp;iu=/4140/ostg.clktrk<http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk>
>> [2] https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>

-- 
Miroslav Stampar
http://about.me/stamparm