sqlmap-users Mailing List for sqlmap (Page 120)
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users — sqlmap users mailing list
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
| 2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
| 2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
| 2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
| 2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
| 2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
| 2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
| 2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
| 2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Carlos G. V. <car...@gm...> - 2010-09-29 19:34:58
|
I can contribute with spanish common table names... want 'em? 2010/9/29 Andres Riancho <and...@gm...>: > I'm more interested in the script :) > > On Wed, Sep 29, 2010 at 11:38 AM, Miroslav Stampar > <mir...@gm...> wrote: >> program is done. i've run it partially for first 40 pages of Google >> results and will leave it to run for whole night for the rest. >> >> if someone is interested for the complete sorted list of pairs >> (table_name, count) give me a private mail and i'll send it to you. >> >> kind regards. >> >> p.s. first ten are at this moment: >> >> users,20 >> user,14 >> comments,12 >> sessions,10 >> categories,10 >> customers,10 >> customer,10 >> orders,9 >> log,8 >> category,7 >> >> >> On Wed, Sep 29, 2010 at 2:27 PM, Miroslav Stampar >> <mir...@gm...> wrote: >>> to be honest, this is great idea :) >>> >>> i've tried it and it really shows some really cool stuff :) >>> >>> will do this because i am more than interested what will be the results. >>> >>> once again, great idea >>> >>> On Wed, Sep 29, 2010 at 2:24 PM, Andres Riancho >>> <and...@gm...> wrote: >>>> Maybe if you search google's codesearch for "create table ..." inside. sql >>>> files and automate the result extraction you would get something really cool >>>> :) >>>> >>>> Regards, >>>> -- >>>> Andres Riancho >>>> >>>> El sep 29, 2010 9:21 a.m., "Miroslav Stampar" <mir...@gm...> >>>> escribió: >>>> >>>> Hi. >>>> >>>> We are currently adding new feature into sqlmap for retrieving table >>>> names when database (information_) schema is missing and/or sqlmap is >>>> unable to extract table names via normal ways. >>>> >>>> Basic injection vector is: ...AND EXISTS(SELECT 1 FROM <table_name>)... >>>> >>>> So, if you have some knowledge to share please do. >>>> >>>> PHP, Joomla, Wordpress,... everything is more than welcome, except >>>> database system tables. We have those more than enough ;) >>>> >>>> Bye. >>>> >>>> -- >>>> Miroslav Stampar >>>> >>>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>>> Mobile: +385921010204 (HR 0921010204) >>>> PGP Key ID: 0xB5397B1B >>>> Location: Zagreb, Croatia >>>> >>>> ------------------------------------------------------------------------------ >>>> Start uncovering the many advantages of virtual appliances >>>> and start using them to simplify application deployment and >>>> accelerate your shift to cloud computing. >>>> http://p.sf.net/sfu/novell-sfdev2dev >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> Mobile: +385921010204 (HR 0921010204) >>> PGP Key ID: 0xB5397B1B >>> Location: Zagreb, Croatia >>> >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> Location: Zagreb, Croatia >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- --------8<-------- Carlos Gabriel Vergara http://www.ThorSecurity.com.ar PGP: http://www.ThorSecurity.com.ar/gabrielvergara.pgp -------->8-------- |
|
From: shaohua p. <pa...@kn...> - 2010-09-29 15:40:41
|
great! after all, this feature really come to true . On Wed, Sep 29, 2010 at 11:08 PM, Andres Riancho <and...@gm...>wrote: > I'm more interested in the script :) > > On Wed, Sep 29, 2010 at 11:38 AM, Miroslav Stampar > <mir...@gm...> wrote: > > program is done. i've run it partially for first 40 pages of Google > > results and will leave it to run for whole night for the rest. > > > > if someone is interested for the complete sorted list of pairs > > (table_name, count) give me a private mail and i'll send it to you. > > > > kind regards. > > > > p.s. first ten are at this moment: > > > > users,20 > > user,14 > > comments,12 > > sessions,10 > > categories,10 > > customers,10 > > customer,10 > > orders,9 > > log,8 > > category,7 > > > > > > On Wed, Sep 29, 2010 at 2:27 PM, Miroslav Stampar > > <mir...@gm...> wrote: > >> to be honest, this is great idea :) > >> > >> i've tried it and it really shows some really cool stuff :) > >> > >> will do this because i am more than interested what will be the results. > >> > >> once again, great idea > >> > >> On Wed, Sep 29, 2010 at 2:24 PM, Andres Riancho > >> <and...@gm...> wrote: > >>> Maybe if you search google's codesearch for "create table ..." inside. > sql > >>> files and automate the result extraction you would get something really > cool > >>> :) > >>> > >>> Regards, > >>> -- > >>> Andres Riancho > >>> > >>> El sep 29, 2010 9:21 a.m., "Miroslav Stampar" < > mir...@gm...> > >>> escribió: > >>> > >>> Hi. > >>> > >>> We are currently adding new feature into sqlmap for retrieving table > >>> names when database (information_) schema is missing and/or sqlmap is > >>> unable to extract table names via normal ways. > >>> > >>> Basic injection vector is: ...AND EXISTS(SELECT 1 FROM <table_name>)... > >>> > >>> So, if you have some knowledge to share please do. > >>> > >>> PHP, Joomla, Wordpress,... everything is more than welcome, except > >>> database system tables. We have those more than enough ;) > >>> > >>> Bye. > >>> > >>> -- > >>> Miroslav Stampar > >>> > >>> E-mail / Jabber: miroslav.stampar (at) gmail.com > >>> Mobile: +385921010204 (HR 0921010204) > >>> PGP Key ID: 0xB5397B1B > >>> Location: Zagreb, Croatia > >>> > >>> > ------------------------------------------------------------------------------ > >>> Start uncovering the many advantages of virtual appliances > >>> and start using them to simplify application deployment and > >>> accelerate your shift to cloud computing. > >>> http://p.sf.net/sfu/novell-sfdev2dev > >>> _______________________________________________ > >>> sqlmap-users mailing list > >>> sql...@li... > >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > >>> > >> > >> > >> > >> -- > >> Miroslav Stampar > >> > >> E-mail / Jabber: miroslav.stampar (at) gmail.com > >> Mobile: +385921010204 (HR 0921010204) > >> PGP Key ID: 0xB5397B1B > >> Location: Zagreb, Croatia > >> > > > > > > > > -- > > Miroslav Stampar > > > > E-mail / Jabber: miroslav.stampar (at) gmail.com > > Mobile: +385921010204 (HR 0921010204) > > PGP Key ID: 0xB5397B1B > > Location: Zagreb, Croatia > > > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- ------------------------------------------------------------------ 潘少华 手机: 13811789330 ------------------------------------------------------------------ 北京知道创宇信息技术有限公司 地址:北京市回龙观龙腾六区13号楼4单元101 邮编:102200 电话:010-81721153 传真:010-81721153 网址:www.knownsec.com |
|
From: Andres R. <and...@gm...> - 2010-09-29 15:08:31
|
I'm more interested in the script :) On Wed, Sep 29, 2010 at 11:38 AM, Miroslav Stampar <mir...@gm...> wrote: > program is done. i've run it partially for first 40 pages of Google > results and will leave it to run for whole night for the rest. > > if someone is interested for the complete sorted list of pairs > (table_name, count) give me a private mail and i'll send it to you. > > kind regards. > > p.s. first ten are at this moment: > > users,20 > user,14 > comments,12 > sessions,10 > categories,10 > customers,10 > customer,10 > orders,9 > log,8 > category,7 > > > On Wed, Sep 29, 2010 at 2:27 PM, Miroslav Stampar > <mir...@gm...> wrote: >> to be honest, this is great idea :) >> >> i've tried it and it really shows some really cool stuff :) >> >> will do this because i am more than interested what will be the results. >> >> once again, great idea >> >> On Wed, Sep 29, 2010 at 2:24 PM, Andres Riancho >> <and...@gm...> wrote: >>> Maybe if you search google's codesearch for "create table ..." inside. sql >>> files and automate the result extraction you would get something really cool >>> :) >>> >>> Regards, >>> -- >>> Andres Riancho >>> >>> El sep 29, 2010 9:21 a.m., "Miroslav Stampar" <mir...@gm...> >>> escribió: >>> >>> Hi. >>> >>> We are currently adding new feature into sqlmap for retrieving table >>> names when database (information_) schema is missing and/or sqlmap is >>> unable to extract table names via normal ways. >>> >>> Basic injection vector is: ...AND EXISTS(SELECT 1 FROM <table_name>)... >>> >>> So, if you have some knowledge to share please do. >>> >>> PHP, Joomla, Wordpress,... everything is more than welcome, except >>> database system tables. We have those more than enough ;) >>> >>> Bye. >>> >>> -- >>> Miroslav Stampar >>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> Mobile: +385921010204 (HR 0921010204) >>> PGP Key ID: 0xB5397B1B >>> Location: Zagreb, Croatia >>> >>> ------------------------------------------------------------------------------ >>> Start uncovering the many advantages of virtual appliances >>> and start using them to simplify application deployment and >>> accelerate your shift to cloud computing. >>> http://p.sf.net/sfu/novell-sfdev2dev >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> Location: Zagreb, Croatia >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ |
|
From: Miroslav S. <mir...@gm...> - 2010-09-29 14:45:28
|
program is done. i've run it partially for first 40 pages of Google results and will leave it to run for whole night for the rest. if someone is interested for the complete sorted list of pairs (table_name, count) give me a private mail and i'll send it to you. kind regards. p.s. first ten are at this moment: users,20 user,14 comments,12 sessions,10 categories,10 customers,10 customer,10 orders,9 log,8 category,7 On Wed, Sep 29, 2010 at 2:27 PM, Miroslav Stampar <mir...@gm...> wrote: > to be honest, this is great idea :) > > i've tried it and it really shows some really cool stuff :) > > will do this because i am more than interested what will be the results. > > once again, great idea > > On Wed, Sep 29, 2010 at 2:24 PM, Andres Riancho > <and...@gm...> wrote: >> Maybe if you search google's codesearch for "create table ..." inside. sql >> files and automate the result extraction you would get something really cool >> :) >> >> Regards, >> -- >> Andres Riancho >> >> El sep 29, 2010 9:21 a.m., "Miroslav Stampar" <mir...@gm...> >> escribió: >> >> Hi. >> >> We are currently adding new feature into sqlmap for retrieving table >> names when database (information_) schema is missing and/or sqlmap is >> unable to extract table names via normal ways. >> >> Basic injection vector is: ...AND EXISTS(SELECT 1 FROM <table_name>)... >> >> So, if you have some knowledge to share please do. >> >> PHP, Joomla, Wordpress,... everything is more than welcome, except >> database system tables. We have those more than enough ;) >> >> Bye. >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> Location: Zagreb, Croatia >> >> ------------------------------------------------------------------------------ >> Start uncovering the many advantages of virtual appliances >> and start using them to simplify application deployment and >> accelerate your shift to cloud computing. >> http://p.sf.net/sfu/novell-sfdev2dev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
|
From: Miroslav S. <mir...@gm...> - 2010-09-29 12:28:04
|
to be honest, this is great idea :) i've tried it and it really shows some really cool stuff :) will do this because i am more than interested what will be the results. once again, great idea On Wed, Sep 29, 2010 at 2:24 PM, Andres Riancho <and...@gm...> wrote: > Maybe if you search google's codesearch for "create table ..." inside. sql > files and automate the result extraction you would get something really cool > :) > > Regards, > -- > Andres Riancho > > El sep 29, 2010 9:21 a.m., "Miroslav Stampar" <mir...@gm...> > escribió: > > Hi. > > We are currently adding new feature into sqlmap for retrieving table > names when database (information_) schema is missing and/or sqlmap is > unable to extract table names via normal ways. > > Basic injection vector is: ...AND EXISTS(SELECT 1 FROM <table_name>)... > > So, if you have some knowledge to share please do. > > PHP, Joomla, Wordpress,... everything is more than welcome, except > database system tables. We have those more than enough ;) > > Bye. > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > Location: Zagreb, Croatia > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
|
From: Andres R. <and...@gm...> - 2010-09-29 12:24:33
|
Maybe if you search google's codesearch for "create table ..." inside. sql files and automate the result extraction you would get something really cool :) Regards, -- Andres Riancho El sep 29, 2010 9:21 a.m., "Miroslav Stampar" <mir...@gm...> escribió: Hi. We are currently adding new feature into sqlmap for retrieving table names when database (information_) schema is missing and/or sqlmap is unable to extract table names via normal ways. Basic injection vector is: ...AND EXISTS(SELECT 1 FROM <table_name>)... So, if you have some knowledge to share please do. PHP, Joomla, Wordpress,... everything is more than welcome, except database system tables. We have those more than enough ;) Bye. -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ sqlmap-users mailing list sql...@li... https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Miroslav S. <mir...@gm...> - 2010-09-29 12:20:14
|
Hi. We are currently adding new feature into sqlmap for retrieving table names when database (information_) schema is missing and/or sqlmap is unable to extract table names via normal ways. Basic injection vector is: ...AND EXISTS(SELECT 1 FROM <table_name>)... So, if you have some knowledge to share please do. PHP, Joomla, Wordpress,... everything is more than welcome, except database system tables. We have those more than enough ;) Bye. -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
|
From: Carlos G. V. <car...@gm...> - 2010-09-27 16:57:11
|
Testing. So far, no problems. This option will open a wide range of possibilities, cos i'm finding a lot of web applications that uses friendly urls; this is the product of a "human friendly" logic business layer. Thanks again Miroslav. If i can help with something, just ask. -- --------8<-------- Carlos Gabriel Vergara http://www.ThorSecurity.com.ar PGP: http://www.ThorSecurity.com.ar/gabrielvergara.pgp -------->8-------- 2010/9/24 Miroslav Stampar <mir...@gm...>: > Hi. > > With the latest SVN commit you can exploit path injections by issuing > a command to sqlmap as: > > ./sqlmap.py -u "http://www.site.com/somewhere/1*/" > > Notice that * mark inside of path. That's new in sqlmap. So, please > update to latest version from our SVN repository and report if you > notice any problems. > > Kind regards. > > On Fri, Jul 16, 2010 at 1:08 AM, Christoph A. <ca...@gm...> wrote: >> Hi, >> >> is there a way to tell sqlmap that it should exploit an sql injection >> flaw within the URL (no parameters)? >> >> E.g. >> >> example.com/folder/1 >> example.com/folder/1+union+select... >> >> >> As the page requires authentication I specify also the --cookie parameter. >> sqlmap seams only to test cookie fields and as there is no URL parameter >> (eg. ..?id=1) I can't use the -p option. >> >> kind regards, >> christoph >> >> ------------------------------------------------------------------------------ >> This SF.net email is sponsored by Sprint >> What will you do first with EVO, the first 4G phone? >> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > > ------------------------------------------------------------------------------ > Nokia and AT&T present the 2010 Calling All Innovators-North America contest > Create new apps & games for the Nokia N8 for consumers in U.S. and Canada > $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing > Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store > http://p.sf.net/sfu/nokia-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
|
From: Carlos G. V. <car...@gm...> - 2010-09-27 16:52:26
|
Sorry, but i think your query is not right. The sintax of the update sentence is something like this: update SOMETABLE set FIELD1='value1', FIELD2=0, FIELD3=null where FIELD4=15 In other words: update <tablename> set <field list asignation separated by comma> where <condition to select rows to be affected> Looking at your query, you may want to do this: --sql-query "UPDATE h64570.admin SET username='digitalcat' WHERE username='aris' " -v 2 I hope it helps. Good luck! -- --------8<-------- Carlos Gabriel Vergara http://www.ThorSecurity.com.ar PGP: http://www.ThorSecurity.com.ar/gabrielvergara.pgp -------->8-------- 2010/9/24 Miroslav Stampar <mir...@gm...>: > hi. > > for sql query option to work (timed) stacked queries have to be > supported by the vulnerable web site (like: ";SELECT SLEEP(1000)"). in > your option this probably wasn't the case. sorry for inconvenience for > not showing some kind of warning message. with the latest SVN commit > you should be warned in this kind of cases. > > bye. > > On Fri, Sep 24, 2010 at 11:17 PM, <dig...@pr...> wrote: >> >> hi >> can u help me how to use command --sql-query to Update database or >> entry data >> >> i use command like this : >> >> --sql-query "SELECT username, password FROM h64570.admin LIMIT 1, 3" -v >> 2 >> --sql-query "UPDATE username set=digitalcat FROM h64570.admin LIMIT 1, >> 3" -v 2 >> --sql-query "UPDATE SET username 'digitalcat' WHERE username 'aris' >> FROM h64570.admin" -v 2 >> >> but result always : >> >> UPDATE SET username 'digitalcat' WHERE username 'aris' FROM >> h64570.admin: 'None' >> >> [INFO] Fetched data logged to text files under >> 'C:\sqlmap\output\ht-xxxx.co.id' >> >> >> pelase help me.. >> >> thanks >> >> >> ------------------------------------------------------------------------------ >> Start uncovering the many advantages of virtual appliances >> and start using them to simplify application deployment and >> accelerate your shift to cloud computing. >> http://p.sf.net/sfu/novell-sfdev2dev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Miroslav Stampar (Croatia/Zagreb) > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
|
From: Miroslav S. <mir...@gm...> - 2010-09-24 22:05:20
|
hi. for sql query option to work (timed) stacked queries have to be supported by the vulnerable web site (like: ";SELECT SLEEP(1000)"). in your option this probably wasn't the case. sorry for inconvenience for not showing some kind of warning message. with the latest SVN commit you should be warned in this kind of cases. bye. On Fri, Sep 24, 2010 at 11:17 PM, <dig...@pr...> wrote: > > hi > can u help me how to use command --sql-query to Update database or > entry data > > i use command like this : > > --sql-query "SELECT username, password FROM h64570.admin LIMIT 1, 3" -v > 2 > --sql-query "UPDATE username set=digitalcat FROM h64570.admin LIMIT 1, > 3" -v 2 > --sql-query "UPDATE SET username 'digitalcat' WHERE username 'aris' > FROM h64570.admin" -v 2 > > but result always : > > UPDATE SET username 'digitalcat' WHERE username 'aris' FROM > h64570.admin: 'None' > > [INFO] Fetched data logged to text files under > 'C:\sqlmap\output\ht-xxxx.co.id' > > > pelase help me.. > > thanks > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar (Croatia/Zagreb) E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: <dig...@pr...> - 2010-09-24 21:30:41
|
hi can u help me how to use command --sql-query to Update database or entry data i use command like this : --sql-query "SELECT username, password FROM h64570.admin LIMIT 1, 3" -v 2 --sql-query "UPDATE username set=digitalcat FROM h64570.admin LIMIT 1, 3" -v 2 --sql-query "UPDATE SET username 'digitalcat' WHERE username 'aris' FROM h64570.admin" -v 2 but result always : UPDATE SET username 'digitalcat' WHERE username 'aris' FROM h64570.admin: 'None' [INFO] Fetched data logged to text files under 'C:\sqlmap\output\ht-xxxx.co.id' pelase help me.. thanks |
|
From: Miroslav S. <mir...@gm...> - 2010-09-24 09:33:27
|
Hi. With the latest SVN commit you can exploit path injections by issuing a command to sqlmap as: ./sqlmap.py -u "http://www.site.com/somewhere/1*/" Notice that * mark inside of path. That's new in sqlmap. So, please update to latest version from our SVN repository and report if you notice any problems. Kind regards. On Fri, Jul 16, 2010 at 1:08 AM, Christoph A. <ca...@gm...> wrote: > Hi, > > is there a way to tell sqlmap that it should exploit an sql injection > flaw within the URL (no parameters)? > > E.g. > > example.com/folder/1 > example.com/folder/1+union+select... > > > As the page requires authentication I specify also the --cookie parameter. > sqlmap seams only to test cookie fields and as there is no URL parameter > (eg. ..?id=1) I can't use the -p option. > > kind regards, > christoph > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-09-23 13:18:44
|
hi. could you please send me some link for testing this one. we've done some basic stuff and now haven't got any target to test it on. kr On Wed, Sep 15, 2010 at 10:15 PM, Christoph A. <ca...@gm...> wrote: > On 07/16/2010 10:24 AM, Miroslav Stampar wrote: >> Sorry, >> >> nay again :). It shouldn't be much of a work for that to implement, >> but right now all tests require a solid parameter (GET, POST, Cookie, >> UA). >> >> opened a feature request for this one (ticket #199). > > Given the fact that there are frequent "requests" for this feature I > wanted to ask in which state this ticket is. > > thanks, > Christoph > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-09-16 10:36:40
|
update: also added --keep-alive under -o (general optimization; no longer hidden -> visible in help listing) switch bye On Thu, Sep 16, 2010 at 12:05 PM, Miroslav Stampar <mir...@gm...> wrote: > Hi. > > In our 0.9-dev version we've included two new "hidden" options for > speeding up the blind injection: > --common-prediction > --null-connection > > Common prediction: best results when retrieving large tables (it uses > knowledge of previous item retrieved and it tries to take the > advantage of it) > Null connection (reference > http://www.wisec.it/sectou.php?id=472f952d79293): best results on > large pages > > We are not yet fully prepared to move it from experimental phase > without testing it properly. So, we kindly ask you to use them as much > as possible in your normal routine and report any bugs you find. > > Best regards. > > p.s. you can use both switches by just using a general (also hidden) > optimization switch: -o > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-09-16 10:05:49
|
Hi. In our 0.9-dev version we've included two new "hidden" options for speeding up the blind injection: --common-prediction --null-connection Common prediction: best results when retrieving large tables (it uses knowledge of previous item retrieved and it tries to take the advantage of it) Null connection (reference http://www.wisec.it/sectou.php?id=472f952d79293): best results on large pages We are not yet fully prepared to move it from experimental phase without testing it properly. So, we kindly ask you to use them as much as possible in your normal routine and report any bugs you find. Best regards. p.s. you can use both switches by just using a general (also hidden) optimization switch: -o |
|
From: Carlos G. V. <car...@gm...> - 2010-09-16 00:01:56
|
I think i have a workaround for this... Using Burpsuit, you can search&replace strings in the request. So i rewrite the url in a format that sqlmap understands, like this: http://127.0.0.1/lookin-for-dog/?fakeparam=1455&fakeendbackslash= (the original url was http://127.0.0.1/lookin-for-dog/1455/) then added this rules to the proxy options (Burpsuit): 1.- replace ?fakeparam= with an empty string 2.- replace &fakeendbackslash= with / then used sqlmap through burpsuite $ sqlmap -u "http://127.0.0.1/lookin-for-dog/?fakeparam=1455&fakeendbackslash=" -p fakeparam --string SOMESTRING --proxy "http://127.0.0.1:8080" -b and voila! It started to work... but with some issues... At some point i get this output: [20:56:40] [INFO] testing for parenthesis on injectable parameter [20:56:40] [INFO] testing MySQL [20:56:41] [INFO] confirming MySQL [20:56:41] [WARNING] the back-end DMBS is not MySQL [20:56:41] [INFO] testing Oracle [20:56:42] [WARNING] the back-end DMBS is not Oracle [20:56:42] [INFO] testing PostgreSQL [20:56:42] [WARNING] the back-end DMBS is not PostgreSQL [20:56:42] [INFO] testing Microsoft SQL Server [20:56:43] [WARNING] the back-end DMBS is not Microsoft SQL Server [20:56:43] [ERROR] sqlmap was not able to fingerprint the back-end database management system, but from the HTML error page it was possible to determinate that the back-end DBMS is MySQL. Do not specify the back-end DBMS manually, sqlmap will fingerprint the DBMS for you [*] shutting down at: 20:56:43 And it dies there... no more sqlmap for me. I try to force with --dbms "MySQL", but nothings appears to work. Any advice? Thanks!!!! 2010/9/15 Christoph A. <ca...@gm...>: > On 09/15/2010 05:30 PM, Carlos Gabriel Vergara wrote: >> Hi! >> (Please, excuse my english) >> >> I've got a question about GET parameters; i looked into the mail >> achive and didn't find anything about telling sqlmap wich "parameter" >> to use when the site uses friendly urls. >> >> In my test enviroment i have this url: >> >> http://127.0.0.1/lookin-for-dog/1455/ >> >> The injectable part is "1455", wich looks like a path name. In fact, >> the parameter is "looking-for-dog", and the value is "1455". Testing >> with: >> >> http://127.0.0.1/lookin-for-dog/1455%20or%201%3d1/ >> (meaning http://127.0.0.1/lookin-for-dog/1455 or 1=1/) >> >> ...seems to work. When injecting something like "1455%27", a MySQL >> error appears. So i think the url it's injectable. The problem is that >> i can't pass this kind of parameter to sqlmap, or better say, i don't >> know how to pass it. >> >> Is there a workaround for this? > > > > You might want to have a look at this thread: > http://sourceforge.net/mailarchive/message.php?msg_name=4C3F94D3.5030408%40gmail.com > > > -- --------8<-------- Carlos Gabriel Vergara http://www.ThorSecurity.com.ar PGP: http://www.ThorSecurity.com.ar/gabrielvergara.pgp -------->8-------- |
|
From: Miroslav S. <mir...@gm...> - 2010-09-15 23:57:57
|
ok, will work soon on it. matter of week or two after finishing some other stuff started. kind regards On Wed, Sep 15, 2010 at 10:15 PM, Christoph A. <ca...@gm...> wrote: > On 07/16/2010 10:24 AM, Miroslav Stampar wrote: >> Sorry, >> >> nay again :). It shouldn't be much of a work for that to implement, >> but right now all tests require a solid parameter (GET, POST, Cookie, >> UA). >> >> opened a feature request for this one (ticket #199). > > Given the fact that there are frequent "requests" for this feature I > wanted to ask in which state this ticket is. > > thanks, > Christoph > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Christoph A. <ca...@gm...> - 2010-09-15 20:16:03
|
On 07/16/2010 10:24 AM, Miroslav Stampar wrote: > Sorry, > > nay again :). It shouldn't be much of a work for that to implement, > but right now all tests require a solid parameter (GET, POST, Cookie, > UA). > > opened a feature request for this one (ticket #199). Given the fact that there are frequent "requests" for this feature I wanted to ask in which state this ticket is. thanks, Christoph |
|
From: Christoph A. <ca...@gm...> - 2010-09-15 20:13:08
|
On 09/15/2010 05:30 PM, Carlos Gabriel Vergara wrote: > Hi! > (Please, excuse my english) > > I've got a question about GET parameters; i looked into the mail > achive and didn't find anything about telling sqlmap wich "parameter" > to use when the site uses friendly urls. > > In my test enviroment i have this url: > > http://127.0.0.1/lookin-for-dog/1455/ > > The injectable part is "1455", wich looks like a path name. In fact, > the parameter is "looking-for-dog", and the value is "1455". Testing > with: > > http://127.0.0.1/lookin-for-dog/1455%20or%201%3d1/ > (meaning http://127.0.0.1/lookin-for-dog/1455 or 1=1/) > > ...seems to work. When injecting something like "1455%27", a MySQL > error appears. So i think the url it's injectable. The problem is that > i can't pass this kind of parameter to sqlmap, or better say, i don't > know how to pass it. > > Is there a workaround for this? You might want to have a look at this thread: http://sourceforge.net/mailarchive/message.php?msg_name=4C3F94D3.5030408%40gmail.com |
|
From: Carlos G. V. <car...@gm...> - 2010-09-15 15:30:24
|
Hi! (Please, excuse my english) I've got a question about GET parameters; i looked into the mail achive and didn't find anything about telling sqlmap wich "parameter" to use when the site uses friendly urls. In my test enviroment i have this url: http://127.0.0.1/lookin-for-dog/1455/ The injectable part is "1455", wich looks like a path name. In fact, the parameter is "looking-for-dog", and the value is "1455". Testing with: http://127.0.0.1/lookin-for-dog/1455%20or%201%3d1/ (meaning http://127.0.0.1/lookin-for-dog/1455 or 1=1/) ...seems to work. When injecting something like "1455%27", a MySQL error appears. So i think the url it's injectable. The problem is that i can't pass this kind of parameter to sqlmap, or better say, i don't know how to pass it. Is there a workaround for this? Thanks in advance, -- --------8<-------- Carlos Gabriel Vergara http://www.ThorSecurity.com.ar PGP: http://www.ThorSecurity.com.ar/gabrielvergara.pgp -------->8-------- |
|
From: Miroslav S. <mir...@gm...> - 2010-09-14 10:35:42
|
Hi. There was a major f.ck up I've introduced with one of my previous "fixes" regarding session file saving. It created lots of junk lines like "[....?id=1][None][None][Match ratio][0.9]" in between "real data" which screwed all the session/save/resume process. All 0.9-dev users till r1818 are affected. Most of you probably haven't notice it in your normal work but those who tried to do resuming of previous sessions probably did. So, all 0.9-dev users please do the svn update to have it fixed. Kind regards & Mea Culpa |
|
From: Miroslav S. <mir...@gm...> - 2010-09-13 15:15:49
|
thanks for report m4l1c3. found and fixed. kr On Mon, Sep 13, 2010 at 4:52 PM, m4l1c3 <mal...@gm...> wrote: > ./sqlmap.py -u "http://DOMAIN.com:80/DIR1/?PAR1=99&PAR2=99&PAR3=99" -p PAR1 > --tables TABLE1 -D DATAB1 --union-use > > sqlmap version: 0.9-dev > Python version: 2.5.2 > Operating system: posix > Traceback (most recent call last): > File "./sqlmap.py", line 89, in main > start() > File "/pentest/database/sqlmap-dev/lib/controller/controller.py", line > 278, in start > action() > File "/pentest/database/sqlmap-dev/lib/controller/action.py", line 77, in > action > conf.dumper.technic("valid union", unionTest()) > File "/pentest/database/sqlmap-dev/lib/techniques/inband/union/test.py", > line 233, in unionTest > value = __unionConfirm() > File "/pentest/database/sqlmap-dev/lib/techniques/inband/union/test.py", > line 132, in __unionConfirm > value = __unionPosition(negative=True) > File "/pentest/database/sqlmap-dev/lib/techniques/inband/union/test.py", > line 93, in __unionPosition > if randQuery in resultPage and not htmlParsed: > TypeError: argument of type 'NoneType' is not iterable > > [*] shutting down at: 10:48:46 > > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing > http://p.sf.net/sfu/novell-sfdev2dev > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: m4l1c3 <mal...@gm...> - 2010-09-13 14:52:39
|
./sqlmap.py -u "http://DOMAIN.com:80/DIR1/?PAR1=99&PAR2=99&PAR3=99" -p PAR1 --tables TABLE1 -D DATAB1 --union-use sqlmap version: 0.9-dev Python version: 2.5.2 Operating system: posix Traceback (most recent call last): File "./sqlmap.py", line 89, in main start() File "/pentest/database/sqlmap-dev/lib/controller/controller.py", line 278, in start action() File "/pentest/database/sqlmap-dev/lib/controller/action.py", line 77, in action conf.dumper.technic("valid union", unionTest()) File "/pentest/database/sqlmap-dev/lib/techniques/inband/union/test.py", line 233, in unionTest value = __unionConfirm() File "/pentest/database/sqlmap-dev/lib/techniques/inband/union/test.py", line 132, in __unionConfirm value = __unionPosition(negative=True) File "/pentest/database/sqlmap-dev/lib/techniques/inband/union/test.py", line 93, in __unionPosition if randQuery in resultPage and not htmlParsed: TypeError: argument of type 'NoneType' is not iterable [*] shutting down at: 10:48:46 |
|
From: Miroslav S. <mir...@gm...> - 2010-09-13 08:23:57
|
Hi.
Could you please send me program arguments you used (including url)
privately via mail? We are not sure what's causing this.
KR
On Mon, Sep 13, 2010 at 2:24 AM, Pavel Saparov <sap...@gm...> wrote:
> sqlmap version: 0.8
> Python version: 2.6.4
> Operating system: linux2
> Traceback (most recent call last):
> File "/usr/bin/sqlmap", line 77, in main
> start()
> File "/usr/share/sqlmap/lib/controller/controller.py", line 259, in start
> action()
> File "/usr/share/sqlmap/lib/controller/action.py", line 88, in action
> dumper.string("current database", conf.dbmsHandler.getCurrentDb())
> File "/usr/share/sqlmap/plugins/generic/enumeration.py", line 146, in
> getCurrentDb
> kb.data.currentDb = inject.getValue(query)
> File "/usr/share/sqlmap/lib/request/inject.py", line 373, in getValue
> value = __goInferenceProxy(expression, fromUser, expected, batch,
> resumeValue, unpack, charsetType, firstChar, lastChar)
> File "/usr/share/sqlmap/lib/request/inject.py", line 123, in
> __goInferenceProxy
> output = resume(expression, payload)
> File "/usr/share/sqlmap/lib/utils/resume.py", line 152, in resume
> if len(resumedValue) == int(length):
> ValueError: invalid literal for int() with base 10: '\x02'
>
> ------------------------------------------------------------------------------
> Start uncovering the many advantages of virtual appliances
> and start using them to simplify application deployment and
> accelerate your shift to cloud computing
> http://p.sf.net/sfu/novell-sfdev2dev
>
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
E-mail / Jabber: miroslav.stampar (at) gmail.com
Mobile: +385921010204 (HR 0921010204)
PGP Key ID: 0xB5397B1B
|
|
From: Miroslav S. <mir...@gm...> - 2010-09-13 07:53:31
|
This was fixed in our development version. Please check it out from our SVN repository to have it fixed (svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). KR On Sun, Sep 12, 2010 at 11:22 PM, Faisal Hourani <fai...@gm...> wrote: > sqlmap version: 0.8 > Python version: 2.6.5 > Operating system: linux2 > Traceback (most recent call last): > File "sqlmap.py", line 77, in main > start() > File "/home/0x00/sqlmap/lib/controller/controller.py", line 259, in start > action() > File "/home/0x00/sqlmap/lib/controller/action.py", line 144, in action > conf.dbmsHandler.osPwn() > File "/home/0x00/sqlmap/plugins/generic/takeover.py", line 169, in osPwn > self.initEnv(web=web) > File "/home/0x00/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv > self.webInit() > File "/home/0x00/sqlmap/lib/takeover/web.py", line 189, in webInit > uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, > raise404=False) > File "/home/0x00/sqlmap/lib/request/connect.py", line 126, in getPage > conn = urllib2.urlopen(req) > File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen > return _opener.open(url, data, timeout) > File "/usr/local/lib/python2.6/urllib2.py", line 391, in open > response = self._open(req, data) > File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open > '_open', req) > File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain > result = func(*args) > File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open > return self.do_open(httplib.HTTPConnection, req) > File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open > h = http_class(host, timeout=req.timeout) # will parse host:port > File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__ > self._set_hostport(host, port) > File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport > raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) > InvalidURL: nonnumeric port: '' > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing > http://p.sf.net/sfu/novell-sfdev2dev > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
48 messages has been excluded from this view by a project administrator.
