sqlmap-users Mailing List for sqlmap (Page 122)
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users — sqlmap users mailing list
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
| 2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
| 2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
| 2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
| 2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
| 2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
| 2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
| 2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
| 2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Matthijs K. <mat...@st...> - 2010-08-10 15:39:16
|
Hi Miroslav, > As there is a possibility that sun has burned my brains these days, > please send a description how you've reached that version with that > TODO comment and I'll gladly try to reproduce it. This is from the 0.6.4 Debian package. I've checked the source package, it's in there as well, and there seem to be no relevant Debian specific patches). I tried to have a look around in your SVN repository, but there's no online browse tool, and access was denied to anything but trunk, so I didn't spend much time on that. > p.s. Have you considered a possibility that you've written it there > (locally) by yourself? Yup, I'm sure of that. One more look at request.py in trunk, shows that this todo was just implemented by someone already: https://svn.sqlmap.org/sqlmap/trunk/sqlmap/lib/request/comparison.py I'm not completely sure what the new code does (there seems to be some ratio auto-detection) and if it would adequately handle my case (with a very small change), so perhaps someone can have a look at that. Gr. Matthijs |
|
From: Miroslav S. <mir...@gm...> - 2010-08-10 14:13:26
|
Dear Matthijs. There is no such thing in there. I double checked all revisions. So, you've probably done something wrong. As there is a possibility that sun has burned my brains these days, please send a description how you've reached that version with that TODO comment and I'll gladly try to reproduce it. Best regards. p.s. Have you considered a possibility that you've written it there (locally) by yourself? On Tue, Aug 10, 2010 at 8:42 AM, Matthijs Kooijman <mat...@st...> wrote: > Hi Miroslav, > >> Everything is clear here, but one thing. Could you please point me to >> the part (file and line number) where (or was) "there is a comment to >> make this a commandline option"? > From /usr/share/sqlmap/lib/core/settings.py: > > > # TODO: port to command line/configuration file options? > SECONDS = 5 > RETRIES = 3 > MATCH_RATIO = 0.999 > > Gr. > > Matthijs > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAkxg9OUACgkQz0nQ5oovr7yufACghHgxpqxpNQoztQTtq/TsvQlA > H/EAoMM2XxUoOJN4B+Su7V9/DiAuHIwD > =m++Y > -----END PGP SIGNATURE----- > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Matthijs K. <mat...@st...> - 2010-08-10 06:42:54
|
Hi Miroslav,
> Everything is clear here, but one thing. Could you please point me to
> the part (file and line number) where (or was) "there is a comment to
> make this a commandline option"?
From /usr/share/sqlmap/lib/core/settings.py:
# TODO: port to command line/configuration file options?
SECONDS = 5
RETRIES = 3
MATCH_RATIO = 0.999
Gr.
Matthijs
|
|
From: Miroslav S. <mir...@gm...> - 2010-08-09 22:47:02
|
On Mon, Aug 9, 2010 at 12:51 PM, Matthijs Kooijman <mat...@st...> wrote: > (Please CC me, I'm not subscribed) > > Hi folks, > > I've just been fiddling around with sqlmap a bit, and I had some > problems with sqlmap claiming that some parameter is not dynamic, while > I'm certain it is. > > After a bit of sourcegrepping, I found that the dynamicness is tested > using a comparions with a threshold. In my particular case, the > parameter was dynamic, but affected the resulting page only in a single > small spot. The comparator therefore said the similarity ratio was > 0.996, whereas less than 0.9 is required. > > This 0.9 is currently hardcoded in MATCH_RATIO in core/settings.py, > though there is a comment to make this a commandline option. Hi. Everything is clear here, but one thing. Could you please point me to the part (file and line number) where (or was) "there is a comment to make this a commandline option"? Kind regards. Doing this > would probably increase the utility of sqlmap for cases such as mine. > However, to actually let users know about this option and how it can > help, the "is not dynamic" error message should probably include the > actual ratio and a hint to this new commandline option. > > I hope you can get this change into a next version. > > Gr. > > Matthijs > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAkxf3bkACgkQz0nQ5oovr7wrRwCeIizHKG58nGqHUfJMJKogaTrF > xPIAoIidSQEcPtFjtR4dZBdp/DSQ95K+ > =tl6U > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by > > Make an app they can't live without > Enter the BlackBerry Developer Challenge > http://p.sf.net/sfu/RIM-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-08-09 22:10:23
|
I know that this will sound unbelievable, but this is what I've got as first thing on my mind when I've got up in the morning :) I just didn't have time to "patch" it. Now, hopefully, with current revision, this should be fixed. On Mon, Aug 9, 2010 at 6:59 PM, m4l1c3 <mal...@gm...> wrote: > Rev: 1816 > > ./sqlmap.py -u "http://www.DOMAIN.com/SOME.php?id=1" --dump -C > column1,column2,column3 -T table -D database > > [12:55:23] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the > command line and the following text and send by e-mail to > sql...@li.... The developer will fix it as soon as > possible: > sqlmap version: 0.9-dev > Python version: 2.5.2 > Operating system: posix > Traceback (most recent call last): > File "./sqlmap.py", line 89, in main > start() > File "/pentest/database/sqlmap/sqlmap-dev/lib/controller/controller.py", > line 278, in start > action() > File "/pentest/database/sqlmap/sqlmap-dev/lib/controller/action.py", line > 67, in action > print "%s\n" % conf.dbmsHandler.getFingerprint() > File > "/pentest/database/sqlmap/sqlmap-dev/plugins/dbms/mysql/fingerprint.py", > line 117, in getFingerprint > actVer = formatDBMSfp() > File "/pentest/database/sqlmap/sqlmap-dev/lib/core/common.py", line 164, > in formatDBMSfp > while None in versions: > TypeError: argument of type 'NoneType' is not iterable > [*] shutting down at: 12:55:23 > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by > > Make an app they can't live without > Enter the BlackBerry Developer Challenge > http://p.sf.net/sfu/RIM-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: m4l1c3 <mal...@gm...> - 2010-08-09 17:00:04
|
Rev: 1816 ./sqlmap.py -u "http://www.DOMAIN.com/SOME.php?id=1" --dump -C column1,column2,column3 -T table -D database [12:55:23] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the command line and the following text and send by e-mail to sql...@li.... The developer will fix it as soon as possible: sqlmap version: 0.9-dev Python version: 2.5.2 Operating system: posix Traceback (most recent call last): File "./sqlmap.py", line 89, in main start() File "/pentest/database/sqlmap/sqlmap-dev/lib/controller/controller.py", line 278, in start action() File "/pentest/database/sqlmap/sqlmap-dev/lib/controller/action.py", line 67, in action print "%s\n" % conf.dbmsHandler.getFingerprint() File "/pentest/database/sqlmap/sqlmap-dev/plugins/dbms/mysql/fingerprint.py", line 117, in getFingerprint actVer = formatDBMSfp() File "/pentest/database/sqlmap/sqlmap-dev/lib/core/common.py", line 164, in formatDBMSfp while None in versions: TypeError: argument of type 'NoneType' is not iterable [*] shutting down at: 12:55:23 |
|
From: Matthijs K. <mat...@st...> - 2010-08-09 11:15:42
|
(Please CC me, I'm not subscribed) Hi folks, I've just been fiddling around with sqlmap a bit, and I had some problems with sqlmap claiming that some parameter is not dynamic, while I'm certain it is. After a bit of sourcegrepping, I found that the dynamicness is tested using a comparions with a threshold. In my particular case, the parameter was dynamic, but affected the resulting page only in a single small spot. The comparator therefore said the similarity ratio was 0.996, whereas less than 0.9 is required. This 0.9 is currently hardcoded in MATCH_RATIO in core/settings.py, though there is a comment to make this a commandline option. Doing this would probably increase the utility of sqlmap for cases such as mine. However, to actually let users know about this option and how it can help, the "is not dynamic" error message should probably include the actual ratio and a hint to this new commandline option. I hope you can get this change into a next version. Gr. Matthijs |
|
From: e1m1 <e1...@zl...> - 2010-08-09 04:19:08
|
hi, running sqlmap 0.8 without probs.I'm send bugreport to ubuntu comunity :) Thx > Hi. > > You are currently using pretty outdated version of sqlmap. Please > check out latest development version from our SVN repository ($ svn > checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). > > Kind regards. > > On Sat, Aug 7, 2010 at 11:35 PM, e1m1<e1...@zl...> wrote: > >> Hi , >> >> after running sqlmap --update i'm got this error.I'm Running ubuntu >> 10.04 - Linux hostname 2.6.32-24-generic #39-Ubuntu SMP Wed Jul 28 >> 06:07:29 UTC 2010 i686 GNU/Linux.I'm get sqlmap by aptitude install sqlmap. >> >> [root@hostname][~]$ sqlmap --update >> /usr/share/sqlmap/lib/core/convert.py:27: DeprecationWarning: the md5 >> module is deprecated; use hashlib instead >> import md5 >> /usr/share/sqlmap/lib/core/convert.py:28: DeprecationWarning: the sha >> module is deprecated; use the hashlib module instead >> import sha >> >> sqlmap/0.6.4 coded by Bernardo Damele A. G.<ber...@gm...> >> and Daniele Bellucci<dan...@gm...> >> >> [*] starting at: 23:32:49 >> >> [23:32:49] [INFO] updating sqlmap >> [23:32:49] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the >> command line and the following text and send by e-mail to >> sql...@li.... The developers will fix it as soon >> as possible: >> sqlmap version: 0.6.4 >> Python version: 2.6.5 >> Operating system: linux2 >> Traceback (most recent call last): >> File "/usr/bin/sqlmap", line 78, in main >> init(cmdLineOptions) >> File "/usr/share/sqlmap/lib/core/option.py", line 770, in init >> update() >> File "/usr/share/sqlmap/lib/core/update.py", line 349, in update >> __updateSqlmap() >> File "/usr/share/sqlmap/lib/core/update.py", line 246, in __updateSqlmap >> logger.errMsg(errMsg) >> AttributeError: Logger instance has no attribute 'errMsg' >> >> [*] shutting down at: 23:32:49 >> >> [root@hostname][~]$ >> >> >> ------------------------------------------------------------------------------ >> This SF.net email is sponsored by >> >> Make an app they can't live without >> Enter the BlackBerry Developer Challenge >> http://p.sf.net/sfu/RIM-dev2dev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > |
|
From: Miroslav S. <mir...@gm...> - 2010-08-08 22:22:39
|
Thank you for your report. Found and fixed. Kind regards. On Sun, Aug 1, 2010 at 7:51 PM, dragoun dash <dra...@gm...> wrote: > ./sqlmap.py -u http://mywebsite/directory/page.asp?id=17 --method=GET > -f --union-use --reg-read > > --------------------- > [18:47:25] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy > the command line and the following text and send by e-mail to > sql...@li.... The developer will fix it as soon > as possible: > sqlmap version: 0.9-dev > Python version: 2.6.5 > Operating system: posix > Traceback (most recent call last): > File "./sqlmap.py", line 89, in main > start() > File "/pentest/database/sqlmap/lib/controller/controller.py", line > 268, in start > action() > File "/pentest/database/sqlmap/lib/controller/action.py", line 67, in action > print "%s\n" % conf.dbmsHandler.getFingerprint() > File "/pentest/database/sqlmap/plugins/dbms/access/fingerprint.py", > line 120, in getFingerprint > actVer = formatDBMSfp() + " (%s)" % (self.__sandBoxCheck()) > File "/pentest/database/sqlmap/lib/core/common.py", line 157, in formatDBMSfp > return "%s %s" % (kb.dbms, " and ".join([version for version in versions])) > TypeError: sequence item 0: expected string, NoneType found > > [*] shutting down at: 18:47:25 > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://p.sf.net/sfu/dev2dev-palm > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-08-08 21:54:54
|
Hi. You probably have some kind of "proxy" information provided to you with those VPN settings. If you can surf through the VPN using your browser you'll probably be able to use sqlmap too. Just be sure to provide those settings using --proxy option. For example: ./sqlmap.py -u "http://www.target.com/auth.php?id=admin" --proxy="http://vpn-proxy.company.com:8010" Kind regards. On Mon, Aug 2, 2010 at 3:01 AM, Brandon <bmu...@gm...> wrote: > I was wondering if it is possible to use a vpn using sqlmap8? I Put > the vpn ip and port and says that "http://" must be included and keep > saying it cannot connect to the target. > > Thanks > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://p.sf.net/sfu/dev2dev-palm > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-08-08 21:48:23
|
Hi. You are currently using pretty outdated version of sqlmap. Please check out latest development version from our SVN repository ($ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). Kind regards. On Sat, Aug 7, 2010 at 11:35 PM, e1m1 <e1...@zl...> wrote: > Hi , > > after running sqlmap --update i'm got this error.I'm Running ubuntu > 10.04 - Linux hostname 2.6.32-24-generic #39-Ubuntu SMP Wed Jul 28 > 06:07:29 UTC 2010 i686 GNU/Linux.I'm get sqlmap by aptitude install sqlmap. > > [root@hostname][~]$ sqlmap --update > /usr/share/sqlmap/lib/core/convert.py:27: DeprecationWarning: the md5 > module is deprecated; use hashlib instead > import md5 > /usr/share/sqlmap/lib/core/convert.py:28: DeprecationWarning: the sha > module is deprecated; use the hashlib module instead > import sha > > sqlmap/0.6.4 coded by Bernardo Damele A. G. <ber...@gm...> > and Daniele Bellucci <dan...@gm...> > > [*] starting at: 23:32:49 > > [23:32:49] [INFO] updating sqlmap > [23:32:49] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the > command line and the following text and send by e-mail to > sql...@li.... The developers will fix it as soon > as possible: > sqlmap version: 0.6.4 > Python version: 2.6.5 > Operating system: linux2 > Traceback (most recent call last): > File "/usr/bin/sqlmap", line 78, in main > init(cmdLineOptions) > File "/usr/share/sqlmap/lib/core/option.py", line 770, in init > update() > File "/usr/share/sqlmap/lib/core/update.py", line 349, in update > __updateSqlmap() > File "/usr/share/sqlmap/lib/core/update.py", line 246, in __updateSqlmap > logger.errMsg(errMsg) > AttributeError: Logger instance has no attribute 'errMsg' > > [*] shutting down at: 23:32:49 > > [root@hostname][~]$ > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by > > Make an app they can't live without > Enter the BlackBerry Developer Challenge > http://p.sf.net/sfu/RIM-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-08-08 21:44:19
|
Thank you for your report. Found and patched. Kind regards. 2010/8/4 Marek Sarvaš <mar...@gm...>: > ./sqlmap.py -u > "http://www.vranov.sk/pics/texty_subory/Hlasovanie_33_MsZ_2008.html?PHPSESSID=45c9de046b41b6caac5b2d4f81" > --batch --threads=20 --passwords --excl-reg "Dynamic content: ([\d]+)" > > sqlmap/0.9-dev - automatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > > [*] starting at: 11:24:56 > > [11:24:56] [INFO] using > '/home/xaka/sqlmap-dev/output/www.vranov.sk/session' as session file > [11:24:56] [INFO] testing connection to the target url > > [11:24:56] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy > the command line and the following text and send by e-mail to > sql...@li.... The developer will fix it as soon as > possible: > sqlmap version: 0.9-dev > Python version: 2.6.5 > Operating system: posix > Traceback (most recent call last): > File "./sqlmap.py", line 89, in main > start() > File "/home/xaka/sqlmap-dev/lib/controller/controller.py", line 159, > in start > if not checkConnection() or not checkString() or not checkRegexp(): > File "/home/xaka/sqlmap-dev/lib/controller/checks.py", line 395, in > checkConnection > page, _ = Request.getPage() > File "/home/xaka/sqlmap-dev/lib/request/connect.py", line 254, in getPage > parseResponse(page, responseHeaders) > File "/home/xaka/sqlmap-dev/lib/request/basic.py", line 75, in > parseResponse > htmlParser(page) > File "/home/xaka/sqlmap-dev/lib/parse/html.py", line 69, in htmlParser > page = sanitizeStr(page) > File "/home/xaka/sqlmap-dev/lib/core/common.py", line 533, in sanitizeStr > cleanString = getUnicode(inpStr) > File "/home/xaka/sqlmap-dev/lib/core/common.py", line 1357, in getUnicode > return value if isinstance(value, unicode) else unicode(value, > conf.dataEncoding if 'dataEncoding' in conf else "utf-8") > UnicodeDecodeError: 'utf8' codec can't decode byte 0xff in position 0: > unexpected code byte > > [*] shutting down at: 11:24:56 > > -- > Príjemný deň > Marek Sarvaš > > tel 0907 / 405 701 > ICQ 277766377 > SKYPE marek.sarvas > ---------------------------------------------------- > Táto správa neobsahuje a ani nemôže obsahovať vírus, pretože nepoužívam žiadne produkty založené na platforme Microsoft Windows. > ---------------------------------------------------- > This report don't contains virus and don't may contain a virus, because I do not use any products based on Microsoft Windows. > ---------------------------------------------------- > > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://p.sf.net/sfu/dev2dev-palm > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-08-08 21:20:06
|
Thank you for your report. Found and fixed.
Kind regards.
On Fri, Aug 6, 2010 at 12:26 AM, m4l1c3 <mal...@gm...> wrote:
> ./sqlmap.py -u "LONG URL" --dump -C COLUMNS1,COLUMN2 -T TABLE -D DATABASE
> Ver 1810
>
>
> [18:23:57] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the
> command line and the following text and send by e-mail to
> sql...@li.... The developer will fix it as soon as
> possible:
> sqlmap version: 0.9-dev
> Python version: 2.5.2
> Operating system: posix
> Traceback (most recent call last):
> File "./sqlmap.py", line 89, in main
> start()
> File "/pentest/database/sqlmap/sqlmap/lib/controller/controller.py", line
> 278, in start
> action()
> File "/pentest/database/sqlmap/sqlmap/lib/controller/action.py", line 117,
> in action
> conf.dumper.dbTableValues(conf.dbmsHandler.dumpTable())
> File "/pentest/database/sqlmap/sqlmap/lib/core/dump.py", line 329, in
> dbTableValues
> self.__write("| %s%s" % (value, blank), n=False)
> File "/pentest/database/sqlmap/sqlmap/lib/core/dump.py", line 50, in
> __write
> print data,
> UnicodeEncodeError: 'ascii' codec can't encode character u'\uc4b1' in
> position 9: ordinal not in range(128)
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by
>
> Make an app they can't live without
> Enter the BlackBerry Developer Challenge
> http://p.sf.net/sfu/RIM-dev2dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
E-mail / Jabber: miroslav.stampar (at) gmail.com
Mobile: +385921010204 (HR 0921010204)
PGP Key ID: 0xB5397B1B
|
|
From: e1m1 <e1...@zl...> - 2010-08-07 21:53:05
|
Hi ,
after running sqlmap --update i'm got this error.I'm Running ubuntu
10.04 - Linux hostname 2.6.32-24-generic #39-Ubuntu SMP Wed Jul 28
06:07:29 UTC 2010 i686 GNU/Linux.I'm get sqlmap by aptitude install sqlmap.
[root@hostname][~]$ sqlmap --update
/usr/share/sqlmap/lib/core/convert.py:27: DeprecationWarning: the md5
module is deprecated; use hashlib instead
import md5
/usr/share/sqlmap/lib/core/convert.py:28: DeprecationWarning: the sha
module is deprecated; use the hashlib module instead
import sha
sqlmap/0.6.4 coded by Bernardo Damele A. G. <ber...@gm...>
and Daniele Bellucci <dan...@gm...>
[*] starting at: 23:32:49
[23:32:49] [INFO] updating sqlmap
[23:32:49] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the
command line and the following text and send by e-mail to
sql...@li.... The developers will fix it as soon
as possible:
sqlmap version: 0.6.4
Python version: 2.6.5
Operating system: linux2
Traceback (most recent call last):
File "/usr/bin/sqlmap", line 78, in main
init(cmdLineOptions)
File "/usr/share/sqlmap/lib/core/option.py", line 770, in init
update()
File "/usr/share/sqlmap/lib/core/update.py", line 349, in update
__updateSqlmap()
File "/usr/share/sqlmap/lib/core/update.py", line 246, in __updateSqlmap
logger.errMsg(errMsg)
AttributeError: Logger instance has no attribute 'errMsg'
[*] shutting down at: 23:32:49
[root@hostname][~]$
|
|
From: m4l1c3 <mal...@gm...> - 2010-08-06 12:21:45
|
The following appears in the session: Akgì¼ndì¼z
On Thu, Aug 5, 2010 at 6:26 PM, m4l1c3 <mal...@gm...> wrote:
> ./sqlmap.py -u "LONG URL" --dump -C COLUMNS1,COLUMN2 -T TABLE -D DATABASE
>
> Ver 1810
>
>
>
> [18:23:57] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the
> command line and the following text and send by e-mail to
> sql...@li.... The developer will fix it as soon as
> possible:
> sqlmap version: 0.9-dev
> Python version: 2.5.2
> Operating system: posix
> Traceback (most recent call last):
> File "./sqlmap.py", line 89, in main
> start()
> File "/pentest/database/sqlmap/sqlmap/lib/controller/controller.py", line
> 278, in start
> action()
> File "/pentest/database/sqlmap/sqlmap/lib/controller/action.py", line
> 117, in action
> conf.dumper.dbTableValues(conf.dbmsHandler.dumpTable())
> File "/pentest/database/sqlmap/sqlmap/lib/core/dump.py", line 329, in
> dbTableValues
> self.__write("| %s%s" % (value, blank), n=False)
> File "/pentest/database/sqlmap/sqlmap/lib/core/dump.py", line 50, in
> __write
> print data,
> UnicodeEncodeError: 'ascii' codec can't encode character u'\uc4b1' in
> position 9: ordinal not in range(128)
>
>
|
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-08-06 08:05:15
|
We do not offer support and have no affiliation with this "hackertarget.com" so please, stop sending these emails. We are not able to debug the problem on the sqlmap side as apparently they do mask the traceback. Bernardo On Wed, Aug 4, 2010 at 17:02, Miguel Espinoza <mil...@in...> wrote: > > > > > ---------- Forwarded message ---------- > From: sca...@ha... > To: adm...@ch... > Date: Wed, 4 Aug 2010 14:43:39 +0000 (UTC) > Subject: SQL Scan results from HackerTarget.com > ** Thank you for using the HackerTarget.com Free SQL injection Scan ** > > Your SQL Injection scan results are listed below. For more information and > other Vulnerability Scanning options please visit > http://www.hackertarget.com. > > Please note that while SQLiX and Sqlmap are excellent tools that do a number > of basic sql inection checks by checking your website, for a complete web > application audit nothing can beat a manual audit by skilled penetration > testers. Please check your results against your current web software to > confirm vulnerabilities. > > Please contact in...@ha... for more information, periodic > Vulnerability Scanning is an important part of the security toolkit when > running internet hosts and websites. > > ====================================================== > -- SQLiX -- > © Copyright 2006 Cedric COCHIN, All Rights Reserved. > ====================================================== > > Analysing URL [http://chess-improve.com/index.php] > http://chess-improve.com/index.php > --- No results here means that SQLiX found no injection point --- > > > --- Now sqlmap will test your url --- > > sqlmap/0.8 - automatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > > [*] starting at: 14:43:38 > > [14:43:39] [ERROR] unhandled exception in sqlmap/0.8, please copy the > command line and the following text and send by e-mail to > sql...@li.... The developer will fix it as soon as > possible: > sqlmap version: 0.8 > Python version: 2.5.2 > Operating system: linux2 > > [*] shutting down at: 14:43:39 > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://p.sf.net/sfu/dev2dev-palm > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
|
From: m4l1c3 <mal...@gm...> - 2010-08-05 22:27:06
|
./sqlmap.py -u "LONG URL" --dump -C COLUMNS1,COLUMN2 -T TABLE -D DATABASE
Ver 1810
[18:23:57] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the
command line and the following text and send by e-mail to
sql...@li.... The developer will fix it as soon as
possible:
sqlmap version: 0.9-dev
Python version: 2.5.2
Operating system: posix
Traceback (most recent call last):
File "./sqlmap.py", line 89, in main
start()
File "/pentest/database/sqlmap/sqlmap/lib/controller/controller.py", line
278, in start
action()
File "/pentest/database/sqlmap/sqlmap/lib/controller/action.py", line 117,
in action
conf.dumper.dbTableValues(conf.dbmsHandler.dumpTable())
File "/pentest/database/sqlmap/sqlmap/lib/core/dump.py", line 329, in
dbTableValues
self.__write("| %s%s" % (value, blank), n=False)
File "/pentest/database/sqlmap/sqlmap/lib/core/dump.py", line 50, in
__write
print data,
UnicodeEncodeError: 'ascii' codec can't encode character u'\uc4b1' in
position 9: ordinal not in range(128)
|
|
From: David G. <sk...@gm...> - 2010-08-05 21:04:52
|
$ ./sqlmap.py -d "mssql://user:senha@xxx:1433/bd" -D bd --tables
sqlmap/0.9-dev - automatic SQL injection and database takeover tool
http://sqlmap.sourceforge.net
[*] starting at: 18:00:25
[18:00:25] [INFO] using '/home/skys/sqlmap-dev/output/xxx/session' as
session file
[18:00:25] [INFO] connection to mssql server xxx:1433 established
[18:00:25] [INFO] testing Microsoft SQL Server
[18:00:25] [INFO] confirming Microsoft SQL Server
[18:00:25] [INFO] the back-end DBMS is Microsoft SQL Server
back-end DBMS: Microsoft SQL Server 2008
[18:00:25] [INFO] fetching tables for database 'bd'
[18:00:25] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy
the command line and the following text and send by e-mail to
sql...@li.... The developer will fix it as soon
as possible:
sqlmap version: 0.9-dev
Python version: 2.5.2
Operating system: posix
Traceback (most recent call last):
File "./sqlmap.py", line 89, in main
start()
File "/home/skys/sqlmap-dev/lib/controller/controller.py", line 104, in start
action()
File "/home/skys/sqlmap-dev/lib/controller/action.py", line 111, in action
conf.dumper.dbTables(conf.dbmsHandler.getTables())
File "/home/skys/sqlmap-dev/lib/core/dump.py", line 171, in dbTables
tables.sort(key=lambda x: x.lower())
File "/home/skys/sqlmap-dev/lib/core/dump.py", line 171, in <lambda>
tables.sort(key=lambda x: x.lower())
AttributeError: 'tuple' object has no attribute 'lower'
[*] shutting down at: 18:00:25
$ svn info
Path: .
URL: https://svn.sqlmap.org/sqlmap/trunk/sqlmap
Repository Root: https://svn.sqlmap.org/sqlmap
Repository UUID: 7eb2e9d7-d917-0410-b3c8-b11144ad09fb
Revision: 1810
Node Kind: directory
Schedule: normal
Last Changed Author: stamparm
Last Changed Rev: 1810
Last Changed Date: 2010-07-30 09:59:44 -0300 (Fri, 30 Jul 2010)
--
David
|
|
From: Marek S. <mar...@gm...> - 2010-08-04 09:28:00
|
./sqlmap.py -u "http://www.vranov.sk/pics/texty_subory/Hlasovanie_33_MsZ_2008.html?PHPSESSID=45c9de046b41b6caac5b2d4f81" --batch --threads=20 --passwords --excl-reg "Dynamic content: ([\d]+)" sqlmap/0.9-dev - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 11:24:56 [11:24:56] [INFO] using '/home/xaka/sqlmap-dev/output/www.vranov.sk/session' as session file [11:24:56] [INFO] testing connection to the target url [11:24:56] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the command line and the following text and send by e-mail to sql...@li.... The developer will fix it as soon as possible: sqlmap version: 0.9-dev Python version: 2.6.5 Operating system: posix Traceback (most recent call last): File "./sqlmap.py", line 89, in main start() File "/home/xaka/sqlmap-dev/lib/controller/controller.py", line 159, in start if not checkConnection() or not checkString() or not checkRegexp(): File "/home/xaka/sqlmap-dev/lib/controller/checks.py", line 395, in checkConnection page, _ = Request.getPage() File "/home/xaka/sqlmap-dev/lib/request/connect.py", line 254, in getPage parseResponse(page, responseHeaders) File "/home/xaka/sqlmap-dev/lib/request/basic.py", line 75, in parseResponse htmlParser(page) File "/home/xaka/sqlmap-dev/lib/parse/html.py", line 69, in htmlParser page = sanitizeStr(page) File "/home/xaka/sqlmap-dev/lib/core/common.py", line 533, in sanitizeStr cleanString = getUnicode(inpStr) File "/home/xaka/sqlmap-dev/lib/core/common.py", line 1357, in getUnicode return value if isinstance(value, unicode) else unicode(value, conf.dataEncoding if 'dataEncoding' in conf else "utf-8") UnicodeDecodeError: 'utf8' codec can't decode byte 0xff in position 0: unexpected code byte [*] shutting down at: 11:24:56 -- Príjemný deň Marek Sarvaš tel 0907 / 405 701 ICQ 277766377 SKYPE marek.sarvas ---------------------------------------------------- Táto správa neobsahuje a ani nemôže obsahovať vírus, pretože nepoužívam žiadne produkty založené na platforme Microsoft Windows. ---------------------------------------------------- This report don't contains virus and don't may contain a virus, because I do not use any products based on Microsoft Windows. ---------------------------------------------------- |
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-08-04 08:49:33
|
Can you please provide us also with the traceback? Like this, we have no details to reproduce the exception. Bernardo On Mon, Aug 2, 2010 at 20:09, Dara O Cairbre <dca...@gm...> wrote: > starting at: 19:07:00 > > [19:07:00] [ERROR] unhandled exception in sqlmap/0.8, please copy the > command line and the following text and send by e-mail > tos...@li.... The developer will fix it as soon as > possible: > sqlmap version: 0.8 > Python version: 2.5.2 > Operating system: linux2 > > [*] shutting down at: 19:07:00 > > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://p.sf.net/sfu/dev2dev-palm > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-08-04 08:48:34
|
Use the latest development version from subversion repository. This
issue is fixed there and in stable 0.8 version.
Bernardo
On Sun, Aug 1, 2010 at 03:42, trog - <tro...@gm...> wrote:
> got the following error with --os-shell, what could be causing it?
>
> [23:37:22] [INPUT] please provide a list of directories absolute path
> comma separated that you want sqlmap to try to upload the agent
> [/var/www/test]: /home/herbs4/public_html/image/, /home/logs/,
> /home/herbs4/www/, /home/www/, /var/www/, /home/herbs4/access-logs/,
> /var/www/access-logs/, /home/
> [23:37:59] [INFO] trying to upload the uploader agent
> [23:38:07] [WARNING] unable to upload the uploader agent on '/home/'
> [23:38:15] [WARNING] unable to upload the uploader agent on
> '/home/herbs4/access-logs/'
> [23:38:18] [ERROR] unhandled exception in sqlmap/0.6.4, please copy
> the command line and the following text and send by e-mail to
> sql...@li.... The developers will fix it as soon
> as possible:
> sqlmap version: 0.6.4
> Python version: 2.6.5
> Operating system: linux2
> Traceback (most recent call last):
> File "/usr/bin/sqlmap", line 81, in main
> start()
> File "/usr/share/sqlmap/lib/controller/controller.py", line 255, in start
> action()
> File "/usr/share/sqlmap/lib/controller/action.py", line 137, in action
> conf.dbmsHandler.osShell()
> File "/usr/share/sqlmap/plugins/dbms/mysql.py", line 448, in osShell
> page, _ = Request.getPage(url=uploaderUrl, direct=True)
> File "/usr/share/sqlmap/lib/request/connect.py", line 128, in getPage
> conn = urllib2.urlopen(req)
> File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen
> return _opener.open(url, data, timeout)
> File "/usr/lib/python2.6/urllib2.py", line 391, in open
> response = self._open(req, data)
> File "/usr/lib/python2.6/urllib2.py", line 409, in _open
> '_open', req)
> File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain
> result = func(*args)
> File "/usr/lib/python2.6/urllib2.py", line 1161, in http_open
> return self.do_open(httplib.HTTPConnection, req)
> File "/usr/lib/python2.6/urllib2.py", line 1107, in do_open
> h = http_class(host, timeout=req.timeout) # will parse host:port
> File "/usr/lib/python2.6/httplib.py", line 657, in __init__
> self._set_hostport(host, port)
> File "/usr/lib/python2.6/httplib.py", line 682, in _set_hostport
> raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
> InvalidURL: nonnumeric port: '80image'
>
> ------------------------------------------------------------------------------
> The Palm PDK Hot Apps Program offers developers who use the
> Plug-In Development Kit to bring their C/C++ apps to Palm for a share
> of $1 Million in cash or HP Products. Visit us here for more details:
> http://p.sf.net/sfu/dev2dev-palm
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Bernardo Damele A. G.
E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)
PGP Key ID: 0x05F5A30F
|
|
From: Owen P. <o....@wa...> - 2010-08-03 13:42:53
|
I used hackertarget.com to test a site and received an error report with a request to forward to you: Analysing URL [http://www.gregynog.ac.uk/hewit/index.asp?page=2] http://www.gregynog.ac.uk/hewit/index.asp?page=2 [+] working on page [+] Method: MS-SQL error message [+] Method: SQL error message [+] Method: MySQL comment injection [+] Method: SQL Blind Integer Injection [+] Method: SQL Blind Statement Injection [+] Method: SQL Blind String Injection --- No results here means that SQLiX found no injection point --- --- Now sqlmap will test your url --- sqlmap/0.8 - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 13:23:52 [13:23:52] [ERROR] unhandled exception in sqlmap/0.8, please copy the command line and the following text and send by e-mail to sql...@li.... The developer will fix it as soon as possible: sqlmap version: 0.8 Python version: 2.5.2 Operating system: linux2 [*] shutting down at: 13:23:52 Owen Parry Pennaeth Gwasanaethau Gwybodaeth / Head of Information Services Prifysgol Cymru / University of Wales +44 29 2037 6999 |
|
From: Dara O C. <dca...@gm...> - 2010-08-02 19:09:57
|
starting at: 19:07:00 [19:07:00] [ERROR] unhandled exception in sqlmap/0.8, please copy the command line and the following text and send by e-mail to sql...@li.... The developer will fix it as soon as possible: sqlmap version: 0.8 Python version: 2.5.2 Operating system: linux2 [*] shutting down at: 19:07:00 |
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-08-02 15:35:50
|
sudo sqlmap --update -v2. Just in case, svn checkout sqlmap development version from subversion repository and use that one. Bernardo On Sat, Jul 31, 2010 at 13:28, j0rn <cm...@gm...> wrote: > on latest ubuntu distro (lucid/lynx, up to date) : > > $ su > # apt-get install sqlmap > # sqlmap --update > > /usr/share/sqlmap/lib/core/convert.py:27: DeprecationWarning: the md5 > module is deprecated; use hashlib instead > import md5 > /usr/share/sqlmap/lib/core/convert.py:28: DeprecationWarning: the sha > module is deprecated; use the hashlib module instead > import sha > > sqlmap/0.6.4 coded by Bernardo Damele A. G. <ber...@gm...> > and Daniele Bellucci <dan...@gm...> > > [*] starting at: 14:17:59 > > [14:17:59] [INFO] updating sqlmap > [14:17:59] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the > command line and the following text and send by e-mail to > sql...@li.... The developers will fix it as soon > as possible: > sqlmap version: 0.6.4 > Python version: 2.6.5 > Operating system: linux2 > Traceback (most recent call last): > File "/usr/bin/sqlmap", line 78, in main > init(cmdLineOptions) > File "/usr/share/sqlmap/lib/core/option.py", line 770, in init > update() > File "/usr/share/sqlmap/lib/core/update.py", line 349, in update > __updateSqlmap() > File "/usr/share/sqlmap/lib/core/update.py", line 246, in __updateSqlmap > logger.errMsg(errMsg) > AttributeError: instance has no attribute 'errMsg' > > [*] shutting down at: 14:17:59 > > regards, > > -- > j0rn > http://nibbles.tuxfamily.org/ > > > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://p.sf.net/sfu/dev2dev-palm > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
|
From: Brandon <bmu...@gm...> - 2010-08-02 01:01:57
|
I was wondering if it is possible to use a vpn using sqlmap8? I Put the vpn ip and port and says that "http://" must be included and keep saying it cannot connect to the target. Thanks |
48 messages has been excluded from this view by a project administrator.
