sqlmap-users Mailing List for sqlmap (Page 123)
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users — sqlmap users mailing list
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
| 2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
| 2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
| 2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
| 2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
| 2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
| 2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
| 2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
| 2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: dragoun d. <dra...@gm...> - 2010-08-01 17:51:55
|
./sqlmap.py -u http://mywebsite/directory/page.asp?id=17 --method=GET
-f --union-use --reg-read
---------------------
[18:47:25] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy
the command line and the following text and send by e-mail to
sql...@li.... The developer will fix it as soon
as possible:
sqlmap version: 0.9-dev
Python version: 2.6.5
Operating system: posix
Traceback (most recent call last):
File "./sqlmap.py", line 89, in main
start()
File "/pentest/database/sqlmap/lib/controller/controller.py", line
268, in start
action()
File "/pentest/database/sqlmap/lib/controller/action.py", line 67, in action
print "%s\n" % conf.dbmsHandler.getFingerprint()
File "/pentest/database/sqlmap/plugins/dbms/access/fingerprint.py",
line 120, in getFingerprint
actVer = formatDBMSfp() + " (%s)" % (self.__sandBoxCheck())
File "/pentest/database/sqlmap/lib/core/common.py", line 157, in formatDBMSfp
return "%s %s" % (kb.dbms, " and ".join([version for version in versions]))
TypeError: sequence item 0: expected string, NoneType found
[*] shutting down at: 18:47:25
|
|
From: trog - <tro...@gm...> - 2010-08-01 02:42:44
|
got the following error with --os-shell, what could be causing it?
[23:37:22] [INPUT] please provide a list of directories absolute path
comma separated that you want sqlmap to try to upload the agent
[/var/www/test]: /home/herbs4/public_html/image/, /home/logs/,
/home/herbs4/www/, /home/www/, /var/www/, /home/herbs4/access-logs/,
/var/www/access-logs/, /home/
[23:37:59] [INFO] trying to upload the uploader agent
[23:38:07] [WARNING] unable to upload the uploader agent on '/home/'
[23:38:15] [WARNING] unable to upload the uploader agent on
'/home/herbs4/access-logs/'
[23:38:18] [ERROR] unhandled exception in sqlmap/0.6.4, please copy
the command line and the following text and send by e-mail to
sql...@li.... The developers will fix it as soon
as possible:
sqlmap version: 0.6.4
Python version: 2.6.5
Operating system: linux2
Traceback (most recent call last):
File "/usr/bin/sqlmap", line 81, in main
start()
File "/usr/share/sqlmap/lib/controller/controller.py", line 255, in start
action()
File "/usr/share/sqlmap/lib/controller/action.py", line 137, in action
conf.dbmsHandler.osShell()
File "/usr/share/sqlmap/plugins/dbms/mysql.py", line 448, in osShell
page, _ = Request.getPage(url=uploaderUrl, direct=True)
File "/usr/share/sqlmap/lib/request/connect.py", line 128, in getPage
conn = urllib2.urlopen(req)
File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen
return _opener.open(url, data, timeout)
File "/usr/lib/python2.6/urllib2.py", line 391, in open
response = self._open(req, data)
File "/usr/lib/python2.6/urllib2.py", line 409, in _open
'_open', req)
File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain
result = func(*args)
File "/usr/lib/python2.6/urllib2.py", line 1161, in http_open
return self.do_open(httplib.HTTPConnection, req)
File "/usr/lib/python2.6/urllib2.py", line 1107, in do_open
h = http_class(host, timeout=req.timeout) # will parse host:port
File "/usr/lib/python2.6/httplib.py", line 657, in __init__
self._set_hostport(host, port)
File "/usr/lib/python2.6/httplib.py", line 682, in _set_hostport
raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
InvalidURL: nonnumeric port: '80image'
|
|
From: j0rn <cm...@gm...> - 2010-07-31 12:29:19
|
on latest ubuntu distro (lucid/lynx, up to date) :
$ su
# apt-get install sqlmap
# sqlmap --update
/usr/share/sqlmap/lib/core/convert.py:27: DeprecationWarning: the md5
module is deprecated; use hashlib instead
import md5
/usr/share/sqlmap/lib/core/convert.py:28: DeprecationWarning: the sha
module is deprecated; use the hashlib module instead
import sha
sqlmap/0.6.4 coded by Bernardo Damele A. G. <ber...@gm...>
and Daniele Bellucci <dan...@gm...>
[*] starting at: 14:17:59
[14:17:59] [INFO] updating sqlmap
[14:17:59] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the
command line and the following text and send by e-mail to
sql...@li.... The developers will fix it as soon
as possible:
sqlmap version: 0.6.4
Python version: 2.6.5
Operating system: linux2
Traceback (most recent call last):
File "/usr/bin/sqlmap", line 78, in main
init(cmdLineOptions)
File "/usr/share/sqlmap/lib/core/option.py", line 770, in init
update()
File "/usr/share/sqlmap/lib/core/update.py", line 349, in update
__updateSqlmap()
File "/usr/share/sqlmap/lib/core/update.py", line 246, in __updateSqlmap
logger.errMsg(errMsg)
AttributeError: instance has no attribute 'errMsg'
[*] shutting down at: 14:17:59
regards,
--
j0rn
http://nibbles.tuxfamily.org/
|
|
From: Miroslav S. <mir...@gm...> - 2010-07-28 11:28:07
|
Hi. Are you using latest 0.9-dev version or? In the latest development version for a last month there is a new regex: regExpr = "li class=\042?g\042?\076.+?a href=\042(http[s]*://.+?)\042\sclass=\042?l\042?" KR (don't missunderstand, but I get a strange feeling when there is a FYI in messages. perhaps some corporative work based disorder :) On Wed, Jul 28, 2010 at 12:33 PM, Erik Nilsson <da...@gm...> wrote: > Had problems with Google Dork, did not return any matches. > > Checked the html source and found out that two " were missing in the > regular expression that is used. > > Changed line 57 in google.py to: > > regExpr = "class=\042r\042\076\074a href=\042(http[s]*://.+?)\042\sclass=l" > > > (added \042 in front of and after the r) > > > FYI > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://ad.doubleclick.net/clk;226879339;13503038;l? > http://clk.atdmt.com/CRS/go/247765532/direct/01/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Erik N. <da...@gm...> - 2010-07-28 10:34:06
|
Had problems with Google Dork, did not return any matches. Checked the html source and found out that two " were missing in the regular expression that is used. Changed line 57 in google.py to: regExpr = "class=\042r\042\076\074a href=\042(http[s]*://.+?)\042\sclass=l" (added \042 in front of and after the r) FYI |
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-07-27 17:55:52
|
Hi Erik, On Tue, Jul 27, 2010 at 18:42, Erik Nilsson <da...@gm...> wrote: > It often takes long time to find data thru blind injection. > > Sqlmap loops thru all characters and moves on to the next one when it hits one. > > I have two interesting ideas of how this can work faster: > > 1) Word list, after finding the first two letters, it will try the > next one according two the most common next letter in the word list. Already implemented. It's an hidden option in the development version. We will soon make it default setting, need to port the algorithm to multi-threading first. > 2) Typing on the keyboard. You can often guess what the next letter > is, by typing the letter on the keyboard, Sqlmap will try this letter > next. Already in the TODO list. No developments going on yet. -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
|
From: Erik N. <da...@gm...> - 2010-07-27 17:42:12
|
It often takes long time to find data thru blind injection. Sqlmap loops thru all characters and moves on to the next one when it hits one. I have two interesting ideas of how this can work faster: 1) Word list, after finding the first two letters, it will try the next one according two the most common next letter in the word list. 2) Typing on the keyboard. You can often guess what the next letter is, by typing the letter on the keyboard, Sqlmap will try this letter next. Or a combination of those two, that would be the best solution I think. What do you think? Erik |
|
From: Miroslav S. <mir...@gm...> - 2010-07-26 08:08:51
|
Hi. In this case there seems to be a problem with either invalid page header content or python parsing of headers because, as you can see from a report that the content charset is defined as utf-8;CONTENT-TYPE:... Now we've just in case modified our code to support this kind of cases. Update (checkout latest development version) to have it fixed. KR 2010/7/24 Marek Sarvaš <mar...@gm...>: > sql-shell> SELECT SLEEP(%d) > do you want to retrieve the SQL statement output? [Y/n] y > [13:34:37] [INFO] fetching SQL SELECT statement query output: 'SELECT > SLEEP(%d)' > [13:34:37] [INFO] retrieved: [13:34:37] [WARNING] unknown charset > 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: > php generated data;'. please report by e-mail to > sql...@li.... > [13:34:40] [WARNING] unknown charset > 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: > php generated data;'. please report by e-mail to > sql...@li.... > [13:34:43] [WARNING] unknown charset > 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: > php generated data;'. please report by e-mail to > sql...@li.... > [13:34:53] [WARNING] unknown charset > 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: > php generated data;'. please report by e-mail to > sql...@li.... > [13:35:03] [WARNING] unknown charset > 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: > php generated data;'. please report by e-mail to > sql...@li.... > [13:35:10] [WARNING] unknown charset > 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: > php generated data;'. please report by e-mail to > sql...@li.... > [13:35:20] [WARNING] unknown charset > 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: > php generated data;'. please report by e-mail to > sql...@li.... > > > -- > Príjemný deň > Marek Sarvaš > > tel 0907 / 405 701 > ICQ 277766377 > SKYPE marek.sarvas > ---------------------------------------------------- > Táto správa neobsahuje a ani nemôže obsahovať vírus, pretože nepoužívam žiadne produkty založené na platforme Microsoft Windows. > ---------------------------------------------------- > This report don't contains virus and don't may contain a virus, because I do not use any products based on Microsoft Windows. > ---------------------------------------------------- > > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://ad.doubleclick.net/clk;226879339;13503038;l? > http://clk.atdmt.com/CRS/go/247765532/direct/01/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Marek S. <mar...@gm...> - 2010-07-24 12:07:16
|
sql-shell> SELECT SLEEP(%d) do you want to retrieve the SQL statement output? [Y/n] y [13:34:37] [INFO] fetching SQL SELECT statement query output: 'SELECT SLEEP(%d)' [13:34:37] [INFO] retrieved: [13:34:37] [WARNING] unknown charset 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: php generated data;'. please report by e-mail to sql...@li.... [13:34:40] [WARNING] unknown charset 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: php generated data;'. please report by e-mail to sql...@li.... [13:34:43] [WARNING] unknown charset 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: php generated data;'. please report by e-mail to sql...@li.... [13:34:53] [WARNING] unknown charset 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: php generated data;'. please report by e-mail to sql...@li.... [13:35:03] [WARNING] unknown charset 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: php generated data;'. please report by e-mail to sql...@li.... [13:35:10] [WARNING] unknown charset 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: php generated data;'. please report by e-mail to sql...@li.... [13:35:20] [WARNING] unknown charset 'utf-8;content-type:image/png;content-type:image/pjpeg;content-description: php generated data;'. please report by e-mail to sql...@li.... -- Príjemný deň Marek Sarvaš tel 0907 / 405 701 ICQ 277766377 SKYPE marek.sarvas ---------------------------------------------------- Táto správa neobsahuje a ani nemôže obsahovať vírus, pretože nepoužívam žiadne produkty založené na platforme Microsoft Windows. ---------------------------------------------------- This report don't contains virus and don't may contain a virus, because I do not use any products based on Microsoft Windows. ---------------------------------------------------- |
|
From: Miroslav S. <mir...@gm...> - 2010-07-20 08:11:16
|
Hi Augusto. Thank you for your report. We've fixed it in our last commit. Please checkout latest development version from our SVN repository ($ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev) to have it fixed. Kind regards. On Mon, Jul 19, 2010 at 6:05 PM, Augusto Urbieta <x2...@gm...> wrote: > sqlmap -u "http://127.0.0.1/dvwa/vulnerabilities/sqli/?id=2&Submit=Submit#" > --cookie="security=low; PHPSESSID=igb52eg20l6of28706ll43h364" -v 1 > > > sqlmap/0.8 - automatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > > [*] starting at: 12:03:59 > > [12:03:59] [INFO] using '/home/XXXX/.sqlmap/output/127.0.0.1/session' as > session file > [12:03:59] [INFO] resuming match ratio '0.997' from session file > [12:03:59] [INFO] resuming injection point 'GET' from session file > [12:03:59] [INFO] resuming injection parameter 'id' from session file > [12:03:59] [INFO] resuming injection type 'stringsingle' from session file > [12:03:59] [INFO] resuming 0 number of parenthesis from session file > [12:03:59] [INFO] resuming string match ''' from session file > you did not provide any string to match. Do you want to use the resumed > string to be matched in page when the query is valid? [Y/n] > [12:03:59] [INFO] testing connection to the target url > [12:03:59] [INFO] testing for parenthesis on injectable parameter > [12:03:59] [INFO] testing MySQL > [12:03:59] [INFO] confirming MySQL > [12:03:59] [ERROR] unhandled exception in sqlmap/0.8, please copy the > command line and the following text and send by e-mail to > sql...@li.... The developer will fix it as soon as > possible: > sqlmap version: 0.8 > Python version: 2.6.5 > Operating system: linux2 > Traceback (most recent call last): > File "/usr/bin/sqlmap", line 77, in main > start() > File "/usr/share/sqlmap/lib/controller/controller.py", line 259, in start > action() > File "/usr/share/sqlmap/lib/controller/action.py", line 46, in action > conf.dbmsHandler = setHandler() > File "/usr/share/sqlmap/lib/controller/handler.py", line 64, in setHandler > if dbmsHandler.checkDbms(): > File "/usr/share/sqlmap/plugins/dbms/mysql.py", line 280, in checkDbms > if inject.getValue("SELECT %s FROM information_schema.TABLES LIMIT 0, 1" > % randInt, charsetType=2) == randInt: > File "/usr/share/sqlmap/lib/request/inject.py", line 373, in getValue > value = __goInferenceProxy(expression, fromUser, expected, batch, > resumeValue, unpack, charsetType, firstChar, lastChar) > File "/usr/share/sqlmap/lib/request/inject.py", line 123, in > __goInferenceProxy > output = resume(expression, payload) > File "/usr/share/sqlmap/lib/utils/resume.py", line 144, in resume > substringQuery = queries[kb.dbms].substring > KeyError: None > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Augusto U. <x2...@gm...> - 2010-07-19 16:05:56
|
sqlmap -u "http://127.0.0.1/dvwa/vulnerabilities/sqli/?id=2&Submit=Submit#"
--cookie="security=low; PHPSESSID=igb52eg20l6of28706ll43h364" -v 1
sqlmap/0.8 - automatic SQL injection and database takeover tool
http://sqlmap.sourceforge.net
[*] starting at: 12:03:59
[12:03:59] [INFO] using '/home/XXXX/.sqlmap/output/127.0.0.1/session' as
session file
[12:03:59] [INFO] resuming match ratio '0.997' from session file
[12:03:59] [INFO] resuming injection point 'GET' from session file
[12:03:59] [INFO] resuming injection parameter 'id' from session file
[12:03:59] [INFO] resuming injection type 'stringsingle' from session file
[12:03:59] [INFO] resuming 0 number of parenthesis from session file
[12:03:59] [INFO] resuming string match ''' from session file
you did not provide any string to match. Do you want to use the resumed
string to be matched in page when the query is valid? [Y/n]
[12:03:59] [INFO] testing connection to the target url
[12:03:59] [INFO] testing for parenthesis on injectable parameter
[12:03:59] [INFO] testing MySQL
[12:03:59] [INFO] confirming MySQL
[12:03:59] [ERROR] unhandled exception in sqlmap/0.8, please copy the
command line and the following text and send by e-mail to
sql...@li.... The developer will fix it as soon as
possible:
sqlmap version: 0.8
Python version: 2.6.5
Operating system: linux2
Traceback (most recent call last):
File "/usr/bin/sqlmap", line 77, in main
start()
File "/usr/share/sqlmap/lib/controller/controller.py", line 259, in start
action()
File "/usr/share/sqlmap/lib/controller/action.py", line 46, in action
conf.dbmsHandler = setHandler()
File "/usr/share/sqlmap/lib/controller/handler.py", line 64, in setHandler
if dbmsHandler.checkDbms():
File "/usr/share/sqlmap/plugins/dbms/mysql.py", line 280, in checkDbms
if inject.getValue("SELECT %s FROM information_schema.TABLES LIMIT 0, 1"
% randInt, charsetType=2) == randInt:
File "/usr/share/sqlmap/lib/request/inject.py", line 373, in getValue
value = __goInferenceProxy(expression, fromUser, expected, batch,
resumeValue, unpack, charsetType, firstChar, lastChar)
File "/usr/share/sqlmap/lib/request/inject.py", line 123, in
__goInferenceProxy
output = resume(expression, payload)
File "/usr/share/sqlmap/lib/utils/resume.py", line 144, in resume
substringQuery = queries[kb.dbms].substring
KeyError: None
|
|
From: Miroslav S. <mir...@gm...> - 2010-07-17 09:15:45
|
sorry, for the moment it's a closed one. kr On Sat, Jul 17, 2010 at 1:33 AM, Christoph A. <ca...@gm...> wrote: > On 07/16/2010 10:24 AM, Miroslav Stampar wrote: >> >> Sorry, >> >> nay again :). It shouldn't be much of a work for that to implement, >> but right now all tests require a solid parameter (GET, POST, Cookie, >> UA). >> >> opened a feature request for this one (ticket #199). > > great! are these tickets on a public system, so that I can track the state > of that ticket? > > kind regards, > Christoph > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Christoph A. <ca...@gm...> - 2010-07-16 23:34:17
|
On 07/16/2010 10:24 AM, Miroslav Stampar wrote: > Sorry, > > nay again :). It shouldn't be much of a work for that to implement, > but right now all tests require a solid parameter (GET, POST, Cookie, > UA). > > opened a feature request for this one (ticket #199). great! are these tickets on a public system, so that I can track the state of that ticket? kind regards, Christoph |
|
From: Mauricio V. <mau...@gm...> - 2010-07-16 19:35:45
|
Hey! Thats what i thought.... So it basically its a brute force trying differente table names and watching the result. Thanks, keep up the great work, Regards 2010/7/16 Miroslav Stampar <mir...@gm...>: > Hi. > > The easiest way should be to: > > 1) Generate and/or preload table names from some user defined file > 2) Iterate through all of them and try to inject something like this: > ... SELECT 1 FROM <table_name_for_existence_check> > > In case of an non existent table there will be an error returned, > otherwise valid page. Sqlmap works by recognizing just that kind of > page validity. > > Kind regards. > > On Thu, Jul 15, 2010 at 6:28 PM, Mauricio Velazco > <mau...@gm...> wrote: >> Hey. thanks for the reply. >> >> Besides knowing that sqlmap cant do it, my question was focused and >> how this process would be done. >> I mean, the algorithm. >> >> Maybe i can help in the development :). >> >> Regards, >> >> Mauricio >> >> 2010/7/15 Miroslav Stampar <mir...@gm...>: >>> Hi. >>> >>> This is already on our TODO list and we hope that we'll add it with >>> the next release. >>> >>> Kind regards. >>> >>> On Sun, Jul 11, 2010 at 2:57 AM, Mauricio Velazco >>> <mau...@gm...> wrote: >>>> Hey all. >>>> I was testing a local site running mysql 4. In this version there is >>>> no information_schema database so sqlmap cant enumerate table names. >>>> >>>> [19:51:16] [ERROR] information_schema not available, back-end DBMS is >>>> MySQL < 5.0 >>>> >>>> I have been trying things locally and it seems that table names can be >>>> bruteforced but since there is no schema we would have to create an >>>> especific dictionary and try thins like >>>> >>>> Any other ideas on how to enumerable tables in mysql < 5 ? >>>> >>>> Regards, >>>> >>>> Mauricio >>>> >>>> ------------------------------------------------------------------------------ >>>> This SF.net email is sponsored by Sprint >>>> What will you do first with EVO, the first 4G phone? >>>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com >>> Mobile: +385921010204 (HR 0921010204) >>> PGP Key ID: 0xB5397B1B >>> >> >> ------------------------------------------------------------------------------ >> This SF.net email is sponsored by Sprint >> What will you do first with EVO, the first 4G phone? >> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > |
|
From: Miroslav S. <mir...@gm...> - 2010-07-16 08:24:51
|
Sorry, nay again :). It shouldn't be much of a work for that to implement, but right now all tests require a solid parameter (GET, POST, Cookie, UA). opened a feature request for this one (ticket #199). KR On Fri, Jul 16, 2010 at 1:08 AM, Christoph A. <ca...@gm...> wrote: > Hi, > > is there a way to tell sqlmap that it should exploit an sql injection > flaw within the URL (no parameters)? > > E.g. > > example.com/folder/1 > example.com/folder/1+union+select... > > > As the page requires authentication I specify also the --cookie parameter. > sqlmap seams only to test cookie fields and as there is no URL parameter > (eg. ..?id=1) I can't use the -p option. > > kind regards, > christoph > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-07-16 08:19:20
|
Hi. The easiest way should be to: 1) Generate and/or preload table names from some user defined file 2) Iterate through all of them and try to inject something like this: ... SELECT 1 FROM <table_name_for_existence_check> In case of an non existent table there will be an error returned, otherwise valid page. Sqlmap works by recognizing just that kind of page validity. Kind regards. On Thu, Jul 15, 2010 at 6:28 PM, Mauricio Velazco <mau...@gm...> wrote: > Hey. thanks for the reply. > > Besides knowing that sqlmap cant do it, my question was focused and > how this process would be done. > I mean, the algorithm. > > Maybe i can help in the development :). > > Regards, > > Mauricio > > 2010/7/15 Miroslav Stampar <mir...@gm...>: >> Hi. >> >> This is already on our TODO list and we hope that we'll add it with >> the next release. >> >> Kind regards. >> >> On Sun, Jul 11, 2010 at 2:57 AM, Mauricio Velazco >> <mau...@gm...> wrote: >>> Hey all. >>> I was testing a local site running mysql 4. In this version there is >>> no information_schema database so sqlmap cant enumerate table names. >>> >>> [19:51:16] [ERROR] information_schema not available, back-end DBMS is >>> MySQL < 5.0 >>> >>> I have been trying things locally and it seems that table names can be >>> bruteforced but since there is no schema we would have to create an >>> especific dictionary and try thins like >>> >>> Any other ideas on how to enumerable tables in mysql < 5 ? >>> >>> Regards, >>> >>> Mauricio >>> >>> ------------------------------------------------------------------------------ >>> This SF.net email is sponsored by Sprint >>> What will you do first with EVO, the first 4G phone? >>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Christoph A. <ca...@gm...> - 2010-07-15 23:08:29
|
Hi, is there a way to tell sqlmap that it should exploit an sql injection flaw within the URL (no parameters)? E.g. example.com/folder/1 example.com/folder/1+union+select... As the page requires authentication I specify also the --cookie parameter. sqlmap seams only to test cookie fields and as there is no URL parameter (eg. ..?id=1) I can't use the -p option. kind regards, christoph |
|
From: Mauricio V. <mau...@gm...> - 2010-07-15 16:28:34
|
Hey. thanks for the reply. Besides knowing that sqlmap cant do it, my question was focused and how this process would be done. I mean, the algorithm. Maybe i can help in the development :). Regards, Mauricio 2010/7/15 Miroslav Stampar <mir...@gm...>: > Hi. > > This is already on our TODO list and we hope that we'll add it with > the next release. > > Kind regards. > > On Sun, Jul 11, 2010 at 2:57 AM, Mauricio Velazco > <mau...@gm...> wrote: >> Hey all. >> I was testing a local site running mysql 4. In this version there is >> no information_schema database so sqlmap cant enumerate table names. >> >> [19:51:16] [ERROR] information_schema not available, back-end DBMS is >> MySQL < 5.0 >> >> I have been trying things locally and it seems that table names can be >> bruteforced but since there is no schema we would have to create an >> especific dictionary and try thins like >> >> Any other ideas on how to enumerable tables in mysql < 5 ? >> >> Regards, >> >> Mauricio >> >> ------------------------------------------------------------------------------ >> This SF.net email is sponsored by Sprint >> What will you do first with EVO, the first 4G phone? >> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Miroslav Stampar > > E-mail / Jabber: miroslav.stampar (at) gmail.com > Mobile: +385921010204 (HR 0921010204) > PGP Key ID: 0xB5397B1B > |
|
From: Miroslav S. <mir...@gm...> - 2010-07-15 08:48:48
|
Hi. This is already on our TODO list and we hope that we'll add it with the next release. Kind regards. On Sun, Jul 11, 2010 at 2:57 AM, Mauricio Velazco <mau...@gm...> wrote: > Hey all. > I was testing a local site running mysql 4. In this version there is > no information_schema database so sqlmap cant enumerate table names. > > [19:51:16] [ERROR] information_schema not available, back-end DBMS is > MySQL < 5.0 > > I have been trying things locally and it seems that table names can be > bruteforced but since there is no schema we would have to create an > especific dictionary and try thins like > > Any other ideas on how to enumerable tables in mysql < 5 ? > > Regards, > > Mauricio > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-07-15 08:45:09
|
Hi. Could you please try to checkout the latest development version 0.9-dev ($ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev ) and try it again. This error message is not very informative as it should be in normal case :) Kind regards. On Wed, Jul 14, 2010 at 10:39 PM, Matthew B. <ma...@tp...> wrote: > > > > > > > --- Now sqlmap will test your url --- > > > > sqlmap/0.8 - automatic SQL injection and database takeover tool > > http://sqlmap.sourceforge.net > > > > [*] starting at: 20:39:16 > > > > [20:39:16] [ERROR] unhandled exception in sqlmap/0.8, please copy the > command line and the following text and send by e-mail to > sql...@li.... The developer will fix it as soon as > possible: > > sqlmap version: 0.8 > > Python version: 2.5.2 > > Operating system: linux2 > > > > [*] shutting down at: 20:39:16 > > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2010-07-15 08:40:45
|
Hi. Thank you for your report. We've commited fix for this this moment. Please update. Kind regards. On Tue, Jul 13, 2010 at 12:16 PM, Phat R. <pha...@gm...> wrote: > Dear SQLMap Staff > > I downloaded the lastest SQLMap from the following URL: > > $ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev > (sqlmap/0.9-dev) > > I found the error message when use the sqlmap to test the website in my > company. > > [17:06:10] [WARNING] unknown charset 'windows-874' > > > Note: There is no warning message on the sqlmap/0.8-rc1 > > Best Regards, > > > - Phatthanaphol R. - > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Matthew B. <ma...@tp...> - 2010-07-15 01:14:27
|
--- Now sqlmap will test your url ---
sqlmap/0.8 - automatic SQL injection and database takeover tool
http://sqlmap.sourceforge.net
[*] starting at: 20:39:16
[20:39:16] [ERROR] unhandled exception in sqlmap/0.8, please copy the
command line and the following text and send by e-mail to
sql...@li.... The developer will fix it as soon as
possible:
sqlmap version: 0.8
Python version: 2.5.2
Operating system: linux2
[*] shutting down at: 20:39:16
|
|
From: Phat R. <pha...@gm...> - 2010-07-13 10:16:59
|
Dear SQLMap Staff I downloaded the lastest SQLMap from the following URL: $ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev *(sqlmap/0.9-dev)* I found the error message when use the sqlmap to test the website in my company. *[17:06:10] [WARNING] unknown charset 'windows-874'* Note: There is no warning message on the sqlmap/0.8-rc1 Best Regards, - Phatthanaphol R. - |
|
From: Mauricio V. <mau...@gm...> - 2010-07-11 00:57:48
|
Hey all. I was testing a local site running mysql 4. In this version there is no information_schema database so sqlmap cant enumerate table names. [19:51:16] [ERROR] information_schema not available, back-end DBMS is MySQL < 5.0 I have been trying things locally and it seems that table names can be bruteforced but since there is no schema we would have to create an especific dictionary and try thins like Any other ideas on how to enumerable tables in mysql < 5 ? Regards, Mauricio |
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-07-02 20:25:10
|
Indeed, yes. Bernardo On Fri, Jul 2, 2010 at 21:06, Tate Hansen <ta...@cl...> wrote: > Hi, is this still in queue to be fixed? > -Tate > > Sam, > > On Wed, Feb 10, 2010 at 22:32, Sam Elliot <dr...@bu...> wrote: >> I have manually confirmed a simple 'waitfor%20delay'0:0:20'- sql >> injection vector in a site test, but when I try to replicate this with >> SQLMap using the '--time-test' option it does not even perform any 'wait >> for delay' type vectors as shown in the usage options. >> ... > > By (weak) design, sqlmap tries specified --stacked-test, --time-test > and --union-test only if beforehand it detected a boolean based blind > sql injection. This is wrong and will be fixed starting from March. > > Regards, > -- > Bernardo Damele A. G. > > E-mail / Jabber: bernardo.damele (at) gmail.com > Mobile: +447788962949 (UK 07788962949) > PGP Key ID: 0x05F5A30F > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
48 messages has been excluded from this view by a project administrator.
