sqlmap-users Mailing List for sqlmap (Page 130)
Brought to you by:
inquisb
You can subscribe to this list here.
2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-03-18 01:47:21
|
Can you please 'svn update' now and provide us with the full output of sqlmap in case the problem persists? Thanks in advance. Bernardo On Thu, Mar 18, 2010 at 00:05, ehmo <dis...@gm...> wrote: > sqlmap version: 0.9-dev > Python version: 2.5.2 > Operating system: linux2 > Traceback (most recent call last): > File "sqlmap.py", line 77, in main > start() > File "/root/sqlmap/lib/controller/controller.py", line 210, in start > injType = checkSqlInjection(place, parameter, value, parenthesis) > File "/root/sqlmap/lib/controller/checks.py", line 96, in checkSqlInjection > trueResult = Request.queryPage(payload, place) > File "/root/sqlmap/lib/request/connect.py", line 291, in queryPage > page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent) > File "/root/sqlmap/lib/request/connect.py", line 135, in getPage > return Connect.__getPageProxy(**kwargs) > File "/root/sqlmap/lib/request/connect.py", line 53, in __getPageProxy > return Connect.getPage(**kwargs) > File "/root/sqlmap/lib/request/connect.py", line 126, in getPage > conn = urllib2.urlopen(req) > File "/usr/lib/python2.5/urllib2.py", line 124, in urlopen > return _opener.open(url, data) > File "/usr/lib/python2.5/urllib2.py", line 373, in open > protocol = req.get_type() > File "/usr/lib/python2.5/urllib2.py", line 244, in get_type > raise ValueError, "unknown url type: %s" % self.__original > ValueError: unknown url type: index.asp?z=3c4b44&p_event=k6b6g8p0%20AND%20178=178 > > > > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
From: ehmo <dis...@gm...> - 2010-03-18 00:06:58
|
sqlmap version: 0.9-dev Python version: 2.5.2 Operating system: linux2 Traceback (most recent call last): File "sqlmap.py", line 77, in main start() File "/root/sqlmap/lib/controller/controller.py", line 210, in start injType = checkSqlInjection(place, parameter, value, parenthesis) File "/root/sqlmap/lib/controller/checks.py", line 96, in checkSqlInjection trueResult = Request.queryPage(payload, place) File "/root/sqlmap/lib/request/connect.py", line 291, in queryPage page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent) File "/root/sqlmap/lib/request/connect.py", line 135, in getPage return Connect.__getPageProxy(**kwargs) File "/root/sqlmap/lib/request/connect.py", line 53, in __getPageProxy return Connect.getPage(**kwargs) File "/root/sqlmap/lib/request/connect.py", line 126, in getPage conn = urllib2.urlopen(req) File "/usr/lib/python2.5/urllib2.py", line 124, in urlopen return _opener.open(url, data) File "/usr/lib/python2.5/urllib2.py", line 373, in open protocol = req.get_type() File "/usr/lib/python2.5/urllib2.py", line 244, in get_type raise ValueError, "unknown url type: %s" % self.__original ValueError: unknown url type: index.asp?z=3c4b44&p_event=k6b6g8p0%20AND%20178=178 |
From: Brandon <bmu...@gm...> - 2010-03-17 18:47:48
|
Well there is a bug when retrieving the databases. When retrieving the databases it tends to retrieve the wrong characters. This bug also is when retrieving the mysql passwords. The program has spaces in some of the hashes as well as "@" in 1 of the passwords. I am on windows xp pro SP3. Here is an example of retrieving one of the wrong characters in the DB name. Mind you .7 worked without any issues grabbing DB's and grabbing mysql passwords. C:\sqlmap8>sqlmap -u vulnsite.com/sites.php?site_id=130 --dbs sqlmap/0.8 - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 13:31:01 [13:31:01] [INFO] using 'C:\sqlmap8\output\vulnsite.com\session' as sessi on file [13:31:01] [INFO] resuming match ratio '0.968' from session file [13:31:01] [INFO] resuming injection point 'GET' from session file [13:31:01] [INFO] resuming injection parameter 'site_id' from session file [13:31:01] [INFO] resuming injection type 'numeric' from session file [13:31:01] [INFO] resuming 0 number of parenthesis from session file [13:31:01] [INFO] resuming back-end DBMS 'mysql 5' from session file [13:31:01] [INFO] testing connection to the target url [13:31:05] [INFO] testing for parenthesis on injectable parameter [13:31:05] [INFO] the back-end DBMS is MySQL web server operating system: Linux Fedora 5 (Bordeaux) web application technology: Apache 2.2.0, PHP 5.2.1 back-end DBMS: MySQL 5 [13:31:05] [INFO] fetching database names [13:31:05] [INFO] fetching number of databases [13:31:05] [INFO] retrieved: 21 [13:33:01] [INFO] retrieved: *informa`ion_schema* Thanks |
From: Kasper F. <th...@ma...> - 2010-03-16 15:16:06
|
Hi Bernardo. You are seriously fast! Blazingly! I can't give you more output to the command, since I actually don't remember what it was :'( If it comes up again, I will be sure to send you the full output with -v 5. But your just fast! Thanks /Kasper On 16-03-2010 13:22, Bernardo Damele A. G. wrote: > Hi Kasper, > > On Mon, Mar 15, 2010 at 18:17, Kasper Føns<th...@ma...> wrote: > >> ... >> [SUGGESTION / BUG] >> ... >> I guess that the server returned 404, which of course can be valid since >> p is properly a "page" parameter. >> So, we can drop this url, but don't stop the whole google dorks progress. >> > Fixed and committed. > > >> [SUGGESTION] >> Another suggestion was being able to give some input, while sqlmap is >> trying a server, that makes sqlmap go to the next. >> Sometimes servers are just slow, unresposive or have so many cookie >> parameters that you just want to go on. >> It might be by pressing 's' for skip, just something. >> > We have it already in the TODO list, it will probably come for version 1.0. > > >> [BUG] >> Infinite connection redirection: >> ... >> > This will be fixed soon. > > >> [BUG] >> Unknown bug... >> [19:08:30] [INFO] testing if the url is stable, wait a few seconds >> [19:08:36] [WARNING] connection timed out to the target url or proxy, >> skipping to next url >> [19:08:36] [WARNING] url is not stable, sqlmap will base the page >> comparison on a sequence matcher, if no dynamic nor injectable >> parameters are detected, refer >> to user's manual paragraph 'Page comparison' and provide a string or >> regular expression to match on >> [19:08:36] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic >> [19:08:37] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy >> the comman >> d line and the following text and send by e-mail to >> sql...@li...urcefor >> ge.net. The developer will fix it as soon as possible: >> sqlmap version: 0.9-dev >> Python version: 2.6.4 >> Operating system: win32 >> Traceback (most recent call last): >> File "C:\Users\foens\Desktop\sqlmap\sqlmap.py", line 77, in main >> start() >> File "C:\Users\foens\Desktop\sqlmap\lib\controller\controller.py", >> line 194, i >> n start >> elif not checkDynParam(place, parameter, value): >> File "C:\Users\foens\Desktop\sqlmap\lib\controller\checks.py", line >> 260, in ch >> eckDynParam >> dynResult1 = Request.queryPage(payload, place) >> File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line >> 296, in quer >> yPage >> return comparison(page, headers, getSeqMatcher) >> File "C:\Users\foens\Desktop\sqlmap\lib\request\comparison.py", line >> 72, in co >> mparison >> ratio = round(conf.seqMatcher.ratio(), 3) >> File "C:\Python26\lib\difflib.py", line 660, in ratio >> self.get_matching_blocks(), 0) >> File "C:\Python26\lib\difflib.py", line 482, in get_matching_blocks >> la, lb = len(self.a), len(self.b) >> TypeError: object of type 'NoneType' has no len() >> > Can you please provide us with further details? What's the command > line you used? Can you also provide us (privately if you prefer) the > full output with -v5? > > >> [BUG] >> Also, it seems that there has been introduced a bug in lastest svn in >> regards to url redirection (as it is mentioned in the logs): >> ... >> > Indeed, it has. This will also be fixed soon. > > > |
From: Bernardo D. A. G. <ber...@gm...> - 2010-03-16 12:30:02
|
Hi Kasper, On Mon, Mar 15, 2010 at 18:17, Kasper Føns <th...@ma...> wrote: > ... > [SUGGESTION / BUG] > ... > I guess that the server returned 404, which of course can be valid since > p is properly a "page" parameter. > So, we can drop this url, but don't stop the whole google dorks progress. Fixed and committed. > [SUGGESTION] > Another suggestion was being able to give some input, while sqlmap is > trying a server, that makes sqlmap go to the next. > Sometimes servers are just slow, unresposive or have so many cookie > parameters that you just want to go on. > It might be by pressing 's' for skip, just something. We have it already in the TODO list, it will probably come for version 1.0. > [BUG] > Infinite connection redirection: > ... This will be fixed soon. > [BUG] > Unknown bug... > [19:08:30] [INFO] testing if the url is stable, wait a few seconds > [19:08:36] [WARNING] connection timed out to the target url or proxy, > skipping to next url > [19:08:36] [WARNING] url is not stable, sqlmap will base the page > comparison on a sequence matcher, if no dynamic nor injectable > parameters are detected, refer > to user's manual paragraph 'Page comparison' and provide a string or > regular expression to match on > [19:08:36] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic > [19:08:37] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy > the comman > d line and the following text and send by e-mail to > sql...@li...urcefor > ge.net. The developer will fix it as soon as possible: > sqlmap version: 0.9-dev > Python version: 2.6.4 > Operating system: win32 > Traceback (most recent call last): > File "C:\Users\foens\Desktop\sqlmap\sqlmap.py", line 77, in main > start() > File "C:\Users\foens\Desktop\sqlmap\lib\controller\controller.py", > line 194, i > n start > elif not checkDynParam(place, parameter, value): > File "C:\Users\foens\Desktop\sqlmap\lib\controller\checks.py", line > 260, in ch > eckDynParam > dynResult1 = Request.queryPage(payload, place) > File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line > 296, in quer > yPage > return comparison(page, headers, getSeqMatcher) > File "C:\Users\foens\Desktop\sqlmap\lib\request\comparison.py", line > 72, in co > mparison > ratio = round(conf.seqMatcher.ratio(), 3) > File "C:\Python26\lib\difflib.py", line 660, in ratio > self.get_matching_blocks(), 0) > File "C:\Python26\lib\difflib.py", line 482, in get_matching_blocks > la, lb = len(self.a), len(self.b) > TypeError: object of type 'NoneType' has no len() Can you please provide us with further details? What's the command line you used? Can you also provide us (privately if you prefer) the full output with -v5? > [BUG] > Also, it seems that there has been introduced a bug in lastest svn in > regards to url redirection (as it is mentioned in the logs): > ... Indeed, it has. This will also be fixed soon. -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
From: Alessandro T. <ale...@lo...> - 2010-03-15 19:14:20
|
2010/3/15 Kasper Føns <th...@ma...>: > Hello sqlmap users. > > It seems that sqlmap is not parsing the url correctly, see following output: > > C:\Users\foens\Desktop\sqlmap>sqlmap.py -u > http://<host>/conferences/viewpaper.php?id=2387&cf=16 Because without quoting & is interpreted as DOS command. In fact you are executing sqlmap.py -u http://<host>/conferences/viewpaper.php?id=2387 AND cf=16 as two separate commands. |
From: Kasper F. <th...@ma...> - 2010-03-15 18:18:04
|
Hello SQLMAP users. I have just been using the tools for an hour or so, and I came up with many suggestions and or error outputs from the program. I ran svn version 1483 [latest] [SUGGESTION / BUG] While using the Google dorks, it can be quite annoying that the program escapes when a page returns 404. Example: [18:51:44] [INFO] testing url http://<host>/site.aspx?p=12446 [18:51:44] [INFO] using 'C:\Users\foens\Desktop\sqlmap\output\<host>\ses ' as session file [18:51:44] [INFO] testing connection to the target url [18:51:44] [INFO] testing if the url is stable, wait a few seconds [18:51:46] [INFO] url is stable [18:51:46] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic [18:51:46] [WARNING] User-Agent parameter 'User-Agent' is not dynamic [18:51:46] [INFO] testing if Cookie parameter 'ASP.NET_SessionId' is dynamic [18:51:47] [WARNING] Cookie parameter 'ASP.NET_SessionId' is not dynamic [18:51:47] [INFO] testing if GET parameter 'p' is dynamic [18:51:47] [ERROR] page not found [*] shutting down at: 18:51:47 I guess that the server returned 404, which of course can be valid since p is properly a "page" parameter. So, we can drop this url, but don't stop the whole google dorks progress. [SUGGESTION] Another suggestion was being able to give some input, while sqlmap is trying a server, that makes sqlmap go to the next. Sometimes servers are just slow, unresposive or have so many cookie parameters that you just want to go on. It might be by pressing 's' for skip, just something. [BUG] Infinite connection redirection: [19:05:41] [INFO] testing url <host>?p=4220 [19:05:41] [INFO] using 'C:\Users\foens\Desktop\sqlmap\output\<host>\session' as session file [19:05:41] [INFO] testing connection to the target url [19:05:45] [INFO] connection redirected, going to use <host> as target address [19:05:45] [INFO] testing if the url is stable, wait a few seconds [19:05:48] [INFO] url is stable [19:05:48] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic [19:05:49] [WARNING] User-Agent parameter 'User-Agent' is not dynamic [19:05:49] [INFO] testing if Cookie parameter 'phpbb3_dto_k' is dynamic [19:05:50] [WARNING] Cookie parameter 'phpbb3_dto_k' is not dynamic [19:05:50] [INFO] testing if Cookie parameter 'phpbb3_dto_u' is dynamic [19:05:53] [WARNING] Cookie parameter 'phpbb3_dto_u' is not dynamic [19:05:53] [INFO] testing if Cookie parameter 'phpbb3_dto_sid' is dynamic [19:05:55] [WARNING] Cookie parameter 'phpbb3_dto_sid' is not dynamic [19:05:55] [INFO] testing if GET parameter 'p' is dynamic [19:05:57] [INFO] connection redirected, going to use <host> as target address [19:05:59] [INFO] connection redirected, going to use <host> as target address [19:06:00] [INFO] connection redirected, going to use <host> as target address [19:06:01] [INFO] connection redirected, going to use <host> as target address [19:06:02] [INFO] connection redirected, going to use <host> as target address [19:06:10] [INFO] connection redirected, going to use <host> as target address [19:06:12] [INFO] connection redirected, going to use <host> as target address [19:06:13] [INFO] connection redirected, going to use <host> as target address [19:06:14] [INFO] connection redirected, going to use <host> as target address [19:06:16] [INFO] connection redirected, going to use <host> as target address [19:06:17] [INFO] connection redirected, going to use <host> as target address [19:06:18] [INFO] connection redirected, going to use <host> as target address [19:06:19] [INFO] connection redirected, going to use <host> as target address [19:06:20] [INFO] connection redirected, going to use <host> as target address [19:06:21] [INFO] connection redirected, going to use <host> as target address [19:06:22] [INFO] connection redirected, going to use <host> as target address [19:06:24] [INFO] connection redirected, going to use <host> as target address [19:06:26] [INFO] connection redirected, going to use <host> as target address [19:06:28] [INFO] connection redirected, going to use <host> as target address [19:06:29] [INFO] connection redirected, going to use <host> as target address [19:06:30] [INFO] connection redirected, going to use <host> as target address [19:06:32] [INFO] connection redirected, going to use <host> as target address [BUG] Unknown bug... [19:08:30] [INFO] testing if the url is stable, wait a few seconds [19:08:36] [WARNING] connection timed out to the target url or proxy, skipping to next url [19:08:36] [WARNING] url is not stable, sqlmap will base the page comparison on a sequence matcher, if no dynamic nor injectable parameters are detected, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on [19:08:36] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic [19:08:37] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the comman d line and the following text and send by e-mail to sql...@li...urcefor ge.net. The developer will fix it as soon as possible: sqlmap version: 0.9-dev Python version: 2.6.4 Operating system: win32 Traceback (most recent call last): File "C:\Users\foens\Desktop\sqlmap\sqlmap.py", line 77, in main start() File "C:\Users\foens\Desktop\sqlmap\lib\controller\controller.py", line 194, i n start elif not checkDynParam(place, parameter, value): File "C:\Users\foens\Desktop\sqlmap\lib\controller\checks.py", line 260, in ch eckDynParam dynResult1 = Request.queryPage(payload, place) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 296, in quer yPage return comparison(page, headers, getSeqMatcher) File "C:\Users\foens\Desktop\sqlmap\lib\request\comparison.py", line 72, in co mparison ratio = round(conf.seqMatcher.ratio(), 3) File "C:\Python26\lib\difflib.py", line 660, in ratio self.get_matching_blocks(), 0) File "C:\Python26\lib\difflib.py", line 482, in get_matching_blocks la, lb = len(self.a), len(self.b) TypeError: object of type 'NoneType' has no len() [*] shutting down at: 19:08:38 [BUG] Also, it seems that there has been introduced a bug in lastest svn in regards to url redirection (as it is mentioned in the logs): [18:54:02] [INFO] testing url http://<host>/?page=66 [18:54:02] [INFO] using 'C:\Users\foens\Desktop\sqlmap\output\<host>\session' as session file [18:54:02] [INFO] testing connection to the target url [18:54:03] [INFO] connection redirected, going to use /index.php as target addre ss [18:54:03] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the comman d line and the following text and send by e-mail to sql...@li...urcefor ge.net. The developer will fix it as soon as possible: sqlmap version: 0.9-dev Python version: 2.6.4 Operating system: win32 Traceback (most recent call last): File "C:\Users\foens\Desktop\sqlmap\sqlmap.py", line 77, in main start() File "C:\Users\foens\Desktop\sqlmap\lib\controller\controller.py", line 141, i n start if not checkConnection() or not checkString() or not checkRegexp(): File "C:\Users\foens\Desktop\sqlmap\lib\controller\checks.py", line 387, in ch eckConnection page, _ = Request.getPage() File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 135, in getP age return Connect.__getPageProxy(**kwargs) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 53, in __get PageProxy return Connect.getPage(**kwargs) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 126, in getP age conn = urllib2.urlopen(req) File "C:\Python26\lib\urllib2.py", line 124, in urlopen return _opener.open(url, data, timeout) File "C:\Python26\lib\urllib2.py", line 381, in open protocol = req.get_type() File "C:\Python26\lib\urllib2.py", line 242, in get_type raise ValueError, "unknown url type: %s" % self.__original ValueError: unknown url type: /index.php?page=66 [*] shutting down at: 18:54:03 I keep getting some of these. More below: [19:04:15] [INFO] testing connection to the target url [19:04:15] [INFO] connection redirected, going to use /site.aspx as target addre ss [19:04:15] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the comman d line and the following text and send by e-mail to sql...@li...urcefor ge.net. The developer will fix it as soon as possible: sqlmap version: 0.9-dev Python version: 2.6.4 Operating system: win32 Traceback (most recent call last): File "C:\Users\foens\Desktop\sqlmap\sqlmap.py", line 77, in main start() File "C:\Users\foens\Desktop\sqlmap\lib\controller\controller.py", line 141, i n start if not checkConnection() or not checkString() or not checkRegexp(): File "C:\Users\foens\Desktop\sqlmap\lib\controller\checks.py", line 387, in ch eckConnection page, _ = Request.getPage() File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 135, in getP age return Connect.__getPageProxy(**kwargs) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 53, in __get PageProxy return Connect.getPage(**kwargs) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 126, in getP age conn = urllib2.urlopen(req) File "C:\Python26\lib\urllib2.py", line 124, in urlopen return _opener.open(url, data, timeout) File "C:\Python26\lib\urllib2.py", line 381, in open protocol = req.get_type() File "C:\Python26\lib\urllib2.py", line 242, in get_type raise ValueError, "unknown url type: %s" % self.__original ValueError: unknown url type: /site.aspx?p=146 [*] shutting down at: 19:04:15 [19:12:09] [INFO] connection redirected, going to use weblinks.php as target add ress [19:12:09] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the comman d line and the following text and send by e-mail to sql...@li...urcefor ge.net. The developer will fix it as soon as possible: sqlmap version: 0.9-dev Python version: 2.6.4 Operating system: win32 Traceback (most recent call last): File "C:\Users\foens\Desktop\sqlmap\sqlmap.py", line 77, in main start() File "C:\Users\foens\Desktop\sqlmap\lib\controller\controller.py", line 194, i n start elif not checkDynParam(place, parameter, value): File "C:\Users\foens\Desktop\sqlmap\lib\controller\checks.py", line 260, in ch eckDynParam dynResult1 = Request.queryPage(payload, place) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 291, in quer yPage page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, si lent=silent) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 135, in getP age return Connect.__getPageProxy(**kwargs) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 53, in __get PageProxy return Connect.getPage(**kwargs) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 126, in getP age conn = urllib2.urlopen(req) File "C:\Python26\lib\urllib2.py", line 124, in urlopen return _opener.open(url, data, timeout) File "C:\Python26\lib\urllib2.py", line 381, in open protocol = req.get_type() File "C:\Python26\lib\urllib2.py", line 242, in get_type raise ValueError, "unknown url type: %s" % self.__original ValueError: unknown url type: weblinks.php?cat_id=3732&%3Bweblink_id=68 [*] shutting down at: 19:12:09 [19:10:36] [INFO] testing if Cookie parameter 'ASPSESSIONIDSQDCTTSB' is dynamic [19:10:36] [WARNING] Cookie parameter 'ASPSESSIONIDSQDCTTSB' is not dynamic [19:10:36] [INFO] testing if GET parameter 'FORUM_ID' is dynamic [19:10:37] [INFO] connection redirected, going to use default.asp as target address [19:10:37] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the command line and the following text and send by e-mail to sql...@li.... The developer will fix it as soon as possible: sqlmap version: 0.9-dev Python version: 2.6.4 Operating system: win32 Traceback (most recent call last): File "C:\Users\foens\Desktop\sqlmap\sqlmap.py", line 77, in main start() File "C:\Users\foens\Desktop\sqlmap\lib\controller\controller.py", line 194, i n start elif not checkDynParam(place, parameter, value): File "C:\Users\foens\Desktop\sqlmap\lib\controller\checks.py", line 260, in ch eckDynParam dynResult1 = Request.queryPage(payload, place) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 291, in quer yPage page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, si lent=silent) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 135, in getP age return Connect.__getPageProxy(**kwargs) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 53, in __get PageProxy return Connect.getPage(**kwargs) File "C:\Users\foens\Desktop\sqlmap\lib\request\connect.py", line 126, in getP age conn = urllib2.urlopen(req) File "C:\Python26\lib\urllib2.py", line 124, in urlopen return _opener.open(url, data, timeout) File "C:\Python26\lib\urllib2.py", line 381, in open protocol = req.get_type() File "C:\Python26\lib\urllib2.py", line 242, in get_type raise ValueError, "unknown url type: %s" % self.__original ValueError: unknown url type: default.asp?FORUM_ID=8899 [*] shutting down at: 19:10:37 Greetings from Kasper |
From: Kasper F. <th...@ma...> - 2010-03-15 13:48:08
|
Hi I am no expert at all in Python. It was just my impression as a programmer that there is some kind of busy-waiting. Without knowing anything, I just threw in "Can this really be true?". Is there really no other way to implement fetching pages then using busy-waiting. Actually I just wanted to know if this could be implemented, so my hardware was not abused. But from what you tell me, it seems that urllib2 is fetching pages using busy-waiting and this is a module that cannot be changed. I checked the file you mentioned but I can't really read the code very well. /Kasper On 15-03-2010 14:26, Miroslav Stampar wrote: > Hi. > > That's because, when you do the urllib2 page request, current thread > goes into blocking state - no events here, just plain raw CPU power. > If you do it with 30 threads for example, all of them go into blocking > state. I repeat, python's standard module Urllib2 doesn't support > asynchronous page retrievals (neither any other). > > Could you please be so kind and review > sqlmap/lib/techniques/blind/inference.py, methods bisection(...) and > getChar(...), and advise with some concrete solution. We'll be more > than happy to hear from you. > > Kind regards. > > On Mon, Mar 15, 2010 at 1:58 PM, Kasper Føns<th...@ma...> wrote: > >> Hi >> >> I still don't get why sqlmap is using that much cpu then? >> >> On 15-03-2010 13:49, Miroslav Stampar wrote: >> >>> Hi Kasper. >>> >>> Threads are indeed in a blocking state while retrieving page content >>> (basic socket blocking). Basic python urllib2 doesn't support >>> asynchronous page retrievals, but we could put this on a feature >>> request list (http://eventlet.net/doc/, >>> http://twistedmatrix.com/trac/). >>> >>> Kind regards. >>> >>> On Mon, Mar 15, 2010 at 1:24 PM, Kasper Føns<th...@ma...> wrote: >>> >>> >>>> Dead Miroslav >>>> >>>> That was not the point I was trying to make. It would ofcourse be nice to >>>> utilize the 100% of my computer when a program wants to, but I can see >>>> that >>>> python is crippled in the matter. But what I was asking about was: >>>> I think it is strange that sqlmap uses 50% of my cpu - What operations >>>> could >>>> require that much cpu? It seems that if a connection to a target is slow, >>>> sqlmap still uses 50% of the cpu. Is it besy-waiting for the thread that >>>> is >>>> doing the I/O operation to complete? >>>> >>>> I'll try again: >>>> I would see sqlmap's main bottlenet as the internet connection. I can't >>>> find >>>> anything to justify to use my CPU as much as it does. Therefore I think >>>> some >>>> thread is besy-waiting, which really cripples the system (especially if I >>>> only had 1 CPU). So my question is, is it busy-waiting? >>>> >>>> PS: Thanks for the nice link. Was interesting reading. >>>> >>>> /Kasper >>>> >>>> On 15-03-2010 13:17, Miroslav Stampar wrote: >>>> >>>> >>>>> Dear Kasper. >>>>> >>>>> Python has an "technical" issue dealing with multithreading programs. >>>>> In part that it can't run threads on multiple cores, it has a really >>>>> nasty "GIL" problem which is discussed here: >>>>> http://www.snaplogic.com/blog/?p=94. Threading of sqlmap really speeds >>>>> it up, but the side effect is that CPU-throttling you are talking >>>>> about, especially in a high number of threads used. >>>>> >>>>> Kind regards. >>>>> >>>>> On Mon, Mar 15, 2010 at 12:55 PM, Kasper Føns<th...@ma...> wrote: >>>>> >>>>> >>>>> >>>>>> Hello sqlmap users. >>>>>> >>>>>> I have a question about how sqlmap utilizes the cpu. On my computer the >>>>>> CPU being utilized is nearly always 50%, and since I have two cores I >>>>>> suspect some thread to be in deadlock or maybe doing busy-waiting. >>>>>> If using busy-waiting, I would suggest using an event-based approach >>>>>> instead. >>>>>> >>>>>> /Kasper >>>>>> >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Download Intel® Parallel Studio Eval >>>>>> Try the new software tools for yourself. Speed compiling, find bugs >>>>>> proactively, and fine-tune applications for parallel performance. >>>>>> See why Intel Parallel Studio got high marks during beta. >>>>>> http://p.sf.net/sfu/intel-sw-dev >>>>>> _______________________________________________ >>>>>> sqlmap-users mailing list >>>>>> sql...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>> >>>> >>> >>> >>> >> >> > > > |
From: Miroslav S. <mir...@gm...> - 2010-03-15 13:26:32
|
Hi. That's because, when you do the urllib2 page request, current thread goes into blocking state - no events here, just plain raw CPU power. If you do it with 30 threads for example, all of them go into blocking state. I repeat, python's standard module Urllib2 doesn't support asynchronous page retrievals (neither any other). Could you please be so kind and review sqlmap/lib/techniques/blind/inference.py, methods bisection(...) and getChar(...), and advise with some concrete solution. We'll be more than happy to hear from you. Kind regards. On Mon, Mar 15, 2010 at 1:58 PM, Kasper Føns <th...@ma...> wrote: > Hi > > I still don't get why sqlmap is using that much cpu then? > > On 15-03-2010 13:49, Miroslav Stampar wrote: >> >> Hi Kasper. >> >> Threads are indeed in a blocking state while retrieving page content >> (basic socket blocking). Basic python urllib2 doesn't support >> asynchronous page retrievals, but we could put this on a feature >> request list (http://eventlet.net/doc/, >> http://twistedmatrix.com/trac/). >> >> Kind regards. >> >> On Mon, Mar 15, 2010 at 1:24 PM, Kasper Føns<th...@ma...> wrote: >> >>> >>> Dead Miroslav >>> >>> That was not the point I was trying to make. It would ofcourse be nice to >>> utilize the 100% of my computer when a program wants to, but I can see >>> that >>> python is crippled in the matter. But what I was asking about was: >>> I think it is strange that sqlmap uses 50% of my cpu - What operations >>> could >>> require that much cpu? It seems that if a connection to a target is slow, >>> sqlmap still uses 50% of the cpu. Is it besy-waiting for the thread that >>> is >>> doing the I/O operation to complete? >>> >>> I'll try again: >>> I would see sqlmap's main bottlenet as the internet connection. I can't >>> find >>> anything to justify to use my CPU as much as it does. Therefore I think >>> some >>> thread is besy-waiting, which really cripples the system (especially if I >>> only had 1 CPU). So my question is, is it busy-waiting? >>> >>> PS: Thanks for the nice link. Was interesting reading. >>> >>> /Kasper >>> >>> On 15-03-2010 13:17, Miroslav Stampar wrote: >>> >>>> >>>> Dear Kasper. >>>> >>>> Python has an "technical" issue dealing with multithreading programs. >>>> In part that it can't run threads on multiple cores, it has a really >>>> nasty "GIL" problem which is discussed here: >>>> http://www.snaplogic.com/blog/?p=94. Threading of sqlmap really speeds >>>> it up, but the side effect is that CPU-throttling you are talking >>>> about, especially in a high number of threads used. >>>> >>>> Kind regards. >>>> >>>> On Mon, Mar 15, 2010 at 12:55 PM, Kasper Føns<th...@ma...> wrote: >>>> >>>> >>>>> >>>>> Hello sqlmap users. >>>>> >>>>> I have a question about how sqlmap utilizes the cpu. On my computer the >>>>> CPU being utilized is nearly always 50%, and since I have two cores I >>>>> suspect some thread to be in deadlock or maybe doing busy-waiting. >>>>> If using busy-waiting, I would suggest using an event-based approach >>>>> instead. >>>>> >>>>> /Kasper >>>>> >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Download Intel® Parallel Studio Eval >>>>> Try the new software tools for yourself. Speed compiling, find bugs >>>>> proactively, and fine-tune applications for parallel performance. >>>>> See why Intel Parallel Studio got high marks during beta. >>>>> http://p.sf.net/sfu/intel-sw-dev >>>>> _______________________________________________ >>>>> sqlmap-users mailing list >>>>> sql...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>> >>>>> >>>>> >>>> >>>> >>>> >>> >>> >> >> >> > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Alessandro T. <ale...@lo...> - 2010-03-15 13:25:54
|
2010/3/15 Kasper Føns <th...@ma...>: > Hi > > I still don't get why sqlmap is using that much cpu then? One hand on a profiler and dig in the code ;) |
From: Kasper F. <th...@ma...> - 2010-03-15 12:58:23
|
Hi I still don't get why sqlmap is using that much cpu then? On 15-03-2010 13:49, Miroslav Stampar wrote: > Hi Kasper. > > Threads are indeed in a blocking state while retrieving page content > (basic socket blocking). Basic python urllib2 doesn't support > asynchronous page retrievals, but we could put this on a feature > request list (http://eventlet.net/doc/, > http://twistedmatrix.com/trac/). > > Kind regards. > > On Mon, Mar 15, 2010 at 1:24 PM, Kasper Føns<th...@ma...> wrote: > >> Dead Miroslav >> >> That was not the point I was trying to make. It would ofcourse be nice to >> utilize the 100% of my computer when a program wants to, but I can see that >> python is crippled in the matter. But what I was asking about was: >> I think it is strange that sqlmap uses 50% of my cpu - What operations could >> require that much cpu? It seems that if a connection to a target is slow, >> sqlmap still uses 50% of the cpu. Is it besy-waiting for the thread that is >> doing the I/O operation to complete? >> >> I'll try again: >> I would see sqlmap's main bottlenet as the internet connection. I can't find >> anything to justify to use my CPU as much as it does. Therefore I think some >> thread is besy-waiting, which really cripples the system (especially if I >> only had 1 CPU). So my question is, is it busy-waiting? >> >> PS: Thanks for the nice link. Was interesting reading. >> >> /Kasper >> >> On 15-03-2010 13:17, Miroslav Stampar wrote: >> >>> Dear Kasper. >>> >>> Python has an "technical" issue dealing with multithreading programs. >>> In part that it can't run threads on multiple cores, it has a really >>> nasty "GIL" problem which is discussed here: >>> http://www.snaplogic.com/blog/?p=94. Threading of sqlmap really speeds >>> it up, but the side effect is that CPU-throttling you are talking >>> about, especially in a high number of threads used. >>> >>> Kind regards. >>> >>> On Mon, Mar 15, 2010 at 12:55 PM, Kasper Føns<th...@ma...> wrote: >>> >>> >>>> Hello sqlmap users. >>>> >>>> I have a question about how sqlmap utilizes the cpu. On my computer the >>>> CPU being utilized is nearly always 50%, and since I have two cores I >>>> suspect some thread to be in deadlock or maybe doing busy-waiting. >>>> If using busy-waiting, I would suggest using an event-based approach >>>> instead. >>>> >>>> /Kasper >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Download Intel® Parallel Studio Eval >>>> Try the new software tools for yourself. Speed compiling, find bugs >>>> proactively, and fine-tune applications for parallel performance. >>>> See why Intel Parallel Studio got high marks during beta. >>>> http://p.sf.net/sfu/intel-sw-dev >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>>> >>>> >>> >>> >>> >> >> > > > |
From: Miroslav S. <mir...@gm...> - 2010-03-15 12:49:47
|
Hi Kasper. Threads are indeed in a blocking state while retrieving page content (basic socket blocking). Basic python urllib2 doesn't support asynchronous page retrievals, but we could put this on a feature request list (http://eventlet.net/doc/, http://twistedmatrix.com/trac/). Kind regards. On Mon, Mar 15, 2010 at 1:24 PM, Kasper Føns <th...@ma...> wrote: > Dead Miroslav > > That was not the point I was trying to make. It would ofcourse be nice to > utilize the 100% of my computer when a program wants to, but I can see that > python is crippled in the matter. But what I was asking about was: > I think it is strange that sqlmap uses 50% of my cpu - What operations could > require that much cpu? It seems that if a connection to a target is slow, > sqlmap still uses 50% of the cpu. Is it besy-waiting for the thread that is > doing the I/O operation to complete? > > I'll try again: > I would see sqlmap's main bottlenet as the internet connection. I can't find > anything to justify to use my CPU as much as it does. Therefore I think some > thread is besy-waiting, which really cripples the system (especially if I > only had 1 CPU). So my question is, is it busy-waiting? > > PS: Thanks for the nice link. Was interesting reading. > > /Kasper > > On 15-03-2010 13:17, Miroslav Stampar wrote: >> >> Dear Kasper. >> >> Python has an "technical" issue dealing with multithreading programs. >> In part that it can't run threads on multiple cores, it has a really >> nasty "GIL" problem which is discussed here: >> http://www.snaplogic.com/blog/?p=94. Threading of sqlmap really speeds >> it up, but the side effect is that CPU-throttling you are talking >> about, especially in a high number of threads used. >> >> Kind regards. >> >> On Mon, Mar 15, 2010 at 12:55 PM, Kasper Føns<th...@ma...> wrote: >> >>> >>> Hello sqlmap users. >>> >>> I have a question about how sqlmap utilizes the cpu. On my computer the >>> CPU being utilized is nearly always 50%, and since I have two cores I >>> suspect some thread to be in deadlock or maybe doing busy-waiting. >>> If using busy-waiting, I would suggest using an event-based approach >>> instead. >>> >>> /Kasper >>> >>> >>> ------------------------------------------------------------------------------ >>> Download Intel® Parallel Studio Eval >>> Try the new software tools for yourself. Speed compiling, find bugs >>> proactively, and fine-tune applications for parallel performance. >>> See why Intel Parallel Studio got high marks during beta. >>> http://p.sf.net/sfu/intel-sw-dev >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >> >> >> > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Kasper F. <th...@ma...> - 2010-03-15 12:24:53
|
Dead Miroslav That was not the point I was trying to make. It would ofcourse be nice to utilize the 100% of my computer when a program wants to, but I can see that python is crippled in the matter. But what I was asking about was: I think it is strange that sqlmap uses 50% of my cpu - What operations could require that much cpu? It seems that if a connection to a target is slow, sqlmap still uses 50% of the cpu. Is it besy-waiting for the thread that is doing the I/O operation to complete? I'll try again: I would see sqlmap's main bottlenet as the internet connection. I can't find anything to justify to use my CPU as much as it does. Therefore I think some thread is besy-waiting, which really cripples the system (especially if I only had 1 CPU). So my question is, is it busy-waiting? PS: Thanks for the nice link. Was interesting reading. /Kasper On 15-03-2010 13:17, Miroslav Stampar wrote: > Dear Kasper. > > Python has an "technical" issue dealing with multithreading programs. > In part that it can't run threads on multiple cores, it has a really > nasty "GIL" problem which is discussed here: > http://www.snaplogic.com/blog/?p=94. Threading of sqlmap really speeds > it up, but the side effect is that CPU-throttling you are talking > about, especially in a high number of threads used. > > Kind regards. > > On Mon, Mar 15, 2010 at 12:55 PM, Kasper Føns<th...@ma...> wrote: > >> Hello sqlmap users. >> >> I have a question about how sqlmap utilizes the cpu. On my computer the >> CPU being utilized is nearly always 50%, and since I have two cores I >> suspect some thread to be in deadlock or maybe doing busy-waiting. >> If using busy-waiting, I would suggest using an event-based approach >> instead. >> >> /Kasper >> >> ------------------------------------------------------------------------------ >> Download Intel® Parallel Studio Eval >> Try the new software tools for yourself. Speed compiling, find bugs >> proactively, and fine-tune applications for parallel performance. >> See why Intel Parallel Studio got high marks during beta. >> http://p.sf.net/sfu/intel-sw-dev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > |
From: Miroslav S. <mir...@gm...> - 2010-03-15 12:18:07
|
Dear Kasper. Python has an "technical" issue dealing with multithreading programs. In part that it can't run threads on multiple cores, it has a really nasty "GIL" problem which is discussed here: http://www.snaplogic.com/blog/?p=94. Threading of sqlmap really speeds it up, but the side effect is that CPU-throttling you are talking about, especially in a high number of threads used. Kind regards. On Mon, Mar 15, 2010 at 12:55 PM, Kasper Føns <th...@ma...> wrote: > Hello sqlmap users. > > I have a question about how sqlmap utilizes the cpu. On my computer the > CPU being utilized is nearly always 50%, and since I have two cores I > suspect some thread to be in deadlock or maybe doing busy-waiting. > If using busy-waiting, I would suggest using an event-based approach > instead. > > /Kasper > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Kasper F. <th...@ma...> - 2010-03-15 12:02:31
|
Hi. I didn't even get to send the new scan. I haven't checked yet, but nice to see it fixed so fast. /Kasper On 15-03-2010 13:01, Miroslav Stampar wrote: > Hi. > > Thank you for your report. Please, update your sqlmap to the latest > version to have it fixed. > > Kind regards. > > On Mon, Mar 15, 2010 at 12:32 PM, Kasper Føns<th...@ma...> wrote: > >> Hello sqlmap users. >> >> It seems that sqlmap i using the wrong session file if a hosts on the >> google dorks are vulnerable and the vulnerability is used. The next >> vulnerable host will use the same session file! >> >> [12:14:17] [INFO] testing url<A>/index.php?id=67,0,0,1,0,0 >> [12:14:17] [INFO] using >> 'C:\Users\foens\Desktop\sqlmap\output\<A>\session' as session file >> [12:14:17] [INFO] testing connection to the target url >> ... >> [12:14:20] [INFO] testing if the url is stable, wait a few seconds >> [12:14:27] [WARNING] url is not stable, sqlmap will base the page >> comparison on a sequence matcher, if no dynamic nor injectable >> parameters are detected, refer to user's manual paragraph 'Page >> comparison' and provide a string or regular expression to match on >> [12:14:27] [INFO] testing sql injection on GET parameter 'id' with 0 >> parenthesis >> ... >> ... >> >> [12:19:46] [INFO] GET parameter 'id' is double quoted string injectable >> with 3 parenthesis >> do you want to exploit this SQL injection? [Y/n] y >> [12:20:36] [INFO] testing for parenthesis on injectable parameter >> [12:21:00] [INFO] the injectable parameter requires 3 parenthesis >> [12:21:00] [INFO] testing MySQL >> [12:21:08] [WARNING] the back-end DMBS is not MySQL >> [12:21:08] [INFO] testing Oracle >> [12:21:17] [WARNING] the back-end DMBS is not Oracle >> [12:21:17] [INFO] testing PostgreSQL >> [12:21:26] [WARNING] the back-end DMBS is not PostgreSQL >> [12:21:26] [INFO] testing Microsoft SQL Server >> [12:21:34] [INFO] confirming Microsoft SQL Server >> [12:21:43] [INFO] the back-end DBMS is Microsoft SQL Server >> >> web application technology: Apache 1.3.41, PHP 5.2.13 >> back-end DBMS: Microsoft SQL Server 2000 >> >> ... >> ... >> >> GET<B>/edb_og_internet/hardware/index.php?id=32 >> do you want to test this url? [Y/n/q] >> > y >> [12:25:10] [INFO] testing url<B>/edb_og_internet/hardware/index.php?id=32 >> [12:25:10] [INFO] using >> 'C:\Users\foens\Desktop\sqlmap\output\<A>\session' as session file >> >> I have anonyminized the hosts. >> >> /Kasper >> >> ------------------------------------------------------------------------------ >> Download Intel® Parallel Studio Eval >> Try the new software tools for yourself. Speed compiling, find bugs >> proactively, and fine-tune applications for parallel performance. >> See why Intel Parallel Studio got high marks during beta. >> http://p.sf.net/sfu/intel-sw-dev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > |
From: Miroslav S. <mir...@gm...> - 2010-03-15 12:01:10
|
Hi. Thank you for your report. Please, update your sqlmap to the latest version to have it fixed. Kind regards. On Mon, Mar 15, 2010 at 12:32 PM, Kasper Føns <th...@ma...> wrote: > Hello sqlmap users. > > It seems that sqlmap i using the wrong session file if a hosts on the > google dorks are vulnerable and the vulnerability is used. The next > vulnerable host will use the same session file! > > [12:14:17] [INFO] testing url <A>/index.php?id=67,0,0,1,0,0 > [12:14:17] [INFO] using > 'C:\Users\foens\Desktop\sqlmap\output\<A>\session' as session file > [12:14:17] [INFO] testing connection to the target url > ... > [12:14:20] [INFO] testing if the url is stable, wait a few seconds > [12:14:27] [WARNING] url is not stable, sqlmap will base the page > comparison on a sequence matcher, if no dynamic nor injectable > parameters are detected, refer to user's manual paragraph 'Page > comparison' and provide a string or regular expression to match on > [12:14:27] [INFO] testing sql injection on GET parameter 'id' with 0 > parenthesis > ... > ... > > [12:19:46] [INFO] GET parameter 'id' is double quoted string injectable > with 3 parenthesis > do you want to exploit this SQL injection? [Y/n] y > [12:20:36] [INFO] testing for parenthesis on injectable parameter > [12:21:00] [INFO] the injectable parameter requires 3 parenthesis > [12:21:00] [INFO] testing MySQL > [12:21:08] [WARNING] the back-end DMBS is not MySQL > [12:21:08] [INFO] testing Oracle > [12:21:17] [WARNING] the back-end DMBS is not Oracle > [12:21:17] [INFO] testing PostgreSQL > [12:21:26] [WARNING] the back-end DMBS is not PostgreSQL > [12:21:26] [INFO] testing Microsoft SQL Server > [12:21:34] [INFO] confirming Microsoft SQL Server > [12:21:43] [INFO] the back-end DBMS is Microsoft SQL Server > > web application technology: Apache 1.3.41, PHP 5.2.13 > back-end DBMS: Microsoft SQL Server 2000 > > ... > ... > > GET <B>/edb_og_internet/hardware/index.php?id=32 > do you want to test this url? [Y/n/q] > > y > [12:25:10] [INFO] testing url <B>/edb_og_internet/hardware/index.php?id=32 > [12:25:10] [INFO] using > 'C:\Users\foens\Desktop\sqlmap\output\<A>\session' as session file > > I have anonyminized the hosts. > > /Kasper > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Kasper F. <th...@ma...> - 2010-03-15 11:55:30
|
Hello sqlmap users. I have a question about how sqlmap utilizes the cpu. On my computer the CPU being utilized is nearly always 50%, and since I have two cores I suspect some thread to be in deadlock or maybe doing busy-waiting. If using busy-waiting, I would suggest using an event-based approach instead. /Kasper |
From: Bernardo D. A. G. <ber...@gm...> - 2010-03-15 11:42:32
|
Try to provide the argument of -u between double quotes. Bernardo On Mon, Mar 15, 2010 at 11:35, Kasper Føns <th...@ma...> wrote: > Hello sqlmap users. > > It seems that sqlmap is not parsing the url correctly, see following output: > > C:\Users\foens\Desktop\sqlmap>sqlmap.py -u > http://<host>/conferences/viewpaper.php?id=2387&cf=16 > > sqlmap/0.9-dev - automatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > > [*] starting at: 12:32:56 > > [12:32:56] [INFO] using > 'C:\Users\foens\Desktop\sqlmap\output\<host>\session' as session file > [12:32:56] [INFO] testing connection to the target url > [12:32:56] [INFO] testing if the url is stable, wait a few seconds > [12:32:58] [INFO] url is stable > [12:32:58] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic > [12:32:58] [WARNING] User-Agent parameter 'User-Agent' is not dynamic > [12:32:58] [INFO] testing if GET parameter 'id' is dynamic > [12:32:58] [WARNING] GET parameter 'id' is not dynamic > > [*] shutting down at: 12:32:58 > > 'cf' is not recognized as an internal or external command, > operable program or batch file. > > C:\Users\foens\Desktop\sqlmap> > > I have anonyminized the host. It seems that the "cf" parameter is being > used as a program in some script. I am running on Windows. > > /Kasper > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
From: Kasper F. <th...@ma...> - 2010-03-15 11:35:51
|
Hello sqlmap users. It seems that sqlmap is not parsing the url correctly, see following output: C:\Users\foens\Desktop\sqlmap>sqlmap.py -u http://<host>/conferences/viewpaper.php?id=2387&cf=16 sqlmap/0.9-dev - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 12:32:56 [12:32:56] [INFO] using 'C:\Users\foens\Desktop\sqlmap\output\<host>\session' as session file [12:32:56] [INFO] testing connection to the target url [12:32:56] [INFO] testing if the url is stable, wait a few seconds [12:32:58] [INFO] url is stable [12:32:58] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic [12:32:58] [WARNING] User-Agent parameter 'User-Agent' is not dynamic [12:32:58] [INFO] testing if GET parameter 'id' is dynamic [12:32:58] [WARNING] GET parameter 'id' is not dynamic [*] shutting down at: 12:32:58 'cf' is not recognized as an internal or external command, operable program or batch file. C:\Users\foens\Desktop\sqlmap> I have anonyminized the host. It seems that the "cf" parameter is being used as a program in some script. I am running on Windows. /Kasper |
From: Kasper F. <th...@ma...> - 2010-03-15 11:32:29
|
Hello sqlmap users. It seems that sqlmap i using the wrong session file if a hosts on the google dorks are vulnerable and the vulnerability is used. The next vulnerable host will use the same session file! [12:14:17] [INFO] testing url <A>/index.php?id=67,0,0,1,0,0 [12:14:17] [INFO] using 'C:\Users\foens\Desktop\sqlmap\output\<A>\session' as session file [12:14:17] [INFO] testing connection to the target url ... [12:14:20] [INFO] testing if the url is stable, wait a few seconds [12:14:27] [WARNING] url is not stable, sqlmap will base the page comparison on a sequence matcher, if no dynamic nor injectable parameters are detected, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on [12:14:27] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis ... ... [12:19:46] [INFO] GET parameter 'id' is double quoted string injectable with 3 parenthesis do you want to exploit this SQL injection? [Y/n] y [12:20:36] [INFO] testing for parenthesis on injectable parameter [12:21:00] [INFO] the injectable parameter requires 3 parenthesis [12:21:00] [INFO] testing MySQL [12:21:08] [WARNING] the back-end DMBS is not MySQL [12:21:08] [INFO] testing Oracle [12:21:17] [WARNING] the back-end DMBS is not Oracle [12:21:17] [INFO] testing PostgreSQL [12:21:26] [WARNING] the back-end DMBS is not PostgreSQL [12:21:26] [INFO] testing Microsoft SQL Server [12:21:34] [INFO] confirming Microsoft SQL Server [12:21:43] [INFO] the back-end DBMS is Microsoft SQL Server web application technology: Apache 1.3.41, PHP 5.2.13 back-end DBMS: Microsoft SQL Server 2000 ... ... GET <B>/edb_og_internet/hardware/index.php?id=32 do you want to test this url? [Y/n/q] > y [12:25:10] [INFO] testing url <B>/edb_og_internet/hardware/index.php?id=32 [12:25:10] [INFO] using 'C:\Users\foens\Desktop\sqlmap\output\<A>\session' as session file I have anonyminized the hosts. /Kasper |
From: Bernardo D. A. G. <ber...@gm...> - 2010-03-15 11:00:01
|
Fixed and committed, thanks for reporting. Cheers, Bernardo On Mon, Mar 15, 2010 at 10:15, Kasper Føns <th...@ma...> wrote: > Hello sqlmap users. > > It seems that sqlmap is not too happy with google-dorks results. > > This is self explainatory I think: > C:\Users\foens\Desktop\sqlmap>sqlmap.py -g "inurl:php?id" -p id > > sqlmap/0.8 - automatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > > [*] starting at: 11:10:00 > > [11:10:00] [INFO] first request to Google to get the session cookie > [11:10:00] [INFO] using Google result page #1 > [11:10:01] [INFO] sqlmap got 100 results for your Google dork > expression, 95 of them are testable targets > [11:10:01] [INFO] sqlmap got a total of 95 targets > url 1: > GET http://www.axiotron.com/index.php?id=modbook > do you want to test this url? [Y/n/q] > > y > [11:10:04] [INFO] testing url http://www.axiotron.com/index.php?id=modbook > [11:10:04] [ERROR] all testable parameters you provided are not present > within the GET, POST and Cookie parameters > > [*] shutting down at: 11:10:04 > > It does not seem it is able to see that the id parameter is found in the > GET request. > > This also seems to be the result of: > C:\Users\foens\Desktop\sqlmap>sqlmap.py -g "inurl:php?id" > > sqlmap/0.8 - automatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > > [*] starting at: 11:12:32 > > [11:12:32] [INFO] first request to Google to get the session cookie > [11:12:32] [INFO] using Google result page #1 > [11:12:33] [INFO] sqlmap got 100 results for your Google dork > expression, 95 of them are testable targets > [11:12:33] [INFO] sqlmap got a total of 95 targets > url 1: > GET http://www.axiotron.com/index.php?id=modbook > do you want to test this url? [Y/n/q] > > y > [11:12:37] [INFO] testing url http://www.axiotron.com/index.php?id=modbook > [11:12:37] [INFO] using > 'C:\Users\foens\Desktop\sqlmap\output\www.axiotron.com\session' as > session file > [11:12:37] [INFO] testing connection to the target url > [11:12:38] [INFO] testing if the url is stable, wait a few seconds > [11:12:41] [INFO] url is stable > [11:12:41] [INFO] testing if Cookie parameter 'fe_typo_user' is dynamic > [11:12:42] [WARNING] Cookie parameter 'fe_typo_user' is not dynamic > [11:12:42] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic > [11:12:44] [WARNING] User-Agent parameter 'User-Agent' is not dynamic > url 2: > GET http://www.llgc.org.uk/index.php?id=2 > do you want to test this url? [Y/n/q] > > q > > [*] shutting down at: 11:12:56 > > > C:\Users\foens\Desktop\sqlmap> > > Why is the GET parameter id not checked here? > > I am using latest svn version. > > /Kasper > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
From: Kasper F. <th...@ma...> - 2010-03-15 10:16:04
|
Hello sqlmap users. It seems that sqlmap is not too happy with google-dorks results. This is self explainatory I think: C:\Users\foens\Desktop\sqlmap>sqlmap.py -g "inurl:php?id" -p id sqlmap/0.8 - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 11:10:00 [11:10:00] [INFO] first request to Google to get the session cookie [11:10:00] [INFO] using Google result page #1 [11:10:01] [INFO] sqlmap got 100 results for your Google dork expression, 95 of them are testable targets [11:10:01] [INFO] sqlmap got a total of 95 targets url 1: GET http://www.axiotron.com/index.php?id=modbook do you want to test this url? [Y/n/q] > y [11:10:04] [INFO] testing url http://www.axiotron.com/index.php?id=modbook [11:10:04] [ERROR] all testable parameters you provided are not present within the GET, POST and Cookie parameters [*] shutting down at: 11:10:04 It does not seem it is able to see that the id parameter is found in the GET request. This also seems to be the result of: C:\Users\foens\Desktop\sqlmap>sqlmap.py -g "inurl:php?id" sqlmap/0.8 - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 11:12:32 [11:12:32] [INFO] first request to Google to get the session cookie [11:12:32] [INFO] using Google result page #1 [11:12:33] [INFO] sqlmap got 100 results for your Google dork expression, 95 of them are testable targets [11:12:33] [INFO] sqlmap got a total of 95 targets url 1: GET http://www.axiotron.com/index.php?id=modbook do you want to test this url? [Y/n/q] > y [11:12:37] [INFO] testing url http://www.axiotron.com/index.php?id=modbook [11:12:37] [INFO] using 'C:\Users\foens\Desktop\sqlmap\output\www.axiotron.com\session' as session file [11:12:37] [INFO] testing connection to the target url [11:12:38] [INFO] testing if the url is stable, wait a few seconds [11:12:41] [INFO] url is stable [11:12:41] [INFO] testing if Cookie parameter 'fe_typo_user' is dynamic [11:12:42] [WARNING] Cookie parameter 'fe_typo_user' is not dynamic [11:12:42] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic [11:12:44] [WARNING] User-Agent parameter 'User-Agent' is not dynamic url 2: GET http://www.llgc.org.uk/index.php?id=2 do you want to test this url? [Y/n/q] > q [*] shutting down at: 11:12:56 C:\Users\foens\Desktop\sqlmap> Why is the GET parameter id not checked here? I am using latest svn version. /Kasper |
From: Bernardo D. A. G. <ber...@gm...> - 2010-03-15 03:10:55
|
Hi, I am glad to release sqlmap version 0.8. Changes ======= Some of the new features include: * Support to enumerate and dump all databases' tables containing user provided column(s) by specifying for instance '--dump -C user,pass'. Useful to identify for instance tables containing custom application credentials (Bernardo). * Support to parse -C (column name(s)) when fetching columns of a table with --columns: it will enumerate only columns like the provided one(s) within the specified table (Bernardo). * Support for takeover features on PostgreSQL 8.4 (Bernardo). * Enhanced --priv-esc to rely on new Metasploit Meterpreter's 'getsystem' command to elevate privileges of the user running the back-end DBMS instance to SYSTEM on Windows (Bernardo). * Automatic support in --os-pwn to use the web uploader/backdoor to upload and execute the Metasploit payload stager when stacked queries SQL injection is not supported, for instance on MySQL/PHP and MySQL/ASP, but there is a writable folder within the web server document root (Bernardo and Miroslav). * Added support for regular expression based scope when parsing Burp or Web Scarab proxy log file (-l), --scope (Miroslav). Complete list of changes at https://svn.sqlmap.org/sqlmap/trunk/sqlmap/doc/ChangeLog. Download ======== You can download it in various formats: * Source gzip compressed, http://downloads.sourceforge.net/sqlmap/sqlmap-0.8.tar.gz * Source bzip2 compressed, http://downloads.sourceforge.net/sqlmap/sqlmap-0.8.tar.bz2 * Source zip compressed, http://downloads.sourceforge.net/sqlmap/sqlmap-0.8.zip * DEB binary package, http://downloads.sourceforge.net/sqlmap/sqlmap_0.8-1_all.deb * RPM binary package, http://downloads.sourceforge.net/sqlmap/sqlmap-0.8-1.noarch.rpm * Portable executable for Windows that does not require the Python interpreter to be installed on the operating system, http://downloads.sourceforge.net/sqlmap/sqlmap-0.8_exe.zip Documentation ============= * sqlmap user's manual: http://sqlmap.sourceforge.net/doc/README.pdf * Conferences' material (whitepaper and slides): http://sqlmap.sourceforge.net/#docs Contribute ========== I am looking for security geeks who can write some "clean" Python code, know about web application security, database takeover, post-exploitation techniques, software refactoring and are motivated to join the development team. If you are interested, please get back to me (ber...@gm...). If you have no clue what the tool is about, are excited about joining the effort, but has never written a single line of code or you want only to appear in the AUTHORS file, please don't waste my and your time. Happy hacking! Bernardo and Miroslav -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
From: Miroslav S. <mir...@gm...> - 2010-03-14 07:13:33
|
Hi. This looks like a problem fixed in development version some time ago. Please try to check out the latest development version from our repository: https://svn.sqlmap.org/sqlmap/trunk/sqlmap. As you are probably Windows user (as can be seen from the bug report you've sent) you can try to check it out with TortoiseSVN. The other option is to wait for the next official release which is coming very soon :) Kind regards. On 14.3.2010 2:05, Brandon wrote: > sqlmap version: 0.7 > Python version: 2.6.1 > Operating system: win32 > Traceback (most recent call last): > File "sqlmap.py", line 84, in main > File "lib\controller\controller.pyc", line 263, in start > File "lib\controller\action.pyc", line 140, in action > File "plugins\generic\takeover.pyc", line 295, in osShell > File "plugins\generic\takeover.pyc", line 187, in __webBackdoorInit > File "lib\request\connect.pyc", line 131, in getPage > File "urllib2.pyc", line 124, in urlopen > File "urllib2.pyc", line 383, in open > File "urllib2.pyc", line 401, in _open > File "urllib2.pyc", line 361, in _call_chain > File "urllib2.pyc", line 1130, in http_open > File "urllib2.pyc", line 1087, in do_open > File "httplib.pyc", line 656, in __init__ > File "httplib.pyc", line 668, in _set_hostport > InvalidURL: nonnumeric port: '80\home\httpd\html\themobilebroker.com > <http://themobilebroker.com>\public_html' > I hope you fix this problem > > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Brandon <bmu...@gm...> - 2010-03-14 01:05:49
|
sqlmap version: 0.7 Python version: 2.6.1 Operating system: win32 Traceback (most recent call last): File "sqlmap.py", line 84, in main File "lib\controller\controller.pyc", line 263, in start File "lib\controller\action.pyc", line 140, in action File "plugins\generic\takeover.pyc", line 295, in osShell File "plugins\generic\takeover.pyc", line 187, in __webBackdoorInit File "lib\request\connect.pyc", line 131, in getPage File "urllib2.pyc", line 124, in urlopen File "urllib2.pyc", line 383, in open File "urllib2.pyc", line 401, in _open File "urllib2.pyc", line 361, in _call_chain File "urllib2.pyc", line 1130, in http_open File "urllib2.pyc", line 1087, in do_open File "httplib.pyc", line 656, in __init__ File "httplib.pyc", line 668, in _set_hostport InvalidURL: nonnumeric port: '80\home\httpd\html\themobilebroker.com \public_html' I hope you fix this problem |