sqlmap-users Mailing List for sqlmap (Page 38)
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users — sqlmap users mailing list
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
| 2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
| 2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
| 2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
| 2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
| 2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
| 2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
| 2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
| 2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Dirk W. <sp...@dr...> - 2013-04-15 09:36:54
|
On 04/14/2013 01:14 AM, Miroslav Stampar wrote:
> Nevertheless, with the latest commit that check should be "neutralized" now. Could you please retry it now?
thx, Miroslav. I tried (b6fee63) but this time the cookie parser lib hiccups, using the same file:
/usr/lib64/python2.7/_MozillaCookieJar.py:109: UserWarning: cookielib bug!
Traceback (most recent call last):
File "/usr/lib64/python2.7/_MozillaCookieJar.py", line 82, in _really_load
assert domain_specified == initial_dot
AssertionError
_warn_unhandled_exception()
[11:13:26] [CRITICAL] there was a problem loading cookies file ('invalid Netscape format cookies file '/tmp/sqlmapcj-pbP7P1': '<FQDN>\tTRUE\t<PATH>\tTRUE\t9999999999\tJSESSIONID\t6ADFAA167AA89CF993061E5CACEF46C9'')
the 999.. looks strange to me.
>
>
> On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar <mir...@gm... <mailto:mir...@gm...>> wrote:
>
> Hi Dirk.
>
> Well, I would say that you have an expired cookie. Do you see that value 0? That value should be a valid UNIX time representing time of cookie expiration. Also, I've just tested that cookie of yours and sqlmap says: "[WARNING] cookie '....' has expired"
>
that's true but IMO 0 represents just a session cookie. Example:
prompt% wget -q -O /dev/null --keep-session-cookies --save-cookies=/dev/stdout bing.com
# HTTP cookie file.
# Generated by Wget on 2013-04-15 11:23:13.
# Edit at your own risk.
.bing.com TRUE / FALSE 1429089794 SRCHUSR AUTOREDIR=0&GEOVAR=&DOB=20130415
.bing.com TRUE / FALSE 1429089794 SRCHD D=2781203&MS=2781203&AF=NOFORM
.bing.com TRUE / FALSE 1429089794 OrigMUID 333995A69E06630B2EB491169F016314%2cfc3b876c239e43d4bfc1544927289abe
.bing.com TRUE / FALSE 1429089794 MUID 333995A69E06630B2EB491169F016314
.bing.com TRUE / FALSE 0 _SS SID=B954CB7EDF8643CABAD8013F27A241E7
.bing.com TRUE / FALSE 0 _HOP
.bing.com TRUE / FALSE 0 _FS NU=1
.bing.com TRUE / FALSE 1429089794 _FP EM=1
www.bing.com FALSE / FALSE 1429089794 SRCHUID V=2&GUID=975091780DFF407DA9DD07139FD97C4D
www.bing.com FALSE / FALSE 1429089794 MUIDB 333995A69E06630B2EB491169F016314
prompt%
Same parser problem btw if I edit the cookie file and put 1429089794 unix time instead of 0 in there.
Ok: With the prev rev ed5599f it reads this file ok (no session cookies but cookies w/ expiration date) and uses the last
cookie only for the first 120 tries.
Cheers, Dirk
>
> Kind regards,
> Miroslav Stampar
>
>
> On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr... <mailto:sp...@dr...>> wrote:
>
>
> Hi Miroslav,
>
> thx for your prompt answer.
>
> On 04/12/2013 07:45 PM, Miroslav Stampar wrote:
> > Hi Dirk.
> >
> > Could you please get the latest revision and retry it again?
> ed5599f: almost the same: with cookie in the header sqlmap takes only this one.
> The slight difference seems to be that in the case where I didn't supply a cookie
> sqlmap doesn't use any cookie at all, i.e. now not the one from the server anymore.
> >
> > There was a situation where info messages have been wrongly written that original response contained Set-Cookie in situations like yours.
> >
> > In case that everything stays as it is, I'll need to ask you to provide more details. For example, cookie file would be great.
>
> sure, here you go:
>
> --snip
> # Netscape HTTP Cookie File
> <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID \t <Cookie>
> [..]
> --snap
>
> They are all session cookies. For easier reading here I put some blanks in the line
> above, in "cookie-file" there aren't any though. Cookies were generated with
> stompy and a shell script (looks he same as with
> wget -S -O /dev/null --keep-session-cookies --save-cookies=<file> <URL>)
>
> Again: sqlmap doesn't hiccup/complain while eating my cookies file ;-)
>
> >
> > Also, please make sure that the cookie file contains proper cookie(s) - domain name should be the same as a domain of target, cookie needs to have a proper valid time, etc.
>
> see above.
>
> Cheers,
>
> Dirk
>
> >
> >
> > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter <sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>>> wrote:
> >
> > Hi Miroslav,
> >
> > yes unfortunately.
> >
> > If I omit the cookie line in the request header completely, sqlmap
> > seems to take the first cookie issued by the server with set-cookie (and
> > put's it silently in).
> >
> > Cheers,
> >
> > Dirk
> >
> >
> >
> > On 04/12/2013 03:24 PM, Miroslav Stampar wrote:
> > > Hi.
> > >
> > > And this is also happening if you are skipping "Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request?
> > >
> > > Kind regards,
> > > Miroslav Stampar
> > >
> > >
> > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>> <mailto:sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>>>> wrote:
> > >
> > >
> > > Hi folks,
> > >
> > > .... that doesn't work for me. It always uses the cookie supplied
> > > (below in $REQUEST, or if I omit the line in $REQUEST the one
> > > from the 1st server reply is being used)
> > >
> > > So what is wrong in here:
> > >
> > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce
> > > ./sqlmap.py --ignore-proxy --force-ssl --beep \
> > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \
> > > --level=2 --risk=2 -r $REQUEST
> > >
> > > The content of the file $REQUEST is:
> > >
> > > POST <URL> HTTP/1.1
> > > Host: <HOST>
> > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/525.13 (KHTML, like Gecko)
> > > Chrome/0.2.149.6 <http://0.2.149.6> <http://0.2.149.6> <http://0.2.149.6> Safari/525.13
> > > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> > > Accept-Language: en-US,en;q=0.5
> > > Accept-Encoding: gzip, deflate
> > > Referer: <Referer>
> > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7
> > > Connection: keep-alive
> > > Content-Type: application/x-www-form-urlencoded
> > > Content-Length: 67
> > >
> > > <abunchofpostparams>
> > >
> > >
> > > No hints that cookie-file is not in correct format (I've been through this,
> > > at least I think I so ;) ).
> > >
> > > Any insight would be much appreciated.
> > >
> > >
> > > Cheers,
> > >
> > > Dirk
> > >
> > >
> > > ------------------------------------------------------------------------------
> > > Precog is a next-generation analytics platform capable of advanced
> > > analytics on semi-structured data. The platform includes APIs for building
> > > apps and a phenomenal toolset for data science. Developers can use
> > > our toolset for easy data analysis & visualization. Get a free account!
> > > http://www2.precog.com/precogplatform/slashdotnewsletter
> > > _______________________________________________
> > > sqlmap-users mailing list
> > > sql...@li... <mailto:sql...@li...> <mailto:sql...@li... <mailto:sql...@li...>> <mailto:sql...@li... <mailto:sql...@li...> <mailto:sql...@li... <mailto:sql...@li...>>>
> > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
> > >
> > >
> > >
> > >
> > > --
> > > Miroslav Stampar
> > > http://about.me/stamparm
> >
> >
> >
> >
> > --
> > Miroslav Stampar
> > http://about.me/stamparm
>
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
|
|
From: David G. <sk...@gm...> - 2013-04-14 00:41:10
|
Good question Miroslav.. I tried to think in something that can be implemented without ruin sqlmap query schema, but I could not come to any conclusion... =( The thing is, sqlsus use a different approch to dump the data, making this kind of thing possible... The solution that I found in this particular scenario is to use sqlsus, unfortunately... Regards. David On Mon, Apr 1, 2013 at 6:35 PM, Miroslav Stampar <mir...@gm... > wrote: > Hi David. > > And what do you recommend to be done in case of query with length > > max_inj_length? > > Kind regards, > Miroslav Stampar > On Apr 1, 2013 11:14 PM, "David Guimaraes" <sk...@gm...> wrote: > >> Hi, I am trying to perform sql injection on a web site but I can not get >> successful due to a size limitation on the query sent to the server. The >> server is limiting the size of query in 512 bytes only and sqlmap do not >> have any customization that allows me to bypass this restriction like >> sqlsus "max_inj_length" parameter. Sqlsus has a feature called "autoconf" >> that measure the permited query size. >> >> There is some chance to put this kind of feature in sqlmap? >> >> Thanks. >> >> -- >> David Gomes Guimarães >> >> >> ------------------------------------------------------------------------------ >> Own the Future-Intel® Level Up Game Demo Contest 2013 >> Rise to greatness in Intel's independent game demo contest. >> Compete for recognition, cash, and the chance to get your game >> on Steam. $5K grand prize plus 10 genre and skill prizes. >> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> -- David Gomes Guimarães |
|
From: Miroslav S. <mir...@gm...> - 2013-04-13 23:14:47
|
Nevertheless, with the latest commit that check should be "neutralized" now. Could you please retry it now? Kind regards, Miroslav Stampar On Sun, Apr 14, 2013 at 12:59 AM, Miroslav Stampar < mir...@gm...> wrote: > Hi Dirk. > > Well, I would say that you have an expired cookie. Do you see that value > 0? That value should be a valid UNIX time representing time of cookie > expiration. Also, I've just tested that cookie of yours and sqlmap says: > "[WARNING] cookie '....' has expired" > > Kind regards, > Miroslav Stampar > > > On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr...> wrote: > >> >> Hi Miroslav, >> >> thx for your prompt answer. >> >> On 04/12/2013 07:45 PM, Miroslav Stampar wrote: >> > Hi Dirk. >> > >> > Could you please get the latest revision and retry it again? >> ed5599f: almost the same: with cookie in the header sqlmap takes only >> this one. >> The slight difference seems to be that in the case where I didn't supply >> a cookie >> sqlmap doesn't use any cookie at all, i.e. now not the one from the >> server anymore. >> > >> > There was a situation where info messages have been wrongly written >> that original response contained Set-Cookie in situations like yours. >> > >> > In case that everything stays as it is, I'll need to ask you to provide >> more details. For example, cookie file would be great. >> >> sure, here you go: >> >> --snip >> # Netscape HTTP Cookie File >> <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID \t >> <Cookie> >> [..] >> --snap >> >> They are all session cookies. For easier reading here I put some blanks >> in the line >> above, in "cookie-file" there aren't any though. Cookies were generated >> with >> stompy and a shell script (looks he same as with >> wget -S -O /dev/null --keep-session-cookies --save-cookies=<file> <URL>) >> >> Again: sqlmap doesn't hiccup/complain while eating my cookies file ;-) >> >> > >> > Also, please make sure that the cookie file contains proper cookie(s) - >> domain name should be the same as a domain of target, cookie needs to have >> a proper valid time, etc. >> >> see above. >> >> Cheers, >> >> Dirk >> >> > >> > >> > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...>> wrote: >> > >> > Hi Miroslav, >> > >> > yes unfortunately. >> > >> > If I omit the cookie line in the request header completely, sqlmap >> > seems to take the first cookie issued by the server with set-cookie >> (and >> > put's it silently in). >> > >> > Cheers, >> > >> > Dirk >> > >> > >> > >> > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: >> > > Hi. >> > > >> > > And this is also happening if you are skipping "Cookie: >> JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? >> > > >> > > Kind regards, >> > > Miroslav Stampar >> > > >> > > >> > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr...<mailto: >> sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>>> >> wrote: >> > > >> > > >> > > Hi folks, >> > > >> > > .... that doesn't work for me. It always uses the cookie >> supplied >> > > (below in $REQUEST, or if I omit the line in $REQUEST the one >> > > from the 1st server reply is being used) >> > > >> > > So what is wrong in here: >> > > >> > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce >> > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ >> > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ >> > > --level=2 --risk=2 -r $REQUEST >> > > >> > > The content of the file $REQUEST is: >> > > >> > > POST <URL> HTTP/1.1 >> > > Host: <HOST> >> > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) >> AppleWebKit/525.13 (KHTML, like Gecko) >> > > Chrome/0.2.149.6 <http://0.2.149.6> <http://0.2.149.6> >> Safari/525.13 >> > > Accept: >> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 >> > > Accept-Language: en-US,en;q=0.5 >> > > Accept-Encoding: gzip, deflate >> > > Referer: <Referer> >> > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 >> > > Connection: keep-alive >> > > Content-Type: application/x-www-form-urlencoded >> > > Content-Length: 67 >> > > >> > > <abunchofpostparams> >> > > >> > > >> > > No hints that cookie-file is not in correct format (I've been >> through this, >> > > at least I think I so ;) ). >> > > >> > > Any insight would be much appreciated. >> > > >> > > >> > > Cheers, >> > > >> > > Dirk >> > > >> > > >> > > >> ------------------------------------------------------------------------------ >> > > Precog is a next-generation analytics platform capable of >> advanced >> > > analytics on semi-structured data. The platform includes APIs >> for building >> > > apps and a phenomenal toolset for data science. Developers >> can use >> > > our toolset for easy data analysis & visualization. Get a >> free account! >> > > http://www2.precog.com/precogplatform/slashdotnewsletter >> > > _______________________________________________ >> > > sqlmap-users mailing list >> > > sql...@li... <mailto: >> sql...@li...> <mailto: >> sql...@li... <mailto: >> sql...@li...>> >> > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > >> > > >> > > >> > > >> > > -- >> > > Miroslav Stampar >> > > http://about.me/stamparm >> > >> > >> > >> > >> > -- >> > Miroslav Stampar >> > http://about.me/stamparm >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-04-13 22:59:30
|
Hi Dirk. Well, I would say that you have an expired cookie. Do you see that value 0? That value should be a valid UNIX time representing time of cookie expiration. Also, I've just tested that cookie of yours and sqlmap says: "[WARNING] cookie '....' has expired" Kind regards, Miroslav Stampar On Sat, Apr 13, 2013 at 12:54 PM, Dirk Wetter <sp...@dr...> wrote: > > Hi Miroslav, > > thx for your prompt answer. > > On 04/12/2013 07:45 PM, Miroslav Stampar wrote: > > Hi Dirk. > > > > Could you please get the latest revision and retry it again? > ed5599f: almost the same: with cookie in the header sqlmap takes only this > one. > The slight difference seems to be that in the case where I didn't supply a > cookie > sqlmap doesn't use any cookie at all, i.e. now not the one from the server > anymore. > > > > There was a situation where info messages have been wrongly written that > original response contained Set-Cookie in situations like yours. > > > > In case that everything stays as it is, I'll need to ask you to provide > more details. For example, cookie file would be great. > > sure, here you go: > > --snip > # Netscape HTTP Cookie File > <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID \t > <Cookie> > [..] > --snap > > They are all session cookies. For easier reading here I put some blanks in > the line > above, in "cookie-file" there aren't any though. Cookies were generated > with > stompy and a shell script (looks he same as with > wget -S -O /dev/null --keep-session-cookies --save-cookies=<file> <URL>) > > Again: sqlmap doesn't hiccup/complain while eating my cookies file ;-) > > > > > Also, please make sure that the cookie file contains proper cookie(s) - > domain name should be the same as a domain of target, cookie needs to have > a proper valid time, etc. > > see above. > > Cheers, > > Dirk > > > > > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter <sp...@dr... <mailto: > sp...@dr...>> wrote: > > > > Hi Miroslav, > > > > yes unfortunately. > > > > If I omit the cookie line in the request header completely, sqlmap > > seems to take the first cookie issued by the server with set-cookie > (and > > put's it silently in). > > > > Cheers, > > > > Dirk > > > > > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > > Hi. > > > > > > And this is also happening if you are skipping "Cookie: > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? > > > > > > Kind regards, > > > Miroslav Stampar > > > > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr...<mailto: > sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>>> > wrote: > > > > > > > > > Hi folks, > > > > > > .... that doesn't work for me. It always uses the cookie > supplied > > > (below in $REQUEST, or if I omit the line in $REQUEST the one > > > from the 1st server reply is being used) > > > > > > So what is wrong in here: > > > > > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > > > --level=2 --risk=2 -r $REQUEST > > > > > > The content of the file $REQUEST is: > > > > > > POST <URL> HTTP/1.1 > > > Host: <HOST> > > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) > AppleWebKit/525.13 (KHTML, like Gecko) > > > Chrome/0.2.149.6 <http://0.2.149.6> <http://0.2.149.6> > Safari/525.13 > > > Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > > Accept-Language: en-US,en;q=0.5 > > > Accept-Encoding: gzip, deflate > > > Referer: <Referer> > > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > > Connection: keep-alive > > > Content-Type: application/x-www-form-urlencoded > > > Content-Length: 67 > > > > > > <abunchofpostparams> > > > > > > > > > No hints that cookie-file is not in correct format (I've been > through this, > > > at least I think I so ;) ). > > > > > > Any insight would be much appreciated. > > > > > > > > > Cheers, > > > > > > Dirk > > > > > > > > > > ------------------------------------------------------------------------------ > > > Precog is a next-generation analytics platform capable of > advanced > > > analytics on semi-structured data. The platform includes APIs > for building > > > apps and a phenomenal toolset for data science. Developers can > use > > > our toolset for easy data analysis & visualization. Get a free > account! > > > http://www2.precog.com/precogplatform/slashdotnewsletter > > > _______________________________________________ > > > sqlmap-users mailing list > > > sql...@li... <mailto: > sql...@li...> <mailto: > sql...@li... <mailto: > sql...@li...>> > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > > > -- > > > Miroslav Stampar > > > http://about.me/stamparm > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Dirk W. <sp...@dr...> - 2013-04-13 10:55:11
|
Hi Miroslav, thx for your prompt answer. On 04/12/2013 07:45 PM, Miroslav Stampar wrote: > Hi Dirk. > > Could you please get the latest revision and retry it again? ed5599f: almost the same: with cookie in the header sqlmap takes only this one. The slight difference seems to be that in the case where I didn't supply a cookie sqlmap doesn't use any cookie at all, i.e. now not the one from the server anymore. > > There was a situation where info messages have been wrongly written that original response contained Set-Cookie in situations like yours. > > In case that everything stays as it is, I'll need to ask you to provide more details. For example, cookie file would be great. sure, here you go: --snip # Netscape HTTP Cookie File <FQDN> \t FALSE \t <path> \t TRUE \t 0 \t JSESSIONID \t <Cookie> [..] --snap They are all session cookies. For easier reading here I put some blanks in the line above, in "cookie-file" there aren't any though. Cookies were generated with stompy and a shell script (looks he same as with wget -S -O /dev/null --keep-session-cookies --save-cookies=<file> <URL>) Again: sqlmap doesn't hiccup/complain while eating my cookies file ;-) > > Also, please make sure that the cookie file contains proper cookie(s) - domain name should be the same as a domain of target, cookie needs to have a proper valid time, etc. see above. Cheers, Dirk > > > On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter <sp...@dr... <mailto:sp...@dr...>> wrote: > > Hi Miroslav, > > yes unfortunately. > > If I omit the cookie line in the request header completely, sqlmap > seems to take the first cookie issued by the server with set-cookie (and > put's it silently in). > > Cheers, > > Dirk > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > Hi. > > > > And this is also happening if you are skipping "Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? > > > > Kind regards, > > Miroslav Stampar > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr... <mailto:sp...@dr...> <mailto:sp...@dr... <mailto:sp...@dr...>>> wrote: > > > > > > Hi folks, > > > > .... that doesn't work for me. It always uses the cookie supplied > > (below in $REQUEST, or if I omit the line in $REQUEST the one > > from the 1st server reply is being used) > > > > So what is wrong in here: > > > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > > --level=2 --risk=2 -r $REQUEST > > > > The content of the file $REQUEST is: > > > > POST <URL> HTTP/1.1 > > Host: <HOST> > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/525.13 (KHTML, like Gecko) > > Chrome/0.2.149.6 <http://0.2.149.6> <http://0.2.149.6> Safari/525.13 > > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > Accept-Language: en-US,en;q=0.5 > > Accept-Encoding: gzip, deflate > > Referer: <Referer> > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > Connection: keep-alive > > Content-Type: application/x-www-form-urlencoded > > Content-Length: 67 > > > > <abunchofpostparams> > > > > > > No hints that cookie-file is not in correct format (I've been through this, > > at least I think I so ;) ). > > > > Any insight would be much appreciated. > > > > > > Cheers, > > > > Dirk > > > > > > ------------------------------------------------------------------------------ > > Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for building > > apps and a phenomenal toolset for data science. Developers can use > > our toolset for easy data analysis & visualization. Get a free account! > > http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... <mailto:sql...@li...> <mailto:sql...@li... <mailto:sql...@li...>> > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-04-12 17:45:36
|
Hi Dirk. Could you please get the latest revision and retry it again? There was a situation where info messages have been wrongly written that original response contained Set-Cookie in situations like yours. In case that everything stays as it is, I'll need to ask you to provide more details. For example, cookie file would be great. Also, please make sure that the cookie file contains proper cookie(s) - domain name should be the same as a domain of target, cookie needs to have a proper valid time, etc. Kind regards, Miroslav Stampar On Fri, Apr 12, 2013 at 4:50 PM, Dirk Wetter <sp...@dr...> wrote: > Hi Miroslav, > > yes unfortunately. > > If I omit the cookie line in the request header completely, sqlmap > seems to take the first cookie issued by the server with set-cookie (and > put's it silently in). > > Cheers, > > Dirk > > > > On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > > Hi. > > > > And this is also happening if you are skipping "Cookie: > JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? > > > > Kind regards, > > Miroslav Stampar > > > > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr... <mailto: > sp...@dr...>> wrote: > > > > > > Hi folks, > > > > .... that doesn't work for me. It always uses the cookie supplied > > (below in $REQUEST, or if I omit the line in $REQUEST the one > > from the 1st server reply is being used) > > > > So what is wrong in here: > > > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > > --level=2 --risk=2 -r $REQUEST > > > > The content of the file $REQUEST is: > > > > POST <URL> HTTP/1.1 > > Host: <HOST> > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) > AppleWebKit/525.13 (KHTML, like Gecko) > > Chrome/0.2.149.6 <http://0.2.149.6> Safari/525.13 > > Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > Accept-Language: en-US,en;q=0.5 > > Accept-Encoding: gzip, deflate > > Referer: <Referer> > > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > > Connection: keep-alive > > Content-Type: application/x-www-form-urlencoded > > Content-Length: 67 > > > > <abunchofpostparams> > > > > > > No hints that cookie-file is not in correct format (I've been > through this, > > at least I think I so ;) ). > > > > Any insight would be much appreciated. > > > > > > Cheers, > > > > Dirk > > > > > > > ------------------------------------------------------------------------------ > > Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for > building > > apps and a phenomenal toolset for data science. Developers can use > > our toolset for easy data analysis & visualization. Get a free > account! > > http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... <mailto: > sql...@li...> > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Dirk W. <sp...@dr...> - 2013-04-12 14:52:00
|
Hi Miroslav, yes unfortunately. If I omit the cookie line in the request header completely, sqlmap seems to take the first cookie issued by the server with set-cookie (and put's it silently in). Cheers, Dirk On 04/12/2013 03:24 PM, Miroslav Stampar wrote: > Hi. > > And this is also happening if you are skipping "Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? > > Kind regards, > Miroslav Stampar > > > On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr... <mailto:sp...@dr...>> wrote: > > > Hi folks, > > .... that doesn't work for me. It always uses the cookie supplied > (below in $REQUEST, or if I omit the line in $REQUEST the one > from the 1st server reply is being used) > > So what is wrong in here: > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > --level=2 --risk=2 -r $REQUEST > > The content of the file $REQUEST is: > > POST <URL> HTTP/1.1 > Host: <HOST> > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/525.13 (KHTML, like Gecko) > Chrome/0.2.149.6 <http://0.2.149.6> Safari/525.13 > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Language: en-US,en;q=0.5 > Accept-Encoding: gzip, deflate > Referer: <Referer> > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > Connection: keep-alive > Content-Type: application/x-www-form-urlencoded > Content-Length: 67 > > <abunchofpostparams> > > > No hints that cookie-file is not in correct format (I've been through this, > at least I think I so ;) ). > > Any insight would be much appreciated. > > > Cheers, > > Dirk > > > ------------------------------------------------------------------------------ > Precog is a next-generation analytics platform capable of advanced > analytics on semi-structured data. The platform includes APIs for building > apps and a phenomenal toolset for data science. Developers can use > our toolset for easy data analysis & visualization. Get a free account! > http://www2.precog.com/precogplatform/slashdotnewsletter > _______________________________________________ > sqlmap-users mailing list > sql...@li... <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-04-12 13:24:49
|
Hi. And this is also happening if you are skipping "Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7" from the original request? Kind regards, Miroslav Stampar On Fri, Apr 12, 2013 at 3:10 PM, Dirk Wetter <sp...@dr...> wrote: > > Hi folks, > > .... that doesn't work for me. It always uses the cookie supplied > (below in $REQUEST, or if I omit the line in $REQUEST the one > from the 1st server reply is being used) > > So what is wrong in here: > > cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce > ./sqlmap.py --ignore-proxy --force-ssl --beep \ > --threads=8 -v 6 --load-cookies=$WD/cookie-file \ > --level=2 --risk=2 -r $REQUEST > > The content of the file $REQUEST is: > > POST <URL> HTTP/1.1 > Host: <HOST> > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) > AppleWebKit/525.13 (KHTML, like Gecko) > Chrome/0.2.149.6 Safari/525.13 > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Language: en-US,en;q=0.5 > Accept-Encoding: gzip, deflate > Referer: <Referer> > Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 > Connection: keep-alive > Content-Type: application/x-www-form-urlencoded > Content-Length: 67 > > <abunchofpostparams> > > > No hints that cookie-file is not in correct format (I've been through this, > at least I think I so ;) ). > > Any insight would be much appreciated. > > > Cheers, > > Dirk > > > > ------------------------------------------------------------------------------ > Precog is a next-generation analytics platform capable of advanced > analytics on semi-structured data. The platform includes APIs for building > apps and a phenomenal toolset for data science. Developers can use > our toolset for easy data analysis & visualization. Get a free account! > http://www2.precog.com/precogplatform/slashdotnewsletter > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
|
From: Dirk W. <sp...@dr...> - 2013-04-12 13:13:45
|
Hi folks, .... that doesn't work for me. It always uses the cookie supplied (below in $REQUEST, or if I omit the line in $REQUEST the one from the 1st server reply is being used) So what is wrong in here: cd ~/networking/tools/sqlmap/sqlmap-dev1.0-dev-ea12cce ./sqlmap.py --ignore-proxy --force-ssl --beep \ --threads=8 -v 6 --load-cookies=$WD/cookie-file \ --level=2 --risk=2 -r $REQUEST The content of the file $REQUEST is: POST <URL> HTTP/1.1 Host: <HOST> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.2.149.6 Safari/525.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: <Referer> Cookie: JSESSIONID=C2E79FD79E967D3E3BA52EE67F8824D7 Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 67 <abunchofpostparams> No hints that cookie-file is not in correct format (I've been through this, at least I think I so ;) ). Any insight would be much appreciated. Cheers, Dirk |
|
From: Miroslav S. <mir...@gm...> - 2013-04-10 14:46:36
|
Hi. Currently there is no support for it. I've opened a new Issue for it [1] and done some work regarding it, but there is a lot more to be done (internally we are treating everything with data body as POST - at lots and lots of places). Can't promise date of delivery :) Kind regards, Miroslav Stampar [1] https://github.com/sqlmapproject/sqlmap/issues/431 On Wed, Apr 10, 2013 at 3:59 PM, Laurie Mercer <lsm...@gm...> wrote: > Hello, > > I am testing a RESTful interface that uses HTTP PUT requests. If I load > these in SQLMap using the -r (load request from file) mode, I get an error: > > [CRITICAL] unable to find usable request(s) in provided file > > Does SQL map support HTTP PUT requests? > > -- > Laurie Mercer > _________________________ > lsm...@gm... > > > ------------------------------------------------------------------------------ > Precog is a next-generation analytics platform capable of advanced > analytics on semi-structured data. The platform includes APIs for building > apps and a phenomenal toolset for data science. Developers can use > our toolset for easy data analysis & visualization. Get a free account! > http://www2.precog.com/precogplatform/slashdotnewsletter > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Laurie M. <lsm...@gm...> - 2013-04-10 13:59:52
|
Hello, I am testing a RESTful interface that uses HTTP PUT requests. If I load these in SQLMap using the -r (load request from file) mode, I get an error: [CRITICAL] unable to find usable request(s) in provided file Does SQL map support HTTP PUT requests? -- Laurie Mercer _________________________ lsm...@gm... |
|
From: Miroslav S. <mir...@gm...> - 2013-04-10 10:01:19
|
Hi again. There was a "little" bug involved. Could you please retry it now? In case that you still have "problems" please write down as much details as you can about the "skipped" targets. Kind regards, Miroslav Stampar On Wed, Apr 10, 2013 at 11:38 AM, Miroslav Stampar < mir...@gm...> wrote: > Skipping conditions: > > 1) if hostname has been already being marked as "injectable" by one of > previous processed urls > 2) if key "hostname/path" has been already processed by one of previous > processed urls > 3) (in case of GET params) if key "hostname/path/params" has been already > processed by one of previous processed urls > > It's not very clear from your emails what condition is being evaluated in > your case. From your description paths are different. Then only one that > makes sense is 1). > > Kind regards, > Miroslav Stampar > > > > On Wed, Apr 10, 2013 at 11:18 AM, POUGET Laurent < > lau...@ca...> wrote: > >> Sorry, I wasn’t very clear.**** >> >> This urls have parameters, which are discovered by - -forms options (and >> log indicate that sqlmap find them) but they are both equals.**** >> >> ** ** >> >> http://mywebsite.com/mypage.php?id=1**** >> >> http://mywebsite.com/foo/mypage.php?id=1**** >> >> ** ** >> >> Thanks for your quick response,**** >> >> ** ** >> >> ** ** >> >> *De :* Miroslav Stampar [mailto:mir...@gm...] >> *Envoyé :* mercredi 10 avril 2013 11:13 >> *À :* POUGET Laurent >> *Cc :* sql...@li... >> *Objet :* Re: [sqlmap-users] Skipping last urls in url file**** >> >> ** ** >> >> Because there are no usable GET parameters inside of those provided links >> (e.g. ?id=1)**** >> >> ** ** >> >> Kind regards,**** >> >> Miroslav Stampar**** >> >> ** ** >> >> On Wed, Apr 10, 2013 at 11:10 AM, POUGET Laurent < >> lau...@ca...> wrote:**** >> >> Hi,**** >> >> **** >> >> I have a url file with ~100 of them.**** >> >> Some of this urls are just variation of others like :**** >> >> **** >> >> http://mywebsite.com/mypage.php**** >> >> http://mywebsite.com/foo/mypage.php**** >> >> **** >> >> At the end of the scan, some urls are skip and I don’t understand why.*** >> * >> >> In previous case, the second will be skipped.**** >> >> **** >> >> Why some urls are skipped ? And there is a way to force the scan ?**** >> >> **** >> >> **** >> >> ________________________________**** >> >> **** >> >> Laurent Pouget**** >> >> Ingénieur étude et développement**** >> >> Tel : 01.84.95.11.20**** >> >> **** >> >> Car & Boat Media**** >> >> 22 Rue Joubert 75009 Paris**** >> >> **** >> >> **** >> >> **** >> >> **** >> >> **** >> >> >> >> ------------------------------------------------------------------------------ >> Precog is a next-generation analytics platform capable of advanced >> analytics on semi-structured data. The platform includes APIs for building >> apps and a phenomenal toolset for data science. Developers can use >> our toolset for easy data analysis & visualization. Get a free account! >> http://www2.precog.com/precogplatform/slashdotnewsletter >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users**** >> >> >> >> **** >> >> ** ** >> >> -- >> Miroslav Stampar >> http://about.me/stamparm ** ** >> > > > > -- > Miroslav Stampar > http://about.me/stamparm > -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-04-10 09:38:16
|
Skipping conditions: 1) if hostname has been already being marked as "injectable" by one of previous processed urls 2) if key "hostname/path" has been already processed by one of previous processed urls 3) (in case of GET params) if key "hostname/path/params" has been already processed by one of previous processed urls It's not very clear from your emails what condition is being evaluated in your case. From your description paths are different. Then only one that makes sense is 1). Kind regards, Miroslav Stampar On Wed, Apr 10, 2013 at 11:18 AM, POUGET Laurent < lau...@ca...> wrote: > Sorry, I wasn’t very clear.**** > > This urls have parameters, which are discovered by - -forms options (and > log indicate that sqlmap find them) but they are both equals.**** > > ** ** > > http://mywebsite.com/mypage.php?id=1**** > > http://mywebsite.com/foo/mypage.php?id=1**** > > ** ** > > Thanks for your quick response,**** > > ** ** > > ** ** > > *De :* Miroslav Stampar [mailto:mir...@gm...] > *Envoyé :* mercredi 10 avril 2013 11:13 > *À :* POUGET Laurent > *Cc :* sql...@li... > *Objet :* Re: [sqlmap-users] Skipping last urls in url file**** > > ** ** > > Because there are no usable GET parameters inside of those provided links > (e.g. ?id=1)**** > > ** ** > > Kind regards,**** > > Miroslav Stampar**** > > ** ** > > On Wed, Apr 10, 2013 at 11:10 AM, POUGET Laurent < > lau...@ca...> wrote:**** > > Hi,**** > > **** > > I have a url file with ~100 of them.**** > > Some of this urls are just variation of others like :**** > > **** > > http://mywebsite.com/mypage.php**** > > http://mywebsite.com/foo/mypage.php**** > > **** > > At the end of the scan, some urls are skip and I don’t understand why.**** > > In previous case, the second will be skipped.**** > > **** > > Why some urls are skipped ? And there is a way to force the scan ?**** > > **** > > **** > > ________________________________**** > > **** > > Laurent Pouget**** > > Ingénieur étude et développement**** > > Tel : 01.84.95.11.20**** > > **** > > Car & Boat Media**** > > 22 Rue Joubert 75009 Paris**** > > **** > > **** > > **** > > **** > > **** > > > > ------------------------------------------------------------------------------ > Precog is a next-generation analytics platform capable of advanced > analytics on semi-structured data. The platform includes APIs for building > apps and a phenomenal toolset for data science. Developers can use > our toolset for easy data analysis & visualization. Get a free account! > http://www2.precog.com/precogplatform/slashdotnewsletter > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users**** > > > > **** > > ** ** > > -- > Miroslav Stampar > http://about.me/stamparm ** ** > -- Miroslav Stampar http://about.me/stamparm |
|
From: POUGET L. <lau...@ca...> - 2013-04-10 09:18:46
|
Sorry, I wasn't very clear. This urls have parameters, which are discovered by - -forms options (and log indicate that sqlmap find them) but they are both equals. http://mywebsite.com/mypage.php?id=1 http://mywebsite.com/foo/mypage.php?id=1 Thanks for your quick response, De : Miroslav Stampar [mailto:mir...@gm...] Envoyé : mercredi 10 avril 2013 11:13 À : POUGET Laurent Cc : sql...@li... Objet : Re: [sqlmap-users] Skipping last urls in url file Because there are no usable GET parameters inside of those provided links (e.g. ?id=1) Kind regards, Miroslav Stampar On Wed, Apr 10, 2013 at 11:10 AM, POUGET Laurent <lau...@ca...<mailto:lau...@ca...>> wrote: Hi, I have a url file with ~100 of them. Some of this urls are just variation of others like : http://mywebsite.com/mypage.php http://mywebsite.com/foo/mypage.php At the end of the scan, some urls are skip and I don't understand why. In previous case, the second will be skipped. Why some urls are skipped ? And there is a way to force the scan ? ________________________________ Laurent Pouget Ingénieur étude et développement Tel : 01.84.95.11.20 Car & Boat Media 22 Rue Joubert 75009 Paris ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ sqlmap-users mailing list sql...@li...<mailto:sql...@li...> https://lists.sourceforge.net/lists/listinfo/sqlmap-users -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-04-10 09:13:12
|
Because there are no usable GET parameters inside of those provided links (e.g. ?id=1) Kind regards, Miroslav Stampar On Wed, Apr 10, 2013 at 11:10 AM, POUGET Laurent < lau...@ca...> wrote: > Hi,**** > > ** ** > > I have a url file with ~100 of them.**** > > Some of this urls are just variation of others like :**** > > ** ** > > http://mywebsite.com/mypage.php**** > > http://mywebsite.com/foo/mypage.php**** > > ** ** > > At the end of the scan, some urls are skip and I don’t understand why.**** > > In previous case, the second will be skipped.**** > > ** ** > > Why some urls are skipped ? And there is a way to force the scan ?**** > > ** ** > > ** ** > > ________________________________**** > > ** ** > > Laurent Pouget**** > > Ingénieur étude et développement**** > > Tel : 01.84.95.11.20**** > > ** ** > > Car & Boat Media**** > > 22 Rue Joubert 75009 Paris**** > > ** ** > > ** ** > > ** ** > > ** ** > > ** ** > > > ------------------------------------------------------------------------------ > Precog is a next-generation analytics platform capable of advanced > analytics on semi-structured data. The platform includes APIs for building > apps and a phenomenal toolset for data science. Developers can use > our toolset for easy data analysis & visualization. Get a free account! > http://www2.precog.com/precogplatform/slashdotnewsletter > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: POUGET L. <lau...@ca...> - 2013-04-10 09:11:03
|
Hi, I have a url file with ~100 of them. Some of this urls are just variation of others like : http://mywebsite.com/mypage.php http://mywebsite.com/foo/mypage.php At the end of the scan, some urls are skip and I don't understand why. In previous case, the second will be skipped. Why some urls are skipped ? And there is a way to force the scan ? ________________________________ Laurent Pouget Ingénieur étude et développement Tel : 01.84.95.11.20 Car & Boat Media 22 Rue Joubert 75009 Paris |
|
From: Miroslav S. <mir...@gm...> - 2013-04-07 19:33:16
|
Hi. Could you please retry it now? Problem has been found and it should be fixed now. Kind regards, Miroslav Stampar On Sun, Apr 7, 2013 at 12:10 PM, Happy User <rob...@gm...>wrote: > The command line I used was sqlmap.py -m test-urls.txt -Twp_users > -Cid,user_login,user_pass --dump --stop 1 --answer="crack=N" -p id > --technique=B --null-connection --batch > test-urls-output.txt > > When processing a list of urls from a file, sqlmap retrieves the > database name from the first url and the uses this database name when > trying to retrieve column names for all other urls. > > For example in the attachment test-url-a48948_1.txt the first database > name retrieved was 'a48948_1', sqlmap tried to retrieve columns names > for the database a48948_1 in all following urls and failed. > > In the attachment test-urls-drmoto_wp.txt the first database name to be > retrieved was 'drmoto_wp', then sqlmap tried to retrieve columns names > for the database a48948_1 in all following urls. > > The file test-urls.txt in these two runs contained the same 3 urls, > just in different order. > > > > > ------------------------------------------------------------------------------ > Minimize network downtime and maximize team effectiveness. > Reduce network management and security costs.Learn how to hire > the most talented Cisco Certified professionals. Visit the > Employer Resources Portal > http://www.cisco.com/web/learning/employer_resources/index.html > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Happy U. <rob...@gm...> - 2013-04-07 10:10:31
|
The command line I used was sqlmap.py -m test-urls.txt -Twp_users -Cid,user_login,user_pass --dump --stop 1 --answer="crack=N" -p id --technique=B --null-connection --batch > test-urls-output.txt When processing a list of urls from a file, sqlmap retrieves the database name from the first url and the uses this database name when trying to retrieve column names for all other urls. For example in the attachment test-url-a48948_1.txt the first database name retrieved was 'a48948_1', sqlmap tried to retrieve columns names for the database a48948_1 in all following urls and failed. In the attachment test-urls-drmoto_wp.txt the first database name to be retrieved was 'drmoto_wp', then sqlmap tried to retrieve columns names for the database a48948_1 in all following urls. The file test-urls.txt in these two runs contained the same 3 urls, just in different order. |
|
From: Miroslav S. <mir...@gm...> - 2013-04-07 09:03:54
|
Hi. Find it patched now (altough I wouldn't be so sure that you didn't retrieve DB because of it). Kind regards, Miroslav Stampar On Fri, Apr 5, 2013 at 10:42 PM, mr r00ter <war...@gm...> wrote: > I didnt retrieve DB because of this error: [WARNING] unknown charset > 'windows-cp-1254'. > > > ------------------------------------------------------------------------------ > Minimize network downtime and maximize team effectiveness. > Reduce network management and security costs.Learn how to hire > the most talented Cisco Certified professionals. Visit the > Employer Resources Portal > http://www.cisco.com/web/learning/employer_resources/index.html > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
|
From: mr r. <war...@gm...> - 2013-04-05 20:43:03
|
I didnt retrieve DB because of this error: [WARNING] unknown charset 'windows-cp-1254'. |
|
From: Miroslav S. <mir...@gm...> - 2013-04-01 21:35:22
|
Hi David. And what do you recommend to be done in case of query with length > max_inj_length? Kind regards, Miroslav Stampar On Apr 1, 2013 11:14 PM, "David Guimaraes" <sk...@gm...> wrote: > Hi, I am trying to perform sql injection on a web site but I can not get > successful due to a size limitation on the query sent to the server. The > server is limiting the size of query in 512 bytes only and sqlmap do not > have any customization that allows me to bypass this restriction like > sqlsus "max_inj_length" parameter. Sqlsus has a feature called "autoconf" > that measure the permited query size. > > There is some chance to put this kind of feature in sqlmap? > > Thanks. > > -- > David Gomes Guimarães > > > ------------------------------------------------------------------------------ > Own the Future-Intel® Level Up Game Demo Contest 2013 > Rise to greatness in Intel's independent game demo contest. > Compete for recognition, cash, and the chance to get your game > on Steam. $5K grand prize plus 10 genre and skill prizes. > Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > |
|
From: David G. <sk...@gm...> - 2013-04-01 21:14:16
|
Hi, I am trying to perform sql injection on a web site but I can not get successful due to a size limitation on the query sent to the server. The server is limiting the size of query in 512 bytes only and sqlmap do not have any customization that allows me to bypass this restriction like sqlsus "max_inj_length" parameter. Sqlsus has a feature called "autoconf" that measure the permited query size. There is some chance to put this kind of feature in sqlmap? Thanks. -- David Gomes Guimarães |
|
From: Miroslav S. <mir...@gm...> - 2013-04-01 20:20:35
|
Hi. Problem found and "patched". Please update to the latest revision and retry it again (preferably with --flush-session or at least --fresh-queries). Kind regards, Miroslav Stampar On Mon, Apr 1, 2013 at 7:57 PM, Gerardo Iglesias Galvan <igl...@gm... > wrote: > When trying to enumerate columns names from a table (-T tablename > --columns) sqlmap successfully retrieves the schema from sqlite_master, > however it fails on identifying the columns names. I get the next output: > > > **************************************************************************** > > [11:57:54] [INFO] resuming back-end DBMS 'sqlite' > [11:57:54] [INFO] testing connection to the target url > sqlmap identified the following injection points with a total of 0 HTTP(s) > requests: > --- > Place: POST > Parameter: SSLVPNUser.UserName > Type: boolean-based blind > Title: OR boolean-based blind - WHERE or HAVING clause > Payload: thispage=[redacted]&SSLVPNUser.UserName=-8559' OR (8414=8414) > AND > 'NdYt'='NdYt&SSLVPNUser.Password=[redacted]&button.login.routerStatus=Log > In&Login.userAgent=Mozilla/5.0 (X11%3B Ubuntu%3B Linux x86_64%3B rv:19.0) > Gecko/20100101 Firefox/19.0 > --- > [11:57:55] [INFO] the back-end DBMS is SQLite > [11:57:55] [INFO] fetching banner > [11:57:56] [INFO] resumed: 3.3.17 > back-end DBMS: SQLite > banner: '3.3.17' > [11:57:56] [INFO] fetching columns for table 'dbUpdateRegisterTbl' in > database 'SQLite_masterdb' > [11:57:56] [WARNING] running in a single-thread mode. Please consider > usage of option '--threads' for faster data retrieval > [11:57:56] [INFO] retrieved: CREATE TABLE dbUpdateRegisterTbl ' > compName text NOT NULL, stopIfError integer NOT NULL, waitForMe > integer NOT NULL, tableName text NOT NULL, rowIndex integer, > onUpdate integer NOT NULL, onAdd integer NOT NULL, onDelete > integer NOT NULL ) > Database: SQLite_masterdb > Table: dbUpdateRegisterTbl > [0 columns] > +--------+ > | Column | > +--------+ > +--------+ > > [12:35:19] [INFO] fetched data logged to text files under '[redacted]' > > > **************************************************************************** > > The same happens with every table in the DB. > > Is this some bug in sqlmap or something exceptional with the DB. > > > ------------------------------------------------------------------------------ > Own the Future-Intel® Level Up Game Demo Contest 2013 > Rise to greatness in Intel's independent game demo contest. > Compete for recognition, cash, and the chance to get your game > on Steam. $5K grand prize plus 10 genre and skill prizes. > Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Gerardo I. G. <igl...@gm...> - 2013-04-01 17:58:05
|
When trying to enumerate columns names from a table (-T tablename
--columns) sqlmap successfully retrieves the schema from sqlite_master,
however it fails on identifying the columns names. I get the next output:
****************************************************************************
[11:57:54] [INFO] resuming back-end DBMS 'sqlite'
[11:57:54] [INFO] testing connection to the target url
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: POST
Parameter: SSLVPNUser.UserName
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause
Payload: thispage=[redacted]&SSLVPNUser.UserName=-8559' OR (8414=8414)
AND
'NdYt'='NdYt&SSLVPNUser.Password=[redacted]&button.login.routerStatus=Log
In&Login.userAgent=Mozilla/5.0 (X11%3B Ubuntu%3B Linux x86_64%3B rv:19.0)
Gecko/20100101 Firefox/19.0
---
[11:57:55] [INFO] the back-end DBMS is SQLite
[11:57:55] [INFO] fetching banner
[11:57:56] [INFO] resumed: 3.3.17
back-end DBMS: SQLite
banner: '3.3.17'
[11:57:56] [INFO] fetching columns for table 'dbUpdateRegisterTbl' in
database 'SQLite_masterdb'
[11:57:56] [WARNING] running in a single-thread mode. Please consider usage
of option '--threads' for faster data retrieval
[11:57:56] [INFO] retrieved: CREATE TABLE dbUpdateRegisterTbl '
compName text NOT NULL, stopIfError integer NOT NULL, waitForMe
integer NOT NULL, tableName text NOT NULL, rowIndex integer,
onUpdate integer NOT NULL, onAdd integer NOT NULL, onDelete
integer NOT NULL )
Database: SQLite_masterdb
Table: dbUpdateRegisterTbl
[0 columns]
+--------+
| Column |
+--------+
+--------+
[12:35:19] [INFO] fetched data logged to text files under '[redacted]'
****************************************************************************
The same happens with every table in the DB.
Is this some bug in sqlmap or something exceptional with the DB.
|
|
From: Miroslav S. <mir...@gm...> - 2013-04-01 15:33:11
|
Hi. Thank you for your report and find it fixed now. Kind regards, Miroslav Stampar On Mon, Apr 1, 2013 at 12:29 AM, Happy User <rob...@gm...>wrote: > [02:27:07] [CRITICAL] unhandled exception in sqlmap/1.0-dev-a371f18, > retry your run with the latest development version from the G > itHub repository. If the exception persists, please send by e-mail to > 'sql...@li...' or open a new issue at > 'https://github.com/sqlmapproject/sqlmap/issues/new' with the following > text and any information required to reproduce the bug. Th > e developers will try to reproduce the bug, fix it accordingly and get > back to you. > sqlmap version: 1.0-dev-a371f18 > Python version: 2.7.3 > Operating system: nt > Command line: D:\Soft\sqlmap-dev\sqlmap.py -c c > > ********************************************************************************** > ********** ********** ********************************************* > --dump --stop 2 -p id --technique=B > Technique: BOOLEAN > Back-end DBMS: MySQL (fingerprinted) > Traceback (most recent call last): > File "D:\Soft\sqlmap-dev\sqlmap.py", line 87, in main > start() > File "D:\Soft\sqlmap-dev\lib\controller\controller.py", line 576, in > start > action() > File "D:\Soft\sqlmap-dev\lib\controller\action.py", line 127, in action > conf.dbmsHandler.dumpTable() > File "D:\Soft\sqlmap-dev\plugins\generic\entries.py", line 136, in > dumpTable > _ = agent.preprocessField(tbl, column) > File "D:\Soft\sqlmap-dev\lib\core\agent.py", line 479, in preprocessField > if conf.db in table: > TypeError: coercing to Unicode: need string or buffer, NoneType found > > > ------------------------------------------------------------------------------ > Own the Future-Intel(R) Level Up Game Demo Contest 2013 > Rise to greatness in Intel's independent game demo contest. Compete > for recognition, cash, and the chance to get your game on Steam. > $5K grand prize plus 10 genre and skill prizes. Submit your demo > by 6/6/13. http://altfarm.mediaplex.com/ad/ck/12124-176961-30367-2 > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
48 messages has been excluded from this view by a project administrator.
