sqlmap-users Mailing List for sqlmap (Page 42)
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users — sqlmap users mailing list
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
| 2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
| 2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
| 2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
| 2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
| 2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
| 2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
| 2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
| 2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Владимир М. <vil...@gm...> - 2013-02-13 09:45:54
|
Will --fresh-queries works only with data containing errors or it'll retrieve all data again? |
|
From: Miroslav S. <mir...@gm...> - 2013-02-13 09:43:10
|
hi
On Wed, Feb 13, 2013 at 9:31 AM, Владимир Мартьянов <vil...@gm...>wrote:
> Hello!
> Sometimes I have a problems: when I'm retrieving data I have errors in
> database/table/column name. Here is an example:
> [12:08:52] [INFO] retrieved: foo_cli
> [12:10:48] [ERROR] invalid character detected. retrying..
> [12:10:48] [WARNING] increasing time delay to 7 seconds
> ents
> [12:13:02] [ERROR] unable to properly validate last character value ('!')..
> !
> ...skipped...
> [12:17:48] [INFO] fetching columns for table 'foo_clients!' in database
> 'bar'
> [12:17:48] [INFO] retrieved: 0
> [12:17:56] [ERROR] unable to retrieve the number of columns for table
> 'foo_clients!' in database 'bar'
> [12:17:56] [WARNING] unable to retrieve column names for table
> '`foo_clients!`' in database 'bar'
>
> foo_clients! is a wrong name, I think, and it's the reason to not retrieve
> it's columns.
>
yes. this is common in time-based injections where network lags are
foobaring data
Maybe it'll be a good idea to add some command-line option to re-retrieve
> wrong data if it's possible? Or maybe there is some way to do it in current
> version?
>
you can always use --fresh-queries in following runs (when you don't want
to reuse data from session file)
bye
>
>
> ------------------------------------------------------------------------------
> Free Next-Gen Firewall Hardware Offer
> Buy your Sophos next-gen firewall before the end March 2013
> and get the hardware for free! Learn more.
> http://p.sf.net/sfu/sophos-d2d-feb
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
|
|
From: Владимир М. <vil...@gm...> - 2013-02-13 08:31:30
|
Hello!
Sometimes I have a problems: when I'm retrieving data I have errors in
database/table/column name. Here is an example:
[12:08:52] [INFO] retrieved: foo_cli
[12:10:48] [ERROR] invalid character detected. retrying..
[12:10:48] [WARNING] increasing time delay to 7 seconds
ents
[12:13:02] [ERROR] unable to properly validate last character value ('!')..
!
...skipped...
[12:17:48] [INFO] fetching columns for table 'foo_clients!' in database
'bar'
[12:17:48] [INFO] retrieved: 0
[12:17:56] [ERROR] unable to retrieve the number of columns for table
'foo_clients!' in database 'bar'
[12:17:56] [WARNING] unable to retrieve column names for table
'`foo_clients!`' in database 'bar'
foo_clients! is a wrong name, I think, and it's the reason to not retrieve
it's columns.
Maybe it'll be a good idea to add some command-line option to re-retrieve
wrong data if it's possible? Or maybe there is some way to do it in current
version?
|
|
From: Miroslav S. <mir...@gm...> - 2013-02-12 16:02:46
|
Hi Boris. It should be fixed now with the latest commit [1]. Bye [1] https://github.com/sqlmapproject/sqlmap/commit/c34f6e25b26498579d518f1a8d2cfac199723743 On Tue, Feb 12, 2013 at 4:49 PM, Boris Chazalet <bor...@or...>wrote: > Replying to myself, that did the trick: > > python sqlmap.py -u > "http://myserver.com/api/my_object/create.xml?app_id=100&arg1=email&arg2=te...@gm..."<http://myserver.com/api/my_object/create.xml?app_id=100&arg1=email&arg2=te...@gm...>--eval='import urllib as ul;import base64;import > hashlib;api_sig=base64.b64encode(hashlib.md5("%s=%s%s=%s%s=%s%s" % > ("app_id", app_id, "arg1", ul.unquote_plus(arg1), "arg2", > ul.unquote_plus(arg2), "secretstuff")).digest())' --skip=app_id > --load-cookies=cookies.txt > > > On 12/02/13 15:15, Boris Chazalet wrote: > > Hi again, > > I am coming back to my signing issue. I run the following command in order > to run sqlmap and have my request signed (well, it's only a hash of some > params and a secret): > python sqlmap.py -u > "http://myserver.com/api/my_object/create.xml?app_id=100&arg1=email&arg2=te...@gm..."<http://myserver.com/api/my_object/create.xml?app_id=100&arg1=email&arg2=te...@gm...>--eval='import base64;import > hashlib;api_sig=base64.b64encode(hashlib.md5("%s=%s%s=%s%s=%s%s" % > ("app_id", app_id, "arg1", arg1, "arg2", arg2, "secretstuff")).digest())' > --skip=app_id > > I am running Wireshark to see the actual requests. First sqlmap checks if > the url is stable and that's fine (i.e. the signing works). Then it tries > to mess up with arg1 by replacing its value to 3448 or 1584 and that's fine > too. Then it tries to inject arg1=email%27%29%5B%5D%2C%27%5B%22%22%5B but > the signature is not correct anymore. > > The hashing done in the --eval part should be apply to values before it > gets URLEncoded and that's where I think my problem is. How could I get the > "raw" value of arg1, i.e. not URLEncoded. > > Thanks a lot again for your help. > Boris > > > On 25/01/13 17:31, Boris Chazalet wrote: > > Wow, thanks a lot Miroslav! > > So what's the rule, any variable created in the eval code is considered as > a HTTP parameter for the ongoing request? > > Regards, > Boris > > On 25/01/13 15:20, Miroslav Stampar wrote: > > Hi Boris. > > This would do: > > python sqlmap.py -u " > http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty<http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty&sig=3cd7a0db76ff9dca48979e24c39b408c>" > --eval='import hashlib;sig=hashlib.md5("%s:%s:%s:%s" % (name, phone, > password, "secretkey123")).hexdigest()' > > Kind regards, > Miroslav Stampar > > On Fri, Jan 25, 2013 at 3:13 PM, Boris Chazalet <bor...@or... > > wrote: > >> Well, an example of a valid request to the server looks something like >> this: >> >> http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty&sig=3cd7a0db76ff9dca48979e24c39b408c >> >> with name, phone, password being regular parameters and sig being the >> hash of the params value, or in other words: >> sig = md5(bob:phone:qwerty:secretkey) >> >> The server first checks the sig parameter and reject the request if it >> does not match its own calculation. >> >> I have a python script to compute the sig value using the secret key so I >> just would like to access any sqlmap request before it is actually send in >> order to append the sig parameter and its value, i.e. >> "&sig=3cd7a0db76ff9dca48979e24c39b408c". >> >> My question is whether that can be done with the --eval switch or if that >> requires me to go into the source code of sqlmap and add this functionality >> >> Thanks a lot for your help. >> Regards, >> Boris >> >> On 24/01/13 18:17, Miroslav Stampar wrote: >> >> Hi. >> >> Could you please give more information? >> >> Kind regards, >> Miroslav Stampar >> Dana 24.1.2013. 18:56 "Boris Chazalet" <bor...@or...> je >> napisao/la: >> >>> Hi, >>> >>> I need to sign the requests with a secret key before sending it to the >>> server for them to be accepted. More precisely, I need to hash the >>> different request parameters together with a secret key and to add that >>> hash as an extra parameter in the final URL. >>> >>> Is that something that can be done with the --eval switch or do I need >>> to modify the source code? >>> >>> Regards, >>> Boris >>> >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, >>> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current >>> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft >>> MVPs and experts. ON SALE this month only -- learn more at: >>> http://p.sf.net/sfu/learnnow-d2d >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >> >> >> >> ------------------------------------------------------------------------------ >> Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, >> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current >> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft >> MVPs and experts. ON SALE this month only -- learn more at: >> http://p.sf.net/sfu/learnnow-d2d >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more.http://p.sf.net/sfu/sophos-d2d-feb > > > > _______________________________________________ > sqlmap-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more. > http://p.sf.net/sfu/sophos-d2d-feb > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Boris C. <bor...@or...> - 2013-02-12 15:49:25
|
Replying to myself, that did the trick: python sqlmap.py -u "http://myserver.com/api/my_object/create.xml?app_id=100&arg1=email&arg2=te...@gm..." --eval='import urllib as ul;import base64;import hashlib;api_sig=base64.b64encode(hashlib.md5("%s=%s%s=%s%s=%s%s" % ("app_id", app_id, "arg1", ul.unquote_plus(arg1), "arg2", ul.unquote_plus(arg2), "secretstuff")).digest())' --skip=app_id --load-cookies=cookies.txt On 12/02/13 15:15, Boris Chazalet wrote: > Hi again, > > I am coming back to my signing issue. I run the following command in > order to run sqlmap and have my request signed (well, it's only a hash > of some params and a secret): > python sqlmap.py -u > "http://myserver.com/api/my_object/create.xml?app_id=100&arg1=email&arg2=te...@gm..." > --eval='import base64;import > hashlib;api_sig=base64.b64encode(hashlib.md5("%s=%s%s=%s%s=%s%s" % > ("app_id", app_id, "arg1", arg1, "arg2", arg2, > "secretstuff")).digest())' --skip=app_id > > I am running Wireshark to see the actual requests. First sqlmap checks > if the url is stable and that's fine (i.e. the signing works). Then it > tries to mess up with arg1 by replacing its value to 3448 or 1584 and > that's fine too. Then it tries to inject > arg1=email%27%29%5B%5D%2C%27%5B%22%22%5B but the signature is not > correct anymore. > > The hashing done in the --eval part should be apply to values before > it gets URLEncoded and that's where I think my problem is. How could I > get the "raw" value of arg1, i.e. not URLEncoded. > > Thanks a lot again for your help. > Boris > > > On 25/01/13 17:31, Boris Chazalet wrote: >> Wow, thanks a lot Miroslav! >> >> So what's the rule, any variable created in the eval code is >> considered as a HTTP parameter for the ongoing request? >> >> Regards, >> Boris >> >> On 25/01/13 15:20, Miroslav Stampar wrote: >>> Hi Boris. >>> >>> This would do: >>> >>> python sqlmap.py -u >>> "http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty >>> <http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty&sig=3cd7a0db76ff9dca48979e24c39b408c>" >>> --eval='import hashlib;sig=hashlib.md5("%s:%s:%s:%s" % (name, phone, >>> password, "secretkey123")).hexdigest()' >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> On Fri, Jan 25, 2013 at 3:13 PM, Boris Chazalet >>> <bor...@or... <mailto:bor...@or...>> wrote: >>> >>> Well, an example of a valid request to the server looks >>> something like this: >>> http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty&sig=3cd7a0db76ff9dca48979e24c39b408c >>> >>> with name, phone, password being regular parameters and sig >>> being the hash of the params value, or in other words: >>> sig = md5(bob:phone:qwerty:secretkey) >>> >>> The server first checks the sig parameter and reject the request >>> if it does not match its own calculation. >>> >>> I have a python script to compute the sig value using the secret >>> key so I just would like to access any sqlmap request before it >>> is actually send in order to append the sig parameter and its >>> value, i.e. "&sig=3cd7a0db76ff9dca48979e24c39b408c". >>> >>> My question is whether that can be done with the --eval switch >>> or if that requires me to go into the source code of sqlmap and >>> add this functionality >>> >>> Thanks a lot for your help. >>> Regards, >>> Boris >>> >>> On 24/01/13 18:17, Miroslav Stampar wrote: >>>> >>>> Hi. >>>> >>>> Could you please give more information? >>>> >>>> Kind regards, >>>> Miroslav Stampar >>>> >>>> Dana 24.1.2013. 18:56 "Boris Chazalet" >>>> <bor...@or... <mailto:bor...@or...>> >>>> je napisao/la: >>>> >>>> Hi, >>>> >>>> I need to sign the requests with a secret key before >>>> sending it to the >>>> server for them to be accepted. More precisely, I need to >>>> hash the >>>> different request parameters together with a secret key and >>>> to add that >>>> hash as an extra parameter in the final URL. >>>> >>>> Is that something that can be done with the --eval switch >>>> or do I need >>>> to modify the source code? >>>> >>>> Regards, >>>> Boris >>>> >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Master Visual Studio, SharePoint, SQL, ASP.NET >>>> <http://ASP.NET>, C# 2012, HTML5, CSS, >>>> MVC, Windows 8 Apps, JavaScript and much more. Keep your >>>> skills current >>>> with LearnDevNow - 3,200 step-by-step video tutorials by >>>> Microsoft >>>> MVPs and experts. ON SALE this month only -- learn more at: >>>> http://p.sf.net/sfu/learnnow-d2d >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> <mailto:sql...@li...> >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>> >>> >>> ------------------------------------------------------------------------------ >>> Master Visual Studio, SharePoint, SQL, ASP.NET <http://ASP.NET>, >>> C# 2012, HTML5, CSS, >>> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills >>> current >>> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft >>> MVPs and experts. ON SALE this month only -- learn more at: >>> http://p.sf.net/sfu/learnnow-d2d >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> <mailto:sql...@li...> >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >> > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more. > http://p.sf.net/sfu/sophos-d2d-feb > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Boris C. <bor...@or...> - 2013-02-12 15:17:56
|
Thanks, I have tested and everything (load-cookies, expired warning and symbolik link) works fine for me now. Boris On 12/02/13 14:49, Miroslav Stampar wrote: > Fixed with last commit [1]. > > Bye > > [1] > https://github.com/sqlmapproject/sqlmap/commit/cf6c3a84b52f73de44109af575bc34d3c4004845 > > On Tue, Feb 12, 2013 at 3:36 PM, Boris Chazalet > <bor...@or... <mailto:bor...@or...>> wrote: > > Not a big deal, but I used to a symbolic link pointing to > sqlmap.py, but that does not work anymore. I get this: > [14:34:21] [CRITICAL] unable to read file 'txt/keywords.txt' > > I can still run it from the sqlmap directory though. > Boris > > > On 12/02/13 14:20, Boris Chazalet wrote: >> Thanks a lot Miroslav, I am always impressed with your reactivity. >> >> I am going to pull and test again. >> Boris >> >> On 12/02/13 13:31, Miroslav Stampar wrote: >>> Update: >>> >>> With the latest commit [1] you should be warned about the >>> expired cookies. >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> [1] >>> https://github.com/sqlmapproject/sqlmap/commit/212e92ea0187f9b990c4cc0d4cbb9ac7b5b1739c >>> >>> On Tue, Feb 12, 2013 at 12:59 PM, Miroslav Stampar >>> <mir...@gm... <mailto:mir...@gm...>> >>> wrote: >>> >>> p.s. you can use for example: >>> mytestserver.com <http://mytestserver.com> FALSE /test >>> FALSE *1000000000000000000* JSESSIONID >>> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >>> >>> >>> On Tue, Feb 12, 2013 at 12:45 PM, Miroslav Stampar >>> <mir...@gm... >>> <mailto:mir...@gm...>> wrote: >>> >>> Hi. >>> >>> With the last commit [1] "format" should be less strict >>> (your original content should be valid). >>> >>> Also, please read through [2] to see the content of >>> those fields inside. I would say that in your case >>> cookies "expired". >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> [1] >>> https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b >>> [2] http://www.cookiecentral.com/faq/#3.5 >>> >>> >>> On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet >>> <bor...@or... >>> <mailto:bor...@or...>> wrote: >>> >>> Hi Miroslav, >>> >>> I have edited the file manually and sqlmap does not >>> complain anymore. However it does *not* seem to use >>> the cookie present in the file. Is there another >>> option I should use to actually use the cookies once >>> loaded? >>> >>> Alternatively, it does work if I don't use >>> --load-cookies but only --cookie >>> JSESSIONID=WHATEVERSESSIONID >>> >>> Thanks! >>> Boris >>> >>> >>> >>> On 12/02/13 11:19, Miroslav Stampar wrote: >>>> Hi. >>>> >>>> First line needs to start with "# Netscape HTTP >>>> Cookie File.". Also, each value inside entries need >>>> to be splitted with \t (TAB) <- not spaces. Find >>>> attached a valid example. >>>> >>>> We are here depending on low-level python module >>>> (cookielib) parsing it automatically. Nevertheless, >>>> I can see now that it's too constrained in this >>>> manner. Will do some "adaptations" and let you know. >>>> >>>> Kind regards, >>>> Miroslav Stampar >>>> >>>> On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet >>>> <bor...@or... >>>> <mailto:bor...@or...>> wrote: >>>> >>>> Hi everyone, >>>> >>>> I am trying to use the --load-cookies option on >>>> sqlmap. I have saved session cookies using wget >>>> and I am trying to load them in sqlmap with the >>>> following command: >>>> >>>> /python sqlmap.py -u "http://mytestserver.com" >>>> <http://mytestserver.com> >>>> --load-cookies=cookies.txt/ >>>> >>>> but I get an error message: >>>> >>>> /[11:00:32] [CRITICAL] there was a problem >>>> loading cookies file ('u'cookies.txt' does not >>>> look like a Netscape format cookies file')/ >>>> >>>> So my question is, what is supposed to be the >>>> accepted format for loading a cookie file into >>>> sqlmap? >>>> >>>> Regards, >>>> Boris >>>> >>>> cookies.txt: >>>> # HTTP cookie file. >>>> # Generated by Wget on 2013-02-12 10:58:35. >>>> # Edit at your own risk. >>>> >>>> mytestserver.com <http://mytestserver.com> >>>> FALSE /test FALSE 0 JSESSIONID >>>> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >>>> >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Free Next-Gen Firewall Hardware Offer >>>> Buy your Sophos next-gen firewall before the >>>> end March 2013 >>>> and get the hardware for free! Learn more. >>>> http://p.sf.net/sfu/sophos-d2d-feb >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> <mailto:sql...@li...> >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>>> >>>> >>>> >>>> -- >>>> Miroslav Stampar >>>> http://about.me/stamparm >>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >> >> >> >> ------------------------------------------------------------------------------ >> Free Next-Gen Firewall Hardware Offer >> Buy your Sophos next-gen firewall before the end March 2013 >> and get the hardware for free! Learn more. >> http://p.sf.net/sfu/sophos-d2d-feb >> >> >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Boris C. <bor...@or...> - 2013-02-12 15:16:07
|
Hi again, I am coming back to my signing issue. I run the following command in order to run sqlmap and have my request signed (well, it's only a hash of some params and a secret): python sqlmap.py -u "http://myserver.com/api/my_object/create.xml?app_id=100&arg1=email&arg2=te...@gm..." --eval='import base64;import hashlib;api_sig=base64.b64encode(hashlib.md5("%s=%s%s=%s%s=%s%s" % ("app_id", app_id, "arg1", arg1, "arg2", arg2, "secretstuff")).digest())' --skip=app_id I am running Wireshark to see the actual requests. First sqlmap checks if the url is stable and that's fine (i.e. the signing works). Then it tries to mess up with arg1 by replacing its value to 3448 or 1584 and that's fine too. Then it tries to inject arg1=email%27%29%5B%5D%2C%27%5B%22%22%5B but the signature is not correct anymore. The hashing done in the --eval part should be apply to values before it gets URLEncoded and that's where I think my problem is. How could I get the "raw" value of arg1, i.e. not URLEncoded. Thanks a lot again for your help. Boris On 25/01/13 17:31, Boris Chazalet wrote: > Wow, thanks a lot Miroslav! > > So what's the rule, any variable created in the eval code is > considered as a HTTP parameter for the ongoing request? > > Regards, > Boris > > On 25/01/13 15:20, Miroslav Stampar wrote: >> Hi Boris. >> >> This would do: >> >> python sqlmap.py -u >> "http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty >> <http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty&sig=3cd7a0db76ff9dca48979e24c39b408c>" >> --eval='import hashlib;sig=hashlib.md5("%s:%s:%s:%s" % (name, phone, >> password, "secretkey123")).hexdigest()' >> >> Kind regards, >> Miroslav Stampar >> >> On Fri, Jan 25, 2013 at 3:13 PM, Boris Chazalet >> <bor...@or... <mailto:bor...@or...>> wrote: >> >> Well, an example of a valid request to the server looks something >> like this: >> http://myserver.com/createUser.xml?name=Bob&phone=0789123456&password=qwerty&sig=3cd7a0db76ff9dca48979e24c39b408c >> >> with name, phone, password being regular parameters and sig being >> the hash of the params value, or in other words: >> sig = md5(bob:phone:qwerty:secretkey) >> >> The server first checks the sig parameter and reject the request >> if it does not match its own calculation. >> >> I have a python script to compute the sig value using the secret >> key so I just would like to access any sqlmap request before it >> is actually send in order to append the sig parameter and its >> value, i.e. "&sig=3cd7a0db76ff9dca48979e24c39b408c". >> >> My question is whether that can be done with the --eval switch or >> if that requires me to go into the source code of sqlmap and add >> this functionality >> >> Thanks a lot for your help. >> Regards, >> Boris >> >> On 24/01/13 18:17, Miroslav Stampar wrote: >>> >>> Hi. >>> >>> Could you please give more information? >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> Dana 24.1.2013. 18:56 "Boris Chazalet" >>> <bor...@or... <mailto:bor...@or...>> >>> je napisao/la: >>> >>> Hi, >>> >>> I need to sign the requests with a secret key before sending >>> it to the >>> server for them to be accepted. More precisely, I need to >>> hash the >>> different request parameters together with a secret key and >>> to add that >>> hash as an extra parameter in the final URL. >>> >>> Is that something that can be done with the --eval switch or >>> do I need >>> to modify the source code? >>> >>> Regards, >>> Boris >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> Master Visual Studio, SharePoint, SQL, ASP.NET >>> <http://ASP.NET>, C# 2012, HTML5, CSS, >>> MVC, Windows 8 Apps, JavaScript and much more. Keep your >>> skills current >>> with LearnDevNow - 3,200 step-by-step video tutorials by >>> Microsoft >>> MVPs and experts. ON SALE this month only -- learn more at: >>> http://p.sf.net/sfu/learnnow-d2d >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> <mailto:sql...@li...> >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >> >> >> ------------------------------------------------------------------------------ >> Master Visual Studio, SharePoint, SQL, ASP.NET <http://ASP.NET>, >> C# 2012, HTML5, CSS, >> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills >> current >> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft >> MVPs and experts. ON SALE this month only -- learn more at: >> http://p.sf.net/sfu/learnnow-d2d >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm > |
|
From: Miroslav S. <mir...@gm...> - 2013-02-12 14:49:56
|
Fixed with last commit [1]. Bye [1] https://github.com/sqlmapproject/sqlmap/commit/cf6c3a84b52f73de44109af575bc34d3c4004845 On Tue, Feb 12, 2013 at 3:36 PM, Boris Chazalet <bor...@or...>wrote: > Not a big deal, but I used to a symbolic link pointing to sqlmap.py, but > that does not work anymore. I get this: > [14:34:21] [CRITICAL] unable to read file 'txt/keywords.txt' > > I can still run it from the sqlmap directory though. > Boris > > > On 12/02/13 14:20, Boris Chazalet wrote: > > Thanks a lot Miroslav, I am always impressed with your reactivity. > > I am going to pull and test again. > Boris > > On 12/02/13 13:31, Miroslav Stampar wrote: > > Update: > > With the latest commit [1] you should be warned about the expired > cookies. > > Kind regards, > Miroslav Stampar > > [1] > https://github.com/sqlmapproject/sqlmap/commit/212e92ea0187f9b990c4cc0d4cbb9ac7b5b1739c > > On Tue, Feb 12, 2013 at 12:59 PM, Miroslav Stampar < > mir...@gm...> wrote: > >> p.s. you can use for example: >> mytestserver.com FALSE /test FALSE *1000000000000000000* >> JSESSIONID 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >> >> >> On Tue, Feb 12, 2013 at 12:45 PM, Miroslav Stampar < >> mir...@gm...> wrote: >> >>> Hi. >>> >>> With the last commit [1] "format" should be less strict (your original >>> content should be valid). >>> >>> Also, please read through [2] to see the content of those fields >>> inside. I would say that in your case cookies "expired". >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> [1] >>> https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b >>> [2] http://www.cookiecentral.com/faq/#3.5 >>> >>> >>> On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet < >>> bor...@or...> wrote: >>> >>>> Hi Miroslav, >>>> >>>> I have edited the file manually and sqlmap does not complain anymore. >>>> However it does *not* seem to use the cookie present in the file. Is >>>> there another option I should use to actually use the cookies once loaded? >>>> >>>> Alternatively, it does work if I don't use --load-cookies but only >>>> --cookie JSESSIONID=WHATEVERSESSIONID >>>> >>>> Thanks! >>>> Boris >>>> >>>> >>>> >>>> On 12/02/13 11:19, Miroslav Stampar wrote: >>>> >>>> Hi. >>>> >>>> First line needs to start with "# Netscape HTTP Cookie File.". Also, >>>> each value inside entries need to be splitted with \t (TAB) <- not spaces. >>>> Find attached a valid example. >>>> >>>> We are here depending on low-level python module (cookielib) parsing >>>> it automatically. Nevertheless, I can see now that it's too constrained in >>>> this manner. Will do some "adaptations" and let you know. >>>> >>>> Kind regards, >>>> Miroslav Stampar >>>> >>>> On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet < >>>> bor...@or...> wrote: >>>> >>>>> Hi everyone, >>>>> >>>>> I am trying to use the --load-cookies option on sqlmap. I have saved >>>>> session cookies using wget and I am trying to load them in sqlmap with the >>>>> following command: >>>>> >>>>> *python sqlmap.py -u "http://mytestserver.com"<http://mytestserver.com>--load-cookies=cookies.txt >>>>> * >>>>> >>>>> but I get an error message: >>>>> >>>>> *[11:00:32] [CRITICAL] there was a problem loading cookies file >>>>> ('u'cookies.txt' does not look like a Netscape format cookies file')* >>>>> >>>>> So my question is, what is supposed to be the accepted format for >>>>> loading a cookie file into sqlmap? >>>>> >>>>> Regards, >>>>> Boris >>>>> >>>>> cookies.txt: >>>>> # HTTP cookie file. >>>>> # Generated by Wget on 2013-02-12 10:58:35. >>>>> # Edit at your own risk. >>>>> >>>>> mytestserver.com FALSE /test FALSE 0 JSESSIONID >>>>> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >>>>> >>>>> >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Free Next-Gen Firewall Hardware Offer >>>>> Buy your Sophos next-gen firewall before the end March 2013 >>>>> and get the hardware for free! Learn more. >>>>> http://p.sf.net/sfu/sophos-d2d-feb >>>>> _______________________________________________ >>>>> sqlmap-users mailing list >>>>> sql...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>> >>>>> >>>> >>>> >>>> -- >>>> Miroslav Stampar >>>> http://about.me/stamparm >>>> >>>> >>>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >>> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more.http://p.sf.net/sfu/sophos-d2d-feb > > > > _______________________________________________ > sqlmap-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Boris C. <bor...@or...> - 2013-02-12 14:36:57
|
Not a big deal, but I used to a symbolic link pointing to sqlmap.py, but that does not work anymore. I get this: [14:34:21] [CRITICAL] unable to read file 'txt/keywords.txt' I can still run it from the sqlmap directory though. Boris On 12/02/13 14:20, Boris Chazalet wrote: > Thanks a lot Miroslav, I am always impressed with your reactivity. > > I am going to pull and test again. > Boris > > On 12/02/13 13:31, Miroslav Stampar wrote: >> Update: >> >> With the latest commit [1] you should be warned about the expired >> cookies. >> >> Kind regards, >> Miroslav Stampar >> >> [1] >> https://github.com/sqlmapproject/sqlmap/commit/212e92ea0187f9b990c4cc0d4cbb9ac7b5b1739c >> >> On Tue, Feb 12, 2013 at 12:59 PM, Miroslav Stampar >> <mir...@gm... <mailto:mir...@gm...>> wrote: >> >> p.s. you can use for example: >> mytestserver.com <http://mytestserver.com> FALSE /test >> FALSE *1000000000000000000* JSESSIONID >> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >> >> >> On Tue, Feb 12, 2013 at 12:45 PM, Miroslav Stampar >> <mir...@gm... <mailto:mir...@gm...>> >> wrote: >> >> Hi. >> >> With the last commit [1] "format" should be less strict (your >> original content should be valid). >> >> Also, please read through [2] to see the content of those >> fields inside. I would say that in your case cookies "expired". >> >> Kind regards, >> Miroslav Stampar >> >> [1] >> https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b >> [2] http://www.cookiecentral.com/faq/#3.5 >> >> >> On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet >> <bor...@or... >> <mailto:bor...@or...>> wrote: >> >> Hi Miroslav, >> >> I have edited the file manually and sqlmap does not >> complain anymore. However it does *not* seem to use the >> cookie present in the file. Is there another option I >> should use to actually use the cookies once loaded? >> >> Alternatively, it does work if I don't use --load-cookies >> but only --cookie JSESSIONID=WHATEVERSESSIONID >> >> Thanks! >> Boris >> >> >> >> On 12/02/13 11:19, Miroslav Stampar wrote: >>> Hi. >>> >>> First line needs to start with "# Netscape HTTP Cookie >>> File.". Also, each value inside entries need to be >>> splitted with \t (TAB) <- not spaces. Find attached a >>> valid example. >>> >>> We are here depending on low-level python module >>> (cookielib) parsing it automatically. Nevertheless, I >>> can see now that it's too constrained in this manner. >>> Will do some "adaptations" and let you know. >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet >>> <bor...@or... >>> <mailto:bor...@or...>> wrote: >>> >>> Hi everyone, >>> >>> I am trying to use the --load-cookies option on >>> sqlmap. I have saved session cookies using wget and >>> I am trying to load them in sqlmap with the >>> following command: >>> >>> /python sqlmap.py -u "http://mytestserver.com" >>> <http://mytestserver.com> --load-cookies=cookies.txt/ >>> >>> but I get an error message: >>> >>> /[11:00:32] [CRITICAL] there was a problem loading >>> cookies file ('u'cookies.txt' does not look like a >>> Netscape format cookies file')/ >>> >>> So my question is, what is supposed to be the >>> accepted format for loading a cookie file into sqlmap? >>> >>> Regards, >>> Boris >>> >>> cookies.txt: >>> # HTTP cookie file. >>> # Generated by Wget on 2013-02-12 10:58:35. >>> # Edit at your own risk. >>> >>> mytestserver.com <http://mytestserver.com> FALSE >>> /test FALSE 0 JSESSIONID >>> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> Free Next-Gen Firewall Hardware Offer >>> Buy your Sophos next-gen firewall before the end >>> March 2013 >>> and get the hardware for free! Learn more. >>> http://p.sf.net/sfu/sophos-d2d-feb >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> <mailto:sql...@li...> >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more. > http://p.sf.net/sfu/sophos-d2d-feb > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Boris C. <bor...@or...> - 2013-02-12 14:20:56
|
Thanks a lot Miroslav, I am always impressed with your reactivity. I am going to pull and test again. Boris On 12/02/13 13:31, Miroslav Stampar wrote: > Update: > > With the latest commit [1] you should be warned about the expired cookies. > > Kind regards, > Miroslav Stampar > > [1] > https://github.com/sqlmapproject/sqlmap/commit/212e92ea0187f9b990c4cc0d4cbb9ac7b5b1739c > > On Tue, Feb 12, 2013 at 12:59 PM, Miroslav Stampar > <mir...@gm... <mailto:mir...@gm...>> wrote: > > p.s. you can use for example: > mytestserver.com <http://mytestserver.com> FALSE /test > FALSE *1000000000000000000* JSESSIONID > 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv > > > On Tue, Feb 12, 2013 at 12:45 PM, Miroslav Stampar > <mir...@gm... <mailto:mir...@gm...>> > wrote: > > Hi. > > With the last commit [1] "format" should be less strict (your > original content should be valid). > > Also, please read through [2] to see the content of those > fields inside. I would say that in your case cookies "expired". > > Kind regards, > Miroslav Stampar > > [1] > https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b > [2] http://www.cookiecentral.com/faq/#3.5 > > > On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet > <bor...@or... <mailto:bor...@or...>> > wrote: > > Hi Miroslav, > > I have edited the file manually and sqlmap does not > complain anymore. However it does *not* seem to use the > cookie present in the file. Is there another option I > should use to actually use the cookies once loaded? > > Alternatively, it does work if I don't use --load-cookies > but only --cookie JSESSIONID=WHATEVERSESSIONID > > Thanks! > Boris > > > > On 12/02/13 11:19, Miroslav Stampar wrote: >> Hi. >> >> First line needs to start with "# Netscape HTTP Cookie >> File.". Also, each value inside entries need to be >> splitted with \t (TAB) <- not spaces. Find attached a >> valid example. >> >> We are here depending on low-level python module >> (cookielib) parsing it automatically. Nevertheless, I can >> see now that it's too constrained in this manner. Will do >> some "adaptations" and let you know. >> >> Kind regards, >> Miroslav Stampar >> >> On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet >> <bor...@or... >> <mailto:bor...@or...>> wrote: >> >> Hi everyone, >> >> I am trying to use the --load-cookies option on >> sqlmap. I have saved session cookies using wget and I >> am trying to load them in sqlmap with the following >> command: >> >> /python sqlmap.py -u "http://mytestserver.com" >> <http://mytestserver.com> --load-cookies=cookies.txt/ >> >> but I get an error message: >> >> /[11:00:32] [CRITICAL] there was a problem loading >> cookies file ('u'cookies.txt' does not look like a >> Netscape format cookies file')/ >> >> So my question is, what is supposed to be the >> accepted format for loading a cookie file into sqlmap? >> >> Regards, >> Boris >> >> cookies.txt: >> # HTTP cookie file. >> # Generated by Wget on 2013-02-12 10:58:35. >> # Edit at your own risk. >> >> mytestserver.com <http://mytestserver.com> FALSE >> /test FALSE 0 JSESSIONID >> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >> >> >> >> ------------------------------------------------------------------------------ >> Free Next-Gen Firewall Hardware Offer >> Buy your Sophos next-gen firewall before the end >> March 2013 >> and get the hardware for free! Learn more. >> http://p.sf.net/sfu/sophos-d2d-feb >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-02-12 13:31:58
|
Update: With the latest commit [1] you should be warned about the expired cookies. Kind regards, Miroslav Stampar [1] https://github.com/sqlmapproject/sqlmap/commit/212e92ea0187f9b990c4cc0d4cbb9ac7b5b1739c On Tue, Feb 12, 2013 at 12:59 PM, Miroslav Stampar < mir...@gm...> wrote: > p.s. you can use for example: > mytestserver.com FALSE /test FALSE *1000000000000000000* > JSESSIONID 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv > > > On Tue, Feb 12, 2013 at 12:45 PM, Miroslav Stampar < > mir...@gm...> wrote: > >> Hi. >> >> With the last commit [1] "format" should be less strict (your original >> content should be valid). >> >> Also, please read through [2] to see the content of those fields inside. >> I would say that in your case cookies "expired". >> >> Kind regards, >> Miroslav Stampar >> >> [1] >> https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b >> [2] http://www.cookiecentral.com/faq/#3.5 >> >> >> On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet < >> bor...@or...> wrote: >> >>> Hi Miroslav, >>> >>> I have edited the file manually and sqlmap does not complain anymore. >>> However it does *not* seem to use the cookie present in the file. Is >>> there another option I should use to actually use the cookies once loaded? >>> >>> Alternatively, it does work if I don't use --load-cookies but only >>> --cookie JSESSIONID=WHATEVERSESSIONID >>> >>> Thanks! >>> Boris >>> >>> >>> >>> On 12/02/13 11:19, Miroslav Stampar wrote: >>> >>> Hi. >>> >>> First line needs to start with "# Netscape HTTP Cookie File.". Also, >>> each value inside entries need to be splitted with \t (TAB) <- not spaces. >>> Find attached a valid example. >>> >>> We are here depending on low-level python module (cookielib) parsing >>> it automatically. Nevertheless, I can see now that it's too constrained in >>> this manner. Will do some "adaptations" and let you know. >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet < >>> bor...@or...> wrote: >>> >>>> Hi everyone, >>>> >>>> I am trying to use the --load-cookies option on sqlmap. I have saved >>>> session cookies using wget and I am trying to load them in sqlmap with the >>>> following command: >>>> >>>> *python sqlmap.py -u "http://mytestserver.com"<http://mytestserver.com>--load-cookies=cookies.txt >>>> * >>>> >>>> but I get an error message: >>>> >>>> *[11:00:32] [CRITICAL] there was a problem loading cookies file >>>> ('u'cookies.txt' does not look like a Netscape format cookies file')* >>>> >>>> So my question is, what is supposed to be the accepted format for >>>> loading a cookie file into sqlmap? >>>> >>>> Regards, >>>> Boris >>>> >>>> cookies.txt: >>>> # HTTP cookie file. >>>> # Generated by Wget on 2013-02-12 10:58:35. >>>> # Edit at your own risk. >>>> >>>> mytestserver.com FALSE /test FALSE 0 JSESSIONID >>>> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >>>> >>>> >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Free Next-Gen Firewall Hardware Offer >>>> Buy your Sophos next-gen firewall before the end March 2013 >>>> and get the hardware for free! Learn more. >>>> http://p.sf.net/sfu/sophos-d2d-feb >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >>> >>> >>> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> > > > > -- > Miroslav Stampar > http://about.me/stamparm > -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-02-12 11:59:54
|
p.s. you can use for example: mytestserver.com FALSE /test FALSE *1000000000000000000* JSESSIONID 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv On Tue, Feb 12, 2013 at 12:45 PM, Miroslav Stampar < mir...@gm...> wrote: > Hi. > > With the last commit [1] "format" should be less strict (your original > content should be valid). > > Also, please read through [2] to see the content of those fields inside. I > would say that in your case cookies "expired". > > Kind regards, > Miroslav Stampar > > [1] > https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b > [2] http://www.cookiecentral.com/faq/#3.5 > > > On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet < > bor...@or...> wrote: > >> Hi Miroslav, >> >> I have edited the file manually and sqlmap does not complain anymore. >> However it does *not* seem to use the cookie present in the file. Is >> there another option I should use to actually use the cookies once loaded? >> >> Alternatively, it does work if I don't use --load-cookies but only >> --cookie JSESSIONID=WHATEVERSESSIONID >> >> Thanks! >> Boris >> >> >> >> On 12/02/13 11:19, Miroslav Stampar wrote: >> >> Hi. >> >> First line needs to start with "# Netscape HTTP Cookie File.". Also, >> each value inside entries need to be splitted with \t (TAB) <- not spaces. >> Find attached a valid example. >> >> We are here depending on low-level python module (cookielib) parsing it >> automatically. Nevertheless, I can see now that it's too constrained in >> this manner. Will do some "adaptations" and let you know. >> >> Kind regards, >> Miroslav Stampar >> >> On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet < >> bor...@or...> wrote: >> >>> Hi everyone, >>> >>> I am trying to use the --load-cookies option on sqlmap. I have saved >>> session cookies using wget and I am trying to load them in sqlmap with the >>> following command: >>> >>> *python sqlmap.py -u "http://mytestserver.com" <http://mytestserver.com>--load-cookies=cookies.txt >>> * >>> >>> but I get an error message: >>> >>> *[11:00:32] [CRITICAL] there was a problem loading cookies file >>> ('u'cookies.txt' does not look like a Netscape format cookies file')* >>> >>> So my question is, what is supposed to be the accepted format for >>> loading a cookie file into sqlmap? >>> >>> Regards, >>> Boris >>> >>> cookies.txt: >>> # HTTP cookie file. >>> # Generated by Wget on 2013-02-12 10:58:35. >>> # Edit at your own risk. >>> >>> mytestserver.com FALSE /test FALSE 0 JSESSIONID >>> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >>> >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> Free Next-Gen Firewall Hardware Offer >>> Buy your Sophos next-gen firewall before the end March 2013 >>> and get the hardware for free! Learn more. >>> http://p.sf.net/sfu/sophos-d2d-feb >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-02-12 11:45:20
|
Hi. With the last commit [1] "format" should be less strict (your original content should be valid). Also, please read through [2] to see the content of those fields inside. I would say that in your case cookies "expired". Kind regards, Miroslav Stampar [1] https://github.com/sqlmapproject/sqlmap/commit/72984a578df61f4913c8026c3d9315ea34e4bc1b [2] http://www.cookiecentral.com/faq/#3.5 On Tue, Feb 12, 2013 at 12:33 PM, Boris Chazalet <bor...@or...>wrote: > Hi Miroslav, > > I have edited the file manually and sqlmap does not complain anymore. > However it does *not* seem to use the cookie present in the file. Is > there another option I should use to actually use the cookies once loaded? > > Alternatively, it does work if I don't use --load-cookies but only > --cookie JSESSIONID=WHATEVERSESSIONID > > Thanks! > Boris > > > > On 12/02/13 11:19, Miroslav Stampar wrote: > > Hi. > > First line needs to start with "# Netscape HTTP Cookie File.". Also, > each value inside entries need to be splitted with \t (TAB) <- not spaces. > Find attached a valid example. > > We are here depending on low-level python module (cookielib) parsing it > automatically. Nevertheless, I can see now that it's too constrained in > this manner. Will do some "adaptations" and let you know. > > Kind regards, > Miroslav Stampar > > On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet < > bor...@or...> wrote: > >> Hi everyone, >> >> I am trying to use the --load-cookies option on sqlmap. I have saved >> session cookies using wget and I am trying to load them in sqlmap with the >> following command: >> >> *python sqlmap.py -u "http://mytestserver.com" <http://mytestserver.com>--load-cookies=cookies.txt >> * >> >> but I get an error message: >> >> *[11:00:32] [CRITICAL] there was a problem loading cookies file >> ('u'cookies.txt' does not look like a Netscape format cookies file')* >> >> So my question is, what is supposed to be the accepted format for loading >> a cookie file into sqlmap? >> >> Regards, >> Boris >> >> cookies.txt: >> # HTTP cookie file. >> # Generated by Wget on 2013-02-12 10:58:35. >> # Edit at your own risk. >> >> mytestserver.com FALSE /test FALSE 0 JSESSIONID >> 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv >> >> >> >> >> ------------------------------------------------------------------------------ >> Free Next-Gen Firewall Hardware Offer >> Buy your Sophos next-gen firewall before the end March 2013 >> and get the hardware for free! Learn more. >> http://p.sf.net/sfu/sophos-d2d-feb >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Boris C. <bor...@or...> - 2013-02-12 11:33:56
|
Hi Miroslav, I have edited the file manually and sqlmap does not complain anymore. However it does *not* seem to use the cookie present in the file. Is there another option I should use to actually use the cookies once loaded? Alternatively, it does work if I don't use --load-cookies but only --cookie JSESSIONID=WHATEVERSESSIONID Thanks! Boris On 12/02/13 11:19, Miroslav Stampar wrote: > Hi. > > First line needs to start with "# Netscape HTTP Cookie File.". Also, > each value inside entries need to be splitted with \t (TAB) <- not > spaces. Find attached a valid example. > > We are here depending on low-level python module (cookielib) parsing > it automatically. Nevertheless, I can see now that it's too > constrained in this manner. Will do some "adaptations" and let you know. > > Kind regards, > Miroslav Stampar > > On Tue, Feb 12, 2013 at 12:04 PM, Boris Chazalet > <bor...@or... <mailto:bor...@or...>> wrote: > > Hi everyone, > > I am trying to use the --load-cookies option on sqlmap. I have > saved session cookies using wget and I am trying to load them in > sqlmap with the following command: > > /python sqlmap.py -u "http://mytestserver.com" > <http://mytestserver.com> --load-cookies=cookies.txt/ > > but I get an error message: > > /[11:00:32] [CRITICAL] there was a problem loading cookies file > ('u'cookies.txt' does not look like a Netscape format cookies file')/ > > So my question is, what is supposed to be the accepted format for > loading a cookie file into sqlmap? > > Regards, > Boris > > cookies.txt: > # HTTP cookie file. > # Generated by Wget on 2013-02-12 10:58:35. > # Edit at your own risk. > > mytestserver.com <http://mytestserver.com> FALSE /test > FALSE 0 JSESSIONID > 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more. > http://p.sf.net/sfu/sophos-d2d-feb > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2013-02-12 11:20:09
|
# Netscape HTTP Cookie File. # HTTP cookie file. # Generated by Wget on 2013-02-12 10:58:35. # Edit at your own risk. mytestserver.com FALSE /test FALSE 0 JSESSIONID 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv |
|
From: Boris C. <bor...@or...> - 2013-02-12 11:19:32
|
Ok, it seems that although wget writes # HTTP cookie file it should be # HTTP Cookie File with capital letters at the beginning of each word. Boris On 12/02/13 11:04, Boris Chazalet wrote: > Hi everyone, > > I am trying to use the --load-cookies option on sqlmap. I have saved > session cookies using wget and I am trying to load them in sqlmap with > the following command: > > /python sqlmap.py -u "http://mytestserver.com" --load-cookies=cookies.txt/ > > but I get an error message: > > /[11:00:32] [CRITICAL] there was a problem loading cookies file > ('u'cookies.txt' does not look like a Netscape format cookies file')/ > > So my question is, what is supposed to be the accepted format for > loading a cookie file into sqlmap? > > Regards, > Boris > > cookies.txt: > # HTTP cookie file. > # Generated by Wget on 2013-02-12 10:58:35. > # Edit at your own risk. > > mytestserver.com FALSE /test FALSE 0 JSESSIONID > 1064CC1958261C9D61D102C4C995611P.tcatmytestsrv > > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more. > http://p.sf.net/sfu/sophos-d2d-feb > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Miroslav S. <mir...@gm...> - 2013-02-11 00:33:53
|
Which technique? Bye On Feb 11, 2013 12:33 AM, "Bruno Garcia" <gar...@gm...> wrote: > Hello sqlmap users. > > I have a bit of a problem when using the sql-shell on sql-map. > I'm trying to retrieve a 16 bit binary value, but when sqlmap outputs the > select I get tons of question marks. > > I believe this is because it's converting the binary data to ascii and > it's out of range, so it cannot be printed on the console. > > Is there something I could do? > > Thanks a lot. > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more. > http://p.sf.net/sfu/sophos-d2d-feb > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > |
|
From: Bruno G. <gar...@gm...> - 2013-02-10 23:33:01
|
Hello sqlmap users. I have a bit of a problem when using the sql-shell on sql-map. I'm trying to retrieve a 16 bit binary value, but when sqlmap outputs the select I get tons of question marks. I believe this is because it's converting the binary data to ascii and it's out of range, so it cannot be printed on the console. Is there something I could do? Thanks a lot. |
|
From: Miroslav S. <mir...@gm...> - 2013-02-10 13:48:11
|
Hi. Could you please copy paste the whole traceback (that stack trace below that message you've sent)? Kind regards, Miroslav Stampar Dana 10.2.2013. 14:44 "Nicholas Work" <ano...@gm...> je napisao/la: > sqlmap version: 1.0-dev-7c06a93 > Python version: 2.6.5 > Operating system: posix > Command line: ./sqlmap.py -d > ************************************************************************ > --tor --tor-type=SOCKS5 --tor-port=9050 --random-agent --threads=5 > Technique: None > Back-end DBMS: MySQL (identified) > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more. > http://p.sf.net/sfu/sophos-d2d-feb > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
|
From: Nicholas W. <ano...@gm...> - 2013-02-10 03:58:42
|
sqlmap version: 1.0-dev-7c06a93 Python version: 2.6.5 Operating system: posix Command line: ./sqlmap.py -d ************************************************************************ --tor --tor-type=SOCKS5 --tor-port=9050 --random-agent --threads=5 Technique: None Back-end DBMS: MySQL (identified) |
|
From: Владимир М. <vil...@gm...> - 2013-02-08 13:01:00
|
2013/2/8 Miroslav Stampar <mir...@gm...> > Hi Vladimir. > > Could you please update to the latest revision (committed just now some > changes [1]) and retry it again? With those changes there should be a > detailed message describing what went wrong. > > Kind regards, > Miroslav Stampar > > [1] > https://github.com/sqlmapproject/sqlmap/commit/ee1017a5a76111ac57d17754d159a371a439d72f<http://about.me/stamparm> > Now I don't have the problem, thank you! |
|
From: Miroslav S. <mir...@gm...> - 2013-02-08 12:48:36
|
Hi Vladimir. Could you please update to the latest revision (committed just now some changes [1]) and retry it again? With those changes there should be a detailed message describing what went wrong. Kind regards, Miroslav Stampar [1] https://github.com/sqlmapproject/sqlmap/commit/ee1017a5a76111ac57d17754d159a371a439d72f On Fri, Feb 8, 2013 at 1:33 PM, Владимир Мартьянов <vil...@gm...>wrote: > > > 2013/2/8 Miroslav Stampar <mir...@gm...> > >> Which DBMS? >> Dana 8.2.2013. 13:25 "Владимир Мартьянов" <vil...@gm...> je >> napisao/la: >> >> >>> >>> 2013/2/8 Miroslav Stampar <mir...@gm...> >>> >>>> This should not happen with built in dictionary. Maybe it's username >>>> column included containing localized data. Could you please send an excerpt >>>> of those errors? >>>> Dana 8.2.2013. 13:02 "Владимир Мартьянов" <vil...@gm...> je >>>> napisao/la: >>>> >>>>> Hello! >>>>> Fisе of all I want to thank you for the great product! When I saw how >>>>> it works I was very impressed. >>>>> >>>>> Now about a problem. I found some hashes in DB and I want to try check >>>>> them by a built-in dictionary, but I have a message "There was a problem >>>>> while hashing entry" for every entry. Why could it be? Does sqlmap use >>>>> md5deep? >>>>> >>>>> >>>>> No problem! It looks like this: >>> [15:57:38] [CRITICAL] there was a problem while hashing entry: >>> u'4JTNPLO1..'. Please report by e-mail to >>> sql...@li... >>> [15:57:38] [CRITICAL] there was a problem while hashing entry: >>> u'4L6081Th..'. Please report by e-mail to >>> sql...@li... >>> [15:57:38] [CRITICAL] there was a problem while hashing entry: >>> u'4MUSICO..'. Please report by e-mail to >>> sql...@li... >>> [15:57:38] [CRITICAL] there was a problem while hashing entry: >>> u'4Nsbil2G..'. Please report by e-mail to >>> sql...@li... >>> [15:57:38] [CRITICAL] there was a problem while hashing entry: >>> u'4PUWSF..'. Please report by e-mail to >>> sql...@li... >>> >>> and so on for a thousands of lines. >>> >>> web server operating system: Linux Ubuntu > web application technology: PHP 5.3.2, Apache 2.2.14 > back-end DBMS operating system: Linux Ubuntu > back-end DBMS: MySQL 5.0.11 > banner: '5.1.41-3ubuntu12.10' > -- Miroslav Stampar http://about.me/stamparm |
|
From: Владимир М. <vil...@gm...> - 2013-02-08 12:34:02
|
2013/2/8 Miroslav Stampar <mir...@gm...> > Which DBMS? > Dana 8.2.2013. 13:25 "Владимир Мартьянов" <vil...@gm...> je > napisao/la: > > >> >> 2013/2/8 Miroslav Stampar <mir...@gm...> >> >>> This should not happen with built in dictionary. Maybe it's username >>> column included containing localized data. Could you please send an excerpt >>> of those errors? >>> Dana 8.2.2013. 13:02 "Владимир Мартьянов" <vil...@gm...> je >>> napisao/la: >>> >>>> Hello! >>>> Fisе of all I want to thank you for the great product! When I saw how >>>> it works I was very impressed. >>>> >>>> Now about a problem. I found some hashes in DB and I want to try check >>>> them by a built-in dictionary, but I have a message "There was a problem >>>> while hashing entry" for every entry. Why could it be? Does sqlmap use >>>> md5deep? >>>> >>>> >>>> No problem! It looks like this: >> [15:57:38] [CRITICAL] there was a problem while hashing entry: >> u'4JTNPLO1..'. Please report by e-mail to >> sql...@li... >> [15:57:38] [CRITICAL] there was a problem while hashing entry: >> u'4L6081Th..'. Please report by e-mail to >> sql...@li... >> [15:57:38] [CRITICAL] there was a problem while hashing entry: >> u'4MUSICO..'. Please report by e-mail to >> sql...@li... >> [15:57:38] [CRITICAL] there was a problem while hashing entry: >> u'4Nsbil2G..'. Please report by e-mail to >> sql...@li... >> [15:57:38] [CRITICAL] there was a problem while hashing entry: >> u'4PUWSF..'. Please report by e-mail to >> sql...@li... >> >> and so on for a thousands of lines. >> >> web server operating system: Linux Ubuntu web application technology: PHP 5.3.2, Apache 2.2.14 back-end DBMS operating system: Linux Ubuntu back-end DBMS: MySQL 5.0.11 banner: '5.1.41-3ubuntu12.10' |
|
From: Miroslav S. <mir...@gm...> - 2013-02-08 12:31:53
|
Which DBMS? Dana 8.2.2013. 13:25 "Владимир Мартьянов" <vil...@gm...> je napisao/la: > > > 2013/2/8 Miroslav Stampar <mir...@gm...> > >> This should not happen with built in dictionary. Maybe it's username >> column included containing localized data. Could you please send an excerpt >> of those errors? >> Dana 8.2.2013. 13:02 "Владимир Мартьянов" <vil...@gm...> je >> napisao/la: >> >>> Hello! >>> Fisе of all I want to thank you for the great product! When I saw how it >>> works I was very impressed. >>> >>> Now about a problem. I found some hashes in DB and I want to try check >>> them by a built-in dictionary, but I have a message "There was a problem >>> while hashing entry" for every entry. Why could it be? Does sqlmap use >>> md5deep? >>> >>> >>> No problem! It looks like this: > [15:57:38] [CRITICAL] there was a problem while hashing entry: > u'4JTNPLO1..'. Please report by e-mail to > sql...@li... > [15:57:38] [CRITICAL] there was a problem while hashing entry: > u'4L6081Th..'. Please report by e-mail to > sql...@li... > [15:57:38] [CRITICAL] there was a problem while hashing entry: > u'4MUSICO..'. Please report by e-mail to > sql...@li... > [15:57:38] [CRITICAL] there was a problem while hashing entry: > u'4Nsbil2G..'. Please report by e-mail to > sql...@li... > [15:57:38] [CRITICAL] there was a problem while hashing entry: > u'4PUWSF..'. Please report by e-mail to sql...@li... > > and so on for a thousands of lines. > > |
|
From: Владимир М. <vil...@gm...> - 2013-02-08 12:25:21
|
2013/2/8 Miroslav Stampar <mir...@gm...> > This should not happen with built in dictionary. Maybe it's username > column included containing localized data. Could you please send an excerpt > of those errors? > Dana 8.2.2013. 13:02 "Владимир Мартьянов" <vil...@gm...> je > napisao/la: > >> Hello! >> Fisе of all I want to thank you for the great product! When I saw how it >> works I was very impressed. >> >> Now about a problem. I found some hashes in DB and I want to try check >> them by a built-in dictionary, but I have a message "There was a problem >> while hashing entry" for every entry. Why could it be? Does sqlmap use >> md5deep? >> >> >> No problem! It looks like this: [15:57:38] [CRITICAL] there was a problem while hashing entry: u'4JTNPLO1..'. Please report by e-mail to sql...@li... [15:57:38] [CRITICAL] there was a problem while hashing entry: u'4L6081Th..'. Please report by e-mail to sql...@li... [15:57:38] [CRITICAL] there was a problem while hashing entry: u'4MUSICO..'. Please report by e-mail to sql...@li... [15:57:38] [CRITICAL] there was a problem while hashing entry: u'4Nsbil2G..'. Please report by e-mail to sql...@li... [15:57:38] [CRITICAL] there was a problem while hashing entry: u'4PUWSF..'. Please report by e-mail to sql...@li... and so on for a thousands of lines. |
48 messages has been excluded from this view by a project administrator.
