sqlmap-users Mailing List for sqlmap (Page 76)
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users — sqlmap users mailing list
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
(11) |
Nov
(24) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(23) |
Feb
(17) |
Mar
(13) |
Apr
(48) |
May
(22) |
Jun
(18) |
Jul
(22) |
Aug
(13) |
Sep
(23) |
Oct
(6) |
Nov
(11) |
Dec
(25) |
| 2010 |
Jan
(21) |
Feb
(33) |
Mar
(61) |
Apr
(47) |
May
(48) |
Jun
(30) |
Jul
(24) |
Aug
(37) |
Sep
(52) |
Oct
(59) |
Nov
(32) |
Dec
(57) |
| 2011 |
Jan
(166) |
Feb
(93) |
Mar
(65) |
Apr
(117) |
May
(87) |
Jun
(124) |
Jul
(102) |
Aug
(78) |
Sep
(65) |
Oct
(22) |
Nov
(71) |
Dec
(79) |
| 2012 |
Jan
(93) |
Feb
(55) |
Mar
(45) |
Apr
(49) |
May
(56) |
Jun
(93) |
Jul
(95) |
Aug
(42) |
Sep
(26) |
Oct
(36) |
Nov
(32) |
Dec
(46) |
| 2013 |
Jan
(36) |
Feb
(78) |
Mar
(38) |
Apr
(57) |
May
(35) |
Jun
(39) |
Jul
(23) |
Aug
(33) |
Sep
(28) |
Oct
(38) |
Nov
(22) |
Dec
(16) |
| 2014 |
Jan
(33) |
Feb
(23) |
Mar
(41) |
Apr
(29) |
May
(12) |
Jun
(20) |
Jul
(21) |
Aug
(23) |
Sep
(18) |
Oct
(34) |
Nov
(12) |
Dec
(39) |
| 2015 |
Jan
(2) |
Feb
(51) |
Mar
(10) |
Apr
(28) |
May
(9) |
Jun
(22) |
Jul
(32) |
Aug
(35) |
Sep
(29) |
Oct
(50) |
Nov
(8) |
Dec
(2) |
| 2016 |
Jan
(8) |
Feb
(2) |
Mar
(3) |
Apr
(14) |
May
|
Jun
|
Jul
|
Aug
(12) |
Sep
|
Oct
|
Nov
(1) |
Dec
(19) |
| 2017 |
Jan
|
Feb
(18) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Brandon P. <bpe...@gm...> - 2011-11-21 19:45:51
|
You may also grab a copy of the free edition of BurpSuite, record the POST response, and save that to a file. Then use the -r flag and pass the burp response to sqlmap. Will be easier to work with. On Mon, Nov 21, 2011 at 1:44 PM, Brandon Perry <bpe...@gm...> wrote: > I would say just use a virtual machine. Grab a copy of backtrack, > update sqlmap, and start from there. > > VirtualBox is a free, open source virtualization suite that runs on > windows. You will have a much better time interacting with sqlmap. > > On Mon, Nov 21, 2011 at 1:39 PM, Iago Sousa <146...@gm...> wrote: >> What is the fld? >> >> On Mon, Nov 21, 2011 at 10:30 AM, Bob Simonoff <bo...@si...> >> wrote: >>> >>> I have been asked to test a web site for SQL injection. The website uses >>> POST and the parameter names all have the 3 characters %26 (percent 26) as a >>> separator. This makes thinks difficult, since I am running sqlmap from >>> windows. First windows is trying to substitute %2 as the second argument of >>> the command line, but python is also at play here. I have not found an >>> escape sequence that allows both windows and python to be happy. I have >>> tried various combinations of ^, \, and %% to no avail. >>> >>> So an example of post data would be: >>> --data="fld%26First=Bob&fld%26Last=Jones" >>> >>> Can anyone provide a recommendation? >>> >>> Thanks >>> Bob >>> >>> Apologies if this appears twice, I had trouble with my subscription >>> >>> ------------------------------------------------------------------------------ >>> All the data continuously generated in your IT infrastructure >>> contains a definitive record of customers, application performance, >>> security threats, fraudulent activity, and more. Splunk takes this >>> data and makes sense of it. IT sense. And common sense. >>> http://p.sf.net/sfu/splunk-novd2d >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >> >> >> >> -- >> Iago Sousa >> >> >> ------------------------------------------------------------------------------ >> All the data continuously generated in your IT infrastructure >> contains a definitive record of customers, application performance, >> security threats, fraudulent activity, and more. Splunk takes this >> data and makes sense of it. IT sense. And common sense. >> http://p.sf.net/sfu/splunk-novd2d >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
|
From: Brandon P. <bpe...@gm...> - 2011-11-21 19:44:38
|
I would say just use a virtual machine. Grab a copy of backtrack, update sqlmap, and start from there. VirtualBox is a free, open source virtualization suite that runs on windows. You will have a much better time interacting with sqlmap. On Mon, Nov 21, 2011 at 1:39 PM, Iago Sousa <146...@gm...> wrote: > What is the fld? > > On Mon, Nov 21, 2011 at 10:30 AM, Bob Simonoff <bo...@si...> > wrote: >> >> I have been asked to test a web site for SQL injection. The website uses >> POST and the parameter names all have the 3 characters %26 (percent 26) as a >> separator. This makes thinks difficult, since I am running sqlmap from >> windows. First windows is trying to substitute %2 as the second argument of >> the command line, but python is also at play here. I have not found an >> escape sequence that allows both windows and python to be happy. I have >> tried various combinations of ^, \, and %% to no avail. >> >> So an example of post data would be: >> --data="fld%26First=Bob&fld%26Last=Jones" >> >> Can anyone provide a recommendation? >> >> Thanks >> Bob >> >> Apologies if this appears twice, I had trouble with my subscription >> >> ------------------------------------------------------------------------------ >> All the data continuously generated in your IT infrastructure >> contains a definitive record of customers, application performance, >> security threats, fraudulent activity, and more. Splunk takes this >> data and makes sense of it. IT sense. And common sense. >> http://p.sf.net/sfu/splunk-novd2d >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Iago Sousa > > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure > contains a definitive record of customers, application performance, > security threats, fraudulent activity, and more. Splunk takes this > data and makes sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-novd2d > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
|
From: Iago S. <146...@gm...> - 2011-11-21 19:40:06
|
What is the fld? On Mon, Nov 21, 2011 at 10:30 AM, Bob Simonoff <bo...@si...>wrote: > ** > > I have been asked to test a web site for SQL injection. The website uses > POST and the parameter names all have the 3 characters %26 (percent 26) as > a separator. This makes thinks difficult, since I am running sqlmap from > windows. First windows is trying to substitute %2 as the second argument > of the command line, but python is also at play here. I have not found an > escape sequence that allows both windows and python to be happy. I have > tried various combinations of ^, \, and %% to no avail. > > So an example of post data would be: > --data="fld%26First=Bob&fld%26Last=Jones" > > Can anyone provide a recommendation? > > Thanks > Bob > > Apologies if this appears twice, I had trouble with my subscription > > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure > contains a definitive record of customers, application performance, > security threats, fraudulent activity, and more. Splunk takes this > data and makes sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-novd2d > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Iago Sousa |
|
From: Brandon P. <bpe...@gm...> - 2011-11-21 19:34:18
|
Hi, The phpass detection is working excellently. Would like to report these:
[13:27:24] [CRITICAL] there was a problem while hashing entry:
'<>@\xc2\xa3\xc2\xa7\xe2\x82\xac{[]}'. Please report by e-mail to
sql...@li...
[13:27:26] [CRITICAL] there was a problem while hashing entry:
'-/\xe0\xb8\x88---/\xe0\xb8\x88--'. Please report by e-mail to
sql...@li...
[13:27:27] [CRITICAL] there was a problem while hashing entry:
'-\xe0\xb8\x96-\xe0\xb8\x96\xe0\xb8\x84\xe0\xb8\x88\xe0\xb8\xb8'.
Please report by e-mail to sql...@li...
[13:27:27] [CRITICAL] there was a problem while hashing entry:
'-\xe0\xb8\x96/\xe0\xb8\x95\xe0\xb8\x88\xe0\xb8\xa0'. Please report by
e-mail to sql...@li...
[13:27:27] [CRITICAL] there was a problem while hashing entry:
'-\xe0\xb9\x85\xe0\xb8\x88\xe0\xb8\xb6-\xe0\xb8\x88'. Please report by
e-mail to sql...@li...
[13:27:27] [CRITICAL] there was a problem while hashing entry:
'-\xe0\xb8\x88\xe0\xb9\x85\xe0\xb9\x85\xe0\xb8\x84\xe0\xb8\xa0//'.
Please report by e-mail to sql...@li...
[13:27:30] [CRITICAL] there was a problem while hashing entry:
'!"\xc2\xb7$%&/()'. Please report by e-mail to
sql...@li...
[13:27:30] [CRITICAL] there was a problem while hashing entry:
'!"\xc2\xa3$%^&*('. Please report by e-mail to
sql...@li...
[13:27:31] [CRITICAL] there was a problem while hashing entry:
'!\xc2\xa7&\xc2\xa7!)!/'. Please report by e-mail to
sql...@li...
[13:27:32] [CRITICAL] there was a problem while hashing entry:
'!@\xc2\xa3$%^&'. Please report by e-mail to
sql...@li...
[13:27:33] [CRITICAL] there was a problem while hashing entry:
'!\xc2\xa3$"%*'. Please report by e-mail to
sql...@li...
[13:27:35] [CRITICAL] there was a problem while hashing entry:
'/-/\xe0\xb8\x96-/'. Please report by e-mail to
sql...@li...
[13:27:35] [CRITICAL] there was a problem while hashing entry:
'/-\xe0\xb9\x85\xe0\xb9\x85/\xe0\xb8\x96\xe0\xb9\x85\xe0\xb8\xb8'.
Please report by e-mail to sql...@li...
I have a custom password list I am using and have enabled common
prefix checking as well.
On Mon, Nov 21, 2011 at 3:25 AM, Miroslav Stampar
<mir...@gm...> wrote:
> Aha. I haven't noticed it was yours code :). Thank you for this nice piece
> of code.
> Kind regards
>
> On Mon, Nov 21, 2011 at 10:17 AM, Ulisses Castro <uss...@gm...>
> wrote:
>>
>> Good to see that code helped sqlmap, thanks for the reference Miroslav!
>>
>> Nice update.
>>
>> Cheers,
>> Ulisses Castro
>>
>> On Sun, Nov 20, 2011 at 5:03 PM, Miroslav Stampar
>> <mir...@gm...> wrote:
>> > Hi Brandon.
>> >
>> > You can find it implemented in the last revision (r4511).
>> >
>> > Kind regards,
>> > Miroslav Stampar
>> >
>> > On Sat, Nov 19, 2011 at 10:09 PM, Brandon Perry
>> > <bpe...@gm...>
>> > wrote:
>> >>
>> >> Absolutely.
>> >>
>> >> Thanks for the response.
>> >>
>> >> On Sat, Nov 19, 2011 at 3:00 PM, Miroslav Stampar
>> >> <mir...@gm...> wrote:
>> >> > Hi Brandon.
>> >> >
>> >> > It will be implemented these days, although don't expect it to be too
>> >> > fast
>> >> > (compared to the regular MD5 or similar) as it usually uses lots of
>> >> > MD5
>> >> > rounds.
>> >> >
>> >> > Kind regards
>> >> >
>> >> > On Nov 19, 2011 9:05 AM, "Brandon Perry" <bpe...@gm...>
>> >> > wrote:
>> >> >>
>> >> >> Are there any plans to add phpass hash detection and cracking
>> >> >> facilities to sqlmap?
>> >> >>
>> >> >> A python script to crack them is here, for reference
>> >> >>
>> >> >> http://dl.packetstormsecurity.net/Crackers/phpassbrute.py.txt
>> >> >>
>> >> >> --
>> >> >> http://volatile-minds.blogspot.com -- blog
>> >> >> http://www.volatileminds.net -- website
>> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >> >> ------------------------------------------------------------------------------
>> >> >> All the data continuously generated in your IT infrastructure
>> >> >> contains a definitive record of customers, application performance,
>> >> >> security threats, fraudulent activity, and more. Splunk takes this
>> >> >> data and makes sense of it. IT sense. And common sense.
>> >> >> http://p.sf.net/sfu/splunk-novd2d
>> >> >> _______________________________________________
>> >> >> sqlmap-users mailing list
>> >> >> sql...@li...
>> >> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> http://volatile-minds.blogspot.com -- blog
>> >> http://www.volatileminds.net -- website
>> >
>> >
>> >
>> > --
>> > Miroslav Stampar
>> > http://about.me/stamparm
>> >
>> >
>> > ------------------------------------------------------------------------------
>> > All the data continuously generated in your IT infrastructure
>> > contains a definitive record of customers, application performance,
>> > security threats, fraudulent activity, and more. Splunk takes this
>> > data and makes sense of it. IT sense. And common sense.
>> > http://p.sf.net/sfu/splunk-novd2d
>> > _______________________________________________
>> > sqlmap-users mailing list
>> > sql...@li...
>> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>> >
>> >
>
>
>
> --
> Miroslav Stampar
> http://about.me/stamparm
>
--
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
|
|
From: Bob S. <bo...@si...> - 2011-11-21 12:24:35
|
I have been asked to test a web site for SQL injection. The website uses POST and the parameter names all have the 3 characters %26 (percent 26) as a separator. This makes thinks difficult, since I am running sqlmap from windows. First windows is trying to substitute %2 as the second argument of the command line, but python is also at play here. I have not found an escape sequence that allows both windows and python to be happy. I have tried various combinations of ^, \, and %% to no avail. So an example of post data would be: --data="fld%26First=Bob&fld%26Last=Jones" Can anyone provide a recommendation? Thanks Bob Apologies if this appears twice, I had trouble with my subscription |
|
From: Miroslav S. <mir...@gm...> - 2011-11-21 09:25:44
|
Aha. I haven't noticed it was yours code :). Thank you for this nice piece of code. Kind regards On Mon, Nov 21, 2011 at 10:17 AM, Ulisses Castro <uss...@gm...>wrote: > Good to see that code helped sqlmap, thanks for the reference Miroslav! > > Nice update. > > Cheers, > Ulisses Castro > > On Sun, Nov 20, 2011 at 5:03 PM, Miroslav Stampar > <mir...@gm...> wrote: > > Hi Brandon. > > > > You can find it implemented in the last revision (r4511). > > > > Kind regards, > > Miroslav Stampar > > > > On Sat, Nov 19, 2011 at 10:09 PM, Brandon Perry < > bpe...@gm...> > > wrote: > >> > >> Absolutely. > >> > >> Thanks for the response. > >> > >> On Sat, Nov 19, 2011 at 3:00 PM, Miroslav Stampar > >> <mir...@gm...> wrote: > >> > Hi Brandon. > >> > > >> > It will be implemented these days, although don't expect it to be too > >> > fast > >> > (compared to the regular MD5 or similar) as it usually uses lots of > MD5 > >> > rounds. > >> > > >> > Kind regards > >> > > >> > On Nov 19, 2011 9:05 AM, "Brandon Perry" <bpe...@gm...> > >> > wrote: > >> >> > >> >> Are there any plans to add phpass hash detection and cracking > >> >> facilities to sqlmap? > >> >> > >> >> A python script to crack them is here, for reference > >> >> > >> >> http://dl.packetstormsecurity.net/Crackers/phpassbrute.py.txt > >> >> > >> >> -- > >> >> http://volatile-minds.blogspot.com -- blog > >> >> http://www.volatileminds.net -- website > >> >> > >> >> > >> >> > >> >> > ------------------------------------------------------------------------------ > >> >> All the data continuously generated in your IT infrastructure > >> >> contains a definitive record of customers, application performance, > >> >> security threats, fraudulent activity, and more. Splunk takes this > >> >> data and makes sense of it. IT sense. And common sense. > >> >> http://p.sf.net/sfu/splunk-novd2d > >> >> _______________________________________________ > >> >> sqlmap-users mailing list > >> >> sql...@li... > >> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > >> > > >> > >> > >> > >> -- > >> http://volatile-minds.blogspot.com -- blog > >> http://www.volatileminds.net -- website > > > > > > > > -- > > Miroslav Stampar > > http://about.me/stamparm > > > > > ------------------------------------------------------------------------------ > > All the data continuously generated in your IT infrastructure > > contains a definitive record of customers, application performance, > > security threats, fraudulent activity, and more. Splunk takes this > > data and makes sense of it. IT sense. And common sense. > > http://p.sf.net/sfu/splunk-novd2d > > _______________________________________________ > > sqlmap-users mailing list > > sql...@li... > > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Ulisses C. <uss...@gm...> - 2011-11-21 09:18:01
|
Good to see that code helped sqlmap, thanks for the reference Miroslav! Nice update. Cheers, Ulisses Castro On Sun, Nov 20, 2011 at 5:03 PM, Miroslav Stampar <mir...@gm...> wrote: > Hi Brandon. > > You can find it implemented in the last revision (r4511). > > Kind regards, > Miroslav Stampar > > On Sat, Nov 19, 2011 at 10:09 PM, Brandon Perry <bpe...@gm...> > wrote: >> >> Absolutely. >> >> Thanks for the response. >> >> On Sat, Nov 19, 2011 at 3:00 PM, Miroslav Stampar >> <mir...@gm...> wrote: >> > Hi Brandon. >> > >> > It will be implemented these days, although don't expect it to be too >> > fast >> > (compared to the regular MD5 or similar) as it usually uses lots of MD5 >> > rounds. >> > >> > Kind regards >> > >> > On Nov 19, 2011 9:05 AM, "Brandon Perry" <bpe...@gm...> >> > wrote: >> >> >> >> Are there any plans to add phpass hash detection and cracking >> >> facilities to sqlmap? >> >> >> >> A python script to crack them is here, for reference >> >> >> >> http://dl.packetstormsecurity.net/Crackers/phpassbrute.py.txt >> >> >> >> -- >> >> http://volatile-minds.blogspot.com -- blog >> >> http://www.volatileminds.net -- website >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> All the data continuously generated in your IT infrastructure >> >> contains a definitive record of customers, application performance, >> >> security threats, fraudulent activity, and more. Splunk takes this >> >> data and makes sense of it. IT sense. And common sense. >> >> http://p.sf.net/sfu/splunk-novd2d >> >> _______________________________________________ >> >> sqlmap-users mailing list >> >> sql...@li... >> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website > > > > -- > Miroslav Stampar > http://about.me/stamparm > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure > contains a definitive record of customers, application performance, > security threats, fraudulent activity, and more. Splunk takes this > data and makes sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-novd2d > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > |
|
From: Brandon P. <bpe...@gm...> - 2011-11-20 19:04:04
|
Thanks! On Sun, Nov 20, 2011 at 1:03 PM, Miroslav Stampar <mir...@gm...> wrote: > Hi Brandon. > > You can find it implemented in the last revision (r4511). > > Kind regards, > Miroslav Stampar > > On Sat, Nov 19, 2011 at 10:09 PM, Brandon Perry <bpe...@gm...> > wrote: >> >> Absolutely. >> >> Thanks for the response. >> >> On Sat, Nov 19, 2011 at 3:00 PM, Miroslav Stampar >> <mir...@gm...> wrote: >> > Hi Brandon. >> > >> > It will be implemented these days, although don't expect it to be too >> > fast >> > (compared to the regular MD5 or similar) as it usually uses lots of MD5 >> > rounds. >> > >> > Kind regards >> > >> > On Nov 19, 2011 9:05 AM, "Brandon Perry" <bpe...@gm...> >> > wrote: >> >> >> >> Are there any plans to add phpass hash detection and cracking >> >> facilities to sqlmap? >> >> >> >> A python script to crack them is here, for reference >> >> >> >> http://dl.packetstormsecurity.net/Crackers/phpassbrute.py.txt >> >> >> >> -- >> >> http://volatile-minds.blogspot.com -- blog >> >> http://www.volatileminds.net -- website >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> All the data continuously generated in your IT infrastructure >> >> contains a definitive record of customers, application performance, >> >> security threats, fraudulent activity, and more. Splunk takes this >> >> data and makes sense of it. IT sense. And common sense. >> >> http://p.sf.net/sfu/splunk-novd2d >> >> _______________________________________________ >> >> sqlmap-users mailing list >> >> sql...@li... >> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > >> >> >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website > > > > -- > Miroslav Stampar > http://about.me/stamparm > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
|
From: Miroslav S. <mir...@gm...> - 2011-11-20 19:03:36
|
Hi Brandon. You can find it implemented in the last revision (r4511). Kind regards, Miroslav Stampar On Sat, Nov 19, 2011 at 10:09 PM, Brandon Perry <bpe...@gm...>wrote: > Absolutely. > > Thanks for the response. > > On Sat, Nov 19, 2011 at 3:00 PM, Miroslav Stampar > <mir...@gm...> wrote: > > Hi Brandon. > > > > It will be implemented these days, although don't expect it to be too > fast > > (compared to the regular MD5 or similar) as it usually uses lots of MD5 > > rounds. > > > > Kind regards > > > > On Nov 19, 2011 9:05 AM, "Brandon Perry" <bpe...@gm...> > wrote: > >> > >> Are there any plans to add phpass hash detection and cracking > >> facilities to sqlmap? > >> > >> A python script to crack them is here, for reference > >> > >> http://dl.packetstormsecurity.net/Crackers/phpassbrute.py.txt > >> > >> -- > >> http://volatile-minds.blogspot.com -- blog > >> http://www.volatileminds.net -- website > >> > >> > >> > ------------------------------------------------------------------------------ > >> All the data continuously generated in your IT infrastructure > >> contains a definitive record of customers, application performance, > >> security threats, fraudulent activity, and more. Splunk takes this > >> data and makes sense of it. IT sense. And common sense. > >> http://p.sf.net/sfu/splunk-novd2d > >> _______________________________________________ > >> sqlmap-users mailing list > >> sql...@li... > >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > -- Miroslav Stampar http://about.me/stamparm |
|
From: Brandon P. <bpe...@gm...> - 2011-11-19 21:09:49
|
Absolutely. Thanks for the response. On Sat, Nov 19, 2011 at 3:00 PM, Miroslav Stampar <mir...@gm...> wrote: > Hi Brandon. > > It will be implemented these days, although don't expect it to be too fast > (compared to the regular MD5 or similar) as it usually uses lots of MD5 > rounds. > > Kind regards > > On Nov 19, 2011 9:05 AM, "Brandon Perry" <bpe...@gm...> wrote: >> >> Are there any plans to add phpass hash detection and cracking >> facilities to sqlmap? >> >> A python script to crack them is here, for reference >> >> http://dl.packetstormsecurity.net/Crackers/phpassbrute.py.txt >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website >> >> >> ------------------------------------------------------------------------------ >> All the data continuously generated in your IT infrastructure >> contains a definitive record of customers, application performance, >> security threats, fraudulent activity, and more. Splunk takes this >> data and makes sense of it. IT sense. And common sense. >> http://p.sf.net/sfu/splunk-novd2d >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
|
From: Miroslav S. <mir...@gm...> - 2011-11-19 21:00:37
|
Hi Brandon. It will be implemented these days, although don't expect it to be too fast (compared to the regular MD5 or similar) as it usually uses lots of MD5 rounds. Kind regards On Nov 19, 2011 9:05 AM, "Brandon Perry" <bpe...@gm...> wrote: > Are there any plans to add phpass hash detection and cracking > facilities to sqlmap? > > A python script to crack them is here, for reference > > http://dl.packetstormsecurity.net/Crackers/phpassbrute.py.txt > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website > > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure > contains a definitive record of customers, application performance, > security threats, fraudulent activity, and more. Splunk takes this > data and makes sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-novd2d > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
|
From: Brandon P. <bpe...@gm...> - 2011-11-19 08:05:05
|
Are there any plans to add phpass hash detection and cracking facilities to sqlmap? A python script to crack them is here, for reference http://dl.packetstormsecurity.net/Crackers/phpassbrute.py.txt -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
|
From: Miroslav S. <mir...@gm...> - 2011-11-14 11:30:31
|
Hi Jer0nomo. Could you please retry with the latest revision (r4505) - committed this moment? Kind regards, Miroslav Stampar On Sun, Nov 13, 2011 at 9:48 PM, Dark-Net Jer0nomo <dan...@ho...>wrote: > Command line: ./sqlmap.py -u > **************************************************** --forms --dbs -o > --batch > Technique: None > Back-end DBMS: None (identified) > Traceback (most recent call last): > File "/home/*******/Desktop/sqlmap/last/sqlmap/_sqlmap.py", line 86, in > main > start() > File > "/home/********/Desktop/sqlmap/last/sqlmap/lib/controller/controller.py", > line 334, in start > checkNullConnection() > File > "/home/*********/Desktop/sqlmap/last/sqlmap/lib/controller/checks.py", line > 913, in checkNullConnection > page, headers, _ = Request.getPage(method=HTTPMETHOD.HEAD) > File > "/home/*********/Desktop/sqlmap/last/sqlmap/lib/request/connect.py", line > 280, in getPage > requestMsg += "\n\n%s" % post > UnicodeDecodeError: 'ascii' codec can't decode byte 0xef in position 11: > ordinal not in range(128) > > [*] shutting down at 22:42:39 > > > > ------------------------------------------------------------------------------ > RSA(R) Conference 2012 > Save $700 by Nov 18 > Register now > http://p.sf.net/sfu/rsa-sfdev2dev1 > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Dark-Net J. <dan...@ho...> - 2011-11-13 20:48:44
|
Command line: ./sqlmap.py -u **************************************************** --forms --dbs -o --batch
Technique: None
Back-end DBMS: None (identified)
Traceback (most recent call last):
File "/home/*******/Desktop/sqlmap/last/sqlmap/_sqlmap.py", line 86, in main
start()
File "/home/********/Desktop/sqlmap/last/sqlmap/lib/controller/controller.py", line 334, in start
checkNullConnection()
File "/home/*********/Desktop/sqlmap/last/sqlmap/lib/controller/checks.py", line 913, in checkNullConnection
page, headers, _ = Request.getPage(method=HTTPMETHOD.HEAD)
File "/home/*********/Desktop/sqlmap/last/sqlmap/lib/request/connect.py", line 280, in getPage
requestMsg += "\n\n%s" % post
UnicodeDecodeError: 'ascii' codec can't decode byte 0xef in position 11: ordinal not in range(128)
[*] shutting down at 22:42:39
|
|
From: m4l1c3 <mal...@gm...> - 2011-11-13 19:04:57
|
New commit works perfectly, thanks. On Sun, Nov 13, 2011 at 12:53 PM, m4l1c3 <mal...@gm...> wrote: > hi again > > sqlmap version: 1.0-dev (r4503) > Python version: 2.6.5 > Operating system: posix > Command line: ./sqlmap.py -u > **************************************************************************************************************************************************************** > --batch --dbs --technique=BU --random-agent --threads 10 --crawl 3 --level > 2 --risk 2 --smart > Technique: None > Back-end DBMS: None (identified) > Traceback (most recent call last): > File "/pentest/database/sqlmap/_sqlmap.py", line 86, in main > start() > File "/pentest/database/sqlmap/lib/controller/controller.py", line 508, > in start > percent = (100.0 * len(getFilteredPageContent(kb.originalPage)) / > len(kb.originalPage)) > File "/pentest/database/sqlmap/lib/core/common.py", line 1589, in > getFilteredPageContent > retVal = > re.sub(r"(?s)<script.+?</script>|<!--.+?-->|<style.+?</style>%s" % > (r"|<[^>]+>|\t|\n|\r" if onlyText else ""), " ", page, flags=re.I) > TypeError: sub() got an unexpected keyword argument 'flags' > > |
|
From: m4l1c3 <mal...@gm...> - 2011-11-13 18:17:39
|
sqlmap version: 1.0-dev (r4503)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u ****************************************
--batch --dbs --technique=BU --random-agent --threads 10 --forms --level 2
--risk 2 --smart
Technique: None
Back-end DBMS: None (identified)
Traceback (most recent call last):
File "/pentest/database/sqlmap/_sqlmap.py", line 86, in main
start()
File "/pentest/database/sqlmap/lib/controller/controller.py", line 508,
in start
percent = (100.0 * len(getFilteredPageContent(kb.originalPage)) /
len(kb.originalPage))
File "/pentest/database/sqlmap/lib/core/common.py", line 1589, in
getFilteredPageContent
retVal =
re.sub(r"(?s)<script.+?</script>|<!--.+?-->|<style.+?</style>%s" %
(r"|<[^>]+>|\t|\n|\r" if onlyText else ""), " ", page, flags=re.I)
TypeError: sub() got an unexpected keyword argument 'flags'
|
|
From: m4l1c3 <mal...@gm...> - 2011-11-13 17:53:27
|
hi again
sqlmap version: 1.0-dev (r4503)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u
****************************************************************************************************************************************************************
--batch --dbs --technique=BU --random-agent --threads 10 --crawl 3 --level
2 --risk 2 --smart
Technique: None
Back-end DBMS: None (identified)
Traceback (most recent call last):
File "/pentest/database/sqlmap/_sqlmap.py", line 86, in main
start()
File "/pentest/database/sqlmap/lib/controller/controller.py", line 508,
in start
percent = (100.0 * len(getFilteredPageContent(kb.originalPage)) /
len(kb.originalPage))
File "/pentest/database/sqlmap/lib/core/common.py", line 1589, in
getFilteredPageContent
retVal =
re.sub(r"(?s)<script.+?</script>|<!--.+?-->|<style.+?</style>%s" %
(r"|<[^>]+>|\t|\n|\r" if onlyText else ""), " ", page, flags=re.I)
TypeError: sub() got an unexpected keyword argument 'flags'
|
|
From: Miroslav S. <mir...@gm...> - 2011-11-11 11:26:18
|
Hi rmillet. Thank you for your report and find it fixed in the latest commit. Kind regards, Miroslav Stampar p.s. as of that question issue. i've just put a suffix "otherwise", so now it looks like: "Do you want to follow redirects from now on (or stay on the original page otherwise)? [Y/n]" as there hasn't been any other complaints about the formation of this question (now it's little more clear) if we get more of those we'll change it to something else On Tue, Nov 8, 2011 at 9:47 PM, rmillet <rmi...@gm...> wrote: > Hi, > > I have some questions about the redirections in sqlmap. > > The command I used with version sqlmap/1.0-dev (r4495): > ./sqlmap.py -u > 'http://192.168.1.42/redirect.php?url=http%3A%2F%2F127.0.0.1%2Fpage' > > The page on redirect.php on 192.168.1.42 redirects with a 302 Location > header to http://127.0.0.1/page > > > Is it possible to desactivate following of redirections ? > > When it follows the redirection, sqlmap connects to 127.0.0.1 > - with in the Referer set to "http://192.168.1.42", is it normal that it is > not the original URL ? > - with Host header set to "192.168.1.42", this is a bug as it must be > "127.0.0.1" > > > Regards, > > > > ------------------------------------------------------------------------------ > RSA(R) Conference 2012 > Save $700 by Nov 18 > Register now > http://p.sf.net/sfu/rsa-sfdev2dev1 > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Bernardo D. A. G. <ber...@gm...> - 2011-11-10 14:24:18
|
This has been fixed last week. Bernardo On 20 October 2011 09:07, yarolinux back | track <yar...@gm...> wrote: > [03:04:51] [WARNING] HTTP error codes detected during testing: > 403 (Forbidden) - 1 times > > [03:04:51] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4009), retry > your run with the latest development version from the Subversion repository. > If the exception persists, please send by e-mail to > sql...@li... the following text and any information > required to reproduce the bug. The developers will try to reproduce the bug, > fix it accordingly and get back to you. > sqlmap version: 1.0-dev (r4009) > Python version: 2.6.5 > Operating system: posix > Command line: ./sqlmap.py -u > **************************************************************************** > --dbs --random-agent --tor > Technique: None > Back-end DBMS: None (identified) > Traceback (most recent call last): > File "./sqlmap.py", line 86, in main > start() > File "/pentest/database/sqlmap/lib/controller/controller.py", line 447, in > start > injection = checkSqlInjection(place, parameter, value) > File "/pentest/database/sqlmap/lib/controller/checks.py", line 324, in > checkSqlInjection > _ = Request.queryPage(genCmpPayload(), place, raise404=False) > File "/pentest/database/sqlmap/lib/request/connect.py", line 603, in > queryPage > page = removeReflectiveValues(page, payload) > File "/pentest/database/sqlmap/lib/core/common.py", line 2514, in > removeReflectiveValues > if regex.split(REFLECTED_NON_ALPHA_NUM_REGEX)[0].lower() in > content.lower(): # fast optimization check > UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 324: > ordinal not in range(128) > > [*] shutting down at: 03:04:51 > > > ------------------------------------------------------------------------------ > The demand for IT networking professionals continues to grow, and the > demand for specialized networking skills is growing even more rapidly. > Take a complimentary Learning@Ciosco Self-Assessment and learn > about Cisco certifications, training, and career opportunities. > http://p.sf.net/sfu/cisco-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: Unavailable |
|
From: Bernardo D. A. G. <ber...@gm...> - 2011-11-10 10:27:57
|
Give it a go to --string or --regexp.
Pass your requests through an HTTP proxy and see what happens, -v 3
could also give you a clue.
Bernardo
On 9 November 2011 06:13, <nig...@em...> wrote:
> Hi
>
> I have a problem with sqlmap. When i run sqlmap -u
> "http://website/notices/terms.php?co=ar" -random-agent --retries=6 --level 5
> --risk 3 -f -b --dbms=mysql. sqlmap can´t find the injection point at
> co=ar I ran this target with another 2 programms they found the the point
> and i can get all the data from the DB. It is a Blind sql injection. I tryed
> with drop-cookie preffix suffix text-only nothing helps everytime the same
> not injecetable. Any suggestion ???
>
> http://website/notices/terms.php?co=ar' and ${condition} and '1'='1 This is
> the worked injection.
>
> My sqlmap version is sqlmap/1.0-dev (r4489) Its Mysql 5
> ------------------------------------------------------------------------------
> RSA(R) Conference 2012
> Save $700 by Nov 18
> Register now
> http://p.sf.net/sfu/rsa-sfdev2dev1
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Bernardo Damele A. G.
E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)
PGP Key ID: Unavailable
|
|
From: Miroslav S. <mir...@gm...> - 2011-11-10 08:12:03
|
Hi Devon. Yes, it was the case until r4386. Bad design as we haven't expected such large dumps. You have a bad luck because you are using r4381 and from r4386 on SQLite is used for storing "resuming" queries - no more MemoryError(s) on resume and far better memory management. Only problem is that you would need to update to the latest revision and redo the whole process including --flush-session to have that mechanism incorporated. So, please, do the updates as frequently as you can Kind regards, Miroslav Stampar On Wed, Nov 9, 2011 at 3:43 PM, Devon <dev...@ao...> wrote: > Hello, > I've been dumping a fairly large database with sqlmap over the past week, > and I have ran into a problem trying to resume the dump. It's running out > of memory and killing the process. The output/xxxxxxxx/session file is > 1.1GB, and the system I'm duping it with has 4GB of ram. From what I can > tell, the python code is loading the entire file into memory, rather than > reading it line-by-line which is why it's dying. I looked in > /var/log/kern.log (I'm running Ubuntu) and it shows that it's simply running > out of memory. > This is 100% reproducable now, and happens every time I run it. > > [19:14:58] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4381), retry > your run with the latest development version from the Subversion repository. > If the exception persists, please send by e-mail to > sql...@li... the following text and any information > required to reproduce the bug. The developers will try to reproduce the bug, > fix it accordingly and get back to you. > sqlmap version: 1.0-dev (r4381) > Python version: 2.7.1+ > Operating system: posix > Command line: ./sqlmap.py --random-agent -u > *********************************** > --data=txtUserName=pKza&txtPassword=FYwn&Login=Login -p txtUserName -D > ****** --threads=5 --dump > Technique: None > Back-end DBMS: None (identified) > Traceback (most recent call last): > File "/opt/sqlmap/_sqlmap.py", line 86, in main > start() > File "/opt/sqlmap/lib/controller/controller.py", line 325, in start > setupTargetEnv() > File "/opt/sqlmap/lib/core/target.py", line 355, in setupTargetEnv > __setOutputResume() > File "/opt/sqlmap/lib/core/target.py", line 185, in __setOutputResume > for line in readSessionFP.readlines(): # xreadlines doesn't return > unicode strings when codec.open() is used > File "/usr/lib/python2.7/codecs.py", line 679, in readlines > return self.reader.readlines(sizehint) > File "/usr/lib/python2.7/codecs.py", line 588, in readlines > data = self.read() > File "/usr/lib/python2.7/codecs.py", line 477, in read > newchars, decodedbytes = self.decode(data, self.errors) > MemoryError > [*] shutting down at 19:14:58 > > ------------------------------------------------------------------------------ > RSA(R) Conference 2012 > Save $700 by Nov 18 > Register now > http://p.sf.net/sfu/rsa-sfdev2dev1 > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: David A. <dav...@gm...> - 2011-11-09 16:58:04
|
Hi Bernardo, Thank you very much for the quick reply. On Tue, Nov 8, 2011 at 2:58 PM, Bernardo Damele A. G. < ber...@gm...> wrote: > Hi David, > > On 8 November 2011 13:13, David Alvarez <dav...@gm...> wrote: > > ... > > The problem is that sqlmap is not able to detect differences because when > > sqlmap execute A) the value will be locked, so the following requests > won't > > modify the results in the database, the item is locked, and all responses > > will be equal. > > To unlock the item, you have to execute another functionality.So, how > does > > sqlmap deal in these situations? > > What do you mean by "execute another functionality"? If you just need > to perform a certain GET request, then fine, sqlmap can do it. Use > switches: > --safe-url=SAFURL Url address to visit frequently during testing > --safe-freq=SAFREQ Test requests between two visits to a given safe url > > Refer to the user's manual for details. > > I will use those switches, although my functionality is a POST request. But I can convert from GET to POST with a proxy in the middle. > > A solution could be provide the unlock request and execute that > funcionality > > after every request made by sqlmap, in order to unlock the item and > detect > > changes in the responses. However, this duplicates the number of requests > > needed. > > At the moment --safe-url only supports a GET request, we can think of > making it able to get the raw request from a text file instead so it > would also support POST (like for -r). > > Cheers, > Bernardo > > > -- > Bernardo Damele A. G. > > E-mail / Jabber: bernardo.damele (at) gmail.com > Mobile: +447788962949 (UK 07788962949) > PGP Key ID: Unavailable > Cheers, David |
|
From: Devon <dev...@ao...> - 2011-11-09 16:09:27
|
As a follow up to my previous post, I think this should summarize what I was attempting to say. The issue causing the memory error appears to be on line 210 of lib/core/target.py:
for line in readSessionFP.readlines(): # xreadlines doesn't return unicode strings when codec.open() is used
I can demonstrate the error like this:
$ python
Python 2.7.1+ (r271:86832, Apr 11 2011, 18:13:53)
[GCC 4.5.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import codecs
>>> f = codecs.open('session', 'r', 'utf8', 'replace')
>>> i = 0
>>> for line in f.readlines():
... i += 1
...
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/codecs.py", line 679, in readlines
return self.reader.readlines(sizehint)
File "/usr/lib/python2.7/codecs.py", line 588, in readlines
data = self.read()
File "/usr/lib/python2.7/codecs.py", line 477, in read
newchars, decodedbytes = self.decode(data, self.errors)
MemoryError
>>>
However, you can read the file successfully like this:
$ python
Python 2.7.1+ (r271:86832, Apr 11 2011, 18:13:53)
[GCC 4.5.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import codecs
>>> f = codecs.open('session', 'r', 'utf8', 'replace')
>>> i = 0
>>> for line in f:
... i += 1
...
>>>
I changed line 210 to this and it appeared to work, although I do not know of any side-effects (if any).
for line in readSessionFP: # xreadlines doesn't return unicode strings when codec.open() is used
|
|
From: Devon <dev...@ao...> - 2011-11-09 14:44:25
|
Hello,
I've been dumping a fairly large database with sqlmap over the past week, and I have ran into a problem trying to resume the dump. It's running out of memory and killing the process. The output/xxxxxxxx/session file is 1.1GB, and the system I'm duping it with has 4GB of ram. From what I can tell, the python code is loading the entire file into memory, rather than reading it line-by-line which is why it's dying. I looked in /var/log/kern.log (I'm running Ubuntu) and it shows that it's simply running out of memory.
This is 100% reproducable now, and happens every time I run it.
[19:14:58] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4381), retry your run with the latest development version from the Subversion repository. If the exception persists, please send by e-mail to sql...@li... the following text and any information required to reproduce the bug. The developers will try to reproduce the bug, fix it accordingly and get back to you.
sqlmap version: 1.0-dev (r4381)
Python version: 2.7.1+
Operating system: posix
Command line: ./sqlmap.py --random-agent -u *********************************** --data=txtUserName=pKza&txtPassword=FYwn&Login=Login -p txtUserName -D ****** --threads=5 --dump
Technique: None
Back-end DBMS: None (identified)
Traceback (most recent call last):
File "/opt/sqlmap/_sqlmap.py", line 86, in main
start()
File "/opt/sqlmap/lib/controller/controller.py", line 325, in start
setupTargetEnv()
File "/opt/sqlmap/lib/core/target.py", line 355, in setupTargetEnv
__setOutputResume()
File "/opt/sqlmap/lib/core/target.py", line 185, in __setOutputResume
for line in readSessionFP.readlines(): # xreadlines doesn't return unicode strings when codec.open() is used
File "/usr/lib/python2.7/codecs.py", line 679, in readlines
return self.reader.readlines(sizehint)
File "/usr/lib/python2.7/codecs.py", line 588, in readlines
data = self.read()
File "/usr/lib/python2.7/codecs.py", line 477, in read
newchars, decodedbytes = self.decode(data, self.errors)
MemoryError
[*] shutting down at 19:14:58
|
|
From: <nig...@em...> - 2011-11-09 06:13:18
|
<html><head></head><body bgcolor='#FFFFFF' style='font-size:10pt;background-color:#FFFFFF;font-family:Verdana, Arial, sans-serif;'>Hi<br/><br/>I have a problem with sqlmap. When i run sqlmap -u "http://website/notices/terms.php?co=ar" -random-agent --retries=6 --level 5 --risk 3 -f -b --dbms=mysql. sqlmap can´t find the injection point at co=ar I ran this target with another 2 programms they found the the point and i can get all the data from the DB. It is a Blind sql injection. I tryed with drop-cookie preffix suffix text-only nothing helps everytime the same not injecetable. Any suggestion ???<br/><br/>http://website/notices/terms.php?co=ar' and ${condition} and '1'='1 This is the worked injection.<br/><br/>My sqlmap version is sqlmap/1.0-dev (r4489) Its Mysql 5</body></html>
|
48 messages has been excluded from this view by a project administrator.
