sqlmap-users

[sqlmap-users] New Bug

[<nig...@em...>]

Hi,

I found a new Bug.


[06:00:07] [INFO] testing connection to the target url
[06:00:23] [CRITICAL] page not found (404)
it is not recommended to continue in this kind of cases. Do you want to quit and make sure that ever
ything is set up properly? [Y/n] n
[06:00:59] [INFO] testing if the url is stable, wait a few seconds
[06:01:03] [WARNING] url is not stable, sqlmap will base the page comparison on a sequence matcher.
If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's ma
nual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] s
[06:05:00] [INFO] finding static words in longest matching part of dynamic page content
[06:05:00] [WARNING] HTTP error codes detected during testing:
404 (Not Found) - 2 times


[06:05:00] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4577), retry your run with the latest
development version from the Subversion repository. If the exception persists, please send by e-mail
 to sql...@li... the following text and any information required to reproduce
the bug. The developers will try to reproduce the bug, fix it accordingly and get back to you.
sqlmap version: 1.0-dev (r4577)
Python version: 2.7.2
Operating system: nt
Command line: C:\test\sqlmap-0-9\sqlmap.py -u ********************* --crawl=10 -
-threads=6 --random-agent --retries=6 --level 5 --risk 3 -f -b --dbms=mysql
Technique: None
Back-end DBMS: MySQL (identified)
Traceback (most recent call last):
  File "C:\test\sqlmap-0-9\_sqlmap.py", line 86, in main
    start()
  File "C:\test\sqlmap-0-9\lib\controller\controller.py", line 377, in start
    checkStability()
  File "C:\test\sqlmap-0-9\lib\controller\checks.py", line 775, in checkStabilit
y
    showStaticWords(firstPage, secondPage)
  File "C:\test\sqlmap-0-9\lib\core\common.py", line 1633, in showStaticWords
    match = SequenceMatcher(None, firstPage, secondPage).find_longest_match(0, len(firstPage), 0, le
n(secondPage))
TypeError: object of type 'NoneType' has no len()

[*] shutting down at 06:05:00

[sqlmap-users] error when load a large session file

[CoeTs7 <tm...@ho...>]

hi, veryone:first thanks for the improvement the dev team have done. Again  i met another problem today:i want to dump a large table into a csv format file using --dump,  but the process is interrupted.  so i restart the sqlmap to go on dumping process. but sqlmap exited with this error:sqlmap version: 1.0-dev (r4577)Python version: 2.6.5Operating system: posixCommand line: /root/sqlmap-dev/sqlmap.py -u ************************************ --data __EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTExNTc0NTExMDFkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQhidG5Mb2dpbp3vdb50NBPJYzWlZFZWJJY9toPi&__EVENTVALIDATION=%2FwEWBAKpi5vuDwKl1bKzCQK1qbSRCwKC3IeGDFW12pkpDGT2BoBndGNsu1HoD82G&txtUserName=testf&txtPassword=test&btnLogin.x=18&btnLogin.y=9 -p txtUserName --technique=E -D ***** -T **************** --dump --thread 10Technique: NoneBack-end DBMS: None (identified)Traceback (most recent call last):  File "/root/sqlmap-dev/_sqlmap.py", line 86, in main    start()  File "/root/sqlmap-dev/lib/controller/controller.py", line 335, in start    setupTargetEnv()  File "/root/sqlmap-dev/lib/core/target.py", line 397, in setupTargetEnv    __setOutputResume()  File "/root/sqlmap-dev/lib/core/target.py", line 220, in __setOutputResume    for line in readSessionFP.readlines(): # xreadlines doesn't return unicode strings when codec.open() is used  File "/usr/lib/python2.6/codecs.py", line 674, in readlines    return self.reader.readlines(sizehint)  File "/usr/lib/python2.6/codecs.py", line 583, in readlines    data = self.read()  File "/usr/lib/python2.6/codecs.py", line 472, in read    newchars, decodedbytes = self.decode(data, self.errors)MemoryErrorthe session file is about 800MB.  i think the problem is that sqlmap is trying to load the whole session file into memory but there is no enough  memory left. is there any solution to solve this big file problem ?  thx a lot. 

Regards,
tm3y


 		 	   		  

Re: [sqlmap-users] error when load a large session file

[Miroslav S. <mir...@gm...>]

Hi.

This is odd ass now SQLite is used for SQL responses. Could.you please take
a look into it (at least 'tail' of it) and report what's stored inside?

Kind regards
On Dec 10, 2011 2:14 PM, "CoeTs7" <tm...@ho...> wrote:

>  hi, veryone:
> first thanks for the improvement the dev team have done. Again  i met
> another problem today:
> i want to dump a large table into a csv format file using --dump,  but the
> process is interrupted.  so i restart the sqlmap to go on dumping process.
> but sqlmap exited with this error:
>
> *sqlmap version: 1.0-dev (r4577)*
> *Python version: 2.6.5*
> *Operating system: posix*
> *Command line: /root/sqlmap-dev/sqlmap.py -u
> ************************************ --data
> __EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTExNTc0NTExMDFkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQhidG5Mb2dpbp3vdb50NBPJYzWlZFZWJJY9toPi&__EVENTVALIDATION=%2FwEWBAKpi5vuDwKl1bKzCQK1qbSRCwKC3IeGDFW12pkpDGT2BoBndGNsu1HoD82G&txtUserName=testf&txtPassword=test&btnLogin.x=18&btnLogin.y=9
> -p txtUserName --technique=E -D ***** -T **************** --dump --thread 10
> *
> *Technique: None*
> *Back-end DBMS: None (identified)*
> *Traceback (most recent call last):*
> *  File "/root/sqlmap-dev/_sqlmap.py", line 86, in main*
> *    start()*
> *  File "/root/sqlmap-dev/lib/controller/controller.py", line 335, in
> start*
> *    setupTargetEnv()*
> *  File "/root/sqlmap-dev/lib/core/target.py", line 397, in setupTargetEnv
> *
> *    __setOutputResume()*
> *  File "/root/sqlmap-dev/lib/core/target.py", line 220, in
> __setOutputResume*
> *    for line in readSessionFP.readlines(): # xreadlines doesn't return
> unicode strings when codec.open() is used*
> *  File "/usr/lib/python2.6/codecs.py", line 674, in readlines*
> *    return self.reader.readlines(sizehint)*
> *  File "/usr/lib/python2.6/codecs.py", line 583, in readlines*
> *    data = self.read()*
> *  File "/usr/lib/python2.6/codecs.py", line 472, in read*
> *    newchars, decodedbytes = self.decode(data, self.errors)*
> *MemoryError*
>
> the session file is about 800MB.  i think the problem is that sqlmap is
> trying to load the whole session file into memory but there is no enough
>  memory left.
> is there any solution to solve this big file problem ?  thx a lot.
>
>
> Regards,
> tm3y
>
>
>
>
> ------------------------------------------------------------------------------
> Learn Windows Azure Live!  Tuesday, Dec 13, 2011
> Microsoft is holding a special Learn Windows Azure training event for
> developers. It will provide a great way to learn Windows Azure and what it
> provides. You can attend the event by watching it streamed LIVE online.
> Learn more at http://p.sf.net/sfu/ms-windowsazure
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>

Re: [sqlmap-users] error when load a large session file

[Miroslav S. <mir...@gm...>]

Hi.

Find it fixed in the latest commit. There shouldn't be such large session
files in future.

Now, please before you try it again just do the following (just strip the
rest after for example first 20 lines from the original session file):
head -20 <session_file> > tmp
mv tmp <session_file>

Kind regards,
Miroslav Stampar

On Sun, Dec 11, 2011 at 9:32 AM, Miroslav Stampar <
mir...@gm...> wrote:

> Hi.
>
> This is odd ass now SQLite is used for SQL responses. Could.you please
> take a look into it (at least 'tail' of it) and report what's stored inside?
>
> Kind regards
> On Dec 10, 2011 2:14 PM, "CoeTs7" <tm...@ho...> wrote:
>
>>  hi, veryone:
>> first thanks for the improvement the dev team have done. Again  i met
>> another problem today:
>> i want to dump a large table into a csv format file using --dump,  but
>> the process is interrupted.  so i restart the sqlmap to go on dumping
>> process. but sqlmap exited with this error:
>>
>> *sqlmap version: 1.0-dev (r4577)*
>> *Python version: 2.6.5*
>> *Operating system: posix*
>> *Command line: /root/sqlmap-dev/sqlmap.py -u
>> ************************************ --data
>> __EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTExNTc0NTExMDFkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQhidG5Mb2dpbp3vdb50NBPJYzWlZFZWJJY9toPi&__EVENTVALIDATION=%2FwEWBAKpi5vuDwKl1bKzCQK1qbSRCwKC3IeGDFW12pkpDGT2BoBndGNsu1HoD82G&txtUserName=testf&txtPassword=test&btnLogin.x=18&btnLogin.y=9
>> -p txtUserName --technique=E -D ***** -T **************** --dump --thread 10
>> *
>> *Technique: None*
>> *Back-end DBMS: None (identified)*
>> *Traceback (most recent call last):*
>> *  File "/root/sqlmap-dev/_sqlmap.py", line 86, in main*
>> *    start()*
>> *  File "/root/sqlmap-dev/lib/controller/controller.py", line 335, in
>> start*
>> *    setupTargetEnv()*
>> *  File "/root/sqlmap-dev/lib/core/target.py", line 397, in
>> setupTargetEnv*
>> *    __setOutputResume()*
>> *  File "/root/sqlmap-dev/lib/core/target.py", line 220, in
>> __setOutputResume*
>> *    for line in readSessionFP.readlines(): # xreadlines doesn't return
>> unicode strings when codec.open() is used*
>> *  File "/usr/lib/python2.6/codecs.py", line 674, in readlines*
>> *    return self.reader.readlines(sizehint)*
>> *  File "/usr/lib/python2.6/codecs.py", line 583, in readlines*
>> *    data = self.read()*
>> *  File "/usr/lib/python2.6/codecs.py", line 472, in read*
>> *    newchars, decodedbytes = self.decode(data, self.errors)*
>> *MemoryError*
>>
>> the session file is about 800MB.  i think the problem is that sqlmap is
>> trying to load the whole session file into memory but there is no enough
>>  memory left.
>> is there any solution to solve this big file problem ?  thx a lot.
>>
>>
>> Regards,
>> tm3y
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Learn Windows Azure Live!  Tuesday, Dec 13, 2011
>> Microsoft is holding a special Learn Windows Azure training event for
>> developers. It will provide a great way to learn Windows Azure and what it
>> provides. You can attend the event by watching it streamed LIVE online.
>> Learn more at http://p.sf.net/sfu/ms-windowsazure
>> _______________________________________________
>> sqlmap-users mailing list
>> sql...@li...
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>


-- 
Miroslav Stampar
http://about.me/stamparm

Re: [sqlmap-users] New Bug

[Miroslav S. <mir...@gm...>]

Thank you. Find it fixed and committed in current revision.

Kind regards

On Sat, Dec 10, 2011 at 7:04 AM, <nig...@em...> wrote:

> Hi,
>
> I found a new Bug.
>
>
> [06:00:07] [INFO] testing connection to the target url
> [06:00:23] [CRITICAL] page not found (404)
> it is not recommended to continue in this kind of cases. Do you want to
> quit and make sure that ever
> ything is set up properly? [Y/n] n
> [06:00:59] [INFO] testing if the url is stable, wait a few seconds
> [06:01:03] [WARNING] url is not stable, sqlmap will base the page
> comparison on a sequence matcher.
> If no dynamic nor injectable parameters are detected, or in case of junk
> results, refer to user's ma
> nual paragraph 'Page comparison' and provide a string or regular
> expression to match on
> how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] s
> [06:05:00] [INFO] finding static words in longest matching part of dynamic
> page content
> [06:05:00] [WARNING] HTTP error codes detected during testing:
> 404 (Not Found) - 2 times
>
>
> [06:05:00] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4577), retry
> your run with the latest
> development version from the Subversion repository. If the exception
> persists, please send by e-mail
>  to sql...@li... the following text and any
> information required to reproduce
> the bug. The developers will try to reproduce the bug, fix it accordingly
> and get back to you.
> sqlmap version: 1.0-dev (r4577)
> Python version: 2.7.2
> Operating system: nt
> Command line: C:\test\sqlmap-0-9\sqlmap.py -u *********************
> --crawl=10 -
> -threads=6 --random-agent --retries=6 --level 5 --risk 3 -f -b --dbms=mysql
> Technique: None
> Back-end DBMS: MySQL (identified)
> Traceback (most recent call last):
>   File "C:\test\sqlmap-0-9\_sqlmap.py", line 86, in main
>     start()
>   File "C:\test\sqlmap-0-9\lib\controller\controller.py", line 377, in
> start
>     checkStability()
>   File "C:\test\sqlmap-0-9\lib\controller\checks.py", line 775, in
> checkStabilit
> y
>     showStaticWords(firstPage, secondPage)
>   File "C:\test\sqlmap-0-9\lib\core\common.py", line 1633, in
> showStaticWords
>     match = SequenceMatcher(None, firstPage,
> secondPage).find_longest_match(0, len(firstPage), 0, le
> n(secondPage))
> TypeError: object of type 'NoneType' has no len()
>
> [*] shutting down at 06:05:00
>
>
>
> ------------------------------------------------------------------------------
> Learn Windows Azure Live!  Tuesday, Dec 13, 2011
> Microsoft is holding a special Learn Windows Azure training event for
> developers. It will provide a great way to learn Windows Azure and what it
> provides. You can attend the event by watching it streamed LIVE online.
> Learn more at http://p.sf.net/sfu/ms-windowsazure
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm