sqlmap-users

[sqlmap-users] sqlmap --start and --stop command problem!

[<Bri...@gm...>]

Hello,

I tried to dump some infos from Tables using the optional options --start and --stop, but it always gives me out the first entry till the last of the Table and not as specified starting from the 2nd till the 4th.

The valnerable site is using MySQL >= 5.0.0 so there shouldnt be a problem with using information_schema.

...\sqlmap-0.7_exe\sqlmap.exe" -u "http://www.xxxxx.php?userid=x" --dump -T TABLES -D information_schema --start 2 --stop 4

I tried it also with other options like this one:

...\sqlmap-0.7_exe\sqlmap.exe" -u "http://www.xxxxx.php?userid=x" --tables -D information_schema --start 2 --stop 4

or with the syntax from the pdf README:
--start=
--stop=

...\sqlmap-0.7_exe\sqlmap.exe" -u "http://www.xxxxx.php?userid=x" --dump -T TABLES -D information_schema --start=2 --stop=4

or this one:
sqlmap-0.7_exe\sqlmap.exe" -u http://www.xxxxx.php?userid=x --dump -T TAB
LE_NAME --start=58 --stop=98

[00:52:38] [INFO] fetching number of columns for table 'TABLE_NAME' on database'xxx'
[00:52:38] [INFO] retrieved: 0
[00:52:55] [ERROR] unable to retrieve the number of columns for table 'TABLE_NAME' on database 'xxx'

Nothing worked i tried also when I only used --start and no --stop, I would be really glad if you can help me.

Another question I have is about the option --passwords

for example it gives me this error message:
when i tried the option --passwords together with -U option.

"[ERROR] unable to retrieve the password hashes for the database users"

Why does the program tries to dump it from the database "users", I never speciefied it to search on this database, does the program use it as standard DBS for the --password option and can I change it?

I would really appreciate to get any help on these questions.






-- 
NEU: Mit GMX DSL über 1000,- ¿ sparen!
http://portal.gmx.net/de/go/dsl02

Re: [sqlmap-users] sqlmap --start and --stop command problem!

[Bernardo D. A. G. <ber...@gm...>]

Brian,

On Mon, Feb 15, 2010 at 22:41,  <Bri...@gm...> wrote:
> ...
> I tried to dump some infos from Tables using the optional options --start and --stop, but it always gives me out the first entry till the last of the Table and not as specified starting from the 2nd till the 4th.
>
> The valnerable site is using MySQL >= 5.0.0 so there shouldnt be a problem with using information_schema.
>
> ...\sqlmap-0.7_exe\sqlmap.exe" -u "http://www.xxxxx.php?userid=x" --dump -T TABLES -D information_schema --start 2 --stop 4

This is fixed since a few weeks in the development version, you can
grab a copy from the subversion repository.

> I tried it also with other options like this one:
>
> ...\sqlmap-0.7_exe\sqlmap.exe" -u "http://www.xxxxx.php?userid=x" --tables -D information_schema --start 2 --stop 4

--start and --stop work only in conjunction with --dump and --dump-all
at the moment, this is by design.

> or with the syntax from the pdf README:
> --start=
> --stop=
> ...

Both syntaxes work the same way.

> or this one:
> sqlmap-0.7_exe\sqlmap.exe" -u http://www.xxxxx.php?userid=x --dump -T TAB
> LE_NAME --start=58 --stop=98
>
> [00:52:38] [INFO] fetching number of columns for table 'TABLE_NAME' on database'xxx'
> [00:52:38] [INFO] retrieved: 0
> [00:52:55] [ERROR] unable to retrieve the number of columns for table 'TABLE_NAME' on database 'xxx'

Is the DB user privileged enough to access 'information_schema'
database? If so, give a try to sqlmap development version.

> ...
> Another question I have is about the option --passwords
>
> for example it gives me this error message:
> when i tried the option --passwords together with -U option.
>
> "[ERROR] unable to retrieve the password hashes for the database users"

Are you sure that the provided user (-U) exist? Check with --users.
Are you sure that the DB user is privileged enough to access the
'mysql' database?

> Why does the program tries to dump it from the database "users", I never speciefied it to search on this database, does the program use it as standard DBS for the --password option and can I change it?

It uses 'mysql.user' or 'information_schema' depending on the MySQL
version, see yourself the SQL queries used in xml/queries.xml file.

-- 
Bernardo Damele A. G.

E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)
PGP Key ID: 0x05F5A30F