Thread: [sqlmap-users] provide full path document root

Brought to you by: inquisb

This project can now be found here.

sqlmap-users

[sqlmap-users] provide full path document root

From: Pagera <pag...@gm...> - 2010-03-22 12:18:47

hello and hope u fine
 
when im trying --os-shell with --msf
after a while is give me a message like
please provide full path document root
how can i know the full path ?

is there any way to know the path document root full path from sqlmap?
or i have to use another tool to get job done?

and thank for help

Re: [sqlmap-users] provide full path document root

From: Patrick W. <pa...@au...> - 2010-03-23 14:09:18

Try information disclosure stuff... like umm, manual, Nikto or .. something ;p

I suppose sqlmap could predetermine this if necessary under specific
circumstances (devs!)... but we do it manually and it depends on
permissions of operating systems, folders and files.

-Patrick

On Mon, Mar 22, 2010 at 11:20 PM, Pagera <pag...@gm...> wrote:
> hello and hope u fine
>
> when im trying --os-shell with --msf
> after a while is give me a message like
> please provide full path document root
> how can i know the full path ?
>
> is there any way to know the path document root full path from sqlmap?
> or i have to use another tool to get job done?
>
> and thank for help
>
> ------------------------------------------------------------------------------
> Download Intel&#174; Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>

Re: [sqlmap-users] provide full path document root

From: Bernardo D. A. G. <ber...@gm...> - 2010-03-25 10:23:49

Try DirBuster, http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
sqlmap has limited regular expression to detect file system paths so far.

Bernardo


On Mon, Mar 22, 2010 at 12:20, Pagera <pag...@gm...> wrote:
> hello and hope u fine
>
> when im trying --os-shell with --msf
> after a while is give me a message like
> please provide full path document root
> how can i know the full path ?
>
> is there any way to know the path document root full path from sqlmap?
> or i have to use another tool to get job done?
>
> and thank for help
>
> ------------------------------------------------------------------------------
> Download Intel&#174; Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Bernardo Damele A. G.

E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)
PGP Key ID: 0x05F5A30F

[sqlmap-users] Blind SQL Injection

From: Pagera <pag...@gm...> - 2010-03-25 21:15:10

Hello and hope fine
thank bernardo for the  DirBuster

a question about Blind sql injection
does SQLMap support this mode?

i used --UNION-USE but it failed .. i have a vulnerable url
im able to view all database information by manipulating the http url 
like "version() , etc
but when im using SQLMap the result is that this url is not vulnerable!!!

im wondering if its cuz of not supporting Blind Mode?

and thank for help

Re: [sqlmap-users] Blind SQL Injection

From: David G. <sk...@gm...> - 2010-03-26 00:20:49

Try passing --string parameter to sqlmap.

--string=STRING     String to match in page when the query is valid

On Thu, Mar 25, 2010 at 6:18 PM, Pagera <pag...@gm...> wrote:

> Hello and hope fine
> thank bernardo for the  DirBuster
>
> a question about Blind sql injection
> does SQLMap support this mode?
>
> i used --UNION-USE but it failed .. i have a vulnerable url
> im able to view all database information by manipulating the http url
> like "version() , etc
> but when im using SQLMap the result is that this url is not vulnerable!!!
>
> im wondering if its cuz of not supporting Blind Mode?
>
> and thank for help
>
>
>
>
> ------------------------------------------------------------------------------
> Download Intel&#174; Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
David Gomes Guimarães

Re: [sqlmap-users] Blind SQL Injection

From: Pagera <pag...@gm...> - 2010-03-26 14:32:45

hello

it didnt wrok

what im trying to do is
sqlmap -u "http://example.com/images.php?id=10" --string="id"

the url is vulnerable cuz when i use the browser with

http://example.com/images.php?id=10 and 1=2
im able to see the MySql error and i tried so much function like 
version() it works
i also used 
http://example.com/images.php?id=10 union select 
1,2,3,group_concat(table_name),5,6,7 from information_schema.tables
and i got the table names

but when using sqlmap there is nothing it acts like the url is not 
vulnerable
i also used --prefix="id"  --postfix="1=1"

and also nothing




David Guimaraes wrote:
> Try passing --string parameter to sqlmap.
>
> --string=STRING     String to match in page when the query is valid
>
> On Thu, Mar 25, 2010 at 6:18 PM, Pagera <pag...@gm... 
> <mailto:pag...@gm...>> wrote:
>
>     Hello and hope fine
>     thank bernardo for the  DirBuster
>
>     a question about Blind sql injection
>     does SQLMap support this mode?
>
>     i used --UNION-USE but it failed .. i have a vulnerable url
>     im able to view all database information by manipulating the http url
>     like "version() , etc
>     but when im using SQLMap the result is that this url is not
>     vulnerable!!!
>
>     im wondering if its cuz of not supporting Blind Mode?
>
>     and thank for help
>
>
>
>     ------------------------------------------------------------------------------
>     Download Intel&#174; Parallel Studio Eval
>     Try the new software tools for yourself. Speed compiling, find bugs
>     proactively, and fine-tune applications for parallel performance.
>     See why Intel Parallel Studio got high marks during beta.
>     http://p.sf.net/sfu/intel-sw-dev
>     _______________________________________________
>     sqlmap-users mailing list
>     sql...@li...
>     <mailto:sql...@li...>
>     https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
>
>
> -- 
> David Gomes Guimarães

Re: [sqlmap-users] Blind SQL Injection

From: Bernardo D. A. G. <ber...@gm...> - 2010-04-29 10:57:28

Please, read carefully the user's manual (doc/README.pdf) for details
on --string.

Bernardo


On Fri, Mar 26, 2010 at 16:36, Pagera <pag...@gm...> wrote:
> hello
>
> it didnt wrok
>
> what im trying to do is
> sqlmap -u "http://example.com/images.php?id=10" --string="id"
>
> the url is vulnerable cuz when i use the browser with
>
> http://example.com/images.php?id=10 and 1=2
> im able to see the MySql error and i tried so much function like
> version() it works
> i also used
> http://example.com/images.php?id=10 union select
> 1,2,3,group_concat(table_name),5,6,7 from information_schema.tables
> and i got the table names
>
> but when using sqlmap there is nothing it acts like the url is not
> vulnerable
> i also used --prefix="id"  --postfix="1=1"
>
> and also nothing
>
>
>
>
> David Guimaraes wrote:
>> Try passing --string parameter to sqlmap.
>>
>> --string=STRING     String to match in page when the query is valid
>>
>> On Thu, Mar 25, 2010 at 6:18 PM, Pagera <pag...@gm...
>> <mailto:pag...@gm...>> wrote:
>>
>>     Hello and hope fine
>>     thank bernardo for the  DirBuster
>>
>>     a question about Blind sql injection
>>     does SQLMap support this mode?
>>
>>     i used --UNION-USE but it failed .. i have a vulnerable url
>>     im able to view all database information by manipulating the http url
>>     like "version() , etc
>>     but when im using SQLMap the result is that this url is not
>>     vulnerable!!!
>>
>>     im wondering if its cuz of not supporting Blind Mode?
>>
>>     and thank for help
>>
>>
>>
>>     ------------------------------------------------------------------------------
>>     Download Intel&#174; Parallel Studio Eval
>>     Try the new software tools for yourself. Speed compiling, find bugs
>>     proactively, and fine-tune applications for parallel performance.
>>     See why Intel Parallel Studio got high marks during beta.
>>     http://p.sf.net/sfu/intel-sw-dev
>>     _______________________________________________
>>     sqlmap-users mailing list
>>     sql...@li...
>>     <mailto:sql...@li...>
>>     https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>>
>>
>> --
>> David Gomes Guimarães
>
>
> ------------------------------------------------------------------------------
> Download Intel&#174; Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Bernardo Damele A. G.

E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)
PGP Key ID: 0x05F5A30F