Thread: [sqlmap-users] SQLmap -l option bug
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users
|
From: Karel M. <rez...@se...> - 2012-10-07 11:37:30
|
Hello, I came across a bug while using sqlmap with -l parameter. I have burp log file with following content (only one request to https port): ====================================================== 12:40:22 https://www.xxx.cz:443 [81.91.80.92] ====================================================== GET /index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 HTTP/1.1 Host: www.xxx.cz User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: https://www.xxx.cz/ Cookie: __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); theme_cookie=life; e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; __utmc=148540003 Cache-Control: max-age=0 ====================================================== Then I start sqlmap this way: ./sqlmap.py -l /root/burp.log --batch --threads=10 --scope=www.xxx.cz And sqlmap instead of sending request to https (443) port it will use http (80) port instead: --------------------------------------------------------- [13:21:55] [INFO] using regular expression 'www.xxx.cz' for filtering targets [13:21:55] [INFO] sqlmap parsed 1 testable requests from the targets list [13:21:55] [INFO] url 1: GET http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 Cookie: __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); theme_cookie=life; e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; __utmc=148540003 do you want to test this url? [Y/n/q] > Y [snip] --------------------------------------------------------- Could you please fix this? Regards Karel Marhoul |
|
From: Miroslav S. <mir...@gm...> - 2012-10-09 08:30:31
|
Hi Karel. Strictly speaking there is no bug here. If you take a look carefully into the HTTP request inside you'll see that there is no mention of either HTTPS nor 443 inside the request itself. It seems like the request came from the https page (referer header), but landed toward the HTTP land. I would suggest you to just try to append the :443 to the Host header value (Host: www.xxx.cz -> Host: www.xxx.cz:443) Kind regards, Miroslav Stampar On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul <rez...@se...> wrote: > Hello, I came across a bug while using sqlmap with -l parameter. I have > burp log file with following content (only one request to https port): > > ====================================================== > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > ====================================================== > GET > > /index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 > HTTP/1.1 > Host: www.xxx.cz > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 > Firefox/15.0.1 > Accept: image/png,image/*;q=0.8,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip, deflate > Connection: keep-alive > Referer: https://www.xxx.cz/ > Cookie: __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; > > __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); > theme_cookie=life; > e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > Cache-Control: max-age=0 > > ====================================================== > > Then I start sqlmap this way: > > ./sqlmap.py -l /root/burp.log --batch --threads=10 --scope=www.xxx.cz > > And sqlmap instead of sending request to https (443) port it will use > http (80) port instead: > > --------------------------------------------------------- > [13:21:55] [INFO] using regular expression 'www.xxx.cz' for filtering > targets > [13:21:55] [INFO] sqlmap parsed 1 testable requests from the targets list > [13:21:55] [INFO] url 1: > GET > > http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 > Cookie: __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; > > __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); > theme_cookie=life; > e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > do you want to test this url? [Y/n/q] > > Y > [snip] > --------------------------------------------------------- > > Could you please fix this? > > Regards > > Karel Marhoul > > > ------------------------------------------------------------------------------ > Don't let slow site performance ruin your business. Deploy New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and .NET app > Try New Relic at no cost today and get our sweet Data Nerd shirt too! > http://p.sf.net/sfu/newrelic-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar http://about.me/stamparm |
|
From: Karel M. <rez...@se...> - 2012-10-09 08:44:24
|
Hello Miroslav, there is a mention of port 443 in the request "preamble", see: > ====================================================== > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > ====================================================== That specific request came from HTTPS page and landed toward HTTP, I'm sure of that. I suggest sqlmap log parser should first look at the port in the request preamble and then send the request to this port - is that possible to implement? Regards Karel On 9.10.2012 10:30, Miroslav Stampar wrote: > Hi Karel. > > Strictly speaking there is no bug here. If you take a look carefully > into the HTTP request inside you'll see that there is no mention of > either HTTPS nor 443 inside the request itself. It seems like the > request came from the https page (referer header), but landed toward the > HTTP land. > > I would suggest you to just try to append the :443 to the Host header > value (Host: www.xxx.cz <http://www.xxx.cz> -> Host: www.xxx.cz:443 > <http://www.xxx.cz:443>) > > Kind regards, > Miroslav Stampar > > On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul <rez...@se... > <mailto:rez...@se...>> wrote: > > Hello, I came across a bug while using sqlmap with -l parameter. I have > burp log file with following content (only one request to https port): > > ====================================================== > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > ====================================================== > GET > /index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 > HTTP/1.1 > Host: www.xxx.cz <http://www.xxx.cz> > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 > Firefox/15.0.1 > Accept: image/png,image/*;q=0.8,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip, deflate > Connection: keep-alive > Referer: https://www.xxx.cz/ > Cookie: __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; > __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); > theme_cookie=life; > e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > Cache-Control: max-age=0 > > ====================================================== > > Then I start sqlmap this way: > > ./sqlmap.py -l /root/burp.log --batch --threads=10 > --scope=www.xxx.cz <http://www.xxx.cz> > > And sqlmap instead of sending request to https (443) port it will use > http (80) port instead: > > --------------------------------------------------------- > [13:21:55] [INFO] using regular expression 'www.xxx.cz > <http://www.xxx.cz>' for filtering > targets > [13:21:55] [INFO] sqlmap parsed 1 testable requests from the targets > list > [13:21:55] [INFO] url 1: > GET > http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 > Cookie: __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; > __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); > theme_cookie=life; > e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > do you want to test this url? [Y/n/q] > > Y > [snip] > --------------------------------------------------------- > > Could you please fix this? > > Regards > > Karel Marhoul > > ------------------------------------------------------------------------------ > Don't let slow site performance ruin your business. Deploy New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and .NET app > Try New Relic at no cost today and get our sweet Data Nerd shirt too! > http://p.sf.net/sfu/newrelic-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2012-10-09 08:49:22
|
Hi again. It's a preamble, but the request itself is down below. We process requests, not preambles. As we need to support generic LOG files, we are "hunting" for requests itself. If somebody could confirm that Burp really strips any HTTPS "tips" from the requests and just puts those in preambles (like in your case), I'll gladly do the "patching". Kind regards, Miroslav Stampar On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul <rez...@se...> wrote: > Hello Miroslav, there is a mention of port 443 in the request "preamble", > see: > > > ==============================**======================== > > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > > ==============================**======================== > > That specific request came from HTTPS page and landed toward HTTP, I'm > sure of that. > > I suggest sqlmap log parser should first look at the port in the request > preamble and then send the request to this port - is that possible to > implement? > > Regards > > Karel > > On 9.10.2012 10:30, Miroslav Stampar wrote: > >> Hi Karel. >> >> Strictly speaking there is no bug here. If you take a look carefully >> into the HTTP request inside you'll see that there is no mention of >> either HTTPS nor 443 inside the request itself. It seems like the >> request came from the https page (referer header), but landed toward the >> HTTP land. >> >> I would suggest you to just try to append the :443 to the Host header >> value (Host: www.xxx.cz <http://www.xxx.cz> -> Host: www.xxx.cz:443 >> <http://www.xxx.cz:443>) >> >> Kind regards, >> Miroslav Stampar >> >> On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul <rez...@se... >> <mailto:rez...@se...>> wrote: >> >> Hello, I came across a bug while using sqlmap with -l parameter. I >> have >> burp log file with following content (only one request to https port): >> >> ==============================**======================== >> 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >> ==============================**======================== >> GET >> /index.php?option=com_thumber&**view=thumb&format=image&path=** >> images/cups/web-xxx-klub_**ikona-spion.jpg&newX=160&newY=**120 >> HTTP/1.1 >> Host: www.xxx.cz <http://www.xxx.cz> >> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) >> Gecko/20100101 >> Firefox/15.0.1 >> Accept: image/png,image/*;q=0.8,*/*;q=**0.5 >> Accept-Language: en-us,en;q=0.5 >> Accept-Encoding: gzip, deflate >> Connection: keep-alive >> Referer: https://www.xxx.cz/ >> Cookie: __utma=148540003.1998141124.**1349164485.1349423437.** >> 1349599213.20; >> __utmz=148540003.1349164485.1.**1.utmcsr=(direct)|utmccn=(** >> direct)|utmcmd=(none); >> theme_cookie=life; >> e6da1f1e61cfd387eff8fb21161379**6e=3c29965kggoo45p49dhrs1npq0; >> __utmc=148540003 >> Cache-Control: max-age=0 >> >> ==============================**======================== >> >> Then I start sqlmap this way: >> >> ./sqlmap.py -l /root/burp.log --batch --threads=10 >> --scope=www.xxx.cz <http://www.xxx.cz> >> >> And sqlmap instead of sending request to https (443) port it will use >> http (80) port instead: >> >> ------------------------------**--------------------------- >> [13:21:55] [INFO] using regular expression 'www.xxx.cz >> <http://www.xxx.cz>' for filtering >> targets >> [13:21:55] [INFO] sqlmap parsed 1 testable requests from the targets >> list >> [13:21:55] [INFO] url 1: >> GET >> http://www.xxx.cz:80/index.**php?option=com_thumber&view=** >> thumb&format=image&path=**images/cups/web-xxx-klub_** >> ikona-spion.jpg&newX=160&newY=**120<http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120> >> Cookie: __utma=148540003.1998141124.**1349164485.1349423437.** >> 1349599213.20; >> __utmz=148540003.1349164485.1.**1.utmcsr=(direct)|utmccn=(** >> direct)|utmcmd=(none); >> theme_cookie=life; >> e6da1f1e61cfd387eff8fb21161379**6e=3c29965kggoo45p49dhrs1npq0; >> __utmc=148540003 >> do you want to test this url? [Y/n/q] >> > Y >> [snip] >> ------------------------------**--------------------------- >> >> Could you please fix this? >> >> Regards >> >> Karel Marhoul >> >> ------------------------------**------------------------------** >> ------------------ >> Don't let slow site performance ruin your business. Deploy New Relic >> APM >> Deploy New Relic app performance management and know exactly >> what is happening inside your Ruby, Python, PHP, Java, and .NET app >> Try New Relic at no cost today and get our sweet Data Nerd shirt too! >> http://p.sf.net/sfu/newrelic-**dev2dev<http://p.sf.net/sfu/newrelic-dev2dev> >> ______________________________**_________________ >> sqlmap-users mailing list >> sqlmap-users@lists.**sourceforge.net<sql...@li...> >> <mailto:sqlmap-users@lists.**sourceforge.net<sql...@li...> >> > >> https://lists.sourceforge.net/**lists/listinfo/sqlmap-users<https://lists.sourceforge.net/lists/listinfo/sqlmap-users> >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Karel M. <rez...@se...> - 2012-10-09 09:04:21
|
I could confirm this behavior with these versions of burp: Burp Suite Proffesional 1.4.12 Burp Suite Proffesional 1.5rc3 Patch would be appreciated. Regards Karel On 9.10.2012 10:49, Miroslav Stampar wrote: > Hi again. > > It's a preamble, but the request itself is down below. We process > requests, not preambles. As we need to support generic LOG files, we are > "hunting" for requests itself. > > If somebody could confirm that Burp really strips any HTTPS "tips" from > the requests and just puts those in preambles (like in your case), I'll > gladly do the "patching". > > Kind regards, > Miroslav Stampar > > On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul <rez...@se... > <mailto:rez...@se...>> wrote: > > Hello Miroslav, there is a mention of port 443 in the request > "preamble", see: > > > ==============================__======================== > > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > > ==============================__======================== > > That specific request came from HTTPS page and landed toward HTTP, > I'm sure of that. > > I suggest sqlmap log parser should first look at the port in the > request preamble and then send the request to this port - is that > possible to implement? > > Regards > > Karel > > On 9.10.2012 10:30, Miroslav Stampar wrote: > > Hi Karel. > > Strictly speaking there is no bug here. If you take a look carefully > into the HTTP request inside you'll see that there is no mention of > either HTTPS nor 443 inside the request itself. It seems like the > request came from the https page (referer header), but landed > toward the > HTTP land. > > I would suggest you to just try to append the :443 to the Host > header > value (Host: www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> > -> Host: www.xxx.cz:443 <http://www.xxx.cz:443> > <http://www.xxx.cz:443>) > > Kind regards, > Miroslav Stampar > > On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul > <rez...@se... <mailto:rez...@se...> > <mailto:rez...@se... <mailto:rez...@se...>>> wrote: > > Hello, I came across a bug while using sqlmap with -l > parameter. I have > burp log file with following content (only one request to > https port): > > ==============================__======================== > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > ==============================__======================== > GET > > /index.php?option=com_thumber&__view=thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 > HTTP/1.1 > Host: www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) > Gecko/20100101 > Firefox/15.0.1 > Accept: image/png,image/*;q=0.8,*/*;q=__0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip, deflate > Connection: keep-alive > Referer: https://www.xxx.cz/ > Cookie: > __utma=148540003.1998141124.__1349164485.1349423437.__1349599213.20; > > __utmz=148540003.1349164485.1.__1.utmcsr=(direct)|utmccn=(__direct)|utmcmd=(none); > theme_cookie=life; > e6da1f1e61cfd387eff8fb21161379__6e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > Cache-Control: max-age=0 > > ==============================__======================== > > Then I start sqlmap this way: > > ./sqlmap.py -l /root/burp.log --batch --threads=10 > --scope=www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> > > And sqlmap instead of sending request to https (443) port > it will use > http (80) port instead: > > ------------------------------__--------------------------- > [13:21:55] [INFO] using regular expression 'www.xxx.cz > <http://www.xxx.cz> > <http://www.xxx.cz>' for filtering > targets > [13:21:55] [INFO] sqlmap parsed 1 testable requests from > the targets > list > [13:21:55] [INFO] url 1: > GET > http://www.xxx.cz:80/index.__php?option=com_thumber&view=__thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 > <http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120> > Cookie: > __utma=148540003.1998141124.__1349164485.1349423437.__1349599213.20; > > __utmz=148540003.1349164485.1.__1.utmcsr=(direct)|utmccn=(__direct)|utmcmd=(none); > theme_cookie=life; > e6da1f1e61cfd387eff8fb21161379__6e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > do you want to test this url? [Y/n/q] > > Y > [snip] > ------------------------------__--------------------------- > > Could you please fix this? > > Regards > > Karel Marhoul > > > ------------------------------__------------------------------__------------------ > Don't let slow site performance ruin your business. Deploy > New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and > .NET app > Try New Relic at no cost today and get our sweet Data Nerd > shirt too! > http://p.sf.net/sfu/newrelic-__dev2dev > <http://p.sf.net/sfu/newrelic-dev2dev> > _________________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.__sourceforge.net > <mailto:sql...@li...> > <mailto:sqlmap-users@lists.__sourceforge.net > <mailto:sql...@li...>> > https://lists.sourceforge.net/__lists/listinfo/sqlmap-users > <https://lists.sourceforge.net/lists/listinfo/sqlmap-users> > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Dennis <kor...@ya...> - 2012-10-09 09:12:23
|
Hey, burp acts as you suspected. Here's an example of https://google.de logged from a burp pro v1.4.12: ====================================================== 11:05:56 https://www.google.de:443 [173.194.35.184] ====================================================== GET / HTTP/1.1 Host: www.google.de User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Cookie: xxx Pragma: no-cache Cache-Control: no-cache ====================================================== The same goes for burp's "Copy to File" feature. I usually use the --force-ssl flag to circumvent this. Cheers, Dennis Am 09.10.2012 10:49, schrieb Miroslav Stampar: > Hi again. > > It's a preamble, but the request itself is down below. We process > requests, not preambles. As we need to support generic LOG files, we > are "hunting" for requests itself. > > If somebody could confirm that Burp really strips any HTTPS "tips" > from the requests and just puts those in preambles (like in your > case), I'll gladly do the "patching". > > Kind regards, > Miroslav Stampar > > On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul <rez...@se... > <mailto:rez...@se...>> wrote: > > Hello Miroslav, there is a mention of port 443 in the request > "preamble", see: > > > ====================================================== > > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > > ====================================================== > > That specific request came from HTTPS page and landed toward HTTP, > I'm sure of that. > > I suggest sqlmap log parser should first look at the port in the > request preamble and then send the request to this port - is that > possible to implement? > > Regards > > Karel > > On 9.10.2012 10:30, Miroslav Stampar wrote: > > Hi Karel. > > Strictly speaking there is no bug here. If you take a look > carefully > into the HTTP request inside you'll see that there is no > mention of > either HTTPS nor 443 inside the request itself. It seems like the > request came from the https page (referer header), but landed > toward the > HTTP land. > > I would suggest you to just try to append the :443 to the Host > header > value (Host: www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> -> Host: www.xxx.cz:443 > <http://www.xxx.cz:443> > <http://www.xxx.cz:443>) > > Kind regards, > Miroslav Stampar > > On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul > <rez...@se... <mailto:rez...@se...> > <mailto:rez...@se... <mailto:rez...@se...>>> > wrote: > > Hello, I came across a bug while using sqlmap with -l > parameter. I have > burp log file with following content (only one request to > https port): > > ====================================================== > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > ====================================================== > GET > > /index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 > HTTP/1.1 > Host: www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) > Gecko/20100101 > Firefox/15.0.1 > Accept: image/png,image/*;q=0.8,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip, deflate > Connection: keep-alive > Referer: https://www.xxx.cz/ > Cookie: > __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; > > __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); > theme_cookie=life; > e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > Cache-Control: max-age=0 > > ====================================================== > > Then I start sqlmap this way: > > ./sqlmap.py -l /root/burp.log --batch --threads=10 > --scope=www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> > > And sqlmap instead of sending request to https (443) port > it will use > http (80) port instead: > > --------------------------------------------------------- > [13:21:55] [INFO] using regular expression 'www.xxx.cz > <http://www.xxx.cz> > <http://www.xxx.cz>' for filtering > targets > [13:21:55] [INFO] sqlmap parsed 1 testable requests from > the targets > list > [13:21:55] [INFO] url 1: > GET > > http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 > Cookie: > __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; > > __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); > theme_cookie=life; > e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > do you want to test this url? [Y/n/q] > > Y > [snip] > --------------------------------------------------------- > > Could you please fix this? > > Regards > > Karel Marhoul > > > ------------------------------------------------------------------------------ > Don't let slow site performance ruin your business. Deploy > New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and > .NET app > Try New Relic at no cost today and get our sweet Data Nerd > shirt too! > http://p.sf.net/sfu/newrelic-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > <mailto:sql...@li...> > <mailto:sql...@li... > <mailto:sql...@li...>> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > ------------------------------------------------------------------------------ > Don't let slow site performance ruin your business. Deploy New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and .NET app > Try New Relic at no cost today and get our sweet Data Nerd shirt too! > http://p.sf.net/sfu/newrelic-dev2dev > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Miroslav S. <mir...@gm...> - 2012-10-09 09:13:34
|
Ok. I'll do the patching and let you know. Kind regards, Miroslav Stampar On Tue, Oct 9, 2012 at 11:12 AM, Dennis <kor...@ya...> wrote: > Hey, > > burp acts as you suspected. Here's an example of https://google.de logged > from a burp pro v1.4.12: > > ====================================================== > 11:05:56 https://www.google.de:443 [173.194.35.184] > ====================================================== > GET / HTTP/1.1 > Host: www.google.de > > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 > Firefox/15.0.1 > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 > Accept-Encoding: gzip, deflate > DNT: 1 > Connection: keep-alive > Cookie: xxx > Pragma: no-cache > Cache-Control: no-cache > > > ====================================================== > > The same goes for burp's "Copy to File" feature. I usually use the > --force-ssl flag to circumvent this. > > Cheers, > Dennis > > > Am 09.10.2012 10:49, schrieb Miroslav Stampar: > > Hi again. > > It's a preamble, but the request itself is down below. We process > requests, not preambles. As we need to support generic LOG files, we are > "hunting" for requests itself. > > If somebody could confirm that Burp really strips any HTTPS "tips" from > the requests and just puts those in preambles (like in your case), I'll > gladly do the "patching". > > Kind regards, > Miroslav Stampar > > On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul <rez...@se...>wrote: > >> Hello Miroslav, there is a mention of port 443 in the request "preamble", >> see: >> >> > ====================================================== >> > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >> > ====================================================== >> >> That specific request came from HTTPS page and landed toward HTTP, I'm >> sure of that. >> >> I suggest sqlmap log parser should first look at the port in the request >> preamble and then send the request to this port - is that possible to >> implement? >> >> Regards >> >> Karel >> >> On 9.10.2012 10:30, Miroslav Stampar wrote: >> >>> Hi Karel. >>> >>> Strictly speaking there is no bug here. If you take a look carefully >>> into the HTTP request inside you'll see that there is no mention of >>> either HTTPS nor 443 inside the request itself. It seems like the >>> request came from the https page (referer header), but landed toward the >>> HTTP land. >>> >>> I would suggest you to just try to append the :443 to the Host header >>> value (Host: www.xxx.cz <http://www.xxx.cz> -> Host: www.xxx.cz:443 >>> <http://www.xxx.cz:443>) >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul <rez...@se... >>> <mailto:rez...@se...>> wrote: >>> >>> Hello, I came across a bug while using sqlmap with -l parameter. I >>> have >>> burp log file with following content (only one request to https >>> port): >>> >>> ====================================================== >>> 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >>> ====================================================== >>> GET >>> >>> /index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 >>> HTTP/1.1 >>> Host: www.xxx.cz <http://www.xxx.cz> >>> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) >>> Gecko/20100101 >>> Firefox/15.0.1 >>> Accept: image/png,image/*;q=0.8,*/*;q=0.5 >>> Accept-Language: en-us,en;q=0.5 >>> Accept-Encoding: gzip, deflate >>> Connection: keep-alive >>> Referer: https://www.xxx.cz/ >>> Cookie: >>> __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; >>> >>> __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); >>> theme_cookie=life; >>> e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; >>> __utmc=148540003 >>> Cache-Control: max-age=0 >>> >>> ====================================================== >>> >>> Then I start sqlmap this way: >>> >>> ./sqlmap.py -l /root/burp.log --batch --threads=10 >>> --scope=www.xxx.cz <http://www.xxx.cz> >>> >>> And sqlmap instead of sending request to https (443) port it will use >>> http (80) port instead: >>> >>> --------------------------------------------------------- >>> [13:21:55] [INFO] using regular expression 'www.xxx.cz >>> <http://www.xxx.cz>' for filtering >>> targets >>> [13:21:55] [INFO] sqlmap parsed 1 testable requests from the targets >>> list >>> [13:21:55] [INFO] url 1: >>> GET >>> >>> http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 >>> Cookie: >>> __utma=148540003.1998141124.1349164485.1349423437.1349599213.20; >>> >>> __utmz=148540003.1349164485.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); >>> theme_cookie=life; >>> e6da1f1e61cfd387eff8fb211613796e=3c29965kggoo45p49dhrs1npq0; >>> __utmc=148540003 >>> do you want to test this url? [Y/n/q] >>> > Y >>> [snip] >>> --------------------------------------------------------- >>> >>> Could you please fix this? >>> >>> Regards >>> >>> Karel Marhoul >>> >>> >>> ------------------------------------------------------------------------------ >>> Don't let slow site performance ruin your business. Deploy New Relic >>> APM >>> Deploy New Relic app performance management and know exactly >>> what is happening inside your Ruby, Python, PHP, Java, and .NET app >>> Try New Relic at no cost today and get our sweet Data Nerd shirt too! >>> http://p.sf.net/sfu/newrelic-dev2dev >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> <mailto:sql...@li...> >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >>> >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > > > ------------------------------------------------------------------------------ > Don't let slow site performance ruin your business. Deploy New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and .NET app > Try New Relic at no cost today and get our sweet Data Nerd shirt too!http://p.sf.net/sfu/newrelic-dev2dev > > > > _______________________________________________ > sqlmap-users mailing lis...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Miroslav S. <mir...@gm...> - 2012-10-09 09:37:06
|
Hi Karel. This should be fixed now [1]. Kind regards, Miroslav Stampar [1] https://github.com/sqlmapproject/sqlmap/issues/198 On Tue, Oct 9, 2012 at 11:04 AM, Karel Marhoul <rez...@se...> wrote: > I could confirm this behavior with these versions of burp: > > Burp Suite Proffesional 1.4.12 > Burp Suite Proffesional 1.5rc3 > > Patch would be appreciated. > > Regards > > Karel > > > On 9.10.2012 10:49, Miroslav Stampar wrote: > >> Hi again. >> >> It's a preamble, but the request itself is down below. We process >> requests, not preambles. As we need to support generic LOG files, we are >> "hunting" for requests itself. >> >> If somebody could confirm that Burp really strips any HTTPS "tips" from >> the requests and just puts those in preambles (like in your case), I'll >> gladly do the "patching". >> >> Kind regards, >> Miroslav Stampar >> >> On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul <rez...@se... >> <mailto:rez...@se...>> wrote: >> >> Hello Miroslav, there is a mention of port 443 in the request >> "preamble", see: >> >> > ==============================**__======================== >> >> > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >> > ==============================**__======================== >> >> >> That specific request came from HTTPS page and landed toward HTTP, >> I'm sure of that. >> >> I suggest sqlmap log parser should first look at the port in the >> request preamble and then send the request to this port - is that >> possible to implement? >> >> Regards >> >> Karel >> >> On 9.10.2012 10:30, Miroslav Stampar wrote: >> >> Hi Karel. >> >> Strictly speaking there is no bug here. If you take a look >> carefully >> into the HTTP request inside you'll see that there is no mention >> of >> either HTTPS nor 443 inside the request itself. It seems like the >> request came from the https page (referer header), but landed >> toward the >> HTTP land. >> >> I would suggest you to just try to append the :443 to the Host >> header >> value (Host: www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> >> >> -> Host: www.xxx.cz:443 <http://www.xxx.cz:443> >> <http://www.xxx.cz:443>) >> >> Kind regards, >> Miroslav Stampar >> >> On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul >> <rez...@se... <mailto:rez...@se...> >> <mailto:rez...@se... <mailto:rez...@se...>>**> >> wrote: >> >> Hello, I came across a bug while using sqlmap with -l >> parameter. I have >> burp log file with following content (only one request to >> https port): >> >> ==============================**__======================== >> >> 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >> ==============================**__======================== >> GET >> >> /index.php?option=com_thumber&**__view=thumb&format=image&** >> path=__images/cups/web-xxx-**klub___ikona-spion.jpg&newX=**160&newY=__120 >> HTTP/1.1 >> Host: www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> >> >> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) >> Gecko/20100101 >> Firefox/15.0.1 >> Accept: image/png,image/*;q=0.8,*/*;q=**__0.5 >> >> Accept-Language: en-us,en;q=0.5 >> Accept-Encoding: gzip, deflate >> Connection: keep-alive >> Referer: https://www.xxx.cz/ >> Cookie: >> __utma=148540003.1998141124.__**1349164485.1349423437.__** >> 1349599213.20; >> >> __utmz=148540003.1349164485.1.**__1.utmcsr=(direct)|utmccn=(__** >> direct)|utmcmd=(none); >> theme_cookie=life; >> e6da1f1e61cfd387eff8fb21161379**__6e=** >> 3c29965kggoo45p49dhrs1npq0; >> __utmc=148540003 >> Cache-Control: max-age=0 >> >> ==============================**__======================== >> >> Then I start sqlmap this way: >> >> ./sqlmap.py -l /root/burp.log --batch --threads=10 >> --scope=www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> >> >> >> And sqlmap instead of sending request to https (443) port >> it will use >> http (80) port instead: >> >> ------------------------------** >> __--------------------------- >> >> [13:21:55] [INFO] using regular expression 'www.xxx.cz >> <http://www.xxx.cz> >> <http://www.xxx.cz>' for filtering >> targets >> [13:21:55] [INFO] sqlmap parsed 1 testable requests from >> the targets >> list >> [13:21:55] [INFO] url 1: >> GET >> http://www.xxx.cz:80/index.__**php?option=com_thumber&view=__** >> thumb&format=image&path=__**images/cups/web-xxx-klub___** >> ikona-spion.jpg&newX=160&newY=**__120<http://www.xxx.cz:80/index.__php?option=com_thumber&view=__thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120> >> <http://www.xxx.cz:80/index.**php?option=com_thumber&view=** >> thumb&format=image&path=**images/cups/web-xxx-klub_** >> ikona-spion.jpg&newX=160&newY=**120<http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120> >> > >> Cookie: >> __utma=148540003.1998141124.__**1349164485.1349423437.__** >> 1349599213.20; >> >> __utmz=148540003.1349164485.1.**__1.utmcsr=(direct)|utmccn=(__** >> direct)|utmcmd=(none); >> theme_cookie=life; >> e6da1f1e61cfd387eff8fb21161379**__6e=** >> 3c29965kggoo45p49dhrs1npq0; >> __utmc=148540003 >> do you want to test this url? [Y/n/q] >> > Y >> [snip] >> ------------------------------** >> __--------------------------- >> >> >> Could you please fix this? >> >> Regards >> >> Karel Marhoul >> >> >> ------------------------------**__----------------------------** >> --__------------------ >> >> Don't let slow site performance ruin your business. Deploy >> New Relic APM >> Deploy New Relic app performance management and know exactly >> what is happening inside your Ruby, Python, PHP, Java, and >> .NET app >> Try New Relic at no cost today and get our sweet Data Nerd >> shirt too! >> http://p.sf.net/sfu/newrelic-_**_dev2dev<http://p.sf.net/sfu/newrelic-__dev2dev> >> <http://p.sf.net/sfu/newrelic-**dev2dev<http://p.sf.net/sfu/newrelic-dev2dev> >> > >> ______________________________**___________________ >> sqlmap-users mailing list >> sqlmap-users@lists.__sourcefor**ge.net <http://sourceforge.net> >> <mailto:sqlmap-users@lists.**sourceforge.net<sql...@li...> >> > >> <mailto:sqlmap-users@lists.__s**ourceforge.net<http://sourceforge.net> >> <mailto:sqlmap-users@lists.**sourceforge.net<sql...@li...> >> >> >> https://lists.sourceforge.net/**__lists/listinfo/sqlmap-users<https://lists.sourceforge.net/__lists/listinfo/sqlmap-users> >> <https://lists.sourceforge.**net/lists/listinfo/sqlmap-**users<https://lists.sourceforge.net/lists/listinfo/sqlmap-users> >> > >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Karel M. <rez...@se...> - 2012-10-10 18:15:24
|
Thank you, Miro, for patching. Regards Karel Marhoul On 9.10.2012 11:36, Miroslav Stampar wrote: > Hi Karel. > > This should be fixed now [1]. > > Kind regards, > Miroslav Stampar > > [1] https://github.com/sqlmapproject/sqlmap/issues/198 > > On Tue, Oct 9, 2012 at 11:04 AM, Karel Marhoul <rez...@se... > <mailto:rez...@se...>> wrote: > > I could confirm this behavior with these versions of burp: > > Burp Suite Proffesional 1.4.12 > Burp Suite Proffesional 1.5rc3 > > Patch would be appreciated. > > Regards > > Karel > > > On 9.10.2012 10:49, Miroslav Stampar wrote: > > Hi again. > > It's a preamble, but the request itself is down below. We process > requests, not preambles. As we need to support generic LOG > files, we are > "hunting" for requests itself. > > If somebody could confirm that Burp really strips any HTTPS > "tips" from > the requests and just puts those in preambles (like in your > case), I'll > gladly do the "patching". > > Kind regards, > Miroslav Stampar > > On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul > <rez...@se... <mailto:rez...@se...> > <mailto:rez...@se... <mailto:rez...@se...>>> wrote: > > Hello Miroslav, there is a mention of port 443 in the request > "preamble", see: > > > > ==============================____======================== > > > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > > > ==============================____======================== > > > That specific request came from HTTPS page and landed > toward HTTP, > I'm sure of that. > > I suggest sqlmap log parser should first look at the port > in the > request preamble and then send the request to this port - > is that > possible to implement? > > Regards > > Karel > > On 9.10.2012 10:30, Miroslav Stampar wrote: > > Hi Karel. > > Strictly speaking there is no bug here. If you take a > look carefully > into the HTTP request inside you'll see that there is > no mention of > either HTTPS nor 443 inside the request itself. It > seems like the > request came from the https page (referer header), but > landed > toward the > HTTP land. > > I would suggest you to just try to append the :443 to > the Host > header > value (Host: www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> <http://www.xxx.cz> > > -> Host: www.xxx.cz:443 <http://www.xxx.cz:443> > <http://www.xxx.cz:443> > <http://www.xxx.cz:443>) > > Kind regards, > Miroslav Stampar > > On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul > <rez...@se... <mailto:rez...@se...> > <mailto:rez...@se... <mailto:rez...@se...>> > <mailto:rez...@se... > <mailto:rez...@se...> <mailto:rez...@se... > <mailto:rez...@se...>>>__> wrote: > > Hello, I came across a bug while using sqlmap with -l > parameter. I have > burp log file with following content (only one > request to > https port): > > > ==============================____======================== > > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > > ==============================____======================== > GET > > > /index.php?option=com_thumber&____view=thumb&format=image&__path=__images/cups/web-xxx-__klub___ikona-spion.jpg&newX=__160&newY=__120 > HTTP/1.1 > Host: www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> <http://www.xxx.cz> > > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; > rv:15.0) > Gecko/20100101 > Firefox/15.0.1 > Accept: image/png,image/*;q=0.8,*/*;q=____0.5 > > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip, deflate > Connection: keep-alive > Referer: https://www.xxx.cz/ > Cookie: > > __utma=148540003.1998141124.____1349164485.1349423437.____1349599213.20; > > > __utmz=148540003.1349164485.1.____1.utmcsr=(direct)|utmccn=(____direct)|utmcmd=(none); > theme_cookie=life; > > e6da1f1e61cfd387eff8fb21161379____6e=__3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > Cache-Control: max-age=0 > > > ==============================____======================== > > Then I start sqlmap this way: > > ./sqlmap.py -l /root/burp.log --batch --threads=10 > --scope=www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> <http://www.xxx.cz> > > > And sqlmap instead of sending request to https > (443) port > it will use > http (80) port instead: > > > ------------------------------____--------------------------- > > [13:21:55] [INFO] using regular expression > 'www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> > <http://www.xxx.cz>' for filtering > targets > [13:21:55] [INFO] sqlmap parsed 1 testable > requests from > the targets > list > [13:21:55] [INFO] url 1: > GET > http://www.xxx.cz:80/index.____php?option=com_thumber&view=____thumb&format=image&path=____images/cups/web-xxx-klub_____ikona-spion.jpg&newX=160&newY=____120 > <http://www.xxx.cz:80/index.__php?option=com_thumber&view=__thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120> > > <http://www.xxx.cz:80/index.__php?option=com_thumber&view=__thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 > <http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120>> > Cookie: > > __utma=148540003.1998141124.____1349164485.1349423437.____1349599213.20; > > > __utmz=148540003.1349164485.1.____1.utmcsr=(direct)|utmccn=(____direct)|utmcmd=(none); > theme_cookie=life; > > e6da1f1e61cfd387eff8fb21161379____6e=__3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > do you want to test this url? [Y/n/q] > > Y > [snip] > > ------------------------------____--------------------------- > > > Could you please fix this? > > Regards > > Karel Marhoul > > > > ------------------------------____----------------------------__--__------------------ > > Don't let slow site performance ruin your > business. Deploy > New Relic APM > Deploy New Relic app performance management and > know exactly > what is happening inside your Ruby, Python, PHP, > Java, and > .NET app > Try New Relic at no cost today and get our sweet > Data Nerd > shirt too! > http://p.sf.net/sfu/newrelic-____dev2dev > <http://p.sf.net/sfu/newrelic-__dev2dev> > <http://p.sf.net/sfu/newrelic-__dev2dev > <http://p.sf.net/sfu/newrelic-dev2dev>> > ___________________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.__sourcefor__ge.net > <http://sourceforge.net> > <mailto:sqlmap-users@lists.__sourceforge.net > <mailto:sql...@li...>> > <mailto:sqlmap-users@lists. > <mailto:sqlmap-users@lists.>__s__ourceforge.net > <http://sourceforge.net> > <mailto:sqlmap-users@lists.__sourceforge.net > <mailto:sql...@li...>>> > https://lists.sourceforge.net/____lists/listinfo/sqlmap-users > <https://lists.sourceforge.net/__lists/listinfo/sqlmap-users> > > <https://lists.sourceforge.__net/lists/listinfo/sqlmap-__users > <https://lists.sourceforge.net/lists/listinfo/sqlmap-users>> > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
|
From: Dennis <kor...@ya...> - 2012-10-09 09:41:42
|
Hey Miroslav, how did you fix this? Does sqlmap take the preamble into account? Or how do you figure out, what is https and what's not? Regards, Dennis Am 09.10.2012 11:36, schrieb Miroslav Stampar: > Hi Karel. > > This should be fixed now [1]. > > Kind regards, > Miroslav Stampar > > [1] https://github.com/sqlmapproject/sqlmap/issues/198 > > On Tue, Oct 9, 2012 at 11:04 AM, Karel Marhoul <rez...@se... > <mailto:rez...@se...>> wrote: > > I could confirm this behavior with these versions of burp: > > Burp Suite Proffesional 1.4.12 > Burp Suite Proffesional 1.5rc3 > > Patch would be appreciated. > > Regards > > Karel > > > On 9.10.2012 10:49, Miroslav Stampar wrote: > > Hi again. > > It's a preamble, but the request itself is down below. We process > requests, not preambles. As we need to support generic LOG > files, we are > "hunting" for requests itself. > > If somebody could confirm that Burp really strips any HTTPS > "tips" from > the requests and just puts those in preambles (like in your > case), I'll > gladly do the "patching". > > Kind regards, > Miroslav Stampar > > On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul > <rez...@se... <mailto:rez...@se...> > <mailto:rez...@se... <mailto:rez...@se...>>> > wrote: > > Hello Miroslav, there is a mention of port 443 in the request > "preamble", see: > > > > ==============================__======================== > > > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > > > ==============================__======================== > > > That specific request came from HTTPS page and landed > toward HTTP, > I'm sure of that. > > I suggest sqlmap log parser should first look at the port > in the > request preamble and then send the request to this port - > is that > possible to implement? > > Regards > > Karel > > On 9.10.2012 10:30, Miroslav Stampar wrote: > > Hi Karel. > > Strictly speaking there is no bug here. If you take a > look carefully > into the HTTP request inside you'll see that there is > no mention of > either HTTPS nor 443 inside the request itself. It > seems like the > request came from the https page (referer header), but > landed > toward the > HTTP land. > > I would suggest you to just try to append the :443 to > the Host > header > value (Host: www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> <http://www.xxx.cz> > > -> Host: www.xxx.cz:443 <http://www.xxx.cz:443> > <http://www.xxx.cz:443> > <http://www.xxx.cz:443>) > > Kind regards, > Miroslav Stampar > > On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul > <rez...@se... <mailto:rez...@se...> > <mailto:rez...@se... <mailto:rez...@se...>> > <mailto:rez...@se... > <mailto:rez...@se...> <mailto:rez...@se... > <mailto:rez...@se...>>>> wrote: > > Hello, I came across a bug while using sqlmap with -l > parameter. I have > burp log file with following content (only one > request to > https port): > > > ==============================__======================== > > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] > > ==============================__======================== > GET > > > /index.php?option=com_thumber&__view=thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 > HTTP/1.1 > Host: www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> <http://www.xxx.cz> > > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; > rv:15.0) > Gecko/20100101 > Firefox/15.0.1 > Accept: image/png,image/*;q=0.8,*/*;q=__0.5 > > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip, deflate > Connection: keep-alive > Referer: https://www.xxx.cz/ > Cookie: > > __utma=148540003.1998141124.__1349164485.1349423437.__1349599213.20; > > > __utmz=148540003.1349164485.1.__1.utmcsr=(direct)|utmccn=(__direct)|utmcmd=(none); > theme_cookie=life; > > e6da1f1e61cfd387eff8fb21161379__6e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > Cache-Control: max-age=0 > > > ==============================__======================== > > Then I start sqlmap this way: > > ./sqlmap.py -l /root/burp.log --batch --threads=10 > --scope=www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> <http://www.xxx.cz> > > > And sqlmap instead of sending request to https > (443) port > it will use > http (80) port instead: > > > ------------------------------__--------------------------- > > [13:21:55] [INFO] using regular expression > 'www.xxx.cz <http://www.xxx.cz> > <http://www.xxx.cz> > <http://www.xxx.cz>' for filtering > targets > [13:21:55] [INFO] sqlmap parsed 1 testable > requests from > the targets > list > [13:21:55] [INFO] url 1: > GET > > http://www.xxx.cz:80/index.__php?option=com_thumber&view=__thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 > > <http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120> > Cookie: > > __utma=148540003.1998141124.__1349164485.1349423437.__1349599213.20; > > > __utmz=148540003.1349164485.1.__1.utmcsr=(direct)|utmccn=(__direct)|utmcmd=(none); > theme_cookie=life; > > e6da1f1e61cfd387eff8fb21161379__6e=3c29965kggoo45p49dhrs1npq0; > __utmc=148540003 > do you want to test this url? [Y/n/q] > > Y > [snip] > > ------------------------------__--------------------------- > > > Could you please fix this? > > Regards > > Karel Marhoul > > > > ------------------------------__------------------------------__------------------ > > > Don't let slow site performance ruin your > business. Deploy > New Relic APM > Deploy New Relic app performance management and > know exactly > what is happening inside your Ruby, Python, PHP, > Java, and > .NET app > Try New Relic at no cost today and get our sweet > Data Nerd > shirt too! > http://p.sf.net/sfu/newrelic-__dev2dev > <http://p.sf.net/sfu/newrelic-dev2dev> > _________________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.__sourceforge.net > <http://sourceforge.net> > <mailto:sql...@li... > <mailto:sql...@li...>> > <mailto:sqlmap-users@lists. > <mailto:sqlmap-users@lists.>__sourceforge.net > <http://sourceforge.net> > <mailto:sql...@li... > <mailto:sql...@li...>>> > > https://lists.sourceforge.net/__lists/listinfo/sqlmap-users > > <https://lists.sourceforge.net/lists/listinfo/sqlmap-users> > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > > > > -- > Miroslav Stampar > http://about.me/stamparm > > > ------------------------------------------------------------------------------ > Don't let slow site performance ruin your business. Deploy New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and .NET app > Try New Relic at no cost today and get our sweet Data Nerd shirt too! > http://p.sf.net/sfu/newrelic-dev2dev > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users |
|
From: Miroslav S. <mir...@gm...> - 2012-10-09 10:32:51
|
Hi Dennis. >From now on sqlmap should take into the consideration the preamble too - It takes it as a first choice for scheme::port values (e.g. https::443). In case that there are different values inside the request body itself, specifically Host header, then those values have higher priority. Kind regards, Miroslav Stampar On Tue, Oct 9, 2012 at 11:41 AM, Dennis <kor...@ya...> wrote: > Hey Miroslav, > > how did you fix this? Does sqlmap take the preamble into account? Or how > do you figure out, what is https and what's not? > > Regards, > Dennis > > > Am 09.10.2012 11:36, schrieb Miroslav Stampar: > > Hi Karel. > > This should be fixed now [1]. > > Kind regards, > Miroslav Stampar > > [1] https://github.com/sqlmapproject/sqlmap/issues/198 > > On Tue, Oct 9, 2012 at 11:04 AM, Karel Marhoul <rez...@se...>wrote: > >> I could confirm this behavior with these versions of burp: >> >> Burp Suite Proffesional 1.4.12 >> Burp Suite Proffesional 1.5rc3 >> >> Patch would be appreciated. >> >> Regards >> >> Karel >> >> >> On 9.10.2012 10:49, Miroslav Stampar wrote: >> >>> Hi again. >>> >>> It's a preamble, but the request itself is down below. We process >>> requests, not preambles. As we need to support generic LOG files, we are >>> "hunting" for requests itself. >>> >>> If somebody could confirm that Burp really strips any HTTPS "tips" from >>> the requests and just puts those in preambles (like in your case), I'll >>> gladly do the "patching". >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul <rez...@se... >>> <mailto:rez...@se...>> wrote: >>> >>> Hello Miroslav, there is a mention of port 443 in the request >>> "preamble", see: >>> >>> > ==============================__======================== >>> >>> > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >>> > ==============================__======================== >>> >>> >>> That specific request came from HTTPS page and landed toward HTTP, >>> I'm sure of that. >>> >>> I suggest sqlmap log parser should first look at the port in the >>> request preamble and then send the request to this port - is that >>> possible to implement? >>> >>> Regards >>> >>> Karel >>> >>> On 9.10.2012 10:30, Miroslav Stampar wrote: >>> >>> Hi Karel. >>> >>> Strictly speaking there is no bug here. If you take a look >>> carefully >>> into the HTTP request inside you'll see that there is no mention >>> of >>> either HTTPS nor 443 inside the request itself. It seems like the >>> request came from the https page (referer header), but landed >>> toward the >>> HTTP land. >>> >>> I would suggest you to just try to append the :443 to the Host >>> header >>> value (Host: www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> >>> >>> >>> -> Host: www.xxx.cz:443 <http://www.xxx.cz:443> >>> <http://www.xxx.cz:443>) >>> >>> Kind regards, >>> Miroslav Stampar >>> >>> On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul >>> <rez...@se... <mailto:rez...@se...> >>> <mailto:rez...@se... <mailto:rez...@se...>>> >>> wrote: >>> >>> Hello, I came across a bug while using sqlmap with -l >>> parameter. I have >>> burp log file with following content (only one request to >>> https port): >>> >>> ==============================__======================== >>> >>> 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >>> ==============================__======================== >>> GET >>> >>> >>> /index.php?option=com_thumber&__view=thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 >>> HTTP/1.1 >>> Host: www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> >>> >>> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) >>> Gecko/20100101 >>> Firefox/15.0.1 >>> Accept: image/png,image/*;q=0.8,*/*;q=__0.5 >>> >>> Accept-Language: en-us,en;q=0.5 >>> Accept-Encoding: gzip, deflate >>> Connection: keep-alive >>> Referer: https://www.xxx.cz/ >>> Cookie: >>> >>> __utma=148540003.1998141124.__1349164485.1349423437.__1349599213.20; >>> >>> >>> __utmz=148540003.1349164485.1.__1.utmcsr=(direct)|utmccn=(__direct)|utmcmd=(none); >>> theme_cookie=life; >>> >>> e6da1f1e61cfd387eff8fb21161379__6e=3c29965kggoo45p49dhrs1npq0; >>> __utmc=148540003 >>> Cache-Control: max-age=0 >>> >>> ==============================__======================== >>> >>> Then I start sqlmap this way: >>> >>> ./sqlmap.py -l /root/burp.log --batch --threads=10 >>> --scope=www.xxx.cz <http://www.xxx.cz> <http://www.xxx.cz> >>> >>> >>> >>> And sqlmap instead of sending request to https (443) port >>> it will use >>> http (80) port instead: >>> >>> >>> ------------------------------__--------------------------- >>> >>> [13:21:55] [INFO] using regular expression 'www.xxx.cz >>> <http://www.xxx.cz> >>> <http://www.xxx.cz>' for filtering >>> targets >>> [13:21:55] [INFO] sqlmap parsed 1 testable requests from >>> the targets >>> list >>> [13:21:55] [INFO] url 1: >>> GET >>> >>> http://www.xxx.cz:80/index.__php?option=com_thumber&view=__thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 >>> < >>> http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120 >>> > >>> Cookie: >>> >>> __utma=148540003.1998141124.__1349164485.1349423437.__1349599213.20; >>> >>> >>> __utmz=148540003.1349164485.1.__1.utmcsr=(direct)|utmccn=(__direct)|utmcmd=(none); >>> theme_cookie=life; >>> >>> e6da1f1e61cfd387eff8fb21161379__6e=3c29965kggoo45p49dhrs1npq0; >>> __utmc=148540003 >>> do you want to test this url? [Y/n/q] >>> > Y >>> [snip] >>> >>> ------------------------------__--------------------------- >>> >>> >>> Could you please fix this? >>> >>> Regards >>> >>> Karel Marhoul >>> >>> >>> >>> ------------------------------__------------------------------__------------------ >>> >>> >>> Don't let slow site performance ruin your business. Deploy >>> New Relic APM >>> Deploy New Relic app performance management and know exactly >>> what is happening inside your Ruby, Python, PHP, Java, and >>> .NET app >>> Try New Relic at no cost today and get our sweet Data Nerd >>> shirt too! >>> http://p.sf.net/sfu/newrelic-__dev2dev >>> <http://p.sf.net/sfu/newrelic-dev2dev> >>> _________________________________________________ >>> sqlmap-users mailing list >>> sqlmap-users@lists.__sourceforge.net >>> <mailto:sql...@li...> >>> <mailto:sqlmap-users@lists.__sourceforge.net >>> <mailto:sql...@li...>> >>> https://lists.sourceforge.net/__lists/listinfo/sqlmap-users >>> <https://lists.sourceforge.net/lists/listinfo/sqlmap-users> >>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >>> >>> >>> >>> >>> >>> -- >>> Miroslav Stampar >>> http://about.me/stamparm >>> >> >> > > > -- > Miroslav Stampar > http://about.me/stamparm > > > ------------------------------------------------------------------------------ > Don't let slow site performance ruin your business. Deploy New Relic APM > Deploy New Relic app performance management and know exactly > what is happening inside your Ruby, Python, PHP, Java, and .NET app > Try New Relic at no cost today and get our sweet Data Nerd shirt too!http://p.sf.net/sfu/newrelic-dev2dev > > > > _______________________________________________ > sqlmap-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Dennis <kor...@ya...> - 2012-10-09 11:05:02
|
Cool, thanks for the patch! Cheers Am 09.10.2012 12:32, schrieb Miroslav Stampar: > Hi Dennis. > > From now on sqlmap should take into the consideration the preamble too > - It takes it as a first choice for scheme::port values (e.g. > https::443). In case that there are different values inside the > request body itself, specifically Host header, then those values have > higher priority. > > Kind regards, > Miroslav Stampar > > On Tue, Oct 9, 2012 at 11:41 AM, Dennis <kor...@ya... > <mailto:kor...@ya...>> wrote: > > Hey Miroslav, > > how did you fix this? Does sqlmap take the preamble into account? > Or how do you figure out, what is https and what's not? > > Regards, > Dennis > > > Am 09.10.2012 11:36, schrieb Miroslav Stampar: >> Hi Karel. >> >> This should be fixed now [1]. >> >> Kind regards, >> Miroslav Stampar >> >> [1] https://github.com/sqlmapproject/sqlmap/issues/198 >> >> On Tue, Oct 9, 2012 at 11:04 AM, Karel Marhoul >> <rez...@se... <mailto:rez...@se...>> wrote: >> >> I could confirm this behavior with these versions of burp: >> >> Burp Suite Proffesional 1.4.12 >> Burp Suite Proffesional 1.5rc3 >> >> Patch would be appreciated. >> >> Regards >> >> Karel >> >> >> On 9.10.2012 10:49, Miroslav Stampar wrote: >> >> Hi again. >> >> It's a preamble, but the request itself is down below. We >> process >> requests, not preambles. As we need to support generic >> LOG files, we are >> "hunting" for requests itself. >> >> If somebody could confirm that Burp really strips any >> HTTPS "tips" from >> the requests and just puts those in preambles (like in >> your case), I'll >> gladly do the "patching". >> >> Kind regards, >> Miroslav Stampar >> >> On Tue, Oct 9, 2012 at 10:44 AM, Karel Marhoul >> <rez...@se... <mailto:rez...@se...> >> <mailto:rez...@se... >> <mailto:rez...@se...>>> wrote: >> >> Hello Miroslav, there is a mention of port 443 in the >> request >> "preamble", see: >> >> > >> ==============================__======================== >> >> > 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >> > >> ==============================__======================== >> >> >> That specific request came from HTTPS page and landed >> toward HTTP, >> I'm sure of that. >> >> I suggest sqlmap log parser should first look at the >> port in the >> request preamble and then send the request to this >> port - is that >> possible to implement? >> >> Regards >> >> Karel >> >> On 9.10.2012 10:30, Miroslav Stampar wrote: >> >> Hi Karel. >> >> Strictly speaking there is no bug here. If you >> take a look carefully >> into the HTTP request inside you'll see that >> there is no mention of >> either HTTPS nor 443 inside the request itself. >> It seems like the >> request came from the https page (referer >> header), but landed >> toward the >> HTTP land. >> >> I would suggest you to just try to append the >> :443 to the Host >> header >> value (Host: www.xxx.cz <http://www.xxx.cz> >> <http://www.xxx.cz> <http://www.xxx.cz> >> >> -> Host: www.xxx.cz:443 <http://www.xxx.cz:443> >> <http://www.xxx.cz:443> >> <http://www.xxx.cz:443>) >> >> Kind regards, >> Miroslav Stampar >> >> On Sun, Oct 7, 2012 at 1:37 PM, Karel Marhoul >> <rez...@se... >> <mailto:rez...@se...> >> <mailto:rez...@se... <mailto:rez...@se...>> >> <mailto:rez...@se... >> <mailto:rez...@se...> >> <mailto:rez...@se... >> <mailto:rez...@se...>>>> wrote: >> >> Hello, I came across a bug while using >> sqlmap with -l >> parameter. I have >> burp log file with following content (only >> one request to >> https port): >> >> >> ==============================__======================== >> >> 12:40:22 https://www.xxx.cz:443 [81.91.80.92] >> >> ==============================__======================== >> GET >> >> >> /index.php?option=com_thumber&__view=thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 >> HTTP/1.1 >> Host: www.xxx.cz <http://www.xxx.cz> >> <http://www.xxx.cz> <http://www.xxx.cz> >> >> User-Agent: Mozilla/5.0 (Windows NT 6.1; >> WOW64; rv:15.0) >> Gecko/20100101 >> Firefox/15.0.1 >> Accept: image/png,image/*;q=0.8,*/*;q=__0.5 >> >> Accept-Language: en-us,en;q=0.5 >> Accept-Encoding: gzip, deflate >> Connection: keep-alive >> Referer: https://www.xxx.cz/ >> Cookie: >> >> __utma=148540003.1998141124.__1349164485.1349423437.__1349599213.20; >> >> >> __utmz=148540003.1349164485.1.__1.utmcsr=(direct)|utmccn=(__direct)|utmcmd=(none); >> theme_cookie=life; >> >> e6da1f1e61cfd387eff8fb21161379__6e=3c29965kggoo45p49dhrs1npq0; >> __utmc=148540003 >> Cache-Control: max-age=0 >> >> >> ==============================__======================== >> >> Then I start sqlmap this way: >> >> ./sqlmap.py -l /root/burp.log --batch >> --threads=10 >> --scope=www.xxx.cz <http://www.xxx.cz> >> <http://www.xxx.cz> <http://www.xxx.cz> >> >> >> And sqlmap instead of sending request to >> https (443) port >> it will use >> http (80) port instead: >> >> >> ------------------------------__--------------------------- >> >> [13:21:55] [INFO] using regular expression >> 'www.xxx.cz <http://www.xxx.cz> >> <http://www.xxx.cz> >> <http://www.xxx.cz>' for filtering >> targets >> [13:21:55] [INFO] sqlmap parsed 1 testable >> requests from >> the targets >> list >> [13:21:55] [INFO] url 1: >> GET >> >> http://www.xxx.cz:80/index.__php?option=com_thumber&view=__thumb&format=image&path=__images/cups/web-xxx-klub___ikona-spion.jpg&newX=160&newY=__120 >> >> <http://www.xxx.cz:80/index.php?option=com_thumber&view=thumb&format=image&path=images/cups/web-xxx-klub_ikona-spion.jpg&newX=160&newY=120> >> Cookie: >> >> __utma=148540003.1998141124.__1349164485.1349423437.__1349599213.20; >> >> >> __utmz=148540003.1349164485.1.__1.utmcsr=(direct)|utmccn=(__direct)|utmcmd=(none); >> theme_cookie=life; >> >> e6da1f1e61cfd387eff8fb21161379__6e=3c29965kggoo45p49dhrs1npq0; >> __utmc=148540003 >> do you want to test this url? [Y/n/q] >> > Y >> [snip] >> >> ------------------------------__--------------------------- >> >> >> Could you please fix this? >> >> Regards >> >> Karel Marhoul >> >> >> >> ------------------------------__------------------------------__------------------ >> >> >> Don't let slow site performance ruin your >> business. Deploy >> New Relic APM >> Deploy New Relic app performance management >> and know exactly >> what is happening inside your Ruby, Python, >> PHP, Java, and >> .NET app >> Try New Relic at no cost today and get our >> sweet Data Nerd >> shirt too! >> http://p.sf.net/sfu/newrelic-__dev2dev >> <http://p.sf.net/sfu/newrelic-dev2dev> >> >> _________________________________________________ >> sqlmap-users mailing list >> sqlmap-users@lists.__ >> <mailto:sqlmap-users@lists.__>sourceforge.net >> <http://sourceforge.net> >> <mailto:sql...@li... >> <mailto:sql...@li...>> >> <mailto:sqlmap-users@lists. >> <mailto:sqlmap-users@lists.>__sourceforge.net >> <http://sourceforge.net> >> <mailto:sql...@li... >> <mailto:sql...@li...>>> >> >> https://lists.sourceforge.net/__lists/listinfo/sqlmap-users >> >> <https://lists.sourceforge.net/lists/listinfo/sqlmap-users> >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> >> >> >> -- >> Miroslav Stampar >> http://about.me/stamparm >> >> >> ------------------------------------------------------------------------------ >> Don't let slow site performance ruin your business. Deploy New Relic APM >> Deploy New Relic app performance management and know exactly >> what is happening inside your Ruby, Python, PHP, Java, and .NET app >> Try New Relic at no cost today and get our sweet Data Nerd shirt too! >> http://p.sf.net/sfu/newrelic-dev2dev >> >> >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... <mailto:sql...@li...> >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > > > > -- > Miroslav Stampar > http://about.me/stamparm |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X