Thread: [sqlmap-users] sqlmap error
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users
|
From: sql p. <sql...@go...> - 2009-06-22 13:10:14
|
Hi guys, I had the following error when running sqlmap. The error occured in version 0.6.4 and 0.7rc1. Note that I use prefix and postfix because the injection can only be done in an order by statement. In order by you cannot directly append "AND 1=1". The setup for sql injection works and was verified. Best Regards, Jan ./sqlmap.py -u " http://www.example.com/system/listinstances.nav?FORMULARNAME=listinstances&FORMULARSEGMENT=0&FLD_maxElementsListInstances=5&FLD_listInstancesOrderBy=1" -p FLD_listInstancesOrderBy --string=rowHighSmall --proxy= http://127.0.0.1:8080/--cookie="JSESSIONID=1RjDK1vK9NMkyJ7tWPWks9wTYyYz22h5pTQ2qTWVx6pQVhxC2nVg" --delay=1 --prefix="%2b(select%20case%20when%201=1" --postfix="then%201%20else%201/0%20end%20from%20dual)" --sql-query="select 'bla' from dual" /home/jan/Tools/sqlmap-0.6.4/lib/core/convert.py:27: DeprecationWarning: the md5 module is deprecated; use hashlib instead import md5 /home/jan/Tools/sqlmap-0.6.4/lib/core/convert.py:28: DeprecationWarning: the sha module is deprecated; use the hashlib module instead import sha sqlmap/0.6.4 coded by Bernardo Damele A. G. <ber...@gm...> and Daniele Bellucci <dan...@gm...> [*] starting at: 14:53:19 [14:53:19] [WARNING] the testable parameter 'FLD_listInstancesOrderBy' you provided is not into the Cookie [14:53:19] [INFO] testing connection to the target url [14:53:20] [INFO] testing if the provided string is within the target URL page content [14:53:22] [INPUT] you provided an HTTP Cookie header value. The target url provided its own Cookie within the HTTP Set-Cookie header. Do you want to continue using the HTTP Cookie values that you provided? [Y/n] Y [14:53:26] [INFO] testing if GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:28] [INFO] confirming that GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:31] [INFO] GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:31] [INFO] testing sql injection on GET parameter 'FLD_listInstancesOrderBy' with 0 parenthesis [14:53:31] [INFO] testing custom injection on GET parameter 'FLD_listInstancesOrderBy' [14:53:35] [INFO] confirming custom injection on GET parameter 'FLD_listInstancesOrderBy' [14:53:37] [INFO] GET parameter 'FLD_listInstancesOrderBy' is custom injectable [14:53:37] [INFO] testing for parenthesis on injectable parameter [14:53:37] [INFO] testing MySQL [14:53:38] [WARNING] the back-end DMBS is not MySQL [14:53:38] [INFO] testing Oracle [14:53:41] [INFO] confirming Oracle [14:53:43] [INFO] the back-end DBMS is Oracle web application technology: Apache, Servlet 2.5, JSP, JSP 2.1 back-end DBMS: Oracle [14:53:43] [INFO] fetching SQL SELECT statement query output: 'select 'bla' from dual' [14:53:43] [INPUT] can the SQL query provided return multiple entries? [Y/n] n [14:53:47] [INFO] query: SELECT NVL(CAST(CHR(98)||CHR(108)||CHR(97) AS VARCHAR(4000)), CHR(32)) FROM dual [14:53:47] [INFO] retrieved: [14:53:47] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the command line and the following text and send by e-mail to sql...@li.... The developers will fix it as soon as possible: sqlmap version: 0.6.4 Python version: 2.6.2 Operating system: linux2 Traceback (most recent call last): File "./sqlmap.py", line 81, in main start() File "/home/jan/Tools/sqlmap-0.6.4/lib/controller/controller.py", line 255, in start action() File "/home/jan/Tools/sqlmap-0.6.4/lib/controller/action.py", line 123, in action dumper.string(conf.query, conf.dbmsHandler.sqlQuery(conf.query)) File "/home/jan/Tools/sqlmap-0.6.4/plugins/generic/enumeration.py", line 1078, in sqlQuery output = inject.getValue(query, fromUser=True) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 364, in getValue value = __goInferenceProxy(expression, fromUser, expected) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 297, in __goInferenceProxy outputs = __goInferenceFields(expression, expressionFields, expressionFieldsList, payload, expected) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 100, in __goInferenceFields output = __goInference(payload, expressionReplaced) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 60, in __goInference count, value = bisection(payload, expression, length=length) File "/home/jan/Tools/sqlmap-0.6.4/lib/techniques/blind/inference.py", line 231, in bisection val = getChar(index) File "/home/jan/Tools/sqlmap-0.6.4/lib/techniques/blind/inference.py", line 101, in getChar forgedPayload = payload % (expressionUnescaped, idx, limit) ValueError: unsupported format character 'b' (0x62) at index 104 [*] shutting down at: 14:53:47 |
|
From: Ian P. <xs...@gm...> - 2010-05-24 02:28:11
|
sqlmap version: 0.8
Python version: 2.5.2
Operating system: linux2
Traceback (most recent call last):
File "./sqlmap.py", line 77, in main
start()
File "/pentest/database/sqlmap/lib/controller/controller.py", line 259, in
start
action()
File "/pentest/database/sqlmap/lib/controller/action.py", line 46, in
action
conf.dbmsHandler = setHandler()
File "/pentest/database/sqlmap/lib/controller/handler.py", line 62, in
setHandler
dbmsHandler = dbmsEntry()
File "/pentest/database/sqlmap/plugins/dbms/mysql/__init__.py", line 50,
in __init__
Fingerprint.__init__(self)
File "/pentest/database/sqlmap/plugins/dbms/mysql/fingerprint.py", line
44, in __init__
GenericFingerprint.__init__(self)
AttributeError: class Fingerprint has no attribute '__init__'
|
|
From: Miroslav S. <mir...@gm...> - 2010-05-24 08:13:59
|
Hi. This was fixed two months ago. Please use the latest development version from our SVN to have it fixed (svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). Kind regards. On Mon, May 24, 2010 at 4:27 AM, Ian P. <xs...@gm...> wrote: > sqlmap version: 0.8 > Python version: 2.5.2 > Operating system: linux2 > Traceback (most recent call last): > File "./sqlmap.py", line 77, in main > start() > File "/pentest/database/sqlmap/lib/controller/controller.py", line 259, > in start > action() > File "/pentest/database/sqlmap/lib/controller/action.py", line 46, in > action > conf.dbmsHandler = setHandler() > File "/pentest/database/sqlmap/lib/controller/handler.py", line 62, in > setHandler > dbmsHandler = dbmsEntry() > File "/pentest/database/sqlmap/plugins/dbms/mysql/__init__.py", line 50, > in __init__ > Fingerprint.__init__(self) > File "/pentest/database/sqlmap/plugins/dbms/mysql/fingerprint.py", line > 44, in __init__ > GenericFingerprint.__init__(self) > AttributeError: class Fingerprint has no attribute '__init__' > > > > ------------------------------------------------------------------------------ > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Ustupid M. <ust...@gm...> - 2010-05-31 03:33:46
|
which web application language does the web server support?
[1] ASP (default)
[2] PHP
[3] JSP
> 1
[23:34:10] [WARNING] unable to retrieve the web server document root
please provide the web server document root [C:/Inetpub/wwwroot/]:
C:/xampp/htdocs/modules/weblinks0/
[23:34:13] [INFO] retrieved web server full paths:
'/modules/weblinks0/visit.php'
please provide any additional web server full path to try to upload the
agent [C:/Inetpub/wwwroot/]:
[23:34:16] [WARNING] unable to upload the uploader agent on
'/modules/weblinks0'
[23:34:16] [ERROR] unhandled exception in sqlmap/0.8, please copy the
command line and the following text and send by e-mail to
sql...@li.... The developer will fix it as soon as
possible:
sqlmap version: 0.8
Python version: 2.6.5
Operating system: linux2
Traceback (most recent call last):
File "./sqlmap.py", line 77, in main
start()
File "/.rnd2/pa/sqlmap/lib/controller/controller.py", line 259, in start
action()
File "/.rnd2/pa/sqlmap/lib/controller/action.py", line 141, in action
conf.dbmsHandler.osShell()
File "/.rnd2/pa/sqlmap/plugins/generic/takeover.py", line 98, in osShell
self.initEnv(web=web)
File "/.rnd2/pa/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv
self.webInit()
File "/.rnd2/pa/sqlmap/lib/takeover/web.py", line 189, in webInit
uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True,
raise404=False)
File "/.rnd2/pa/sqlmap/lib/request/connect.py", line 126, in getPage
conn = urllib2.urlopen(req)
File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen
return _opener.open(url, data, timeout)
File "/usr/local/lib/python2.6/urllib2.py", line 391, in open
response = self._open(req, data)
File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open
'_open', req)
File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain
result = func(*args)
File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open
return self.do_open(httplib.HTTPConnection, req)
File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open
h = http_class(host, timeout=req.timeout) # will parse host:port
File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__
self._set_hostport(host, port)
File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport
raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
InvalidURL: nonnumeric port: ''
[*] shutting down at: 23:34:16
./sqlmap.py -u 'http://somehost/modules/weblinks0/visit.php?lid=44'
--os-shell --msf-path /opt/metasploit3/msf3
|
|
From: <ja...@ev...> - 2010-05-31 11:41:10
|
Ancient SQLmap.
Update.
On Mon, 31 May 2010 06:33:39 +0300, Ustupid MFU <ust...@gm...>
wrote:
> which web application language does the web server support?[1] ASP
> (default)[2] PHP[3] JSP> 1[23:34:10] [WARNING] unable to retrieve the
web
> server document root please provide the web server document root
> [C:/Inetpub/wwwroot/]: C:/xampp/htdocs/modules/weblinks0/[23:34:13]
> [INFO] retrieved web server full paths:
> '/modules/weblinks0/visit.php'please provide any additional web server
> full path to try to upload the agent [C:/Inetpub/wwwroot/]: [23:34:16]
> [WARNING] unable to upload the uploader agent on
> '/modules/weblinks0'[23:34:16] [ERROR] unhandled exception in
sqlmap/0.8,
> please copy the command line and the following text and send by e-mail
to
> sql...@li... [1]. The developer will fix it as
soon
> as possible: sqlmap version: 0.8Python version: 2.6.5Operating system:
> linux2Traceback (most recent call last): File "./sqlmap.py", line 77,
> in main start() File
> "/.rnd2/pa/sqlmap/lib/controller/controller.py", line 259, in start
> action() File "/.rnd2/pa/sqlmap/lib/controller/action.py", line 141,
> in action conf.dbmsHandler.osShell() File
> "/.rnd2/pa/sqlmap/plugins/generic/takeover.py", line 98, in osShell
> self.initEnv(web=web) File
> "/.rnd2/pa/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv
> self.webInit() File "/.rnd2/pa/sqlmap/lib/takeover/web.py", line
> 189, in webInit uplPage, _ =
> Request.getPage(url=self.webUploaderUrl, direct=True,
> raise404=False) File "/.rnd2/pa/sqlmap/lib/request/connect.py", line
> 126, in getPage conn = urllib2.urlopen(req) File
> "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen return
> _opener.open(url, data, timeout) File
> "/usr/local/lib/python2.6/urllib2.py", line 391, in open response
> = self._open(req, data) File "/usr/local/lib/python2.6/urllib2.py",
> line 409, in _open '_open', req) File
> "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain
> result = func(*args) File "/usr/local/lib/python2.6/urllib2.py",
> line 1161, in http_open return self.do_open(httplib.HTTPConnection,
> req) File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open
> h = http_class(host, timeout=req.timeout) # will parse
> host:port File "/usr/local/lib/python2.6/httplib.py", line 657, in
> __init__ self._set_hostport(host, port) File
> "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport
> raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])InvalidURL:
> nonnumeric port: ''
> [*] shutting down at: 23:34:16
> ./sqlmap.py -u 'http://somehost/modules/weblinks0/visit.php?lid=44 [2]'
> --os-shell --msf-path /opt/metasploit3/msf3
>
> Links:
> ------
> [1] mailto:sql...@li...
> [2] http://somehost/modules/weblinks0/visit.php?lid=44
|
|
From: Ustupid M. <ust...@gm...> - 2010-05-31 20:02:36
|
It is the 0.8 sqlmap version
I have other problems with sqlmap,and i could need some assistance,i`ve read
the whole google and watched all youtube "hack" videos with sqlmap
But
[1] ASP (default)
[2] PHP
[3] JSP
this is the only option i get for --os-pwn --os-bof with --msf-path
/to/msfconsole/framework
nothing works,i`ve installed all ,ruby-openssl,gems ruby,python newest
version,openssl,bind,php latest version,libssl,all
dependencies,rubygems,mandb,subversion
latest i don`t know what to do anymore,i`ve tryied in ./msfconsole to setup
php/exec php/shell_php php/bind LHOST ,exec commands and nothing works.
can i get some help please ?i found many 0day bugs and i can`t use them,i
tryied on 20 different machines sqlmap and still the same problems.
Thanks in advance
2010/5/31 Ustupid MFU <ust...@gm...>
> which web application language does the web server support?
> [1] ASP (default)
> [2] PHP
> [3] JSP
> > 1
> [23:34:10] [WARNING] unable to retrieve the web server document root
> please provide the web server document root [C:/Inetpub/wwwroot/]:
> C:/xampp/htdocs/modules/weblinks0/
> [23:34:13] [INFO] retrieved web server full paths:
> '/modules/weblinks0/visit.php'
> please provide any additional web server full path to try to upload the
> agent [C:/Inetpub/wwwroot/]:
> [23:34:16] [WARNING] unable to upload the uploader agent on
> '/modules/weblinks0'
> [23:34:16] [ERROR] unhandled exception in sqlmap/0.8, please copy the
> command line and the following text and send by e-mail to
> sql...@li.... The developer will fix it as soon as
> possible:
> sqlmap version: 0.8
> Python version: 2.6.5
> Operating system: linux2
> Traceback (most recent call last):
> File "./sqlmap.py", line 77, in main
> start()
> File "/.rnd2/pa/sqlmap/lib/controller/controller.py", line 259, in start
> action()
> File "/.rnd2/pa/sqlmap/lib/controller/action.py", line 141, in action
> conf.dbmsHandler.osShell()
> File "/.rnd2/pa/sqlmap/plugins/generic/takeover.py", line 98, in osShell
> self.initEnv(web=web)
> File "/.rnd2/pa/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv
> self.webInit()
> File "/.rnd2/pa/sqlmap/lib/takeover/web.py", line 189, in webInit
> uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True,
> raise404=False)
> File "/.rnd2/pa/sqlmap/lib/request/connect.py", line 126, in getPage
> conn = urllib2.urlopen(req)
> File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen
> return _opener.open(url, data, timeout)
> File "/usr/local/lib/python2.6/urllib2.py", line 391, in open
> response = self._open(req, data)
> File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open
> '_open', req)
> File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain
> result = func(*args)
> File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open
> return self.do_open(httplib.HTTPConnection, req)
> File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open
> h = http_class(host, timeout=req.timeout) # will parse host:port
> File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__
> self._set_hostport(host, port)
> File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport
> raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
> InvalidURL: nonnumeric port: ''
>
> [*] shutting down at: 23:34:16
>
> ./sqlmap.py -u 'http://somehost/modules/weblinks0/visit.php?lid=44'
> --os-shell --msf-path /opt/metasploit3/msf3
>
|
|
From: Miroslav S. <mir...@gm...> - 2010-05-31 21:06:03
|
Hi and sorry for not replying sooner. Please update to the latest development version (v0.9-dev) by executing: svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev There were gazillion of bug fixes from version you use (v0.8) Kind regards On Mon, May 31, 2010 at 10:02 PM, Ustupid MFU <ust...@gm...> wrote: > > It is the 0.8 sqlmap version > I have other problems with sqlmap,and i could need some assistance,i`ve read the whole google and watched all youtube "hack" videos with sqlmap > But > [1] ASP (default) > [2] PHP > [3] JSP > this is the only option i get for --os-pwn --os-bof with --msf-path /to/msfconsole/framework > nothing works,i`ve installed all ,ruby-openssl,gems ruby,python newest version,openssl,bind,php latest version,libssl,all dependencies,rubygems,mandb,subversion latest i don`t know what to do anymore,i`ve tryied in ./msfconsole to setup php/exec php/shell_php php/bind LHOST ,exec commands and nothing works. > can i get some help please ?i found many 0day bugs and i can`t use them,i tryied on 20 different machines sqlmap and still the same problems. > Thanks in advance > > 2010/5/31 Ustupid MFU <ust...@gm...> >> >> which web application language does the web server support? >> [1] ASP (default) >> [2] PHP >> [3] JSP >> > 1 >> [23:34:10] [WARNING] unable to retrieve the web server document root >> please provide the web server document root [C:/Inetpub/wwwroot/]: C:/xampp/htdocs/modules/weblinks0/ >> [23:34:13] [INFO] retrieved web server full paths: '/modules/weblinks0/visit.php' >> please provide any additional web server full path to try to upload the agent [C:/Inetpub/wwwroot/]: >> [23:34:16] [WARNING] unable to upload the uploader agent on '/modules/weblinks0' >> [23:34:16] [ERROR] unhandled exception in sqlmap/0.8, please copy the command line and the following text and send by e-mail to sql...@li.... The developer will fix it as soon as possible: >> sqlmap version: 0.8 >> Python version: 2.6.5 >> Operating system: linux2 >> Traceback (most recent call last): >> File "./sqlmap.py", line 77, in main >> start() >> File "/.rnd2/pa/sqlmap/lib/controller/controller.py", line 259, in start >> action() >> File "/.rnd2/pa/sqlmap/lib/controller/action.py", line 141, in action >> conf.dbmsHandler.osShell() >> File "/.rnd2/pa/sqlmap/plugins/generic/takeover.py", line 98, in osShell >> self.initEnv(web=web) >> File "/.rnd2/pa/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv >> self.webInit() >> File "/.rnd2/pa/sqlmap/lib/takeover/web.py", line 189, in webInit >> uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, raise404=False) >> File "/.rnd2/pa/sqlmap/lib/request/connect.py", line 126, in getPage >> conn = urllib2.urlopen(req) >> File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen >> return _opener.open(url, data, timeout) >> File "/usr/local/lib/python2.6/urllib2.py", line 391, in open >> response = self._open(req, data) >> File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open >> '_open', req) >> File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain >> result = func(*args) >> File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open >> return self.do_open(httplib.HTTPConnection, req) >> File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open >> h = http_class(host, timeout=req.timeout) # will parse host:port >> File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__ >> self._set_hostport(host, port) >> File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport >> raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) >> InvalidURL: nonnumeric port: '' >> [*] shutting down at: 23:34:16 >> ./sqlmap.py -u 'http://somehost/modules/weblinks0/visit.php?lid=44' --os-shell --msf-path /opt/metasploit3/msf3 > > ------------------------------------------------------------------------------ > > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Andreas C. (MegaHz) <me...@me...> - 2010-06-04 09:14:45
|
hi there,
i'd like to show you some errors i have received today scanning a site:
[11:40:26] [INFO] testing connection to the target url
[11:40:27] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the command line and the following text and send by e-mail to sql...@li.... The developer will fix it as soon as possible:
sqlmap version: 0.9-dev
Python version: 2.6.4
Operating system: posix
Traceback (most recent call last):
File "./sqlmap.py", line 89, in main
start()
File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/controller/controller.py", line 154, in start
if not checkConnection() or not checkString() or not checkRegexp():
File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/controller/checks.py", line 395, in checkConnection
page, _ = Request.getPage()
File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/request/connect.py", line 256, in getPage
parseResponse(page, responseHeaders)
File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/request/basic.py", line 73, in parseResponse
htmlParser(page)
File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/parse/html.py", line 69, in htmlParser
page = sanitizeStr(page)
File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/core/common.py", line 520, in sanitizeStr
cleanString = unicode(inpStr)
UnicodeDecodeError: 'ascii' codec can't decode byte 0xef in position 0: ordinal not in range(128)
[*] shutting down at: 11:40:27
i am using the latest dev version on a mac.
thanks
-- Andreas
|
|
From: Miroslav S. <mir...@gm...> - 2010-06-04 17:06:58
|
Hi. Thank you for your report Andreas. We've fixed the issue in our last commit. Please, update to the latest development version to have it fixed on your side. KR On Fri, Jun 4, 2010 at 10:41 AM, Andreas Constantinides (MegaHz) <me...@me...> wrote: > > hi there, > > i'd like to show you some errors i have received today scanning a site: > > > [11:40:26] [INFO] testing connection to the target url > > [11:40:27] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the command line and the following text and send by e-mail to sql...@li.... The developer will fix it as soon as possible: > sqlmap version: 0.9-dev > Python version: 2.6.4 > Operating system: posix > Traceback (most recent call last): > File "./sqlmap.py", line 89, in main > start() > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/controller/controller.py", line 154, in start > if not checkConnection() or not checkString() or not checkRegexp(): > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/controller/checks.py", line 395, in checkConnection > page, _ = Request.getPage() > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/request/connect.py", line 256, in getPage > parseResponse(page, responseHeaders) > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/request/basic.py", line 73, in parseResponse > htmlParser(page) > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/parse/html.py", line 69, in htmlParser > page = sanitizeStr(page) > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/core/common.py", line 520, in sanitizeStr > cleanString = unicode(inpStr) > UnicodeDecodeError: 'ascii' codec can't decode byte 0xef in position 0: ordinal not in range(128) > > [*] shutting down at: 11:40:27 > > > i am using the latest dev version on a mac. > > thanks > > -- Andreas > > ------------------------------------------------------------------------------ > ThinkGeek and WIRED's GeekDad team up for the Ultimate > GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the > lucky parental unit. See the prize list and enter to win: > http://p.sf.net/sfu/thinkgeek-promo > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: trog - <tro...@gm...> - 2010-08-01 02:42:44
|
got the following error with --os-shell, what could be causing it?
[23:37:22] [INPUT] please provide a list of directories absolute path
comma separated that you want sqlmap to try to upload the agent
[/var/www/test]: /home/herbs4/public_html/image/, /home/logs/,
/home/herbs4/www/, /home/www/, /var/www/, /home/herbs4/access-logs/,
/var/www/access-logs/, /home/
[23:37:59] [INFO] trying to upload the uploader agent
[23:38:07] [WARNING] unable to upload the uploader agent on '/home/'
[23:38:15] [WARNING] unable to upload the uploader agent on
'/home/herbs4/access-logs/'
[23:38:18] [ERROR] unhandled exception in sqlmap/0.6.4, please copy
the command line and the following text and send by e-mail to
sql...@li.... The developers will fix it as soon
as possible:
sqlmap version: 0.6.4
Python version: 2.6.5
Operating system: linux2
Traceback (most recent call last):
File "/usr/bin/sqlmap", line 81, in main
start()
File "/usr/share/sqlmap/lib/controller/controller.py", line 255, in start
action()
File "/usr/share/sqlmap/lib/controller/action.py", line 137, in action
conf.dbmsHandler.osShell()
File "/usr/share/sqlmap/plugins/dbms/mysql.py", line 448, in osShell
page, _ = Request.getPage(url=uploaderUrl, direct=True)
File "/usr/share/sqlmap/lib/request/connect.py", line 128, in getPage
conn = urllib2.urlopen(req)
File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen
return _opener.open(url, data, timeout)
File "/usr/lib/python2.6/urllib2.py", line 391, in open
response = self._open(req, data)
File "/usr/lib/python2.6/urllib2.py", line 409, in _open
'_open', req)
File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain
result = func(*args)
File "/usr/lib/python2.6/urllib2.py", line 1161, in http_open
return self.do_open(httplib.HTTPConnection, req)
File "/usr/lib/python2.6/urllib2.py", line 1107, in do_open
h = http_class(host, timeout=req.timeout) # will parse host:port
File "/usr/lib/python2.6/httplib.py", line 657, in __init__
self._set_hostport(host, port)
File "/usr/lib/python2.6/httplib.py", line 682, in _set_hostport
raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
InvalidURL: nonnumeric port: '80image'
|
|
From: Bernardo D. A. G. <ber...@gm...> - 2010-08-04 08:48:34
|
Use the latest development version from subversion repository. This
issue is fixed there and in stable 0.8 version.
Bernardo
On Sun, Aug 1, 2010 at 03:42, trog - <tro...@gm...> wrote:
> got the following error with --os-shell, what could be causing it?
>
> [23:37:22] [INPUT] please provide a list of directories absolute path
> comma separated that you want sqlmap to try to upload the agent
> [/var/www/test]: /home/herbs4/public_html/image/, /home/logs/,
> /home/herbs4/www/, /home/www/, /var/www/, /home/herbs4/access-logs/,
> /var/www/access-logs/, /home/
> [23:37:59] [INFO] trying to upload the uploader agent
> [23:38:07] [WARNING] unable to upload the uploader agent on '/home/'
> [23:38:15] [WARNING] unable to upload the uploader agent on
> '/home/herbs4/access-logs/'
> [23:38:18] [ERROR] unhandled exception in sqlmap/0.6.4, please copy
> the command line and the following text and send by e-mail to
> sql...@li.... The developers will fix it as soon
> as possible:
> sqlmap version: 0.6.4
> Python version: 2.6.5
> Operating system: linux2
> Traceback (most recent call last):
> File "/usr/bin/sqlmap", line 81, in main
> start()
> File "/usr/share/sqlmap/lib/controller/controller.py", line 255, in start
> action()
> File "/usr/share/sqlmap/lib/controller/action.py", line 137, in action
> conf.dbmsHandler.osShell()
> File "/usr/share/sqlmap/plugins/dbms/mysql.py", line 448, in osShell
> page, _ = Request.getPage(url=uploaderUrl, direct=True)
> File "/usr/share/sqlmap/lib/request/connect.py", line 128, in getPage
> conn = urllib2.urlopen(req)
> File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen
> return _opener.open(url, data, timeout)
> File "/usr/lib/python2.6/urllib2.py", line 391, in open
> response = self._open(req, data)
> File "/usr/lib/python2.6/urllib2.py", line 409, in _open
> '_open', req)
> File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain
> result = func(*args)
> File "/usr/lib/python2.6/urllib2.py", line 1161, in http_open
> return self.do_open(httplib.HTTPConnection, req)
> File "/usr/lib/python2.6/urllib2.py", line 1107, in do_open
> h = http_class(host, timeout=req.timeout) # will parse host:port
> File "/usr/lib/python2.6/httplib.py", line 657, in __init__
> self._set_hostport(host, port)
> File "/usr/lib/python2.6/httplib.py", line 682, in _set_hostport
> raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
> InvalidURL: nonnumeric port: '80image'
>
> ------------------------------------------------------------------------------
> The Palm PDK Hot Apps Program offers developers who use the
> Plug-In Development Kit to bring their C/C++ apps to Palm for a share
> of $1 Million in cash or HP Products. Visit us here for more details:
> http://p.sf.net/sfu/dev2dev-palm
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Bernardo Damele A. G.
E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)
PGP Key ID: 0x05F5A30F
|
|
From: Faisal H. <fai...@gm...> - 2010-09-12 21:22:39
|
sqlmap version: 0.8
Python version: 2.6.5
Operating system: linux2
Traceback (most recent call last):
File "sqlmap.py", line 77, in main
start()
File "/home/0x00/sqlmap/lib/controller/controller.py", line 259, in start
action()
File "/home/0x00/sqlmap/lib/controller/action.py", line 144, in action
conf.dbmsHandler.osPwn()
File "/home/0x00/sqlmap/plugins/generic/takeover.py", line 169, in osPwn
self.initEnv(web=web)
File "/home/0x00/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv
self.webInit()
File "/home/0x00/sqlmap/lib/takeover/web.py", line 189, in webInit
uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True,
raise404=False)
File "/home/0x00/sqlmap/lib/request/connect.py", line 126, in getPage
conn = urllib2.urlopen(req)
File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen
return _opener.open(url, data, timeout)
File "/usr/local/lib/python2.6/urllib2.py", line 391, in open
response = self._open(req, data)
File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open
'_open', req)
File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain
result = func(*args)
File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open
return self.do_open(httplib.HTTPConnection, req)
File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open
h = http_class(host, timeout=req.timeout) # will parse host:port
File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__
self._set_hostport(host, port)
File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport
raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
InvalidURL: nonnumeric port: ''
|
|
From: Miroslav S. <mir...@gm...> - 2010-09-13 07:53:31
|
This was fixed in our development version. Please check it out from our SVN repository to have it fixed (svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). KR On Sun, Sep 12, 2010 at 11:22 PM, Faisal Hourani <fai...@gm...> wrote: > sqlmap version: 0.8 > Python version: 2.6.5 > Operating system: linux2 > Traceback (most recent call last): > File "sqlmap.py", line 77, in main > start() > File "/home/0x00/sqlmap/lib/controller/controller.py", line 259, in start > action() > File "/home/0x00/sqlmap/lib/controller/action.py", line 144, in action > conf.dbmsHandler.osPwn() > File "/home/0x00/sqlmap/plugins/generic/takeover.py", line 169, in osPwn > self.initEnv(web=web) > File "/home/0x00/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv > self.webInit() > File "/home/0x00/sqlmap/lib/takeover/web.py", line 189, in webInit > uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, > raise404=False) > File "/home/0x00/sqlmap/lib/request/connect.py", line 126, in getPage > conn = urllib2.urlopen(req) > File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen > return _opener.open(url, data, timeout) > File "/usr/local/lib/python2.6/urllib2.py", line 391, in open > response = self._open(req, data) > File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open > '_open', req) > File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain > result = func(*args) > File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open > return self.do_open(httplib.HTTPConnection, req) > File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open > h = http_class(host, timeout=req.timeout) # will parse host:port > File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__ > self._set_hostport(host, port) > File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport > raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) > InvalidURL: nonnumeric port: '' > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing > http://p.sf.net/sfu/novell-sfdev2dev > > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
|
From: Cheng R. <hm...@gm...> - 2010-12-29 05:59:33
|
sqlmap version: 0.8 Python version: 2.6.2 Operating system: win32 Traceback (most recent call last): File "sqlmap.py", line 74, in main File "lib\core\option.pyc", line 1141, in init File "lib\parse\queriesfile.pyc", line 229, in queriesParser File "xml\sax\__init__.pyc", line 33, in parse File "xml\sax\expatreader.pyc", line 107, in parse File "xml\sax\xmlreader.pyc", line 119, in parse File "xml\sax\expatreader.pyc", line 111, in prepareParser UnicodeEncodeError: 'ascii' codec can't encode characters in position 30-31: ord inal not in range(128) |
|
From: Miroslav S. <mir...@gm...> - 2010-12-29 08:19:49
|
hi. this was probably fixed long time ago. update to the latest version from our SVN repository to have it fixed (svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). kr p.s. if you are trying to change content of the queries.xml with the non-ASCII conformant characters then please try with the latest version and please report. On Wed, Dec 29, 2010 at 6:59 AM, Cheng Roger <hm...@gm...> wrote: > > sqlmap version: 0.8 > Python version: 2.6.2 > Operating system: win32 > Traceback (most recent call last): > File "sqlmap.py", line 74, in main > File "lib\core\option.pyc", line 1141, in init > File "lib\parse\queriesfile.pyc", line 229, in queriesParser > File "xml\sax\__init__.pyc", line 33, in parse > File "xml\sax\expatreader.pyc", line 107, in parse > File "xml\sax\xmlreader.pyc", line 119, in parse > File "xml\sax\expatreader.pyc", line 111, in prepareParser > UnicodeEncodeError: 'ascii' codec can't encode characters in position > 30-31: ord > inal not in range(128) > > > ------------------------------------------------------------------------------ > Learn how Oracle Real Application Clusters (RAC) One Node allows customers > to consolidate database storage, standardize their database environment, > and, > should the need arise, upgrade to a full multi-node Oracle RAC database > without downtime or disruption > http://p.sf.net/sfu/oracle-sfdevnl > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
|
From: Chris C. <ccl...@fl...> - 2011-07-07 20:45:10
|
[15:37:17] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4224), retry
your run with the latest development version from the Subversion
repository. If the exception persists, please send by e-mail to
sql...@li... the following text and any information
required to reproduce the bug. The developers will try to reproduce the
bug, fix it accordingly and get back to you.
sqlmap version: 1.0-dev (r4224)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py --batch --eta --os-shell --priv-esc --dump-all
--forms -o -u **********************************************
Technique: None
Back-end DBMS: Microsoft Access (fingerprinted)
Traceback (most recent call last):
File "./sqlmap.py", line 86, in main
start()
File "/pentest/database/sqlmap/lib/controller/controller.py", line 552,
in start
action()
File "/pentest/database/sqlmap/lib/controller/action.py", line 112, in
action
conf.dbmsHandler.dumpAll()
File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line
1781, in dumpAll
self.getTables()
File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line
806, in getTables
tables = self.getTables(False)
File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line
867, in getTables
query = rootQuery.inband.query
AttributeError: 'DictObject' object has no attribute 'inband'
[*] shutting down at 15:37:17
Chris
|
|
From: Bernardo D. A. G. <ber...@gm...> - 2011-07-08 09:14:28
|
Hi Chris, This is fixed now, but there's another bug I introduced recently. I will fix that as soon as possible. Thanks for reporting. Bernardo On 7 July 2011 21:44, Chris Clements <ccl...@fl...> wrote: > [15:37:17] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4224), retry > your run with the latest development version from the Subversion > repository. If the exception persists, please send by e-mail to > sql...@li... the following text and any information > required to reproduce the bug. The developers will try to reproduce the > bug, fix it accordingly and get back to you. > sqlmap version: 1.0-dev (r4224) > Python version: 2.6.5 > Operating system: posix > Command line: ./sqlmap.py --batch --eta --os-shell --priv-esc --dump-all > --forms -o -u ********************************************** > Technique: None > Back-end DBMS: Microsoft Access (fingerprinted) > Traceback (most recent call last): > File "./sqlmap.py", line 86, in main > start() > File "/pentest/database/sqlmap/lib/controller/controller.py", line 552, > in start > action() > File "/pentest/database/sqlmap/lib/controller/action.py", line 112, in > action > conf.dbmsHandler.dumpAll() > File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line > 1781, in dumpAll > self.getTables() > File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line > 806, in getTables > tables = self.getTables(False) > File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line > 867, in getTables > query = rootQuery.inband.query > AttributeError: 'DictObject' object has no attribute 'inband' > > [*] shutting down at 15:37:17 > > > Chris > > > ------------------------------------------------------------------------------ > All of the data generated in your IT infrastructure is seriously valuable. > Why? It contains a definitive record of application performance, security > threats, fraudulent activity, and more. Splunk takes this data and makes > sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-d2d-c2 > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: Unavailable |
|
From: zerkerpure p. <zer...@ho...> - 2011-09-18 16:34:13
|
hello I recently installed Sqlmap and python like I was suppost to but when i go to click sqlmap which is a python file it starts up and says the normal sqlmap/0.9 - autmatic SQL injection and database takeover tool http://sqlmap.sourceforge.net Usage: python C:\Users\Name\Desktop\sqlmap\sqlmap.py [options] then the problem occurs below is exactly what it says: "sqlmap.py:error: missing a mandatory parameter ('-d' , '-u', '-l', '-r', '-g', '-c', '--wizard' or '--update'), -h for help. But when i try typing anything and entering like -h it just automatically closes out and does nothing can you please help me out with this problem because im not sure what im doing wrong or what i need to do to fix. |
|
From: Miroslav S. <mir...@gm...> - 2011-09-18 16:38:28
|
hi. you are probably using Windows and you just double clicked the sqlmap.py file :) you are supposed to go the "Command Prompt" inside Windows OS, go to the sqlmap's directory, and from there run: python sqlmap.py together with other options. also, you are advised to checkout the latest v1.0-dev version from our repository. you can do that by downloading TortoiseSVN and right-click inside the place where you want it to be checked out, and select "Checkout...". as an URL address enter: https://svn.sqlmap.org/sqlmap/trunk/sqlmap kind regards. On Sun, Sep 18, 2011 at 6:34 PM, zerkerpure pkinghotmailcom <zer...@ho...> wrote: > hello I recently installed Sqlmap and python like I was suppost to but when > i go to click sqlmap which is a python file it starts up and says the > normal > sqlmap/0.9 - autmatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > Usage: python C:\Users\Name\Desktop\sqlmap\sqlmap.py [options] > then the problem occurs below is exactly what it says: > "sqlmap.py:error: missing a mandatory parameter ('-d' , '-u', '-l', '-r', > '-g', '-c', '--wizard' or '--update'), -h for help. But when i try typing > anything and entering like -h it just automatically closes out and does > nothing can you please help me out with this problem because im not sure > what im doing wrong or what i need to do to fix. > > ------------------------------------------------------------------------------ > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > http://p.sf.net/sfu/rim-devcon-copy2 > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Dusan L. <dus...@gm...> - 2012-07-22 19:52:24
|
[20:02:09] [CRITICAL] unhandled exception in sqlmap/0.9, retry your run
with the
latest development version from the Subversion repository. If the
exception per
sists, please send by e-mail to sql...@li... the
following
text and any information required to reproduce the bug. The developers
will try
to reproduce the bug, fix it accordingly and get back to you.
sqlmap version: 0.9 (r3630)
Python version: 2.7.2
Operating system: nt
Command line: D:\Anon Hacking\Black Hat\SQLi\SQLmap\SQLmap\sqlmap.py
--proxy=htt
p://186.215.202.163:8080 -u
****************************************************
***************** --random-agent --dump-all --exclude-sysdb --eta
Technique: ERROR
Back-end DBMS: MySQL (fingerprinted)
Traceback (most recent call last):
File "D:\Anon Hacking\Black Hat\SQLi\SQLmap\SQLmap\sqlmap.py", line
82, in mai
n
start()
File "D:\Anon Hacking\Black
Hat\SQLi\SQLmap\SQLmap\lib\controller\controller.p
y", line 447, in start
action()
File "D:\Anon Hacking\Black
Hat\SQLi\SQLmap\SQLmap\lib\controller\action.py",
line 106, in action
conf.dbmsHandler.dumpAll()
File "D:\Anon Hacking\Black
Hat\SQLi\SQLmap\SQLmap\plugins\generic\enumeration
.py", line 1496, in dumpAll
data = self.dumpTable()
File "D:\Anon Hacking\Black
Hat\SQLi\SQLmap\SQLmap\plugins\generic\enumeration
.py", line 1275, in dumpTable
colString = ", ".join(column for column in colList)
TypeError: sequence item 1: expected string or Unicode, NoneType found
[*] shutting down at: 20:02:09
|
|
From: Bernardo D. A. G. <ber...@gm...> - 2012-07-22 19:58:19
|
Dusan, you are running a year and a half outdated version of sqlmap. Run the following command: $ git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev and try your run again from sqlmap-dev directory. Bernardo On 22 July 2012 20:52, Dusan Lauko <dus...@gm...> wrote: > [20:02:09] [CRITICAL] unhandled exception in sqlmap/0.9, retry your run > with the > latest development version from the Subversion repository. If the > exception per > sists, please send by e-mail to sql...@li... the > following > text and any information required to reproduce the bug. The developers > will try > to reproduce the bug, fix it accordingly and get back to you. > sqlmap version: 0.9 (r3630) > Python version: 2.7.2 > Operating system: nt > Command line: D:\Anon Hacking\Black Hat\SQLi\SQLmap\SQLmap\sqlmap.py > --proxy=htt > p://186.215.202.163:8080 -u > **************************************************** > ***************** --random-agent --dump-all --exclude-sysdb --eta > Technique: ERROR > Back-end DBMS: MySQL (fingerprinted) > Traceback (most recent call last): > File "D:\Anon Hacking\Black Hat\SQLi\SQLmap\SQLmap\sqlmap.py", line > 82, in mai > n > start() > File "D:\Anon Hacking\Black > Hat\SQLi\SQLmap\SQLmap\lib\controller\controller.p > y", line 447, in start > action() > File "D:\Anon Hacking\Black > Hat\SQLi\SQLmap\SQLmap\lib\controller\action.py", > line 106, in action > conf.dbmsHandler.dumpAll() > File "D:\Anon Hacking\Black > Hat\SQLi\SQLmap\SQLmap\plugins\generic\enumeration > .py", line 1496, in dumpAll > data = self.dumpTable() > File "D:\Anon Hacking\Black > Hat\SQLi\SQLmap\SQLmap\plugins\generic\enumeration > .py", line 1275, in dumpTable > colString = ", ".join(column for column in colList) > TypeError: sequence item 1: expected string or Unicode, NoneType found > > [*] shutting down at: 20:02:09 > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) |
|
From: D A. <je...@ho...> - 2012-08-03 16:37:25
|
hi im try to run sqlmap from msf but i keep getting this error the sqlmap script could not be found: iv already had sqlmap path to system Path envirounment put im still getting this error. can u tell me what i can do from here. Thank you! |
|
From: Miroslav S. <mir...@gm...> - 2012-08-06 22:01:40
|
Hi. Metasploit's module sqlmap(.rb) is obsolete. Kind regards, Miroslav Stampar On Fri, Aug 3, 2012 at 6:37 PM, D Atkin <je...@ho...> wrote: > hi > > im try to run sqlmap from msf but i keep getting this error > > the sqlmap script could not be found: > > iv already had sqlmap path to system Path envirounment put im still > getting this error. > > can u tell me what i can do from here. > > Thank you! > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
|
From: Bernardo D. A. G. <ber...@gm...> - 2009-06-24 14:12:46
|
Hi, On Mon, Jun 22, 2009 at 14:03, sql pirate<sql...@go...> wrote: > ... > ./sqlmap.py -u > "http://www.example.com/system/listinstances.nav?FORMULARNAME=listinstances&FORMULARSEGMENT=0&FLD_maxElementsListInstances=5&FLD_listInstancesOrderBy=1" > -p FLD_listInstancesOrderBy --string=rowHighSmall > --proxy=http://127.0.0.1:8080/ > --cookie="JSESSIONID=1RjDK1vK9NMkyJ7tWPWks9wTYyYz22h5pTQ2qTWVx6pQVhxC2nVg" > --delay=1 --prefix="%2b(select%20case%20when%201=1" > --postfix="then%201%20else%201/0%20end%20from%20dual)" --sql-query="select > 'bla' from dual" > ... > forgedPayload = payload % (expressionUnescaped, idx, limit) > ValueError: unsupported format character 'b' (0x62) at index 104 > ... Use latest sqlmap from subversion repository. Avoid uri encoding in --prefix and --postfix options' value. sqlmap uri encode the HTTP request parameters properly automatically. Cheers, -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +447788962949 (UK), +393493821385 (IT) PGP Key ID: 0x05F5A30F |
|
From: Bernardo D. A. G. <ber...@gm...> - 2009-06-24 21:58:17
|
---------- Forwarded message ---------- From: sql pirate <sql...@go...> Date: Wed, Jun 24, 2009 at 21:59 Subject: Re: [sqlmap-users] sqlmap error To: "Bernardo Damele A. G." <ber...@gm...> Hi Bernando, thanks for your help. Your tool works now for this vulnerability! Though I have some other restrictions from the application now which prevents me from extracting data :-( Cheers, Jan 2009/6/24 Bernardo Damele A. G. <ber...@gm...> > > Hi, > > On Mon, Jun 22, 2009 at 14:03, sql pirate<sql...@go...> wrote: > > ... > > ./sqlmap.py -u > > "http://www.example.com/system/listinstances.nav?FORMULARNAME=listinstances&FORMULARSEGMENT=0&FLD_maxElementsListInstances=5&FLD_listInstancesOrderBy=1" > > -p FLD_listInstancesOrderBy --string=rowHighSmall > > --proxy=http://127.0.0.1:8080/ > > --cookie="JSESSIONID=1RjDK1vK9NMkyJ7tWPWks9wTYyYz22h5pTQ2qTWVx6pQVhxC2nVg" > > --delay=1 --prefix="%2b(select%20case%20when%201=1" > > --postfix="then%201%20else%201/0%20end%20from%20dual)" --sql-query="select > > 'bla' from dual" > > ... > > forgedPayload = payload % (expressionUnescaped, idx, limit) > > ValueError: unsupported format character 'b' (0x62) at index 104 > > ... > > Use latest sqlmap from subversion repository. > Avoid uri encoding in --prefix and --postfix options' value. sqlmap > uri encode the HTTP request parameters properly automatically. > > Cheers, > -- > Bernardo Damele A. G. > > E-mail / Jabber: bernardo.damele (at) gmail.com > Mobiles: +447788962949 (UK), +393493821385 (IT) > PGP Key ID: 0x05F5A30F -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +447788962949 (UK), +393493821385 (IT) PGP Key ID: 0x05F5A30F |
Thanks for helping keep SourceForge clean.
X