Thread: [sqlmap-users] SQLMap Stager Uploader
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users
|
From: yonny m. <yo...@go...> - 2011-01-19 19:06:51
|
Hi,
Wonderful tool.... Seems like the stager uploader has ceased to work...
anyone to help with this please..
To add more info that might help in troubleshooting :
DB : mysql Ver 14.14 Distrib 5.1.41, for debian-linux-gnu (i486) using
readline 6.1
App: The vulnerable Multidae app
Command Used: ./sqlmap.py --level 5 --risk 3 --parse-errors --os-pwn
--time-sec 10 -a txt/user-agents.txt --text-only --threads 1
--timeout 39 -u "http://127.0.0.1/mutillidae/index.php?page=login.php"
--method "POST" --data "user_name=txv&password=txv&Submit_button=Submit"
Rgds
|
|
From: Miroslav S. <mir...@gm...> - 2011-01-19 21:25:02
|
hi yonny. few questions. do you have write permissions "for all" at the "target" directory (for example: /var/www/Multidae)? at which directory does Multidae reside at your debian machine? what have you entered as "target directory" when sqlmap asked you? as you can guess, most occuring problem with "stager" are the write permissions for the web servers process. KR On Wed, Jan 19, 2011 at 8:06 PM, yonny mutai <yo...@go...> wrote: > Hi, > Wonderful tool.... Seems like the stager uploader has ceased to work... > anyone to help with this please.. > To add more info that might help in troubleshooting : > DB : mysql Ver 14.14 Distrib 5.1.41, for debian-linux-gnu (i486) using > readline 6.1 > App: The vulnerable Multidae app > Command Used: ./sqlmap.py --level 5 --risk 3 --parse-errors --os-pwn > --time-sec 10 -a txt/user-agents.txt --text-only --threads 1 > --timeout 39 -u "http://127.0.0.1/mutillidae/index.php?page=login.php" > --method "POST" --data "user_name=txv&password=txv&Submit_button=Submit" > > Rgds > ------------------------------------------------------------------------------ > Protect Your Site and Customers from Malware Attacks > Learn about various malware tactics and how to avoid them. Understand > malware threats, the impact they can have on your business, and how you > can protect your company and customers by using code signing. > http://p.sf.net/sfu/oracle-sfdevnl > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
|
From: yonny m. <yo...@go...> - 2011-01-19 21:38:46
|
Thanks for your response Miroslav,
I have tried setting the permissions for the directories do that they
are owned by the apache process ... but still it doesnt seem to work.Here
are the access logs:
127.0.0.1 - - [20/Jan/2011:00:30:15 +0300] "POST
/mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Mozilla/5.0
(X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
Firefox/3.6.9"
127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "POST
/mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0
(X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
Firefox/3.6.9"
127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "GET /tmpuvwtu.php HTTP/1.1" 404
488 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9)
Gecko/20100915 Gentoo Firefox/3.6.9"
127.0.0.1 - - [20/Jan/2011:00:30:49 +0300] "POST
/mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Mozilla/5.0
(X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0
Firefox/3.5.2"
127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "POST
/mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0
(X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0
Firefox/3.5.2"
127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "GET /tmpucqwh.php HTTP/1.1" 404
488 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729
Slackware/13.0 Firefox/3.5.2"
and the permissions
sylar@Sylar:/pentest/database/sqlmap$ ls -lht /var/www/
drwxrwxrwx 8 www-data www-data 4.0K 2011-01-08 11:40 vux
-rwxrwxrwx 1 www-data www-data 102K 2010-12-21 17:24 fc4.js
-rwxrwxrwx 1 www-data www-data 6.9K 2010-12-21 16:47 41.js
drwxrwxrwx 4 www-data www-data 4.0K 2010-06-16 08:37 mutillidae
... and I have the most latest state of the code from svn
On Thu, Jan 20, 2011 at 12:24 AM, Miroslav Stampar <
mir...@gm...> wrote:
> hi yonny.
>
> few questions.
>
> do you have write permissions "for all" at the "target" directory (for
> example: /var/www/Multidae)? at which directory does Multidae reside
> at your debian machine? what have you entered as "target directory"
> when sqlmap asked you?
>
> as you can guess, most occuring problem with "stager" are the write
> permissions for the web servers process.
>
> KR
>
> On Wed, Jan 19, 2011 at 8:06 PM, yonny mutai <yo...@go...>
> wrote:
> > Hi,
> > Wonderful tool.... Seems like the stager uploader has ceased to
> work...
> > anyone to help with this please..
> > To add more info that might help in troubleshooting :
> > DB : mysql Ver 14.14 Distrib 5.1.41, for debian-linux-gnu (i486)
> using
> > readline 6.1
> > App: The vulnerable Multidae app
> > Command Used: ./sqlmap.py --level 5 --risk 3 --parse-errors
> --os-pwn
> > --time-sec 10 -a txt/user-agents.txt --text-only --threads 1
> > --timeout 39 -u "http://127.0.0.1/mutillidae/index.php?page=login.php"
> > --method "POST" --data "user_name=txv&password=txv&Submit_button=Submit"
> >
> > Rgds
> >
> ------------------------------------------------------------------------------
> > Protect Your Site and Customers from Malware Attacks
> > Learn about various malware tactics and how to avoid them. Understand
> > malware threats, the impact they can have on your business, and how you
> > can protect your company and customers by using code signing.
> > http://p.sf.net/sfu/oracle-sfdevnl
> > _______________________________________________
> > sqlmap-users mailing list
> > sql...@li...
> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
> >
> >
>
>
>
> --
> Miroslav Stampar
>
> E-mail / Jabber: miroslav.stampar (at) gmail.com
> Mobile: +385921010204 (HR 0921010204)
> PGP Key ID: 0xB5397B1B
> Location: Zagreb, Croatia
>
--
Regards
Yonny Mutai
|
|
From: Miroslav S. <mir...@gm...> - 2011-01-19 22:00:42
|
hi again. i wrongly mixed --os-shell and --os-pwn. for --os-pwn you need metasploit. are you using sqlmap on windows or on linux? where is your metasploit located (you haven't use the --msf-path=MSFPATH option)? if on linux then there would be a critical message "unable to locate Metasploit Framework 3 installation...." if no --msf-path specified (except proper environment variable is set), while on windows that message is in form of warning (we should change it to critical abort too) which says "[22:50:05] [WARNING] some sqlmap takeover functionalities are not yet supported on Windows. Please use Linux in a virtual machine for out-of-band features. sqlm ap will now carry on ignoring out-of-band switches" kr On Wed, Jan 19, 2011 at 10:37 PM, yonny mutai <yo...@go...> wrote: > Thanks for your response Miroslav, > I have tried setting the permissions for the directories do that they > are owned by the apache process ... but still it doesnt seem to work.Here > are the access logs: > 127.0.0.1 - - [20/Jan/2011:00:30:15 +0300] "POST > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Mozilla/5.0 > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo > Firefox/3.6.9" > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "POST > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0 > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo > Firefox/3.6.9" > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "GET /tmpuvwtu.php HTTP/1.1" 404 > 488 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9) > Gecko/20100915 Gentoo Firefox/3.6.9" > 127.0.0.1 - - [20/Jan/2011:00:30:49 +0300] "POST > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Mozilla/5.0 > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0 > Firefox/3.5.2" > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "POST > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0 > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0 > Firefox/3.5.2" > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "GET /tmpucqwh.php HTTP/1.1" 404 > 488 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 > Slackware/13.0 Firefox/3.5.2" > and the permissions > sylar@Sylar:/pentest/database/sqlmap$ ls -lht /var/www/ > drwxrwxrwx 8 www-data www-data 4.0K 2011-01-08 11:40 vux > -rwxrwxrwx 1 www-data www-data 102K 2010-12-21 17:24 fc4.js > -rwxrwxrwx 1 www-data www-data 6.9K 2010-12-21 16:47 41.js > drwxrwxrwx 4 www-data www-data 4.0K 2010-06-16 08:37 mutillidae > ... and I have the most latest state of the code from svn > > > > > On Thu, Jan 20, 2011 at 12:24 AM, Miroslav Stampar > <mir...@gm...> wrote: >> >> hi yonny. >> >> few questions. >> >> do you have write permissions "for all" at the "target" directory (for >> example: /var/www/Multidae)? at which directory does Multidae reside >> at your debian machine? what have you entered as "target directory" >> when sqlmap asked you? >> >> as you can guess, most occuring problem with "stager" are the write >> permissions for the web servers process. >> >> KR >> >> On Wed, Jan 19, 2011 at 8:06 PM, yonny mutai <yo...@go...> >> wrote: >> > Hi, >> > Wonderful tool.... Seems like the stager uploader has ceased to >> > work... >> > anyone to help with this please.. >> > To add more info that might help in troubleshooting : >> > DB : mysql Ver 14.14 Distrib 5.1.41, for debian-linux-gnu (i486) >> > using >> > readline 6.1 >> > App: The vulnerable Multidae app >> > Command Used: ./sqlmap.py --level 5 --risk 3 --parse-errors >> > --os-pwn >> > --time-sec 10 -a txt/user-agents.txt --text-only --threads 1 >> > --timeout 39 -u "http://127.0.0.1/mutillidae/index.php?page=login.php" >> > --method "POST" --data "user_name=txv&password=txv&Submit_button=Submit" >> > >> > Rgds >> > >> > ------------------------------------------------------------------------------ >> > Protect Your Site and Customers from Malware Attacks >> > Learn about various malware tactics and how to avoid them. Understand >> > malware threats, the impact they can have on your business, and how you >> > can protect your company and customers by using code signing. >> > http://p.sf.net/sfu/oracle-sfdevnl >> > _______________________________________________ >> > sqlmap-users mailing list >> > sql...@li... >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > >> > >> >> >> >> -- >> Miroslav Stampar >> >> E-mail / Jabber: miroslav.stampar (at) gmail.com >> Mobile: +385921010204 (HR 0921010204) >> PGP Key ID: 0xB5397B1B >> Location: Zagreb, Croatia > > > > -- > > > Regards > Yonny Mutai > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
|
From: yonny m. <yo...@go...> - 2011-01-19 22:15:48
|
I have tried both --os-pwn and --os-shell.I have set my metasploit path in
my sqlmap.conf.. I'm running this on Linux.The application connects to the
db as root.I have also tried --read-file and its also not suceessful.Maybe
its the mysql version... I logged in as root to the db and tried to run
select hex(load_file("__PATH__")) and it also returns null... I'll try
installing a lower version to see how it behaves..
On Thu, Jan 20, 2011 at 1:00 AM, Miroslav Stampar <
mir...@gm...> wrote:
> hi again.
>
> i wrongly mixed --os-shell and --os-pwn. for --os-pwn you need metasploit.
>
> are you using sqlmap on windows or on linux? where is your metasploit
> located (you haven't use the --msf-path=MSFPATH option)?
>
> if on linux then there would be a critical message "unable to locate
> Metasploit Framework 3 installation...." if no --msf-path specified
> (except proper environment variable is set), while on windows that
> message is in form of warning (we should change it to critical abort
> too) which says "[22:50:05] [WARNING] some sqlmap takeover
> functionalities are not yet supported
> on Windows. Please use Linux in a virtual machine for out-of-band features.
> sqlm
> ap will now carry on ignoring out-of-band switches"
>
> kr
>
>
> On Wed, Jan 19, 2011 at 10:37 PM, yonny mutai <yo...@go...>
> wrote:
> > Thanks for your response Miroslav,
> > I have tried setting the permissions for the directories do that
> they
> > are owned by the apache process ... but still it doesnt seem to work.Here
> > are the access logs:
> > 127.0.0.1 - - [20/Jan/2011:00:30:15 +0300] "POST
> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Mozilla/5.0
> > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
> > Firefox/3.6.9"
> > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "POST
> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0
> > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
> > Firefox/3.6.9"
> > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "GET /tmpuvwtu.php HTTP/1.1"
> 404
> > 488 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9)
> > Gecko/20100915 Gentoo Firefox/3.6.9"
> > 127.0.0.1 - - [20/Jan/2011:00:30:49 +0300] "POST
> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Mozilla/5.0
> > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0
> > Firefox/3.5.2"
> > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "POST
> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0
> > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0
> > Firefox/3.5.2"
> > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "GET /tmpucqwh.php HTTP/1.1"
> 404
> > 488 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2)
> Gecko/20090729
> > Slackware/13.0 Firefox/3.5.2"
> > and the permissions
> > sylar@Sylar:/pentest/database/sqlmap$ ls -lht /var/www/
> > drwxrwxrwx 8 www-data www-data 4.0K 2011-01-08 11:40 vux
> > -rwxrwxrwx 1 www-data www-data 102K 2010-12-21 17:24 fc4.js
> > -rwxrwxrwx 1 www-data www-data 6.9K 2010-12-21 16:47 41.js
> > drwxrwxrwx 4 www-data www-data 4.0K 2010-06-16 08:37 mutillidae
> > ... and I have the most latest state of the code from svn
> >
> >
> >
> >
> > On Thu, Jan 20, 2011 at 12:24 AM, Miroslav Stampar
> > <mir...@gm...> wrote:
> >>
> >> hi yonny.
> >>
> >> few questions.
> >>
> >> do you have write permissions "for all" at the "target" directory (for
> >> example: /var/www/Multidae)? at which directory does Multidae reside
> >> at your debian machine? what have you entered as "target directory"
> >> when sqlmap asked you?
> >>
> >> as you can guess, most occuring problem with "stager" are the write
> >> permissions for the web servers process.
> >>
> >> KR
> >>
> >> On Wed, Jan 19, 2011 at 8:06 PM, yonny mutai <yo...@go...>
> >> wrote:
> >> > Hi,
> >> > Wonderful tool.... Seems like the stager uploader has ceased to
> >> > work...
> >> > anyone to help with this please..
> >> > To add more info that might help in troubleshooting :
> >> > DB : mysql Ver 14.14 Distrib 5.1.41, for debian-linux-gnu (i486)
> >> > using
> >> > readline 6.1
> >> > App: The vulnerable Multidae app
> >> > Command Used: ./sqlmap.py --level 5 --risk 3 --parse-errors
> >> > --os-pwn
> >> > --time-sec 10 -a txt/user-agents.txt --text-only --threads 1
> >> > --timeout 39 -u "
> http://127.0.0.1/mutillidae/index.php?page=login.php"
> >> > --method "POST" --data
> "user_name=txv&password=txv&Submit_button=Submit"
> >> >
> >> > Rgds
> >> >
> >> >
> ------------------------------------------------------------------------------
> >> > Protect Your Site and Customers from Malware Attacks
> >> > Learn about various malware tactics and how to avoid them. Understand
> >> > malware threats, the impact they can have on your business, and how
> you
> >> > can protect your company and customers by using code signing.
> >> > http://p.sf.net/sfu/oracle-sfdevnl
> >> > _______________________________________________
> >> > sqlmap-users mailing list
> >> > sql...@li...
> >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
> >> >
> >> >
> >>
> >>
> >>
> >> --
> >> Miroslav Stampar
> >>
> >> E-mail / Jabber: miroslav.stampar (at) gmail.com
> >> Mobile: +385921010204 (HR 0921010204)
> >> PGP Key ID: 0xB5397B1B
> >> Location: Zagreb, Croatia
> >
> >
> >
> > --
> >
> >
> > Regards
> > Yonny Mutai
> >
>
>
>
> --
> Miroslav Stampar
>
> E-mail / Jabber: miroslav.stampar (at) gmail.com
> Mobile: +385921010204 (HR 0921010204)
> PGP Key ID: 0xB5397B1B
> Location: Zagreb, Croatia
>
--
Regards
Yonny Mutai
|
|
From: yonny m. <yo...@go...> - 2011-01-23 17:29:19
|
Hi Miroslav,
I found out it was apparmour which was hindering mysql from writing the
file.. It now writes the file but the script fails with the message "unable
to upload the file stager on '/var/www/'.. although the file exists in the
directory and when the script does a GET on the file it gets it .
which web application language does the web server support?
[1] ASP
[2] ASPX
[3] PHP (default)
[4] JSP
>
[20:23:35] [WARNING] unable to retrieve the web server document root
please provide the web server document root [/var/www/]:
[20:23:35] [WARNING] unable to retrieve any web server path
please provide any additional web server full path to try to upload the
agent [/var/www/]:
[20:23:36] [WARNING] unable to upload the file stager on '/var/www/'
[20:23:36] [INFO] Fetched data logged to text files under
'/pentest/database/sqlmap/output/127.0.0.1'
127.0.0.1 - - [23/Jan/2011:20:23:34 +0300] "POST
/mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Opera/9.62
(Windows NT 5.1; U; pt-BR) Presto/2.1.1"
127.0.0.1 - - [23/Jan/2011:20:23:36 +0300] "POST
/mutillidae/index.php?page=login.php HTTP/1.1" 200 5983 "-" "Opera/9.62
(Windows NT 5.1; U; pt-BR) Presto/2.1.1"
127.0.0.1 - - [23/Jan/2011:20:23:36 +0300] "GET /tmpubtee.php HTTP/1.1" 200
241 "-" "Opera/9.62 (Windows NT 5.1; U; pt-BR) Presto/2.1.1"
sylar@Sylar:/pentest/database/sqlmap$ ls -lhtr /var/www/
total 324K
drwxrwxrwx 4 mysql mysql 4.0K 2010-06-16 08:37 mutillidae
drwxrwxrwx 15 mysql mysql 4.0K 2010-11-02 12:15 3G_data_promo
-rwxrwxrwx 1 mysql mysql 6.9K 2010-12-21 16:47 41.js
-rwxrwxrwx 1 mysql mysql 13K 2010-12-21 16:48 index.html
drwxrwxrwx 8 mysql mysql 4.0K 2011-01-08 11:40 vux
-rwxrwxrwx 1 mysql mysql 39K 2011-01-16 22:41 mutillidae1.5.zip
-rw-r--r-- 1 mysql mysql 1.3K 2011-01-19 12:24 ppx.php
-rw-rw-rw- 1 mysql mysql 1.3K 2011-01-23 20:23 tmpubtee.php
On Thu, Jan 20, 2011 at 1:15 AM, yonny mutai <yo...@go...> wrote:
> I have tried both --os-pwn and --os-shell.I have set my metasploit path
> in my sqlmap.conf.. I'm running this on Linux.The application connects to
> the db as root.I have also tried --read-file and its also not
> suceessful.Maybe its the mysql version... I logged in as root to the db and
> tried to run select hex(load_file("__PATH__")) and it also returns null...
> I'll try installing a lower version to see how it behaves..
>
>
> On Thu, Jan 20, 2011 at 1:00 AM, Miroslav Stampar <
> mir...@gm...> wrote:
>
>> hi again.
>>
>> i wrongly mixed --os-shell and --os-pwn. for --os-pwn you need metasploit.
>>
>> are you using sqlmap on windows or on linux? where is your metasploit
>> located (you haven't use the --msf-path=MSFPATH option)?
>>
>> if on linux then there would be a critical message "unable to locate
>> Metasploit Framework 3 installation...." if no --msf-path specified
>> (except proper environment variable is set), while on windows that
>> message is in form of warning (we should change it to critical abort
>> too) which says "[22:50:05] [WARNING] some sqlmap takeover
>> functionalities are not yet supported
>> on Windows. Please use Linux in a virtual machine for out-of-band
>> features. sqlm
>> ap will now carry on ignoring out-of-band switches"
>>
>> kr
>>
>>
>> On Wed, Jan 19, 2011 at 10:37 PM, yonny mutai <yo...@go...>
>> wrote:
>> > Thanks for your response Miroslav,
>> > I have tried setting the permissions for the directories do that
>> they
>> > are owned by the apache process ... but still it doesnt seem to
>> work.Here
>> > are the access logs:
>> > 127.0.0.1 - - [20/Jan/2011:00:30:15 +0300] "POST
>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Mozilla/5.0
>> > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
>> > Firefox/3.6.9"
>> > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "POST
>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0
>> > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
>> > Firefox/3.6.9"
>> > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "GET /tmpuvwtu.php HTTP/1.1"
>> 404
>> > 488 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9)
>> > Gecko/20100915 Gentoo Firefox/3.6.9"
>> > 127.0.0.1 - - [20/Jan/2011:00:30:49 +0300] "POST
>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Mozilla/5.0
>> > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0
>> > Firefox/3.5.2"
>> > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "POST
>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0
>> > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0
>> > Firefox/3.5.2"
>> > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "GET /tmpucqwh.php HTTP/1.1"
>> 404
>> > 488 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2)
>> Gecko/20090729
>> > Slackware/13.0 Firefox/3.5.2"
>> > and the permissions
>> > sylar@Sylar:/pentest/database/sqlmap$ ls -lht /var/www/
>> > drwxrwxrwx 8 www-data www-data 4.0K 2011-01-08 11:40 vux
>> > -rwxrwxrwx 1 www-data www-data 102K 2010-12-21 17:24 fc4.js
>> > -rwxrwxrwx 1 www-data www-data 6.9K 2010-12-21 16:47 41.js
>> > drwxrwxrwx 4 www-data www-data 4.0K 2010-06-16 08:37 mutillidae
>> > ... and I have the most latest state of the code from svn
>> >
>> >
>> >
>> >
>> > On Thu, Jan 20, 2011 at 12:24 AM, Miroslav Stampar
>> > <mir...@gm...> wrote:
>> >>
>> >> hi yonny.
>> >>
>> >> few questions.
>> >>
>> >> do you have write permissions "for all" at the "target" directory (for
>> >> example: /var/www/Multidae)? at which directory does Multidae reside
>> >> at your debian machine? what have you entered as "target directory"
>> >> when sqlmap asked you?
>> >>
>> >> as you can guess, most occuring problem with "stager" are the write
>> >> permissions for the web servers process.
>> >>
>> >> KR
>> >>
>> >> On Wed, Jan 19, 2011 at 8:06 PM, yonny mutai <yo...@go...>
>> >> wrote:
>> >> > Hi,
>> >> > Wonderful tool.... Seems like the stager uploader has ceased to
>> >> > work...
>> >> > anyone to help with this please..
>> >> > To add more info that might help in troubleshooting :
>> >> > DB : mysql Ver 14.14 Distrib 5.1.41, for debian-linux-gnu (i486)
>> >> > using
>> >> > readline 6.1
>> >> > App: The vulnerable Multidae app
>> >> > Command Used: ./sqlmap.py --level 5 --risk 3 --parse-errors
>> >> > --os-pwn
>> >> > --time-sec 10 -a txt/user-agents.txt --text-only --threads 1
>> >> > --timeout 39 -u "
>> http://127.0.0.1/mutillidae/index.php?page=login.php"
>> >> > --method "POST" --data
>> "user_name=txv&password=txv&Submit_button=Submit"
>> >> >
>> >> > Rgds
>> >> >
>> >> >
>> ------------------------------------------------------------------------------
>> >> > Protect Your Site and Customers from Malware Attacks
>> >> > Learn about various malware tactics and how to avoid them. Understand
>> >> > malware threats, the impact they can have on your business, and how
>> you
>> >> > can protect your company and customers by using code signing.
>> >> > http://p.sf.net/sfu/oracle-sfdevnl
>> >> > _______________________________________________
>> >> > sqlmap-users mailing list
>> >> > sql...@li...
>> >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> Miroslav Stampar
>> >>
>> >> E-mail / Jabber: miroslav.stampar (at) gmail.com
>> >> Mobile: +385921010204 (HR 0921010204)
>> >> PGP Key ID: 0xB5397B1B
>> >> Location: Zagreb, Croatia
>> >
>> >
>> >
>> > --
>> >
>> >
>> > Regards
>> > Yonny Mutai
>> >
>>
>>
>>
>> --
>> Miroslav Stampar
>>
>> E-mail / Jabber: miroslav.stampar (at) gmail.com
>> Mobile: +385921010204 (HR 0921010204)
>> PGP Key ID: 0xB5397B1B
>> Location: Zagreb, Croatia
>>
>
>
>
> --
>
>
> Regards
> Yonny Mutai
>
--
Regards
Yonny Mutai
|
|
From: Miroslav S. <mir...@gm...> - 2011-01-23 18:28:50
|
currently i am rewriting that all logic.
will report
kr
On Sun, Jan 23, 2011 at 6:28 PM, yonny mutai <yo...@go...> wrote:
> Hi Miroslav,
> I found out it was apparmour which was hindering mysql from writing the
> file.. It now writes the file but the script fails with the message "unable
> to upload the file stager on '/var/www/'.. although the file exists in the
> directory and when the script does a GET on the file it gets it .
> which web application language does the web server support?
> [1] ASP
> [2] ASPX
> [3] PHP (default)
> [4] JSP
>>
> [20:23:35] [WARNING] unable to retrieve the web server document root
> please provide the web server document root [/var/www/]:
> [20:23:35] [WARNING] unable to retrieve any web server path
> please provide any additional web server full path to try to upload the
> agent [/var/www/]:
> [20:23:36] [WARNING] unable to upload the file stager on '/var/www/'
> [20:23:36] [INFO] Fetched data logged to text files under
> '/pentest/database/sqlmap/output/127.0.0.1'
>
> 127.0.0.1 - - [23/Jan/2011:20:23:34 +0300] "POST
> /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Opera/9.62
> (Windows NT 5.1; U; pt-BR) Presto/2.1.1"
> 127.0.0.1 - - [23/Jan/2011:20:23:36 +0300] "POST
> /mutillidae/index.php?page=login.php HTTP/1.1" 200 5983 "-" "Opera/9.62
> (Windows NT 5.1; U; pt-BR) Presto/2.1.1"
> 127.0.0.1 - - [23/Jan/2011:20:23:36 +0300] "GET /tmpubtee.php HTTP/1.1" 200
> 241 "-" "Opera/9.62 (Windows NT 5.1; U; pt-BR) Presto/2.1.1"
> sylar@Sylar:/pentest/database/sqlmap$ ls -lhtr /var/www/
> total 324K
> drwxrwxrwx 4 mysql mysql 4.0K 2010-06-16 08:37 mutillidae
> drwxrwxrwx 15 mysql mysql 4.0K 2010-11-02 12:15 3G_data_promo
> -rwxrwxrwx 1 mysql mysql 6.9K 2010-12-21 16:47 41.js
> -rwxrwxrwx 1 mysql mysql 13K 2010-12-21 16:48 index.html
> drwxrwxrwx 8 mysql mysql 4.0K 2011-01-08 11:40 vux
> -rwxrwxrwx 1 mysql mysql 39K 2011-01-16 22:41 mutillidae1.5.zip
> -rw-r--r-- 1 mysql mysql 1.3K 2011-01-19 12:24 ppx.php
> -rw-rw-rw- 1 mysql mysql 1.3K 2011-01-23 20:23 tmpubtee.php
>
>
> On Thu, Jan 20, 2011 at 1:15 AM, yonny mutai <yo...@go...> wrote:
>>
>> I have tried both --os-pwn and --os-shell.I have set my metasploit path
>> in my sqlmap.conf.. I'm running this on Linux.The application connects to
>> the db as root.I have also tried --read-file and its also not
>> suceessful.Maybe its the mysql version... I logged in as root to the db and
>> tried to run select hex(load_file("__PATH__")) and it also returns null...
>> I'll try installing a lower version to see how it behaves..
>>
>> On Thu, Jan 20, 2011 at 1:00 AM, Miroslav Stampar
>> <mir...@gm...> wrote:
>>>
>>> hi again.
>>>
>>> i wrongly mixed --os-shell and --os-pwn. for --os-pwn you need
>>> metasploit.
>>>
>>> are you using sqlmap on windows or on linux? where is your metasploit
>>> located (you haven't use the --msf-path=MSFPATH option)?
>>>
>>> if on linux then there would be a critical message "unable to locate
>>> Metasploit Framework 3 installation...." if no --msf-path specified
>>> (except proper environment variable is set), while on windows that
>>> message is in form of warning (we should change it to critical abort
>>> too) which says "[22:50:05] [WARNING] some sqlmap takeover
>>> functionalities are not yet supported
>>> on Windows. Please use Linux in a virtual machine for out-of-band
>>> features. sqlm
>>> ap will now carry on ignoring out-of-band switches"
>>>
>>> kr
>>>
>>>
>>> On Wed, Jan 19, 2011 at 10:37 PM, yonny mutai <yo...@go...>
>>> wrote:
>>> > Thanks for your response Miroslav,
>>> > I have tried setting the permissions for the directories do that
>>> > they
>>> > are owned by the apache process ... but still it doesnt seem to
>>> > work.Here
>>> > are the access logs:
>>> > 127.0.0.1 - - [20/Jan/2011:00:30:15 +0300] "POST
>>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-"
>>> > "Mozilla/5.0
>>> > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
>>> > Firefox/3.6.9"
>>> > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "POST
>>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-"
>>> > "Mozilla/5.0
>>> > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
>>> > Firefox/3.6.9"
>>> > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "GET /tmpuvwtu.php HTTP/1.1"
>>> > 404
>>> > 488 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9)
>>> > Gecko/20100915 Gentoo Firefox/3.6.9"
>>> > 127.0.0.1 - - [20/Jan/2011:00:30:49 +0300] "POST
>>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-"
>>> > "Mozilla/5.0
>>> > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0
>>> > Firefox/3.5.2"
>>> > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "POST
>>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-"
>>> > "Mozilla/5.0
>>> > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Slackware/13.0
>>> > Firefox/3.5.2"
>>> > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "GET /tmpucqwh.php HTTP/1.1"
>>> > 404
>>> > 488 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2)
>>> > Gecko/20090729
>>> > Slackware/13.0 Firefox/3.5.2"
>>> > and the permissions
>>> > sylar@Sylar:/pentest/database/sqlmap$ ls -lht /var/www/
>>> > drwxrwxrwx 8 www-data www-data 4.0K 2011-01-08 11:40 vux
>>> > -rwxrwxrwx 1 www-data www-data 102K 2010-12-21 17:24 fc4.js
>>> > -rwxrwxrwx 1 www-data www-data 6.9K 2010-12-21 16:47 41.js
>>> > drwxrwxrwx 4 www-data www-data 4.0K 2010-06-16 08:37 mutillidae
>>> > ... and I have the most latest state of the code from svn
>>> >
>>> >
>>> >
>>> >
>>> > On Thu, Jan 20, 2011 at 12:24 AM, Miroslav Stampar
>>> > <mir...@gm...> wrote:
>>> >>
>>> >> hi yonny.
>>> >>
>>> >> few questions.
>>> >>
>>> >> do you have write permissions "for all" at the "target" directory (for
>>> >> example: /var/www/Multidae)? at which directory does Multidae reside
>>> >> at your debian machine? what have you entered as "target directory"
>>> >> when sqlmap asked you?
>>> >>
>>> >> as you can guess, most occuring problem with "stager" are the write
>>> >> permissions for the web servers process.
>>> >>
>>> >> KR
>>> >>
>>> >> On Wed, Jan 19, 2011 at 8:06 PM, yonny mutai <yo...@go...>
>>> >> wrote:
>>> >> > Hi,
>>> >> > Wonderful tool.... Seems like the stager uploader has ceased to
>>> >> > work...
>>> >> > anyone to help with this please..
>>> >> > To add more info that might help in troubleshooting :
>>> >> > DB : mysql Ver 14.14 Distrib 5.1.41, for debian-linux-gnu
>>> >> > (i486)
>>> >> > using
>>> >> > readline 6.1
>>> >> > App: The vulnerable Multidae app
>>> >> > Command Used: ./sqlmap.py --level 5 --risk 3 --parse-errors
>>> >> > --os-pwn
>>> >> > --time-sec 10 -a txt/user-agents.txt --text-only --threads
>>> >> > 1
>>> >> > --timeout 39 -u
>>> >> > "http://127.0.0.1/mutillidae/index.php?page=login.php"
>>> >> > --method "POST" --data
>>> >> > "user_name=txv&password=txv&Submit_button=Submit"
>>> >> >
>>> >> > Rgds
>>> >> >
>>> >> >
>>> >> > ------------------------------------------------------------------------------
>>> >> > Protect Your Site and Customers from Malware Attacks
>>> >> > Learn about various malware tactics and how to avoid them.
>>> >> > Understand
>>> >> > malware threats, the impact they can have on your business, and how
>>> >> > you
>>> >> > can protect your company and customers by using code signing.
>>> >> > http://p.sf.net/sfu/oracle-sfdevnl
>>> >> > _______________________________________________
>>> >> > sqlmap-users mailing list
>>> >> > sql...@li...
>>> >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>> >> >
>>> >> >
>>> >>
>>> >>
>>> >>
>>> >> --
>>> >> Miroslav Stampar
>>> >>
>>> >> E-mail / Jabber: miroslav.stampar (at) gmail.com
>>> >> Mobile: +385921010204 (HR 0921010204)
>>> >> PGP Key ID: 0xB5397B1B
>>> >> Location: Zagreb, Croatia
>>> >
>>> >
>>> >
>>> > --
>>> >
>>> >
>>> > Regards
>>> > Yonny Mutai
>>> >
>>>
>>>
>>>
>>> --
>>> Miroslav Stampar
>>>
>>> E-mail / Jabber: miroslav.stampar (at) gmail.com
>>> Mobile: +385921010204 (HR 0921010204)
>>> PGP Key ID: 0xB5397B1B
>>> Location: Zagreb, Croatia
>>
>>
>>
>> --
>>
>>
>> Regards
>> Yonny Mutai
>
>
>
> --
>
>
> Regards
> Yonny Mutai
>
> ------------------------------------------------------------------------------
> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> Finally, a world-class log management solution at an even better price-free!
> Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> February 28th, so secure your free ArcSight Logger TODAY!
> http://p.sf.net/sfu/arcsight-sfd2d
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
E-mail / Jabber: miroslav.stampar (at) gmail.com
Mobile: +385921010204 (HR 0921010204)
PGP Key ID: 0xB5397B1B
Location: Zagreb, Croatia
|
|
From: Miroslav S. <mir...@gm...> - 2011-01-23 20:48:09
|
Hi all.
There has been a major "revisit" of methods used in --os-shell. We'll
try to do some more inspection of those, but all in all now it works
far better than before. Just to warn that this doesn't mean that it
will work always, as permissions are most problematic in this case,
but should do in cases when previous one failed to do so while it
could/should.
KR
On Sun, Jan 23, 2011 at 7:38 PM, yonny mutai <yo...@go...> wrote:
> Cool n thanks
>
> On Sun, Jan 23, 2011 at 9:28 PM, Miroslav Stampar
> <mir...@gm...> wrote:
>>
>> currently i am rewriting that all logic.
>>
>> will report
>>
>> kr
>>
>> On Sun, Jan 23, 2011 at 6:28 PM, yonny mutai <yo...@go...>
>> wrote:
>> > Hi Miroslav,
>> > I found out it was apparmour which was hindering mysql from writing
>> > the
>> > file.. It now writes the file but the script fails with the message
>> > "unable
>> > to upload the file stager on '/var/www/'.. although the file exists in
>> > the
>> > directory and when the script does a GET on the file it gets it .
>> > which web application language does the web server support?
>> > [1] ASP
>> > [2] ASPX
>> > [3] PHP (default)
>> > [4] JSP
>> >>
>> > [20:23:35] [WARNING] unable to retrieve the web server document root
>> > please provide the web server document root [/var/www/]:
>> > [20:23:35] [WARNING] unable to retrieve any web server path
>> > please provide any additional web server full path to try to upload the
>> > agent [/var/www/]:
>> > [20:23:36] [WARNING] unable to upload the file stager on '/var/www/'
>> > [20:23:36] [INFO] Fetched data logged to text files under
>> > '/pentest/database/sqlmap/output/127.0.0.1'
>> >
>> > 127.0.0.1 - - [23/Jan/2011:20:23:34 +0300] "POST
>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-" "Opera/9.62
>> > (Windows NT 5.1; U; pt-BR) Presto/2.1.1"
>> > 127.0.0.1 - - [23/Jan/2011:20:23:36 +0300] "POST
>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5983 "-" "Opera/9.62
>> > (Windows NT 5.1; U; pt-BR) Presto/2.1.1"
>> > 127.0.0.1 - - [23/Jan/2011:20:23:36 +0300] "GET /tmpubtee.php HTTP/1.1"
>> > 200
>> > 241 "-" "Opera/9.62 (Windows NT 5.1; U; pt-BR) Presto/2.1.1"
>> > sylar@Sylar:/pentest/database/sqlmap$ ls -lhtr /var/www/
>> > total 324K
>> > drwxrwxrwx 4 mysql mysql 4.0K 2010-06-16 08:37 mutillidae
>> > drwxrwxrwx 15 mysql mysql 4.0K 2010-11-02 12:15 3G_data_promo
>> > -rwxrwxrwx 1 mysql mysql 6.9K 2010-12-21 16:47 41.js
>> > -rwxrwxrwx 1 mysql mysql 13K 2010-12-21 16:48 index.html
>> > drwxrwxrwx 8 mysql mysql 4.0K 2011-01-08 11:40 vux
>> > -rwxrwxrwx 1 mysql mysql 39K 2011-01-16 22:41 mutillidae1.5.zip
>> > -rw-r--r-- 1 mysql mysql 1.3K 2011-01-19 12:24 ppx.php
>> > -rw-rw-rw- 1 mysql mysql 1.3K 2011-01-23 20:23 tmpubtee.php
>> >
>> >
>> > On Thu, Jan 20, 2011 at 1:15 AM, yonny mutai <yo...@go...>
>> > wrote:
>> >>
>> >> I have tried both --os-pwn and --os-shell.I have set my metasploit
>> >> path
>> >> in my sqlmap.conf.. I'm running this on Linux.The application connects
>> >> to
>> >> the db as root.I have also tried --read-file and its also not
>> >> suceessful.Maybe its the mysql version... I logged in as root to the db
>> >> and
>> >> tried to run select hex(load_file("__PATH__")) and it also returns
>> >> null...
>> >> I'll try installing a lower version to see how it behaves..
>> >>
>> >> On Thu, Jan 20, 2011 at 1:00 AM, Miroslav Stampar
>> >> <mir...@gm...> wrote:
>> >>>
>> >>> hi again.
>> >>>
>> >>> i wrongly mixed --os-shell and --os-pwn. for --os-pwn you need
>> >>> metasploit.
>> >>>
>> >>> are you using sqlmap on windows or on linux? where is your metasploit
>> >>> located (you haven't use the --msf-path=MSFPATH option)?
>> >>>
>> >>> if on linux then there would be a critical message "unable to locate
>> >>> Metasploit Framework 3 installation...." if no --msf-path specified
>> >>> (except proper environment variable is set), while on windows that
>> >>> message is in form of warning (we should change it to critical abort
>> >>> too) which says "[22:50:05] [WARNING] some sqlmap takeover
>> >>> functionalities are not yet supported
>> >>> on Windows. Please use Linux in a virtual machine for out-of-band
>> >>> features. sqlm
>> >>> ap will now carry on ignoring out-of-band switches"
>> >>>
>> >>> kr
>> >>>
>> >>>
>> >>> On Wed, Jan 19, 2011 at 10:37 PM, yonny mutai <yo...@go...>
>> >>> wrote:
>> >>> > Thanks for your response Miroslav,
>> >>> > I have tried setting the permissions for the directories do
>> >>> > that
>> >>> > they
>> >>> > are owned by the apache process ... but still it doesnt seem to
>> >>> > work.Here
>> >>> > are the access logs:
>> >>> > 127.0.0.1 - - [20/Jan/2011:00:30:15 +0300] "POST
>> >>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-"
>> >>> > "Mozilla/5.0
>> >>> > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
>> >>> > Firefox/3.6.9"
>> >>> > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "POST
>> >>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-"
>> >>> > "Mozilla/5.0
>> >>> > (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100915 Gentoo
>> >>> > Firefox/3.6.9"
>> >>> > 127.0.0.1 - - [20/Jan/2011:00:30:19 +0300] "GET /tmpuvwtu.php
>> >>> > HTTP/1.1"
>> >>> > 404
>> >>> > 488 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9)
>> >>> > Gecko/20100915 Gentoo Firefox/3.6.9"
>> >>> > 127.0.0.1 - - [20/Jan/2011:00:30:49 +0300] "POST
>> >>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 5949 "-"
>> >>> > "Mozilla/5.0
>> >>> > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729
>> >>> > Slackware/13.0
>> >>> > Firefox/3.5.2"
>> >>> > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "POST
>> >>> > /mutillidae/index.php?page=login.php HTTP/1.1" 200 3123 "-"
>> >>> > "Mozilla/5.0
>> >>> > (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729
>> >>> > Slackware/13.0
>> >>> > Firefox/3.5.2"
>> >>> > 127.0.0.1 - - [20/Jan/2011:00:30:51 +0300] "GET /tmpucqwh.php
>> >>> > HTTP/1.1"
>> >>> > 404
>> >>> > 488 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2)
>> >>> > Gecko/20090729
>> >>> > Slackware/13.0 Firefox/3.5.2"
>> >>> > and the permissions
>> >>> > sylar@Sylar:/pentest/database/sqlmap$ ls -lht /var/www/
>> >>> > drwxrwxrwx 8 www-data www-data 4.0K 2011-01-08 11:40 vux
>> >>> > -rwxrwxrwx 1 www-data www-data 102K 2010-12-21 17:24 fc4.js
>> >>> > -rwxrwxrwx 1 www-data www-data 6.9K 2010-12-21 16:47 41.js
>> >>> > drwxrwxrwx 4 www-data www-data 4.0K 2010-06-16 08:37 mutillidae
>> >>> > ... and I have the most latest state of the code from svn
>> >>> >
>> >>> >
>> >>> >
>> >>> >
>> >>> > On Thu, Jan 20, 2011 at 12:24 AM, Miroslav Stampar
>> >>> > <mir...@gm...> wrote:
>> >>> >>
>> >>> >> hi yonny.
>> >>> >>
>> >>> >> few questions.
>> >>> >>
>> >>> >> do you have write permissions "for all" at the "target" directory
>> >>> >> (for
>> >>> >> example: /var/www/Multidae)? at which directory does Multidae
>> >>> >> reside
>> >>> >> at your debian machine? what have you entered as "target directory"
>> >>> >> when sqlmap asked you?
>> >>> >>
>> >>> >> as you can guess, most occuring problem with "stager" are the write
>> >>> >> permissions for the web servers process.
>> >>> >>
>> >>> >> KR
>> >>> >>
>> >>> >> On Wed, Jan 19, 2011 at 8:06 PM, yonny mutai
>> >>> >> <yo...@go...>
>> >>> >> wrote:
>> >>> >> > Hi,
>> >>> >> > Wonderful tool.... Seems like the stager uploader has ceased
>> >>> >> > to
>> >>> >> > work...
>> >>> >> > anyone to help with this please..
>> >>> >> > To add more info that might help in troubleshooting :
>> >>> >> > DB : mysql Ver 14.14 Distrib 5.1.41, for debian-linux-gnu
>> >>> >> > (i486)
>> >>> >> > using
>> >>> >> > readline 6.1
>> >>> >> > App: The vulnerable Multidae app
>> >>> >> > Command Used: ./sqlmap.py --level 5 --risk 3 --parse-errors
>> >>> >> > --os-pwn
>> >>> >> > --time-sec 10 -a txt/user-agents.txt --text-only
>> >>> >> > --threads
>> >>> >> > 1
>> >>> >> > --timeout 39 -u
>> >>> >> > "http://127.0.0.1/mutillidae/index.php?page=login.php"
>> >>> >> > --method "POST" --data
>> >>> >> > "user_name=txv&password=txv&Submit_button=Submit"
>> >>> >> >
>> >>> >> > Rgds
>> >>> >> >
>> >>> >> >
>> >>> >> >
>> >>> >> > ------------------------------------------------------------------------------
>> >>> >> > Protect Your Site and Customers from Malware Attacks
>> >>> >> > Learn about various malware tactics and how to avoid them.
>> >>> >> > Understand
>> >>> >> > malware threats, the impact they can have on your business, and
>> >>> >> > how
>> >>> >> > you
>> >>> >> > can protect your company and customers by using code signing.
>> >>> >> > http://p.sf.net/sfu/oracle-sfdevnl
>> >>> >> > _______________________________________________
>> >>> >> > sqlmap-users mailing list
>> >>> >> > sql...@li...
>> >>> >> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>> >>> >> >
>> >>> >> >
>> >>> >>
>> >>> >>
>> >>> >>
>> >>> >> --
>> >>> >> Miroslav Stampar
>> >>> >>
>> >>> >> E-mail / Jabber: miroslav.stampar (at) gmail.com
>> >>> >> Mobile: +385921010204 (HR 0921010204)
>> >>> >> PGP Key ID: 0xB5397B1B
>> >>> >> Location: Zagreb, Croatia
>> >>> >
>> >>> >
>> >>> >
>> >>> > --
>> >>> >
>> >>> >
>> >>> > Regards
>> >>> > Yonny Mutai
>> >>> >
>> >>>
>> >>>
>> >>>
>> >>> --
>> >>> Miroslav Stampar
>> >>>
>> >>> E-mail / Jabber: miroslav.stampar (at) gmail.com
>> >>> Mobile: +385921010204 (HR 0921010204)
>> >>> PGP Key ID: 0xB5397B1B
>> >>> Location: Zagreb, Croatia
>> >>
>> >>
>> >>
>> >> --
>> >>
>> >>
>> >> Regards
>> >> Yonny Mutai
>> >
>> >
>> >
>> > --
>> >
>> >
>> > Regards
>> > Yonny Mutai
>> >
>> >
>> > ------------------------------------------------------------------------------
>> > Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
>> > Finally, a world-class log management solution at an even better
>> > price-free!
>> > Download using promo code Free_Logger_4_Dev2Dev. Offer expires
>> > February 28th, so secure your free ArcSight Logger TODAY!
>> > http://p.sf.net/sfu/arcsight-sfd2d
>> > _______________________________________________
>> > sqlmap-users mailing list
>> > sql...@li...
>> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>> >
>> >
>>
>>
>>
>> --
>> Miroslav Stampar
>>
>> E-mail / Jabber: miroslav.stampar (at) gmail.com
>> Mobile: +385921010204 (HR 0921010204)
>> PGP Key ID: 0xB5397B1B
>> Location: Zagreb, Croatia
>
>
>
> --
>
>
> Regards
> Yonny Mutai
>
--
Miroslav Stampar
E-mail / Jabber: miroslav.stampar (at) gmail.com
Mobile: +385921010204 (HR 0921010204)
PGP Key ID: 0xB5397B1B
Location: Zagreb, Croatia
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X