sqlmap-users

[sqlmap-users] minor bug

[Ahmed S. <ah...@is...>]

sqlmap version: 1.0-dev (r4829)
Python version: 2.7.2+
Operating system: posix
Command line: ./sqlmap.py -u
*************************************************** --is-dba --hex
Technique: UNION
Back-end DBMS: MySQL (fingerprinted)
Traceback (most recent call last):
  File "/home/lnxg33k/pentest/database/sqlmap/_sqlmap.py", line 82, in main
    start()
  File "/home/lnxg33k/pentest/database/sqlmap/lib/controller/controller.py",
line 573, in start
    action()
  File "/home/lnxg33k/pentest/database/sqlmap/lib/controller/action.py",
line 70, in action
    conf.dumper.dba(conf.dbmsHandler.isDba())
  File "/home/lnxg33k/pentest/database/sqlmap/plugins/generic/enumeration.py",
line 154, in isDba
    self.getCurrentUser()
  File "/home/lnxg33k/pentest/database/sqlmap/plugins/generic/enumeration.py",
line 134, in getCurrentUser
    kb.data.currentUser = unArrayizeValue(inject.getValue(query))
  File "/home/lnxg33k/pentest/database/sqlmap/lib/request/inject.py",
line 397, in getValue
    value = __goInband(query, expected, unique, unpack, dump)
  File "/home/lnxg33k/pentest/database/sqlmap/lib/request/inject.py",
line 346, in __goInband
    output = parseUnionPage(output, unique)
  File "/home/lnxg33k/pentest/database/sqlmap/lib/core/common.py",
line 1244, in parseUnionPage
    entry = decodeHexValue(entry) if conf.hexConvert else entry
  File "/home/lnxg33k/pentest/database/sqlmap/lib/core/common.py",
line 3140, in decodeHexValue
    return applyFunctionRecursively(value, _)
  File "/home/lnxg33k/pentest/database/sqlmap/lib/core/common.py",
line 3114, in applyFunctionRecursively
    retVal = function(value)
  File "/home/lnxg33k/pentest/database/sqlmap/lib/core/common.py",
line 3127, in _
    value = value.decode("hex")
  File "/usr/lib/python2.7/encodings/hex_codec.py", line 42, in hex_decode
    output = binascii.a2b_hex(input)
TypeError: Non-hexadecimal digit found

-- 


   - Ahmed Shawky El-Antry
   - lnxg33k owner "http://lnxg33k.wordpress.com"
   - Isecur1ty team member"http://www.isecur1ty.org"
   - Twitter @lnxg33k

Re: [sqlmap-users] minor bug

[Miroslav S. <mir...@gm...>]

Hi Ahmed.

Thank you for your report. I've found a potential "silent" bug which is
maybe responsible for this error. Could you please update, and retry with
--flush-session the whole run as you've did here and report back?

If it's still causing problems it would be best if you could send me
privately the content of traffic.txt file made by following options:

-t traffic.txt --is-dba --hex --fresh-queries

Kind regards,
Miroslav Stampar

On Wed, Mar 7, 2012 at 4:15 PM, Ahmed Shawky <ah...@is...> wrote:

> sqlmap version: 1.0-dev (r4829)
> Python version: 2.7.2+
> Operating system: posix
> Command line: ./sqlmap.py -u
> *************************************************** --is-dba --hex
> Technique: UNION
> Back-end DBMS: MySQL (fingerprinted)
> Traceback (most recent call last):
>  File "/home/lnxg33k/pentest/database/sqlmap/_sqlmap.py", line 82, in main
>    start()
>  File "/home/lnxg33k/pentest/database/sqlmap/lib/controller/controller.py",
> line 573, in start
>    action()
>  File "/home/lnxg33k/pentest/database/sqlmap/lib/controller/action.py",
> line 70, in action
>    conf.dumper.dba(conf.dbmsHandler.isDba())
>  File
> "/home/lnxg33k/pentest/database/sqlmap/plugins/generic/enumeration.py",
> line 154, in isDba
>    self.getCurrentUser()
>  File
> "/home/lnxg33k/pentest/database/sqlmap/plugins/generic/enumeration.py",
> line 134, in getCurrentUser
>    kb.data.currentUser = unArrayizeValue(inject.getValue(query))
>  File "/home/lnxg33k/pentest/database/sqlmap/lib/request/inject.py",
> line 397, in getValue
>    value = __goInband(query, expected, unique, unpack, dump)
>  File "/home/lnxg33k/pentest/database/sqlmap/lib/request/inject.py",
> line 346, in __goInband
>    output = parseUnionPage(output, unique)
>  File "/home/lnxg33k/pentest/database/sqlmap/lib/core/common.py",
> line 1244, in parseUnionPage
>    entry = decodeHexValue(entry) if conf.hexConvert else entry
>  File "/home/lnxg33k/pentest/database/sqlmap/lib/core/common.py",
> line 3140, in decodeHexValue
>    return applyFunctionRecursively(value, _)
>  File "/home/lnxg33k/pentest/database/sqlmap/lib/core/common.py",
> line 3114, in applyFunctionRecursively
>    retVal = function(value)
>  File "/home/lnxg33k/pentest/database/sqlmap/lib/core/common.py",
> line 3127, in _
>    value = value.decode("hex")
>  File "/usr/lib/python2.7/encodings/hex_codec.py", line 42, in hex_decode
>    output = binascii.a2b_hex(input)
> TypeError: Non-hexadecimal digit found
>
> --
>
>
>   - Ahmed Shawky El-Antry
>   - lnxg33k owner "http://lnxg33k.wordpress.com"
>   - Isecur1ty team member"http://www.isecur1ty.org"
>   - Twitter @lnxg33k
>
>
> ------------------------------------------------------------------------------
> Virtualization & Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm