Thread: [sqlmap-users] [WARNING] GET parameter 'id' is not dynamic
Brought to you by:
inquisb
From: Ryan D. <rya...@gm...> - 2010-02-23 00:09:57
|
Hi, Trying to get sqlmap to run against DVWA's SQL injection page. DVWA has a normal PHP login form which when logged in sets the following cookies: Cookies: security=low; PHPSESSID=25e295bd67654538970df074f7083d2d Here is the command and error I am receiving, any help appreciated. ------------------------------------------------------------------------------------------------------ #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" --cookie=security=low; PHPSESSID=25e295bd67654538970df074f7083d2d sqlmap/0.8-rc4 by Bernardo Damele A. G. <ber...@gm...> [*] starting at: 00:03:28 [00:03:28] [INFO] using '/pentest/database/sqlmap/output/127.0.0.1/session' as session file [00:03:28] [INFO] resuming match ratio '0.998' from session file [00:03:28] [INFO] testing connection to the target url you provided an HTTP Cookie header value. The target url provided its own Cookie within the HTTP Set-Cookie header. Do you want to continue using the HTTP Cookie values that you provided? [Y/n] y [00:03:41] [INFO] testing if the url is stable, wait a few seconds [00:03:42] [INFO] url is stable [00:03:42] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic [00:03:42] [WARNING] User-Agent parameter 'User-Agent' is not dynamic [00:03:42] [INFO] testing if Cookie parameter 'security' is dynamic [00:03:42] [WARNING] Cookie parameter 'security' is not dynamic [00:03:42] [INFO] testing if GET parameter 'id' is dynamic [00:03:43] [WARNING] GET parameter 'id' is not dynamic [*] shutting down at: 00:03:43 --------------------------------------------------------------------------------------------------------------------- Thank you, Ryan -- Ryan Dewhurst http://www.ethicalhack3r.co.uk http://www.dvwa.co.uk http://www.twitter.com/ethicalhack3r |
From: Ryan D. <rya...@gm...> - 2010-02-23 00:42:26
|
Ok, the cookies now seem to be being sent however sqlmap is still reporting that it is uninjectable. The working command is: #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" --cookie="security=low; PHPSESSID=25e295bd67654538970df074f7083d2d" -p id -v 3 I have checked and double checked the cookie values. On 23 February 2010 00:21, Ryan Dewhurst <rya...@gm...> wrote: > I removed the ; from the command and it seemed to test the id > parameter however it is saying it is not injectable when it clearly > is. > > I am running MySQL5. The one pre installed in Backtrack 4 Final by default. > > Thank you. > > On 23 February 2010 00:17, Ryan Dewhurst <rya...@gm...> wrote: >> When I add the -p flag I get the following error: >> >> bash: -p: command not found >> >> Because it is interpreting the flag as a separate command It must be >> my cookie syntax which is incorrect. It is possibly ending the sqlmap >> command after the ; >> >> Does any one know if I am using the correct syntax for the cookies? >> >> Thanks again! >> >> On 23 February 2010 00:12, Patrick Webster <pa...@au...> wrote: >>> try adding >>> >>> -p id >>> >>> to force it to test id >>> >>> -Patrick >>> >>> On Tue, Feb 23, 2010 at 11:09 AM, Ryan Dewhurst <rya...@gm...> wrote: >>>> Hi, >>>> Trying to get sqlmap to run against DVWA's SQL injection page. DVWA >>>> has a normal PHP login form which when logged in sets the following >>>> cookies: >>>> >>>> Cookies: security=low; PHPSESSID=25e295bd67654538970df074f7083d2d >>>> >>>> Here is the command and error I am receiving, any help appreciated. >>>> >>>> ------------------------------------------------------------------------------------------------------ >>>> #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" >>>> --cookie=security=low; PHPSESSID=25e295bd67654538970df074f7083d2d >>>> >>>> sqlmap/0.8-rc4 >>>> by Bernardo Damele A. G. <ber...@gm...> >>>> >>>> [*] starting at: 00:03:28 >>>> >>>> [00:03:28] [INFO] using >>>> '/pentest/database/sqlmap/output/127.0.0.1/session' as session file >>>> [00:03:28] [INFO] resuming match ratio '0.998' from session file >>>> [00:03:28] [INFO] testing connection to the target url >>>> you provided an HTTP Cookie header value. The target url provided its >>>> own Cookie within the HTTP Set-Cookie header. Do you want to continue >>>> using the HTTP Cookie values that you provided? [Y/n] y >>>> [00:03:41] [INFO] testing if the url is stable, wait a few seconds >>>> [00:03:42] [INFO] url is stable >>>> [00:03:42] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic >>>> [00:03:42] [WARNING] User-Agent parameter 'User-Agent' is not dynamic >>>> [00:03:42] [INFO] testing if Cookie parameter 'security' is dynamic >>>> [00:03:42] [WARNING] Cookie parameter 'security' is not dynamic >>>> [00:03:42] [INFO] testing if GET parameter 'id' is dynamic >>>> [00:03:43] [WARNING] GET parameter 'id' is not dynamic >>>> >>>> [*] shutting down at: 00:03:43 >>>> --------------------------------------------------------------------------------------------------------------------- >>>> >>>> Thank you, >>>> Ryan >>>> >>>> -- >>>> Ryan Dewhurst >>>> >>>> http://www.ethicalhack3r.co.uk >>>> http://www.dvwa.co.uk >>>> http://www.twitter.com/ethicalhack3r >>>> >>>> ------------------------------------------------------------------------------ >>>> Download Intel® Parallel Studio Eval >>>> Try the new software tools for yourself. Speed compiling, find bugs >>>> proactively, and fine-tune applications for parallel performance. >>>> See why Intel Parallel Studio got high marks during beta. >>>> http://p.sf.net/sfu/intel-sw-dev >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>> >> >> >> >> -- >> Ryan Dewhurst >> >> http://www.ethicalhack3r.co.uk >> http://www.dvwa.co.uk >> http://www.twitter.com/ethicalhack3r >> > > > > -- > Ryan Dewhurst > > http://www.ethicalhack3r.co.uk > http://www.dvwa.co.uk > http://www.twitter.com/ethicalhack3r > -- Ryan Dewhurst http://www.ethicalhack3r.co.uk http://www.dvwa.co.uk http://www.twitter.com/ethicalhack3r |
From: Miroslav S. <mir...@gm...> - 2010-02-23 09:12:46
|
Hi. There was a bug with sqlmap when proxy was set (http_proxy environment variable on lnx) and sqlmap was run against the 127.0.0.1/localhostaddresses. Same thing was happening to me too. Maybe this is not the same, but I would recommend you to get the latest development version from the official pages (svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap/) and take a shot. Kind regards. On Tue, Feb 23, 2010 at 1:33 AM, Ryan Dewhurst <rya...@gm...>wrote: > Ok, the cookies now seem to be being sent however sqlmap is still > reporting that it is uninjectable. The working command is: > > #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" > --cookie="security=low; PHPSESSID=25e295bd67654538970df074f7083d2d" -p > id -v 3 > > I have checked and double checked the cookie values. > > On 23 February 2010 00:21, Ryan Dewhurst <rya...@gm...> wrote: > > I removed the ; from the command and it seemed to test the id > > parameter however it is saying it is not injectable when it clearly > > is. > > > > I am running MySQL5. The one pre installed in Backtrack 4 Final by > default. > > > > Thank you. > > > > On 23 February 2010 00:17, Ryan Dewhurst <rya...@gm...> wrote: > >> When I add the -p flag I get the following error: > >> > >> bash: -p: command not found > >> > >> Because it is interpreting the flag as a separate command It must be > >> my cookie syntax which is incorrect. It is possibly ending the sqlmap > >> command after the ; > >> > >> Does any one know if I am using the correct syntax for the cookies? > >> > >> Thanks again! > >> > >> On 23 February 2010 00:12, Patrick Webster <pa...@au...> wrote: > >>> try adding > >>> > >>> -p id > >>> > >>> to force it to test id > >>> > >>> -Patrick > >>> > >>> On Tue, Feb 23, 2010 at 11:09 AM, Ryan Dewhurst < > rya...@gm...> wrote: > >>>> Hi, > >>>> Trying to get sqlmap to run against DVWA's SQL injection page. DVWA > >>>> has a normal PHP login form which when logged in sets the following > >>>> cookies: > >>>> > >>>> Cookies: security=low; PHPSESSID=25e295bd67654538970df074f7083d2d > >>>> > >>>> Here is the command and error I am receiving, any help appreciated. > >>>> > >>>> > ------------------------------------------------------------------------------------------------------ > >>>> #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1 > " > >>>> --cookie=security=low; PHPSESSID=25e295bd67654538970df074f7083d2d > >>>> > >>>> sqlmap/0.8-rc4 > >>>> by Bernardo Damele A. G. <ber...@gm...> > >>>> > >>>> [*] starting at: 00:03:28 > >>>> > >>>> [00:03:28] [INFO] using > >>>> '/pentest/database/sqlmap/output/127.0.0.1/session' as session file > >>>> [00:03:28] [INFO] resuming match ratio '0.998' from session file > >>>> [00:03:28] [INFO] testing connection to the target url > >>>> you provided an HTTP Cookie header value. The target url provided its > >>>> own Cookie within the HTTP Set-Cookie header. Do you want to continue > >>>> using the HTTP Cookie values that you provided? [Y/n] y > >>>> [00:03:41] [INFO] testing if the url is stable, wait a few seconds > >>>> [00:03:42] [INFO] url is stable > >>>> [00:03:42] [INFO] testing if User-Agent parameter 'User-Agent' is > dynamic > >>>> [00:03:42] [WARNING] User-Agent parameter 'User-Agent' is not dynamic > >>>> [00:03:42] [INFO] testing if Cookie parameter 'security' is dynamic > >>>> [00:03:42] [WARNING] Cookie parameter 'security' is not dynamic > >>>> [00:03:42] [INFO] testing if GET parameter 'id' is dynamic > >>>> [00:03:43] [WARNING] GET parameter 'id' is not dynamic > >>>> > >>>> [*] shutting down at: 00:03:43 > >>>> > --------------------------------------------------------------------------------------------------------------------- > >>>> > >>>> Thank you, > >>>> Ryan > >>>> > >>>> -- > >>>> Ryan Dewhurst > >>>> > >>>> http://www.ethicalhack3r.co.uk > >>>> http://www.dvwa.co.uk > >>>> http://www.twitter.com/ethicalhack3r > >>>> > >>>> > ------------------------------------------------------------------------------ > >>>> Download Intel® Parallel Studio Eval > >>>> Try the new software tools for yourself. Speed compiling, find bugs > >>>> proactively, and fine-tune applications for parallel performance. > >>>> See why Intel Parallel Studio got high marks during beta. > >>>> http://p.sf.net/sfu/intel-sw-dev > >>>> _______________________________________________ > >>>> sqlmap-users mailing list > >>>> sql...@li... > >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users > >>>> > >>> > >> > >> > >> > >> -- > >> Ryan Dewhurst > >> > >> http://www.ethicalhack3r.co.uk > >> http://www.dvwa.co.uk > >> http://www.twitter.com/ethicalhack3r > >> > > > > > > > > -- > > Ryan Dewhurst > > > > http://www.ethicalhack3r.co.uk > > http://www.dvwa.co.uk > > http://www.twitter.com/ethicalhack3r > > > > > > -- > Ryan Dewhurst > > http://www.ethicalhack3r.co.uk > http://www.dvwa.co.uk > http://www.twitter.com/ethicalhack3r > > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Bernardo D. A. G. <ber...@gm...> - 2010-02-23 09:31:56
|
Ryan, if sqlmap can't detect the SQL injection after you give a try to the latest development version, then try to exploit it yourself manually, identify the SQL payload and provide sqlmap with --prefix, --postfix and, if needed, --string. Refer to the user's manual for details and examples. Bernardo On Tue, Feb 23, 2010 at 00:33, Ryan Dewhurst <rya...@gm...> wrote: > Ok, the cookies now seem to be being sent however sqlmap is still > reporting that it is uninjectable. The working command is: > > #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" > --cookie="security=low; PHPSESSID=25e295bd67654538970df074f7083d2d" -p > id -v 3 > > I have checked and double checked the cookie values. > > On 23 February 2010 00:21, Ryan Dewhurst <rya...@gm...> wrote: >> I removed the ; from the command and it seemed to test the id >> parameter however it is saying it is not injectable when it clearly >> is. >> >> I am running MySQL5. The one pre installed in Backtrack 4 Final by default. >> >> Thank you. >> >> On 23 February 2010 00:17, Ryan Dewhurst <rya...@gm...> wrote: >>> When I add the -p flag I get the following error: >>> >>> bash: -p: command not found >>> >>> Because it is interpreting the flag as a separate command It must be >>> my cookie syntax which is incorrect. It is possibly ending the sqlmap >>> command after the ; >>> >>> Does any one know if I am using the correct syntax for the cookies? >>> >>> Thanks again! >>> >>> On 23 February 2010 00:12, Patrick Webster <pa...@au...> wrote: >>>> try adding >>>> >>>> -p id >>>> >>>> to force it to test id >>>> >>>> -Patrick >>>> >>>> On Tue, Feb 23, 2010 at 11:09 AM, Ryan Dewhurst <rya...@gm...> wrote: >>>>> Hi, >>>>> Trying to get sqlmap to run against DVWA's SQL injection page. DVWA >>>>> has a normal PHP login form which when logged in sets the following >>>>> cookies: >>>>> >>>>> Cookies: security=low; PHPSESSID=25e295bd67654538970df074f7083d2d >>>>> >>>>> Here is the command and error I am receiving, any help appreciated. >>>>> >>>>> ------------------------------------------------------------------------------------------------------ >>>>> #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" >>>>> --cookie=security=low; PHPSESSID=25e295bd67654538970df074f7083d2d >>>>> >>>>> sqlmap/0.8-rc4 >>>>> by Bernardo Damele A. G. <ber...@gm...> >>>>> >>>>> [*] starting at: 00:03:28 >>>>> >>>>> [00:03:28] [INFO] using >>>>> '/pentest/database/sqlmap/output/127.0.0.1/session' as session file >>>>> [00:03:28] [INFO] resuming match ratio '0.998' from session file >>>>> [00:03:28] [INFO] testing connection to the target url >>>>> you provided an HTTP Cookie header value. The target url provided its >>>>> own Cookie within the HTTP Set-Cookie header. Do you want to continue >>>>> using the HTTP Cookie values that you provided? [Y/n] y >>>>> [00:03:41] [INFO] testing if the url is stable, wait a few seconds >>>>> [00:03:42] [INFO] url is stable >>>>> [00:03:42] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic >>>>> [00:03:42] [WARNING] User-Agent parameter 'User-Agent' is not dynamic >>>>> [00:03:42] [INFO] testing if Cookie parameter 'security' is dynamic >>>>> [00:03:42] [WARNING] Cookie parameter 'security' is not dynamic >>>>> [00:03:42] [INFO] testing if GET parameter 'id' is dynamic >>>>> [00:03:43] [WARNING] GET parameter 'id' is not dynamic >>>>> >>>>> [*] shutting down at: 00:03:43 >>>>> --------------------------------------------------------------------------------------------------------------------- >>>>> >>>>> Thank you, >>>>> Ryan >>>>> >>>>> -- >>>>> Ryan Dewhurst >>>>> >>>>> http://www.ethicalhack3r.co.uk >>>>> http://www.dvwa.co.uk >>>>> http://www.twitter.com/ethicalhack3r >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Download Intel® Parallel Studio Eval >>>>> Try the new software tools for yourself. Speed compiling, find bugs >>>>> proactively, and fine-tune applications for parallel performance. >>>>> See why Intel Parallel Studio got high marks during beta. >>>>> http://p.sf.net/sfu/intel-sw-dev >>>>> _______________________________________________ >>>>> sqlmap-users mailing list >>>>> sql...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>> >>>> >>> >>> >>> >>> -- >>> Ryan Dewhurst >>> >>> http://www.ethicalhack3r.co.uk >>> http://www.dvwa.co.uk >>> http://www.twitter.com/ethicalhack3r >>> >> >> >> >> -- >> Ryan Dewhurst >> >> http://www.ethicalhack3r.co.uk >> http://www.dvwa.co.uk >> http://www.twitter.com/ethicalhack3r >> > > > > -- > Ryan Dewhurst > > http://www.ethicalhack3r.co.uk > http://www.dvwa.co.uk > http://www.twitter.com/ethicalhack3r > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
From: Patrick W. <pa...@au...> - 2010-02-23 01:13:41
|
try adding -p id to force it to test id -Patrick On Tue, Feb 23, 2010 at 11:09 AM, Ryan Dewhurst <rya...@gm...> wrote: > Hi, > Trying to get sqlmap to run against DVWA's SQL injection page. DVWA > has a normal PHP login form which when logged in sets the following > cookies: > > Cookies: security=low; PHPSESSID=25e295bd67654538970df074f7083d2d > > Here is the command and error I am receiving, any help appreciated. > > ------------------------------------------------------------------------------------------------------ > #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" > --cookie=security=low; PHPSESSID=25e295bd67654538970df074f7083d2d > > sqlmap/0.8-rc4 > by Bernardo Damele A. G. <ber...@gm...> > > [*] starting at: 00:03:28 > > [00:03:28] [INFO] using > '/pentest/database/sqlmap/output/127.0.0.1/session' as session file > [00:03:28] [INFO] resuming match ratio '0.998' from session file > [00:03:28] [INFO] testing connection to the target url > you provided an HTTP Cookie header value. The target url provided its > own Cookie within the HTTP Set-Cookie header. Do you want to continue > using the HTTP Cookie values that you provided? [Y/n] y > [00:03:41] [INFO] testing if the url is stable, wait a few seconds > [00:03:42] [INFO] url is stable > [00:03:42] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic > [00:03:42] [WARNING] User-Agent parameter 'User-Agent' is not dynamic > [00:03:42] [INFO] testing if Cookie parameter 'security' is dynamic > [00:03:42] [WARNING] Cookie parameter 'security' is not dynamic > [00:03:42] [INFO] testing if GET parameter 'id' is dynamic > [00:03:43] [WARNING] GET parameter 'id' is not dynamic > > [*] shutting down at: 00:03:43 > --------------------------------------------------------------------------------------------------------------------- > > Thank you, > Ryan > > -- > Ryan Dewhurst > > http://www.ethicalhack3r.co.uk > http://www.dvwa.co.uk > http://www.twitter.com/ethicalhack3r > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > |
From: Ryan D. <rya...@gm...> - 2010-02-23 01:30:31
|
When I add the -p flag I get the following error: bash: -p: command not found Because it is interpreting the flag as a separate command It must be my cookie syntax which is incorrect. It is possibly ending the sqlmap command after the ; Does any one know if I am using the correct syntax for the cookies? Thanks again! On 23 February 2010 00:12, Patrick Webster <pa...@au...> wrote: > try adding > > -p id > > to force it to test id > > -Patrick > > On Tue, Feb 23, 2010 at 11:09 AM, Ryan Dewhurst <rya...@gm...> wrote: >> Hi, >> Trying to get sqlmap to run against DVWA's SQL injection page. DVWA >> has a normal PHP login form which when logged in sets the following >> cookies: >> >> Cookies: security=low; PHPSESSID=25e295bd67654538970df074f7083d2d >> >> Here is the command and error I am receiving, any help appreciated. >> >> ------------------------------------------------------------------------------------------------------ >> #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" >> --cookie=security=low; PHPSESSID=25e295bd67654538970df074f7083d2d >> >> sqlmap/0.8-rc4 >> by Bernardo Damele A. G. <ber...@gm...> >> >> [*] starting at: 00:03:28 >> >> [00:03:28] [INFO] using >> '/pentest/database/sqlmap/output/127.0.0.1/session' as session file >> [00:03:28] [INFO] resuming match ratio '0.998' from session file >> [00:03:28] [INFO] testing connection to the target url >> you provided an HTTP Cookie header value. The target url provided its >> own Cookie within the HTTP Set-Cookie header. Do you want to continue >> using the HTTP Cookie values that you provided? [Y/n] y >> [00:03:41] [INFO] testing if the url is stable, wait a few seconds >> [00:03:42] [INFO] url is stable >> [00:03:42] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic >> [00:03:42] [WARNING] User-Agent parameter 'User-Agent' is not dynamic >> [00:03:42] [INFO] testing if Cookie parameter 'security' is dynamic >> [00:03:42] [WARNING] Cookie parameter 'security' is not dynamic >> [00:03:42] [INFO] testing if GET parameter 'id' is dynamic >> [00:03:43] [WARNING] GET parameter 'id' is not dynamic >> >> [*] shutting down at: 00:03:43 >> --------------------------------------------------------------------------------------------------------------------- >> >> Thank you, >> Ryan >> >> -- >> Ryan Dewhurst >> >> http://www.ethicalhack3r.co.uk >> http://www.dvwa.co.uk >> http://www.twitter.com/ethicalhack3r >> >> ------------------------------------------------------------------------------ >> Download Intel® Parallel Studio Eval >> Try the new software tools for yourself. Speed compiling, find bugs >> proactively, and fine-tune applications for parallel performance. >> See why Intel Parallel Studio got high marks during beta. >> http://p.sf.net/sfu/intel-sw-dev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > -- Ryan Dewhurst http://www.ethicalhack3r.co.uk http://www.dvwa.co.uk http://www.twitter.com/ethicalhack3r |
From: Ryan D. <rya...@gm...> - 2010-02-23 01:28:38
|
I removed the ; from the command and it seemed to test the id parameter however it is saying it is not injectable when it clearly is. I am running MySQL5. The one pre installed in Backtrack 4 Final by default. Thank you. On 23 February 2010 00:17, Ryan Dewhurst <rya...@gm...> wrote: > When I add the -p flag I get the following error: > > bash: -p: command not found > > Because it is interpreting the flag as a separate command It must be > my cookie syntax which is incorrect. It is possibly ending the sqlmap > command after the ; > > Does any one know if I am using the correct syntax for the cookies? > > Thanks again! > > On 23 February 2010 00:12, Patrick Webster <pa...@au...> wrote: >> try adding >> >> -p id >> >> to force it to test id >> >> -Patrick >> >> On Tue, Feb 23, 2010 at 11:09 AM, Ryan Dewhurst <rya...@gm...> wrote: >>> Hi, >>> Trying to get sqlmap to run against DVWA's SQL injection page. DVWA >>> has a normal PHP login form which when logged in sets the following >>> cookies: >>> >>> Cookies: security=low; PHPSESSID=25e295bd67654538970df074f7083d2d >>> >>> Here is the command and error I am receiving, any help appreciated. >>> >>> ------------------------------------------------------------------------------------------------------ >>> #./sqlmap.py -u "http://127.0.0.1/dvwa_svn/vulnerabilities/sqli/?id=1" >>> --cookie=security=low; PHPSESSID=25e295bd67654538970df074f7083d2d >>> >>> sqlmap/0.8-rc4 >>> by Bernardo Damele A. G. <ber...@gm...> >>> >>> [*] starting at: 00:03:28 >>> >>> [00:03:28] [INFO] using >>> '/pentest/database/sqlmap/output/127.0.0.1/session' as session file >>> [00:03:28] [INFO] resuming match ratio '0.998' from session file >>> [00:03:28] [INFO] testing connection to the target url >>> you provided an HTTP Cookie header value. The target url provided its >>> own Cookie within the HTTP Set-Cookie header. Do you want to continue >>> using the HTTP Cookie values that you provided? [Y/n] y >>> [00:03:41] [INFO] testing if the url is stable, wait a few seconds >>> [00:03:42] [INFO] url is stable >>> [00:03:42] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic >>> [00:03:42] [WARNING] User-Agent parameter 'User-Agent' is not dynamic >>> [00:03:42] [INFO] testing if Cookie parameter 'security' is dynamic >>> [00:03:42] [WARNING] Cookie parameter 'security' is not dynamic >>> [00:03:42] [INFO] testing if GET parameter 'id' is dynamic >>> [00:03:43] [WARNING] GET parameter 'id' is not dynamic >>> >>> [*] shutting down at: 00:03:43 >>> --------------------------------------------------------------------------------------------------------------------- >>> >>> Thank you, >>> Ryan >>> >>> -- >>> Ryan Dewhurst >>> >>> http://www.ethicalhack3r.co.uk >>> http://www.dvwa.co.uk >>> http://www.twitter.com/ethicalhack3r >>> >>> ------------------------------------------------------------------------------ >>> Download Intel® Parallel Studio Eval >>> Try the new software tools for yourself. Speed compiling, find bugs >>> proactively, and fine-tune applications for parallel performance. >>> See why Intel Parallel Studio got high marks during beta. >>> http://p.sf.net/sfu/intel-sw-dev >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >> > > > > -- > Ryan Dewhurst > > http://www.ethicalhack3r.co.uk > http://www.dvwa.co.uk > http://www.twitter.com/ethicalhack3r > -- Ryan Dewhurst http://www.ethicalhack3r.co.uk http://www.dvwa.co.uk http://www.twitter.com/ethicalhack3r |