Hi Muto, On 5 May 2011 19:58, Muto kirov <mutemut...@gmail.com> wrote: > I have set up a vulnerable php site with MySQL and used sqlmap against it to > test it. All working, except for the --os-shell, --os-pwn and the other os > system access commands. The problem is that sqlmap cannot upload the stager, > even when i specify the correct document root. Why is that happening ?
Did you verify that at least one folder within the document root is writable by the OS user running the Apache instance (www-data or nobody on GNU/Linux usually)? If so, please rerun by providing *first* the document root (eg. /var/www) and secondly, when asked, the exact full path of the writable directory (eg /var/www/writablefolder). If the folder is writable and the MySQL instance is running on the same OS of the web server and the DBMS user running the query (session user) has at least the FILE privilege, then sqlmap will succeed. If not, then there is potentially a bug and I recommend you answer to Miroslav's questions and provide us with further details (-t traffic.log -v3 --fresh-queries full output). Bernardo -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
