hi again. from now on threads shouldn't cause this kind of mess. with the last commit they are going to be silently killed - in your case that would mean that they'll just handle the bandwidth to others.
kr On Tue, Jun 7, 2011 at 8:00 AM, Miroslav Stampar <miroslav.stam...@gmail.com> wrote: > hi nightman. > > well, it's not really a bug: > "[04:53:24] [WARNING] if the problem persists please try to lower the > number of used threads (--threads)" > > i know that you've already used low number of threads (3) but it seems > that you have some connection issues with your host. so, i am not sure > how we could help :) > > kr > > On Tue, Jun 7, 2011 at 5:21 AM, <night...@email.de> wrote: >> This Bug is from my laptops sqlmap with python 2.7 The other problem is on >> another PC with still python 2.6 ;) >> >> sqlmap -u "http://website.com/feed.php?s=os&p=48693"; --random-agent >> --retries=6 --level 5 --risk 3 --common-tables -D Database >> >> Place: GET >> Parameter: s >> Type: boolean-based blind >> Title: AND boolean-based blind - WHERE or HAVING clause >> Payload: s=os' AND 611=611 AND 'oBcE'='oBcE&p=48693 >> >> Type: UNION query >> Title: MySQL UNION query (NULL) - 1 to 10 columns >> Payload: s=os' UNION ALL SELECT NULL, NULL, NULL, >> CONCAT(CHAR(58,99,112,106,58),CHAR(108,106,75,100,77,106 >> ,84,75,97,86),CHAR(58,119,106,120,58)), NULL, NULL, NULL# AND >> 'sOCX'='sOCX&p=48693 >> --- >> >> [04:52:32] [INFO] manual usage of GET payloads requires url encoding >> [04:52:32] [INFO] the back-end DBMS is MySQL >> >> web application technology: PHP 4.4.0, Apache 1.3.33 >> back-end DBMS: MySQL 4 >> [04:52:32] [INFO] checking table existence using items from >> 'C:\pentest\p\sqlmap.0.9-1\txt\comm >> on-tables.txt' >> [04:52:32] [INFO] adding words used on web page to the check list >> please enter number of threads? [Enter for 1 (current)] 3 >> [04:52:40] [WARNING] if the problem persists with 'None' values please try >> to use hidden switch --no-cast (fix >> ing problems with some collation issues) >> [04:53:23] [INFO] tried 74/3452 items (2%)[04:53:24] [CRITICAL] connection >> timed out to the target url or prox >> y, sqlmap is going to retry the request >> [04:53:24] [WARNING] if the problem persists please try to lower the number >> of used threads (--threads) >> [04:53:38] [INFO] tried 88/3452 items (3%) >> [04:53:39] [WARNING] user aborted during common table existence check. >> sqlmap will display some tables only >> Exception in thread 1: >> Traceback (most recent call last): >> File "C:\Python27\lib\threading.py", line 532, in __bootstrap_inner >> self.run() >> File "C:\Python27\lib\threading.py", line 485, in run >> self.__target(*self.__args, **self.__kwargs) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\brute\use.py", line 76, in >> tableExistsThread >> result = inject.checkBooleanExpression("%s" % >> safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), >> fullTableName))) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 519, in >> checkBooleanExpression >> value = getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, >> suppressOutput=True, expectingNon >> e=expectingNone) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 432, in >> getValue >> value = __goInband(forgeCaseExpression, expected, sort, resumeValue, >> unpack, dump) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 386, in >> __goInband >> output = unionUse(expression, unpack=unpack, dump=dump) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line >> 354, in unionUse >> value = __oneShotUnionUse(expression, unpack) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line >> 72, in __oneShotUni >> onUse >> page, headers = Request.queryPage(payload, content=True, raise404=False) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 585, in >> queryPage >> page, headers = Connect.getPage(url=uri, get=get, post=post, >> cookie=cookie, ua=ua, referer=referer, silent >> =silent, method=method, auxHeaders=auxHeaders, response=response, >> raise404=raise404, ignoreTimeout=timeBasedCo >> mpare) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 439, in >> getPage >> raise sqlmapConnectionException, warnMsg >> sqlmapConnectionException: unable to connect to the target url or proxy >> >> Exception in thread 2: >> Traceback (most recent call last): >> File "C:\Python27\lib\threading.py", line 532, in __bootstrap_inner >> self.run() >> File "C:\Python27\lib\threading.py", line 485, in run >> self.__target(*self.__args, **self.__kwargs) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\brute\use.py", line 76, in >> tableExistsThread >> result = inject.checkBooleanExpression("%s" % >> safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), >> fullTableName))) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 519, in >> checkBooleanExpression >> value = getValue(unescaper.unescape(expression), expected=EXPECTED.BOOL, >> suppressOutput=True, expectingNon >> e=expectingNone) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 432, in >> getValue >> value = __goInband(forgeCaseExpression, expected, sort, resumeValue, >> unpack, dump) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\inject.py", line 386, in >> __goInband >> output = unionUse(expression, unpack=unpack, dump=dump) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line >> 354, in unionUse >> value = __oneShotUnionUse(expression, unpack) >> File "C:\pentest\p\sqlmap.0.9-1\lib\techniques\inband\union\use.py", line >> 72, in __oneShotUni >> onUse >> page, headers = Request.queryPage(payload, content=True, raise404=False) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 585, in >> queryPage >> page, headers = Connect.getPage(url=uri, get=get, post=post, >> cookie=cookie, ua=ua, referer=referer, silent >> =silent, method=method, auxHeaders=auxHeaders, response=response, >> raise404=raise404, ignoreTimeout=timeBasedCo >> mpare) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 433, in >> getPage >> return Connect.__getPageProxy(**kwargs) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 73, in >> __getPageProxy >> return Connect.getPage(**kwargs) >> File "C:\pentest\p\sqlmap.0.9-1\lib\request\connect.py", line 439, in >> getPage >> raise sqlmapConnectionException, warnMsg >> sqlmapConnectionException: connection timed out to the target url or proxy >> >> >> [04:53:55] [WARNING] no table(s) found >> tables: '{}' >> >> [04:53:55] [INFO] Fetched data logged to text files under >> 'C:\pentest\p\sqlmap.0.9-1\output\ >> >> [*] shutting down at: 04:53:55 >> >> ------------------------------------------------------------------------------ >> EditLive Enterprise is the world's most technically advanced content >> authoring tool. Experience the power of Track Changes, Inline Image >> Editing and ensure content is compliant with Accessibility Checking. >> http://p.sf.net/sfu/ephox-dev2dev >> _______________________________________________ >> sqlmap-users mailing list >> sqlmap-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> > > > > -- > Miroslav Stampar > > E-mail: miroslav.stampar (at) gmail.com > PGP Key ID: 0xB5397B1B > -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com PGP Key ID: 0xB5397B1B ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
