Hi,
@buawig Thank you for your help. You understood me!
@Miroslav Thank you very much for the patch
kind regards
From: Miroslav Stampar
<miroslav.stampar@...<http://gmane.org/get-address.php?address=miroslav.stampar%2dRe5JQEeQqe8AvxtiuMwx3w%40public.gmane.org>
>
Subject: Re: sqlmap through
proxy<http://news.gmane.org/find-root.php?message_id=%3cBANLkTinzosjQ04uiRX3x0srZFPGrUCmouw%40mail.gmail.com%3e>
Newsgroups:
gmane.comp.security.sqlmap<http://news.gmane.org/gmane.comp.security.sqlmap>
Date: 2011-06-19 09:54:19 GMT (22 hours and 4 minutes ago)
hi buawig.
find it "patched" in the latest commit.
kind regards
On Sun, Jun 19, 2011 at 1:33 AM, <buawig@...
<http://gmane.org/get-address.php?address=buawig%2dRe5JQEeQqe8AvxtiuMwx3w%40public.gmane.org>>
wrote:
> Miroslav Stampar wrote:
>> quote from that same paragraph:
>>
>> "
>> 10.5.5 504 Gateway Timeout
>>
>> The server, while acting as a gateway or proxy, did not receive a
>> timely response from the upstream server specified by the URI (e.g.
>> HTTP, FTP, LDAP) or some other auxiliary server (e.g. DNS) it needed
>> to access in attempting to complete the request.
>> "
>>
>> it clearly says that 504 is a general timeout without specific
>> "cause". it says that it can be caused by remote server, DNS,...
>
> Yes I read the paragraph that I linked. ;)
>
>
>> thing is that we don't know what's causing it (neither that 504 says
>> the source as stated from that paragraph) and we need to treat it as
>> any other timeout. also, i don't see any problems with that approach.
>
> You probably misunderstood me or I was not clear enough.
> The important thing was
> "the response came not from the upstream target specified in -u and
> should not interpreted as such"
>
> If sqlmap would treat 504 'as any other timeout' then I wouldn't have
> posted the link because that is what I'm expecting - sqlmap should treat
> 504 like timeouts, but it does not seam to treat it as a timeout at all:
>
> test on a _*non*_ existing domain with proxy while the proxy returns 504
> +html page (status page):
>
> [INFO] testing connection to the target url
> [INFO] heuristics detected web page charset 'ascii'
> [WARNING] the web server responded with an HTTP error code which could
> interfere with the results of the tests
> [INFO] testing if the url is stable, wait a few seconds
> [WARNING] url is not stable, sqlmap will base the page comparison on a
> sequence matcher. If no dynamic nor injectable parameters are detected,
> or in case of junk results, refer to user's manual paragraph 'Page
> comparison' and provide a string or regular expression to match on
> how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit]
>
> >From this output I guess sqlmap interprets the html page from the proxy
> (504 status page) as if it were the page from the target and starts
> testing. The question is, why does it start testing when it doesn't
> reach the target?
>
> It probably should look like this:
>
> [INFO] testing connection to the target url
> [CRITICAL] unable to connect to the target url (504 - Gateway Timeout),
> sqlmap is going to retry the request
> [CRITICAL] unable to connect to the target url (504 - Gateway Timeout,
> sqlmap is going to retry the request
>
> [*] shutting down...
>
> sqlmap should not interpret the html page from the proxy as an html page
> from a target if the proxy returns 504 (the reason does not really matter).
>
>
> In future everyone will return 504 to avoid sqlmap scans ;)
>
>
> ------------------------------------------------------------------------------
> EditLive Enterprise is the world's most technically advanced content
> authoring tool. Experience the power of Track Changes, Inline Image
> Editing and ensure content is compliant with Accessibility Checking.
> http://p.sf.net/sfu/ephox-dev2dev
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@...
> <http://gmane.org/get-address.php?address=sqlmap%2dusers%2d5NWGOfrQmneRv%2bLV9MX5uipxlwaOVQ5f%40public.gmane.org>
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Miroslav Stampar
On Fri, Jun 17, 2011 at 4:11 PM, Miroslav Stampar <
miroslav.stam...@gmail.com> wrote:
> hi buawig.
>
> well, sure there is a misunderstanding here :)
>
> http://superuser.com/questions/272714/why-still-dns-lookup-when-using-proxy
>
> quote:
> "Even when connecting via a proxy your browser needs to get the IP
> address for the web site domain. Generally it will directly query the
> DNS servers. If you are using a Socks 5 proxy, you can have the DNS
> queries go through your proxy."
>
> there has to be a DNS request when dealing with HTTP proxy.
>
> about DNS leaks with TOR. we are aware of this issue and there is no
> easy way out of it. believe me. I've spent three days searching and
> implementing and there is NO easy way out of it. we can try to search
> and use things like "tor-resolve" but it will work just for minor
> number of cases (users which prepare environment for it).
>
> also, remember that solution I was doing for web based nslookup. i
> still have the code, but it would be a decision on a user to trust it
> or not.
>
> kr
>
> On Fri, Jun 17, 2011 at 3:41 PM, <bua...@gmail.com> wrote:
> > Miroslav Stampar wrote:
> >> hi David.
> >>
> >> you won't be able to redirect DNS requests through HTTP(s) proxy for
> sure.
> >
> > I think there is a misunderstanding here.
> >
> > If you configure an application to route its HTTP(s) requests through a
> > proxy the application itself should not generate any DNS requests.
> > The application will also not send DNS requests to the proxy.
> >
> > The application - in this case sqlmap - should just ask the proxy to
> > send a HTTP request to example.com, the proxy will take care of DNS
> > resolution.
> >
> > I just tried sqlmap with --proxy and this is in my opinion a bug because
> > sqlmap issues DNS queries even if --proxy is used.
> >
> > This bug can be quite serious for the guys using
> > --tor
> > or
> > --proxy http://localhost:8118
> > because sqlmap will leak DNS queries to the local DNS server.
> >
> >
> >
>
>
>
> --
> Miroslav Stampar
>
> E-mail: miroslav.stampar (at) gmail.com
> PGP Key ID: 0xB5397B1B
>
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
