hi Anastasios. this is probably related to the "DNS leakage patch" which was done recently.
could you please tell which "proxy tool" are you using (if any)? i've tried with Burp and Tor and everything worked fine. kr On Tue, Jun 21, 2011 at 10:01 PM, Anastasios Monachos <anastasi...@gmail.com> wrote: > Hi all, > > Not sure if the problem relates with the one described in a previous post by > David Alvarez, however, again, the traffic never goes through my proxy using > the command below, this does not seem to happen for sqlmap/0.9 > > [secuid0] /opt/pentest/svn/sqlmap $ ./sqlmap.py -u > "http://www.xxxxxxxxx.xxxx/xyz/qwe/page.asp?par1=2&par2=2&par3=62"; -p par3 > --dbs --random-agent --proxy "http://127.0.0.1:8080"; > > sqlmap/1.0-dev (r4151) - automatic SQL injection and database takeover > tool > http://sqlmap.sourceforge.net > > [!] legal disclaimer: usage of sqlmap for attacking targets without prior > mutual consent is illegal. It is the end user's responsibility to obey all > applicable local, state and federal laws. Authors assume no liability and > are not responsible for any misuse or damage caused by this program > > [*] starting at 22:46:49 > > [22:37:49] [DEBUG] cleaning up configuration parameters > [22:37:49] [DEBUG] setting the HTTP timeout > [22:37:49] [DEBUG] loading random HTTP User-Agent header(s) from file > '/opt/pentest/svn/sqlmap/txt/user-agents.txt' > [22:37:49] [INFO] fetched random HTTP User-Agent header from file > '/opt/pentest/svn/sqlmap/txt/user-agents.txt': Mozilla/5.0 (Windows; U; > Windows NT 5.1; en-US; rv:1.8.1) Gecko/20060918 Firefox/2.0 > [22:37:49] [DEBUG] setting the HTTP method to GET > [22:37:49] [DEBUG] setting the HTTP proxy to pass by all HTTP requests > [22:37:49] [DEBUG] creating HTTP requests opener object > [22:37:49] [INFO] using > '/opt/pentest/svn/sqlmap/output/www.xxxxxxxxx.xxx/session' as session file > [22:37:49] [INFO] resuming injection data from session file > [22:37:49] [INFO] resuming back-end DBMS 'microsoft sql server 20xx' from > session file > [22:37:49] [INFO] testing connection to the target url > [22:37:49] [CRITICAL] unable to connect to the target url or proxy, sqlmap > is going to retry the request > [22:37:49] [WARNING] if the problem persists please check that the provided > target url is valid. If it is, you can try to rerun with the --random-agent > switch turned on and/or proxy switches (--ignore-proxy, --proxy,...) > [22:37:50] [CRITICAL] unable to connect to the target url or proxy, sqlmap > is going to retry the request > [22:37:51] [CRITICAL] unable to connect to the target url or proxy, sqlmap > is going to retry the request > [22:37:52] [CRITICAL] unable to connect to the target url or proxy > > [*] shutting down at 22:46:52 > > > Thanks! > -- > AM (secuid0) > Key ID: 0x5EB17EE7 > > ------------------------------------------------------------------------------ > EditLive Enterprise is the world's most technically advanced content > authoring tool. Experience the power of Track Changes, Inline Image > Editing and ensure content is compliant with Accessibility Checking. > http://p.sf.net/sfu/ephox-dev2dev > _______________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > -- Miroslav Stampar (@stamparm) E-mail: miroslav.stampar (at) gmail.com PGP Key ID: 0xB5397B1B ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
