Hello, excellent response as always:)
Tried Burp 1.3.08 and ZAP 1.3.0
also just set a local ncat listener to check if any traffic will come
through but nothing sent using r4151, sqlmap/0.9 worked fine though.
Thanks!
On 21 June 2011 23:08, Miroslav Stampar <miroslav.stam...@gmail.com> wrote:
> hi Anastasios.
>
> this is probably related to the "DNS leakage patch" which was done
> recently.
>
> could you please tell which "proxy tool" are you using (if any)? i've
> tried with Burp and Tor and everything worked fine.
>
> kr
>
> On Tue, Jun 21, 2011 at 10:01 PM, Anastasios Monachos
> <anastasi...@gmail.com> wrote:
> > Hi all,
> >
> > Not sure if the problem relates with the one described in a previous post
> by
> > David Alvarez, however, again, the traffic never goes through my proxy
> using
> > the command below, this does not seem to happen for sqlmap/0.9
> >
> > [secuid0] /opt/pentest/svn/sqlmap $ ./sqlmap.py -u
> > "http://www.xxxxxxxxx.xxxx/xyz/qwe/page.asp?par1=2&par2=2&par3=62"; -p
> par3
> > --dbs --random-agent --proxy "http://127.0.0.1:8080";
> >
> > sqlmap/1.0-dev (r4151) - automatic SQL injection and database
> takeover
> > tool
> > http://sqlmap.sourceforge.net
> >
> > [!] legal disclaimer: usage of sqlmap for attacking targets without prior
> > mutual consent is illegal. It is the end user's responsibility to obey
> all
> > applicable local, state and federal laws. Authors assume no liability and
> > are not responsible for any misuse or damage caused by this program
> >
> > [*] starting at 22:46:49
> >
> > [22:37:49] [DEBUG] cleaning up configuration parameters
> > [22:37:49] [DEBUG] setting the HTTP timeout
> > [22:37:49] [DEBUG] loading random HTTP User-Agent header(s) from file
> > '/opt/pentest/svn/sqlmap/txt/user-agents.txt'
> > [22:37:49] [INFO] fetched random HTTP User-Agent header from file
> > '/opt/pentest/svn/sqlmap/txt/user-agents.txt': Mozilla/5.0 (Windows; U;
> > Windows NT 5.1; en-US; rv:1.8.1) Gecko/20060918 Firefox/2.0
> > [22:37:49] [DEBUG] setting the HTTP method to GET
> > [22:37:49] [DEBUG] setting the HTTP proxy to pass by all HTTP requests
> > [22:37:49] [DEBUG] creating HTTP requests opener object
> > [22:37:49] [INFO] using
> > '/opt/pentest/svn/sqlmap/output/www.xxxxxxxxx.xxx/session' as session
> file
> > [22:37:49] [INFO] resuming injection data from session file
> > [22:37:49] [INFO] resuming back-end DBMS 'microsoft sql server 20xx' from
> > session file
> > [22:37:49] [INFO] testing connection to the target url
> > [22:37:49] [CRITICAL] unable to connect to the target url or proxy,
> sqlmap
> > is going to retry the request
> > [22:37:49] [WARNING] if the problem persists please check that the
> provided
> > target url is valid. If it is, you can try to rerun with the
> --random-agent
> > switch turned on and/or proxy switches (--ignore-proxy, --proxy,...)
> > [22:37:50] [CRITICAL] unable to connect to the target url or proxy,
> sqlmap
> > is going to retry the request
> > [22:37:51] [CRITICAL] unable to connect to the target url or proxy,
> sqlmap
> > is going to retry the request
> > [22:37:52] [CRITICAL] unable to connect to the target url or proxy
> >
> > [*] shutting down at 22:46:52
> >
> >
> > Thanks!
> > --
> > AM (secuid0)
> > Key ID: 0x5EB17EE7
> >
> >
> ------------------------------------------------------------------------------
> > EditLive Enterprise is the world's most technically advanced content
> > authoring tool. Experience the power of Track Changes, Inline Image
> > Editing and ensure content is compliant with Accessibility Checking.
> > http://p.sf.net/sfu/ephox-dev2dev
> > _______________________________________________
> > sqlmap-users mailing list
> > sqlmap-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/sqlmap-users
> >
> >
>
>
>
> --
> Miroslav Stampar (@stamparm)
>
> E-mail: miroslav.stampar (at) gmail.com
> PGP Key ID: 0xB5397B1B
>
--
AM (secuid0)
Key ID: 0x5EB17EE7
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
