Dear SQLMap developer
I found the bug from SQLMap from 2 URLs in my company that are shown below
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*--=== RESULT FROM SERVER A to URL A ===--*
[00:05:04] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4203), retry
your run with the latest development version from the Subversion repository.
If the exception persists, please send by e-mail to
sqlmap-users@lists.sourceforge.net the following text and any information
required to reproduce the bug. The developers will try to reproduce the bug,
fix it accordingly and get back to you.
*sqlmap version: 1.0-dev (r4203)
Python version: 2.6.6*
Operating system: posix
Command line: ./sqlmap.py -u
**************************************************** --threads=10 --dump -C
*********************** -T tb_register -D ****** -v 1 --random-agent
Technique: BOOLEAN
Back-end DBMS: Microsoft SQL Server (fingerprinted)
Traceback (most recent call last):
File "./sqlmap.py", line 86, in main
start()
File "/home/tum/sqlmap-dev/lib/controller/controller.py", line 551, in
start
action()
File "/home/tum/sqlmap-dev/lib/controller/action.py", line 109, in action
conf.dbmsHandler.dumpTable()
File "/home/tum/sqlmap-dev/plugins/generic/enumeration.py", line 1695, in
dumpTable
retVal = self.__pivotDumpTable(table, colList, count, blind=True)
File "/home/tum/sqlmap-dev/plugins/generic/enumeration.py", line 1450, in
__pivotDumpTable
value = inject.getValue(query, inband=False, error=False)
File "/home/tum/sqlmap-dev/lib/request/inject.py", line 456, in getValue
value = __goInferenceProxy(query, fromUser, expected, batch,
resumeValue, unpack, charsetType, firstChar, lastChar, dump)
File "/home/tum/sqlmap-dev/lib/request/inject.py", line 321, in
__goInferenceProxy
outputs = __goInferenceFields(expression, expressionFields,
expressionFieldsList, payload, expected, resumeValue=resumeValue,
charsetType=charsetType, firstChar=firstChar, lastChar=lastChar, dump=dump)
File "/home/tum/sqlmap-dev/lib/request/inject.py", line 102, in
__goInferenceFields
output = __goInference(payload, expressionReplaced, charsetType,
firstChar, lastChar, dump)
File "/home/tum/sqlmap-dev/lib/request/inject.py", line 66, in
__goInference
count, value = bisection(payload, expression, length, charsetType,
firstChar, lastChar, dump)
File "/home/tum/sqlmap-dev/lib/techniques/blind/inference.py", line 423,
in bisection
thread.start()
File "/usr/lib/python2.6/threading.py", line 474, in start
_start_new_thread(self.__bootstrap, ())
error: can't start new thread
[*] shutting down at 00:05:04
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*--=== RESULT FROM SERVER B to URL B ===--*
[19:32:56] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4182), retry
your run with the latest development version from the Subversion repository.
If the exception persists, please send by e-mail to
sqlmap-users@lists.sourceforge.net the following text and any information
required to reproduce the bug. The developers will try to reproduce the bug,
fix it accordingly and get back to you.
*sqlmap version: 1.0-dev (r4182)
Python version: 2.5.2*
Operating system: posix
Command line: ./sqlmap.py -u
http://www.mysite.com/index.php?page=data&cmd=play&id=879 --dump -C
username,telephone,email -T member -D webdev -v 1 --user-agent=IE 7.0
--threads=15
Technique: BOOLEAN
Back-end DBMS: MySQL (fingerprinted)
Traceback (most recent call last):
File "./sqlmap.py", line 86, in main
start()
File "/home/tum/SQL/sqlmap-dev/lib/controller/controller.py", line 551, in
start
action()
File "/home/tum/SQL/sqlmap-dev/lib/controller/action.py", line 109, in
action
conf.dbmsHandler.dumpTable()
File "/home/tum/SQL/sqlmap-dev/plugins/generic/enumeration.py", line 1723,
in dumpTable
value = inject.getValue(query, inband=False, error=False, dump=True)
File "/home/tum/SQL/sqlmap-dev/lib/request/inject.py", line 456, in
getValue
value = __goInferenceProxy(query, fromUser, expected, batch,
resumeValue, unpack, charsetType, firstChar, lastChar, dump)
File "/home/tum/SQL/sqlmap-dev/lib/request/inject.py", line 321, in
__goInferenceProxy
outputs = __goInferenceFields(expression, expressionFields,
expressionFieldsList, payload, expected, resumeValue=resumeValue,
charsetType=charsetType, firstChar=firstChar, lastChar=lastChar, dump=dump)
File "/home/tum/SQL/sqlmap-dev/lib/request/inject.py", line 102, in
__goInferenceFields
output = __goInference(payload, expressionReplaced, charsetType,
firstChar, lastChar, dump)
File "/home/tum/SQL/sqlmap-dev/lib/request/inject.py", line 66, in
__goInference
count, value = bisection(payload, expression, length, charsetType,
firstChar, lastChar, dump)
File "/home/tum/SQL/sqlmap-dev/lib/techniques/blind/inference.py", line
423, in bisection
thread.start()
File "/usr/lib/python2.5/threading.py", line 440, in start
_start_new_thread(self.__bootstrap, ())
error: can't start new thread
[*] shutting down at 19:32:57
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Please see an attachment file for theserver specification that run the
sqlmap program
--
- Phatthanaphol R. -
-= CPU SPECIFICATION =-
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 15
model name : Intel(R) Xeon(R) CPU E5345 @ 2.33GHz
stepping : 7
cpu MHz : 2327.587
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 10
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc a
rch_perfmon pebs bts pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm
bogomips : 4658.87
clflush size : 64
power management:
processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 15
model name : Intel(R) Xeon(R) CPU E5345 @ 2.33GHz
stepping : 7
cpu MHz : 2327.587
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 1
cpu cores : 4
apicid : 1
initial apicid : 1
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 10
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc a
rch_perfmon pebs bts pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm
bogomips : 4655.01
clflush size : 64
power management:
processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 15
model name : Intel(R) Xeon(R) CPU E5345 @ 2.33GHz
stepping : 7
cpu MHz : 2327.587
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 2
cpu cores : 4
apicid : 2
initial apicid : 2
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 10
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc a
rch_perfmon pebs bts pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm
bogomips : 4655.03
clflush size : 64
power management:
processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 15
model name : Intel(R) Xeon(R) CPU E5345 @ 2.33GHz
stepping : 7
cpu MHz : 2327.587
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 3
cpu cores : 4
apicid : 3
initial apicid : 3
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 10
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc a
rch_perfmon pebs bts pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm
bogomips : 4655.04
clflush size : 64
power management:
processor : 4
vendor_id : GenuineIntel
cpu family : 6
model : 15
model name : Intel(R) Xeon(R) CPU E5345 @ 2.33GHz
stepping : 7
cpu MHz : 2327.587
cache size : 4096 KB
physical id : 1
siblings : 4
core id : 0
cpu cores : 4
apicid : 4
initial apicid : 4
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 10
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc a
rch_perfmon pebs bts pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm
bogomips : 4655.06
clflush size : 64
power management:
processor : 5
vendor_id : GenuineIntel
cpu family : 6
model : 15
model name : Intel(R) Xeon(R) CPU E5345 @ 2.33GHz
stepping : 7
cpu MHz : 2327.587
cache size : 4096 KB
physical id : 1
siblings : 4
core id : 1
cpu cores : 4
apicid : 5
initial apicid : 5
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 10
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc a
rch_perfmon pebs bts pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm
bogomips : 4655.05
clflush size : 64
power management:
processor : 6
vendor_id : GenuineIntel
cpu family : 6
model : 15
model name : Intel(R) Xeon(R) CPU E5345 @ 2.33GHz
stepping : 7
cpu MHz : 2327.587
cache size : 4096 KB
physical id : 1
siblings : 4
core id : 2
cpu cores : 4
apicid : 6
initial apicid : 6
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 10
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc a
rch_perfmon pebs bts pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm
bogomips : 4655.06
clflush size : 64
power management:
processor : 7
vendor_id : GenuineIntel
cpu family : 6
model : 15
model name : Intel(R) Xeon(R) CPU E5345 @ 2.33GHz
stepping : 7
cpu MHz : 2327.587
cache size : 4096 KB
physical id : 1
siblings : 4
core id : 3
cpu cores : 4
apicid : 7
initial apicid : 7
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 10
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc a
rch_perfmon pebs bts pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm
bogomips : 4655.06
clflush size : 64
power management:
------------------------------------------------------------------------------------------------------------------------------------------
-= MEMORY =-
total used free shared buffers cached
Mem: 4148348 3988128 160220 0 176036 3595248
-/+ buffers/cache: 216844 3931504
Swap: 3903752 14836 3888916
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
