Well, here's a bug report crash-thingy... My cursory analysis is that the SQL PAYLOAD got sucked back up and, for some mysterious reason, re-parsed as a host:port value. Something like the hostname being "10.6.1.142) AND 5306=CAST... etc. ...ELSE 0 END))::" which then means that the port would be "text||CHR(58) ... and stuff"
Here's some, possibly relevant, options from the config file. crawlDepth = 10 forceSSL = True level = 5 risk = 3 tech = BEUST [18:28:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause' [18:28:19] [PAYLOAD] 10.6.1.142) AND 5306=CAST(CHR(58)||CHR(105)||CHR(105)||CHR(121)||CHR(58)||(SELECT (CASE WHEN (5306=5306) THEN 1 ELSE 0 END))::text||CHR(58)||CHR(112)||CHR(112)||CHR(107)||CHR(58) AS NUMERIC) [18:28:19] [TRAFFIC OUT] HTTP request [#13922]: GET // HTTP/1.1 Accept-Encoding: identity Accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Host: 10.6.1.142) AND 5306=CAST(CHR(58)||CHR(105)||CHR(105)||CHR(121)||CHR(58)||(SELECT (CASE WHEN (5306=5306) THEN 1 ELSE 0 END))::text||CHR(58)||CHR(112)||CHR(112)||CHR(107)||CHR(58) AS NUMERIC) Accept-language: en-us,en;q=0.5 Cookie: _session_id=60273438247a37935d9d37562d6888ba; Referer: https://10.6.1.142:443// Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1 Connection: close [18:28:19] [WARNING] HTTP error codes detected during testing: 400 (Bad Request) - 62 times, 500 (Internal Server Error) - 35 times, 404 (Not Found) - 3572 times [18:28:19] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4864), retry your run with the latest development version from the Subversion repository. If the exception persists, please send by e-mail to sqlmap-users@lists.sourceforge.net the following text and any information required to reproduce the bug. The developers will try to reproduce the bug, fix it accordingly and get back to you. sqlmap version: 1.0-dev (r4864) Python version: 2.7.2 Operating system: posix Command line: ./sqlmap.py -c test2.conf -l final_url.lst Technique: UNION Back-end DBMS: PostgreSQL (identified) Traceback (most recent call last): File "/home/jwolf/Mar_14_12/sqlmap/_sqlmap.py", line 82, in main start() File "/home/jwolf/Mar_14_12/sqlmap/lib/controller/controller.py", line 472, in start injection = checkSqlInjection(place, parameter, value) File "/home/jwolf/Mar_14_12/sqlmap/lib/controller/checks.py", line 355, in checkSqlInjection page, headers = Request.queryPage(reqPayload, place, content=True, raise404=False) File "/home/jwolf/Mar_14_12/sqlmap/lib/request/connect.py", line 719, in queryPage page, headers, code = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer, host=host, silent=silent, method=method, auxHeaders=auxHeaders, response=response, raise404=raise404, ignoreTimeout=timeBasedCompare) File "/home/jwolf/Mar_14_12/sqlmap/lib/request/connect.py", line 294, in getPage conn = urllib2.urlopen(req) File "/usr/lib64/python2.7/urllib2.py", line 126, in urlopen return _opener.open(url, data, timeout) File "/usr/lib64/python2.7/urllib2.py", line 400, in open response = meth(req, response) File "/usr/lib64/python2.7/urllib2.py", line 513, in http_response 'http', request, response, code, msg, hdrs) File "/usr/lib64/python2.7/urllib2.py", line 432, in error result = self._call_chain(*args) File "/usr/lib64/python2.7/urllib2.py", line 372, in _call_chain result = func(*args) File "/home/jwolf/Mar_14_12/sqlmap/lib/request/redirecthandler.py", line 108, in http_error_302 result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers) File "/usr/lib64/python2.7/urllib2.py", line 619, in http_error_302 return self.parent.open(new, timeout=req.timeout) File "/usr/lib64/python2.7/urllib2.py", line 394, in open response = self._open(req, data) File "/usr/lib64/python2.7/urllib2.py", line 412, in _open '_open', req) File "/usr/lib64/python2.7/urllib2.py", line 372, in _call_chain result = func(*args) File "/usr/lib64/python2.7/urllib2.py", line 1207, in https_open return self.do_open(httplib.HTTPSConnection, req) File "/usr/lib64/python2.7/urllib2.py", line 1140, in do_open h = http_class(host, timeout=req.timeout) # will parse host:port File "/usr/lib64/python2.7/httplib.py", line 1146, in __init__ source_address) File "/usr/lib64/python2.7/httplib.py", line 693, in __init__ self._set_hostport(host, port) File "/usr/lib64/python2.7/httplib.py", line 718, in _set_hostport raise InvalidURL("nonnumeric port: '%s'" % host[i+1:]) InvalidURL: nonnumeric port: 'text||CHR(58)||CHR(112)||CHR(112)||CHR(107)||CHR(58) AS NUMERIC)' [*] shutting down at 18:28:19 ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
