Hi.

You've put sqlmap into background process and you expect it to accept
console output at your will :). I believe that's not something we could
help you along.

"do you want to skip those kind of cases (and save scanning time)? [y/N] y
bash: y: command not found"

Kind regards,
Miroslav Stampar

On Wed, Dec 12, 2012 at 9:54 PM, <dr...@sapo.pt> wrote:

> Hi everyone i google but nothing came up that was related to this, on
> OWASP scanner i had a sql injection alert and i try to test it with
> sqlmap but i got a error and nothing happens the program just escapes
> with this :
>
> ...
>
>
>
> python sqlmap.py -u
> http://www.target.tk/inscritos.php?tipoInscricao=3&tipoDir=119%20AND%201=2
> [1] 2816
> [lol@whitehat sqlmap]$
>      sqlmap/1.0-dev - automatic SQL injection and database takeover tool
>      http://sqlmap.org
>
> [*] starting at 20:38:36
>
> [20:38:37] [INFO] testing connection to the target url
> [20:38:37] [INFO] testing if the url is stable, wait a few seconds
> [20:38:38] [INFO] url is stable
> [20:38:38] [INFO] testing if GET parameter 'tipoInscricao' is dynamic
> [20:38:39] [INFO] confirming that GET parameter 'tipoInscricao' is dynamic
> [20:38:40] [INFO] GET parameter 'tipoInscricao' is dynamic
> [20:38:40] [WARNING] reflective value(s) found and filtering out
> [20:38:40] [WARNING] frames detected containing attacked parameter
> values. Please be sure to test those separately in case that attack on
> this page fails
> [20:38:41] [ERROR] possible integer casting detected (e.g.
> tipoInscricao=(int)$_REQUEST('tipoInscricao')) at the back-end web
> application
> do you want to skip those kind of cases (and save scanning time)? [y/N] y
> bash: y: command not found
>
> [1]+  Stopped                 python sqlmap.py -u
> http://www.target.tk/inscritos.php?tipoInscricao=3
> [lol@whitehat sqlmap]$
>
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
> Remotely access PCs and mobile devices and provide instant support
> Improve your efficiency, and focus on delivering more value-add services
> Discover what IT Professionals Know. Rescue delivers
> http://p.sf.net/sfu/logmein_12329d2d
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to