Hi.
Thank you for your report and find it fixed with the latest commit [1].
Kind regards,
Miroslav Stampar
[1]
https://github.com/sqlmapproject/sqlmap/commit/6fed1921edf1baaf23a54fbe340ff3781fc05c86
On Mon, Apr 15, 2013 at 11:01 PM, <cos...@5ivestars.net> wrote:
> Hello,
> the --host doesn't work as expected, or I am doing something wrong:
>
>
> this works as expected:
>
> ./sqlmap.py --url='http://i.csland.ro/index.php?id=0'
>
> sqlmap/1.0-dev-840ee26 - automatic SQL injection and database
> takeover tool
> http://sqlmap.org
>
> [!] legal disclaimer: Usage of sqlmap for attacking targets without
> prior mutual consent is illegal. It is the end user's responsibility to
> obey all applicable local, state and federal laws. Developers assume no
> liability and are not responsible for any misuse or damage caused by
> this program
>
> [*] starting at 23:57:15
>
> [23:57:15] [INFO] testing connection to the target URL
> [23:57:15] [INFO] heuristics detected web page charset 'ascii'
> [23:57:15] [INFO] testing if the target URL is stable. This can take a
> couple of seconds
> [23:57:16] [INFO] target URL is stable
> [23:57:16] [INFO] testing if GET parameter 'id' is dynamic
> [23:57:16] [INFO] confirming that GET parameter 'id' is dynamic
> [23:57:16] [INFO] GET parameter 'id' is dynamic
> [23:57:16] [INFO] heuristic (basic) test shows that GET parameter 'id'
> might be injectable (possible DBMS: 'MySQL')
> [23:57:16] [INFO] testing for SQL injection on GET parameter 'id'
>
>
> ....
>
>
> this doesn't work as expected:
>
> ./sqlmap.py --host='i.csland.ro'
> --url='http://188.240.236.15/index.php?id=0'
>
> sqlmap/1.0-dev-840ee26 - automatic SQL injection and database
> takeover tool
> http://sqlmap.org
>
> [!] legal disclaimer: Usage of sqlmap for attacking targets without
> prior mutual consent is illegal. It is the end user's responsibility to
> obey all applicable local, state and federal laws. Developers assume no
> liability and are not responsible for any misuse or damage caused by
> this program
>
> [*] starting at 23:58:03
>
> [23:58:03] [INFO] testing connection to the target URL
> [23:58:03] [CRITICAL] page not found (404)
> it is not recommended to continue in this kind of cases. Do you want to
> quit and make sure that everything is set up properly? [Y/n]
> [23:58:05] [WARNING] HTTP error codes detected during run:
>
> ............
>
>
> Of course i.csland.ro resolves to 188.240.236.15. Any idea?
>
> Thanks.
>
>
>
> ------------------------------------------------------------------------------
> Precog is a next-generation analytics platform capable of advanced
> analytics on semi-structured data. The platform includes APIs for building
> apps and a phenomenal toolset for data science. Developers can use
> our toolset for easy data analysis & visualization. Get a free account!
> http://www2.precog.com/precogplatform/slashdotnewsletter
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
