Hi.
This was fixed with [1].
Kind regards,
Miroslav Stampar
[1] https://github.com/sqlmapproject/sqlmap/issues/497
On Wed, Jul 31, 2013 at 9:40 PM, John Doe <johndoeakasuper...@gmx.com>wrote:
> ./sqlmap.py --proxy=http://127.0.0.1:8118 --random-agent --technique=BSU
> --url='
> https://target.host/www/Buggy.aspx?1stParam=329057&2ndParam=1692468&3rdParam=10037
> '
> --threads=4 --dbms=mssql --os=windows -p1stParam,2ndParam,3rdParam
>
> sqlmap/1.0-dev-6b826ef - automatic SQL injection and database
> takeover tool
> http://sqlmap.org
>
> [!] legal disclaimer: Usage of sqlmap for attacking targets without
> prior mutual consent is illegal. It is the end user's responsibility to
> obey all applicable local, state and federal laws. Developers assume no
> liability and are not responsible for any misuse or damage caused by
> this program
>
> [*] starting at 02:51:21
>
> [02:51:21] [INFO] fetched random HTTP User-Agent header from file
> '/root/sqlmap-git/txt/user-agents.txt': Opera/9.52 (X11; Linux i686; U; fr)
> [02:51:21] [INFO] testing connection to the target URL
> [02:51:24] [INFO] testing if the target URL is stable. This can take a
> couple of seconds
> [02:51:27] [WARNING] target URL is not stable. sqlmap will base the page
> comparison on a sequence matcher. If no dynamic nor injectable
> parameters are detected, or in case of junk results, refer to user's
> manual paragraph 'Page comparison' and provide a string or regular
> expression to match on
> how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit]
> sqlmap got a 302 redirect to 'http://www.target.host/www/Error.html'. Do
> you want to follow? [Y/n]
> [02:51:33] [INFO] heuristics detected web page charset 'UTF-8'
> [02:51:33] [WARNING] heuristic (basic) test shows that GET parameter
> '1stParam' might not be injectable
> [02:51:33] [INFO] testing for SQL injection on GET parameter '1stParam'
> [02:51:33] [INFO] testing 'AND boolean-based blind - WHERE or HAVING
> clause'
> [02:52:08] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'
> [02:52:08] [WARNING] time-based comparison needs larger statistical
> model. Making a few dummy requests, please wait..
> [02:52:21] [CRITICAL] there is considerable lagging in connection
> response(s). Please use as high value for option '--time-sec' as
> possible (e.g. 10 or more)
> [02:52:24] [WARNING] HTTP error codes detected during run:
> 403 (Forbidden) - 10 times
>
> [02:52:24] [CRITICAL] unhandled exception in sqlmap/1.0-dev-6b826ef,
> retry your run with the latest development version from the GitHub
> repository. If the exception persists, please send by e-mail to
> 'sqlmap-users@lists.sourceforge.net' or open a new issue at
> 'https://github.com/sqlmapproject/sqlmap/issues/new' with the following
> text and any information required to reproduce the bug. The developers
> will try to reproduce the bug, fix it accordingly and get back to you.
> sqlmap version: 1.0-dev-6b826ef
> Python version: 2.7.4
> Operating system: posix
> Command line: ./sqlmap.py --proxy=********************* --random-agent
> --technique=BSU
>
> --url=**********************************************************************************************************************
> --threads=4 --dbms=mssql --os=windows -p1stParam,2ndParam,3rdParam
> Technique: None
> Back-end DBMS: Microsoft SQL Server (identified)
> Traceback (most recent call last):
> File "./sqlmap.py", line 95, in main
> start()
> File "/root/sqlmap-git/lib/controller/controller.py", line 481, in start
> injection = checkSqlInjection(place, parameter, value)
> File "/root/sqlmap-git/lib/controller/checks.py", line 438, in
> checkSqlInjection
> trueResult = Request.queryPage(reqPayload, place,
> timeBasedCompare=True, raise404=False)
> File "/root/sqlmap-git/lib/request/connect.py", line 857, in queryPage
> page, headers, code = Connect.getPage(url=uri, get=get, post=post,
> cookie=cookie, ua=ua, referer=referer, host=host, silent=silent,
> method=method, auxHeaders=auxHeaders, response=response,
> raise404=raise404, ignoreTimeout=timeBasedCompare)
> File "/root/sqlmap-git/lib/request/connect.py", line 373, in getPage
> conn = urllib2.urlopen(req)
> File "/usr/lib/python2.7/urllib2.py", line 127, in urlopen
> return _opener.open(url, data, timeout)
> File "/usr/lib/python2.7/urllib2.py", line 410, in open
> response = meth(req, response)
> File "/usr/lib/python2.7/urllib2.py", line 523, in http_response
> 'http', request, response, code, msg, hdrs)
> File "/usr/lib/python2.7/urllib2.py", line 442, in error
> result = self._call_chain(*args)
> File "/usr/lib/python2.7/urllib2.py", line 382, in _call_chain
> result = func(*args)
> File "/root/sqlmap-git/lib/request/redirecthandler.py", line 115, in
> http_error_302
> req.headers[HTTP_HEADER.COOKIE] =
> headers[HTTP_HEADER.SET_COOKIE].split(conf.cDel or
> DEFAULT_COOKIE_DELIMITER)[0]
> NameErrorr: global name 'conf' is not defined
>
> [*] shutting down at 02:52:24
>
> # Adding --risk=3 --level=5 --dop-set-cookie results the same at the
> following step (crash occurs on a constant basis):
> [03:04:47] [INFO] setting file for logging HTTP traffic
> [03:04:47] [INFO] fetched random HTTP User-Agent header from file
> '/root/sqlmap-git/txt/user-agents.txt': Mozilla/5.0 (X11; U; Linux
> x86_64; en-US) AppleWebKit/532.2 (KHTML, like Gecko) Chrome/4.0.222.1
> Safari/532.2
> [03:04:47] [INFO] testing connection to the target URL
> [03:04:51] [INFO] testing if the target URL is stable. This can take a
> couple of seconds
> [03:04:57] [WARNING] target URL is not stable. sqlmap will base the page
> comparison on a sequence matcher. If no dynamic nor injectable
> parameters are detected, or in case of junk results, refer to user's
> manual paragraph 'Page comparison' and provide a string or regular
> expression to match on
> how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit]
> sqlmap got a 302 redirect to 'http://www.target.host/www/Error.html'. Do
> you want to follow? [Y/n]
>
> [03:05:04] [CRITICAL] Ka-boom
>
> Last traffic log request/response:
>
>
> ############################################################################
>
> HTTP request [#3]:
> GET
>
> /www/Buggy.aspx?i1stParam=329057%5B%22%2C%2C%5B.%22%5B%27%2C&2ndParam=1692468&3rdParam=10037
> HTTP/1.1
> Accept-language: en-us,en;q=0.5
> Accept-encoding: gzip,deflate
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> User-agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)
> AppleWebKit/525.19 (KHTML, like Gecko) Chrome/0.3.154.9 Safari/525.19
> Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
> Host: www.target.host
> Pragma: no-cache
> Cache-control: no-cache,no-store
> Connection: close
>
> HTTP redirect [#3] (302 Redirect):
> Content-length: 149
> X-aspnet-version: 2.0.50727
> Content-encoding: gzip
> Set-cookie: ISS-Targ=TesteAB=B; domain=target.host; path=/
> X-powered-by: ASP.NET
> Vary: Accept-Encoding, User-Agent
> Server: Microsoft-IIS/7.0
> Connection: Keep-Alive
> X-server: DALLAS011
> Location: http://www.target.host/www/Error.html
> Cache-control: private
> Date: Wed, 31 Jul 2013 19:01:57 GMT
> Content-type: text/html; charset=UTF-8
>
> <head><title>Document Moved</title></head>
> <body><h1>Object Moved</h1>This document may be found <a
> HREF="http://www.target.host/www/Error.html";>here</a></body>
>
>
> ############################################################################
>
> EOF
>
>
> ------------------------------------------------------------------------------
> Get 100% visibility into Java/.NET code with AppDynamics Lite!
> It's a free troubleshooting tool designed for production.
> Get down to code-level detail for bottlenecks, with <2% overhead.
> Download for free and get started troubleshooting in minutes.
> http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
