I've been trying to use sqlmap to crawl our site, but it doesn't even end the link search phase…
Looks like the site doesn't respond to some requests but the timeout takes a long time to trigger the timeout… Look at the timestamps. The site is working. At least, I can access it via browser. ./sqlmap.py -u http://www.site.com --level 3 --risk 5 -b --threads=4 --batch --random-agent --crawl=5 [09:04:15] [INFO] fetched random HTTP User-Agent header from file '/opt/sqlmap-dev/txt/user-agents.txt': Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) [09:04:15] [INFO] starting crawler [09:04:15] [INFO] searching for links with depth 1 sqlmap got a 302 redirect to 'http://www.site:80/page.php'. Do you want to follow? [Y/n] Y [09:04:15] [INFO] searching for links with depth 2 [09:04:15] [INFO] starting 4 threads [09:04:16] [INFO] 25/64 links visited (39%) [09:04:16] [INFO] heuristics detected web page charset 'ISO-8859-5' [09:04:19] [INFO] searching for links with depth 3 [09:04:19] [INFO] starting 4 threads [09:04:20] [INFO] 31/602 links visited (5%) [09:04:20] [INFO] heuristics detected web page charset 'IBM855' [09:04:28] [INFO] 182/602 links visited (30%) [09:04:28] [INFO] heuristics detected web page charset 'ISO-8859-2' [09:04:34] [INFO] 317/602 links visited (53%) [09:04:34] [INFO] heuristics detected web page charset 'UTF-8' [09:04:49] [INFO] 484/602 links visited (80%) [09:04:49] [INFO] heuristics detected web page charset 'ascii' [09:04:51] [INFO] searching for links with depth 4 [09:04:51] [INFO] starting 4 threads [09:12:46] [INFO] searching for links with depth 5 [09:12:46] [INFO] starting 4 threads [09:38:56] [INFO] 527/4622 links visited (11%) [09:38:56] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request [09:38:56] [WARNING] if the problem persists please check that the provided target URL is valid. In case that it is, you can try to rerun with the switch '--random-agent' turned on and/or proxy switches ('--ignore-proxy', '--proxy',...) [10:01:44] [INFO] 1556/4622 links visited (34%) [10:01:44] [INFO] heuristics detected web page charset 'windows-1251' [10:01:45] [INFO] 1560/4622 links visited (34%) What options can I try to sucessfully crawl and scan the site? ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
