Hi all,
I'm running into trouble with sqlmap against a Sybase db. Here's the
fingerprint:
Adaptive Server Enterprise/15.0.3/EBF 17770 ESD#4/P/x86_64/Enterprise
Linux/ase1503/2768/64-bit/FBO/Thu Aug 26 09:54:27 2010
The technique I'm using is error-based through a POST to a vulnerable .aspx
page. I am able to enumerate the master db, but not the user tables, which
are what I want.
$ ./sqlmap.py -u xxx -d "huge_asp_net_viewstate&theparam=blah"
--dbms=sybase --threads=8 --batch --technique=E -D master --tables
This produces 58 tables, mostly sys* and some mon* which seem standard. I
can dump the sysobjects table using -D and -T, etc.
The web app is querying a database we'll call "ENERGY". If I try to "-D
ENERGY --tables", I get "No tables found, try using --hex or --no-cast
blahblah" (which don't work).
I used -v4 to look closely at the requests, and see sqlmap is prefixing the
tablenames with "ENERGY.dbo." or sometimes just "ENERGY..", which after
experimenting I found doesn't work, so I wrote a small tamper script to
strip off "ENERGY.." and "ENERGY.dbo." - this lets me pull the column names
from the user tables (type='U'), but I'm still not able to get at the
actual data/rows in the tables.
I know it must be possible because the web app is definitely querying the
tables to validate a login (this is a sqli vuln in a login form, heh).
I'm not even sure this is really a bug in sqlmap - maybe something odd in
the way the database is built or something. I just thought I'd ask in case
anyone has had success using sqlmap against a similar Sybase db and has
some tips or suggestions.
Thanks for reading - I can provide more information if anyone's interested.
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
