Hi Dirk.
sqlmap doesn't retrieve already retrieved data. It stores them into the
local session data for later (re)usage.
"boolean-based blind vulnerability and I tried to retrieve a few tables
with big chunks of data" -> I would expect your problem in union SQLI, but
not boolean-based blind.
Please make sure that:
1) you are running the latest revision from our Github repository
2) that target is not having some kind of WAF protection mechanism that
does the hard drop of requests
As said, I don't see a reason why would sqlmap fail here. It would be great
if you could isolate "problematic" payload with usage of -v 3 and try it
inside the browser (to see what's happening)
Kind regards,
Miroslav Stampar
On Mon, Jul 14, 2014 at 12:29 PM, Dirk Wetter <s...@drwetter.org> wrote:
>
> Hi Sharma,
>
>
> Am 07/14/2014 12:06 PM, schrieb Sharma, Vivek:
>
> Hi Dirk,
>
>
> Try adding --authorization header to the cmd options. It worked for me as
> well. I was having the same issue as well.
>
>
>
> thx but my problem was a network timeout.
>
>
> Next time I will increase the timeout and retry value but still I though
> it
> would be great in general if sqlmap would dump the already retrieved data
> if a problem similar to mine occurs.
>
> Cheers, Dirk
>
>
>
>
>
>
> -----Original Message-----
> From: Dirk Wetter [mailto:s...@drwetter.org <s...@drwetter.org>]
> Sent: Monday, July 14, 2014 3:13 PM
> To: sqlmap-users@lists.sourceforge.net
> Subject: [sqlmap-users] dump data after timeout condition
>
>
> Hi,
>
> sorry if I missed something but wouldn't it make sense to dump already
> retrieved data if sqlmap is encountering a timeout beyond the specified/
> default value?
>
> [09:54:19] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is
> going to retry the request [09:54:20] [CRITICAL] unable to connect to the
> target URL or proxy. sqlmap is going to retry the request [09:54:21]
> [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to
> retry the request [09:54:22] [CRITICAL] connection exception detected in
> dumping phase: 'unable to connect to the target URL or proxy'
> [..2 lines of private output omitted...] [09:54:22] [CRITICAL] unable to
> connect to the target URL or proxy. sqlmap is going to retry the request
> [09:54:23] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is
> going to retry the request [09:54:24] [CRITICAL] unable to connect to the
> target URL or proxy. sqlmap is going to retry the request [09:54:25]
> [CRITICAL] unable to connect to the target URL or proxy [09:54:25] [WARNING]
> HTTP error codes detected during run:
> 500 (Internal Server Error) - 36 times, 503 (Service Unavailable) - 2 times
>
> [*] shutting down at 09:54:25
>
>
> My specific case was a boolean-based blind vulnerability and I tried to
> retrieve a few tables with big chunks of data.
> It was running for >2 days already.
>
>
> Cheers,
>
> Dirk
>
>
>
>
>
> ------------------------------------------------------------------------------
> Want fast and easy access to all the code in your enterprise? Index and
> search up to 200,000 lines of code with a free copy of Black Duck® Code
> Sight™ - the same software that powers the world's largest code search
> on Ohloh, the Black Duck Open Hub! Try it now.http://p.sf.net/sfu/bds
> _______________________________________________
> sqlmap-users mailing
> listsqlmap-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
> THIS MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL, PROPRIETARY, AND MAY BE
> PRIVILEGED. If this message was misdirected, BlackRock, Inc. and its
> subsidiaries, ("BlackRock") does not waive any confidentiality or privilege.
> If you are not the intended recipient, please notify us immediately and
> destroy the message without disclosing its contents to anyone. Any
> distribution, use or copying of this e-mail or the information it contains by
> other than an intended recipient is unauthorized. The views and opinions
> expressed in this e-mail message are the author's own and may not reflect the
> views and opinions of BlackRock, unless the author is authorized by BlackRock
> to express such views or opinions on its behalf. All email sent to or from
> this address is subject to electronic storage and review by BlackRock.
> Although BlackRock operates anti-virus programs, it does not accept
> responsibility for any damage whatsoever caused by viruses being passed.
>
>
>
>
>
> ------------------------------------------------------------------------------
> Want fast and easy access to all the code in your enterprise? Index and
> search up to 200,000 lines of code with a free copy of Black Duck®
> Code Sight™ - the same software that powers the world's largest code
> search on Ohloh, the Black Duck Open Hub! Try it now.
> http://p.sf.net/sfu/bds
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck®
Code Sight™ - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
