it create the "sqlmapfile" TABLE. I was in shock when I see that this was
in server because it give a huge way to discovery a vulnerability.
2014-12-07 15:02 GMT-02:00 Rodrigo Zanatta Silva <
rodrigozanattasi...@gmail.com>:
> I already see that when trying to read a file in microsoft sql server it
> create a "sqlmapfile" and didn't drop in the end. This is not a smart thing
> to do.
>
> By the way, I already tried to read any file using the sqlmap and none
> worked. I see some absolute path in the server but without success until
> now.
>
> Any idea from a single file that I can read just to see that it is
> working? Any common file in the Microsoft SQL SErver 2008 R2?
>
> 2014-12-05 19:30 GMT-02:00 Robin Wood <robin@digi.ninja>:
>
> Fair enough, all valid points. I'd not looked at the fixed table names
>> till looking at cleanup so hadn't thought about any of it before.
>>
>> Robin
>>
>> On 5 December 2014 at 21:27, Miroslav Stampar
>> <miroslav.stam...@gmail.com> wrote:
>> > Well, if you think like that, used auxiliary table names are also static
>> > (sqlmapfile, sqlmapfilehex and sqlmapoutput). But... leaving table
>> names and
>> > proc names for defensive purposes just like that around will only create
>> > panic. Also, non-skiddy will easily detect that there is already a
>> > proc/table name with the same name causing the problem and he will
>> easily
>> > adapt either sqlmap or drop older entities (e.g. via --cleanup).
>> >
>> > Why wouldn't you revoke privileges for creating of tables and/or
>> procedures
>> > for defensive purposes rather than laying around sqlmap... inside
>> database?
>> >
>> > Bye
>> >
>> > On Fri, Dec 5, 2014 at 10:19 PM, Robin Wood <robin@digi.ninja> wrote:
>> >>
>> >> Does this mean as a defence we could create a procedure with the same
>> >> name which would block the creation?
>> >>
>> >> Robin
>> >>
>> >> On 5 December 2014 at 21:14, Miroslav Stampar
>> >> <miroslav.stam...@gmail.com> wrote:
>> >> > Now it is "new_xp_cmdshell" so no more random/dynamic names (easier
>> for
>> >> > cleanup in further runs)
>> >> >
>> >> > Bye
>> >> >
>> >> > On Fri, Dec 5, 2014 at 10:08 PM, Robin Wood <robin@digi.ninja>
>> wrote:
>> >> >>
>> >> >> Sorry, somehow sent early, was trying to ask, is the name still
>> >> >> dynamic or is it now just a fixed name?
>> >> >>
>> >> >> Robin
>> >> >>
>> >> >> On 5 December 2014 at 21:07, Robin Wood <robin@digi.ninja> wrote:
>> >> >> > OK, I've got a lab I can test it in later tonight.
>> >> >> >
>> >> >> > When you say not random, is it still dynamic va
>> >> >> >
>> >> >> > On 5 December 2014 at 21:03, Miroslav Stampar
>> >> >> > <miroslav.stam...@gmail.com> wrote:
>> >> >> >> Hi.
>> >> >> >>
>> >> >> >> Just made a patch. Not around a testing environment to test it
>> out,
>> >> >> >> but
>> >> >> >> now
>> >> >> >> it should work (new proc name is not randomly generated from now
>> on
>> >> >> >> so
>> >> >> >> it
>> >> >> >> could be properly deleted afterwards).
>> >> >> >>
>> >> >> >> Bye
>> >> >> >>
>> >> >> >> On Fri, Dec 5, 2014 at 11:56 AM, Miroslav Stampar
>> >> >> >> <miroslav.stam...@gmail.com> wrote:
>> >> >> >>>
>> >> >> >>> Will check this out in an hour or so. At first glance I can see
>> >> >> >>> that
>> >> >> >>> we
>> >> >> >>> have to make a patch for MsSQL.
>> >> >> >>>
>> >> >> >>> Bye
>> >> >> >>>
>> >> >> >>> On Thu, Dec 4, 2014 at 4:11 PM, Robin Wood <robin@digi.ninja>
>> >> >> >>> wrote:
>> >> >> >>>>
>> >> >> >>>> Looking at the commands sent I can see three drop tables for
>> >> >> >>>> sqlmapfile, sqlmapfilehex and sqlmapoutput but nothing for
>> stored
>> >> >> >>>> procedures.
>> >> >> >>>>
>> >> >> >>>> On 4 December 2014 at 15:08, Robin Wood <robin@digi.ninja>
>> wrote:
>> >> >> >>>> > Just spotted --cleanup but that didn't remove the procedure,
>> >> >> >>>> > sqlmap
>> >> >> >>>> > command seemed to run OK though but didn't say anything about
>> >> >> >>>> > what
>> >> >> >>>> > it
>> >> >> >>>> > was removing, should it have done?
>> >> >> >>>> >
>> >> >> >>>> > Robin
>> >> >> >>>> >
>> >> >> >>>> > On 4 December 2014 at 15:01, Robin Wood <robin@digi.ninja>
>> >> >> >>>> > wrote:
>> >> >> >>>> >> I'm testing sqlmap against an MSSQL DB and looking at
>> running
>> >> >> >>>> >> OS
>> >> >> >>>> >> commands. In an attempt to reenable xp_cmdshell a stored
>> proc
>> >> >> >>>> >> called
>> >> >> >>>> >> xp_gedp has been created and left behind, is there any way
>> to
>> >> >> >>>> >> automatically clean up this and any other things that are
>> >> >> >>>> >> created?
>> >> >> >>>> >>
>> >> >> >>>> >> Robin
>> >> >> >>>>
>> >> >> >>>>
>> >> >> >>>>
>> >> >> >>>>
>> >> >> >>>>
>> ------------------------------------------------------------------------------
>> >> >> >>>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT
>> Server
>> >> >> >>>> from Actuate! Instantly Supercharge Your Business Reports and
>> >> >> >>>> Dashboards
>> >> >> >>>> with Interactivity, Sharing, Native Excel Exports, App
>> Integration
>> >> >> >>>> &
>> >> >> >>>> more
>> >> >> >>>> Get technology previously reserved for billion-dollar
>> >> >> >>>> corporations,
>> >> >> >>>> FREE
>> >> >> >>>>
>> >> >> >>>>
>> >> >> >>>>
>> >> >> >>>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
>> >> >> >>>> _______________________________________________
>> >> >> >>>> sqlmap-users mailing list
>> >> >> >>>> sqlmap-users@lists.sourceforge.net
>> >> >> >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>> >> >> >>>
>> >> >> >>>
>> >> >> >>>
>> >> >> >>>
>> >> >> >>> --
>> >> >> >>> Miroslav Stampar
>> >> >> >>> http://about.me/stamparm
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> --
>> >> >> >> Miroslav Stampar
>> >> >> >> http://about.me/stamparm
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > Miroslav Stampar
>> >> > http://about.me/stamparm
>> >
>> >
>> >
>> >
>> > --
>> > Miroslav Stampar
>> > http://about.me/stamparm
>>
>>
>> ------------------------------------------------------------------------------
>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
>> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
>> with Interactivity, Sharing, Native Excel Exports, App Integration & more
>> Get technology previously reserved for billion-dollar corporations, FREE
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
>> _______________________________________________
>> sqlmap-users mailing list
>> sqlmap-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>
>
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
