Hello,
Exploiting the machine CsharpVulnJson from vulnhub:
https://www.vulnhub.com/entry/csharp-vulnjson,134
I found and error when sqlmap fingerprint postgresql.
Sqlmap always detect 9.1 when the real version is 9.3.9. This causes
that when sqlmap create sys_eval, sys_exec functions the server answer
with the error: incompatible library “/tmp/libsxqfo.so”: version
mismatch
If I copy the udf lib from 9.3 directory to 9.1 it works fine.
I tried to modify fingeprint.py adding the 9.3 version new function
array_remove like this:
if inject.checkBooleanExpression("ARRAY[1]=array_remove(ARRAY[1,2],
2)"):
Backend.setVersion(">= 9.3.0")
elif inject.checkBooleanExpression("REVERSE('sqlmap')='pamlqs'"):
Backend.setVersionList([">= 9.1.0", "< 9.3.0"])
But no lucky. If I erase the line that check 9.1 when create the
sys_exec function also take the 9.1 udf lib.
I don't know how to proceed.
Best regards.
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
