-
Notifications
You must be signed in to change notification settings - Fork 95
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scan starts but does not appear in the scan list #26
Comments
In case logs are needed, here they are: `Calling: C:\Python27\python.exe C:\Users\Administrator\Desktop\sqlmap\sqlmapapi.py -s -H 127.0.0.1 -p 9090 SQLMap API started. 02:09:30] [INFO] Running REST-JSON API server at '127.0.0.1:9090'.. Created SQLMap Task: 333f5cd2e7271468 SQLMap options set on Task 333f5cd2e7271468: {"authCred": null, "referer": null, "tamper": null, "getCurrentUser": false, "agent": null, "data": null, "answers": "crack=N,dict=N,continue=Y,quit=N", "dbms": null, "timeout": 30, "getPasswordHashes": false, "torPort": null, "getHostname": false, "textOnly": false, "getUsers": false, "tor": false, "csrfUrl": null, "skipHeuristics": null, "torType": "HTTP", "proxyFreq": null, "authType": null, "testParameter": null, "getRoles": false, "headers": null, "method": null, "cookie": null, "os": null, "isDba": false, "level": 3, "threads": 1, "hpp": false, "timeSec": 5, "ignoreCode": null, "url": "http://*******/PetBuyBookUserPhotos.aspx?user_id=1", "proxy": null, "retries": 3, "csrfToken": null, "delay": 0, "liveCookies": null, "getDbs": true, "risk": 1, "getPrivileges": false, "getCurrentDb": false, "getBanner": "true"} SQLMap options returned: {"success": true, "options": {"beep": false, "tamper": null, "getCurrentUser": false, "dnsDomain": null, "bulkFile": null, "googlePage": 1, "api": true, "authFile": null, "safeUrl": null, "taskid": "333f5cd2e7271468", "getRoles": false, "fileDest": null, "rParam": null, "profile": false, "requestFile": null, "proxy": null, "retries": 3, "delay": 0, "sqlFile": null, "authCred": null, "paramFilter": null, "hexConvert": false, "freshQueries": false, "offline": false, "torPort": null, "csrfRetries": 0, "search": false, "getHostname": false, "textOnly": false, "notString": null, "configFile": null, "authType": null, "dumpFormat": "CSV", "outputDir": null, "keepAlive": false, "flushSession": false, "disableColoring": true, "hpp": false, "parseErrors": false, "getSchema": false, "limitStart": null, "wizard": false, "getPrivileges": false, "predictOutput": false, "cookieDel": null, "db": null, "osShell": false, "agent": null, "testFilter": null, "safeFreq": null, "dbms": null, "regDel": false, "proxyFile": null, "getPasswordHashes": false, "osPwn": false, "extensiveFp": false, "testSkip": null, "osSmb": false, "skipHeuristics": null, "forceSSL": false, "getComments": false, "exclude": null, "dbmsCred": null, "randomAgent": false, "dumpTable": false, "batch": true, "ignoreCode": null, "crawlDepth": null, "encoding": null, "commonFiles": false, "unstable": false, "checkTor": false, "logFile": null, "webRoot": null, "listTampers": false, "harFile": null, "string": null, "dumpAll": false, "purge": false, "secondReq": null, "timeout": 30, "paramExclude": null, "ignoreTimeouts": false, "excludeSysDbs": false, "alert": null, "scope": null, "fileWrite": null, "headers": null, "osCmd": null, "mobile": false, "chunked": false, "safePost": null, "titles": false, "commonColumns": false, "safeReqFile": null, "csrfMethod": null, "regData": null, "nullConnection": false, "regRead": false, "loadCookies": null, "risk": 1, "prefix": null, "privEsc": false, "answers": "crack=N,dict=N,continue=Y,quit=N", "base64Parameter": null, "dummy": false, "crawlExclude": null, "fileRead": null, "getUsers": false, "torType": "HTTP", "getCount": false, "smokeTest": false, "secondUrl": null, "skipWaf": false, "murphyRate": null, "method": null, "cookie": null, "sqlQuery": null, "evalCode": null, "regAdd": false, "uFrom": null, "skipStatic": false, "dependencies": false, "saveConfig": null, "charset": null, "regexp": null, "proxyCred": null, "direct": null, "skip": null, "base64Safe": false, "smart": false, "invalidBignum": false, "noCast": false, "tor": false, "invalidString": false, "ignoreProxy": false, "regType": null, "csvDel": ",", "testParameter": null, "trafficFile": null, "invalidLogical": false, "osBof": false, "pivotColumn": null, "regKey": null, "url": "http://**********/PetBuyBookUserPhotos.aspx?user_id=1", "verbose": 1, "shLib": null, "noEscape": false, "tmpPath": null, "commonTables": false, "col": null, "referer": null, "skipUrlEncode": false, "data": null, "checkInternet": false, "forceDns": false, "suffix": null, "sessionFile": null, "preprocess": null, "resultsFile": null, "eta": false, "optimize": false, "dumpWhere": null, "csrfUrl": null, "host": null, "uCols": null, "proxyFreq": null, "disablePrecon": false, "dropSetCookie": false, "level": 3, "limitStop": null, "googleDork": null, "regVal": null, "csrfToken": null, "getStatements": false, "cleanup": false, "getCurrentDb": false, "tbl": null, "firstChar": null, "repair": false, "msfPath": null, "code": null, "updateAll": false, "technique": "BEUSTQ", "getColumns": false, "tmpDir": null, "database": "c:\users\admini~1\appdata\local\temp\2\sqlmapipc-3qnzyn", "getTables": false, "ignoreRedirects": false, "binaryFields": null, "sqlShell": false, "udfInject": false, "getAll": false, "os": null, "isDba": false, "threads": 1, "timeSec": 5, "paramDel": null, "liveCookies": null, "postprocess": null, "getDbs": true, "lastChar": null, "uChar": null, "user": null, "forms": false, "getBanner": "true"}} Failed to start SQLMap Scan for Task: 333f5cd2e7271468 02:10:01] [DEBUG] Created new task: '333f5cd2e7271468' actual links were replaced with asterisks for security reasons. |
What version of sqlipy are you using? Has it worked before for you (previous versions of the tool or on previous versions of Burp)? It's not showing up because, as noted, it believes that the scan failed to start. Based on the output, it is successfully creating the task and setting the options for the task, but when it attempts to run/start the task sqlmapapi either doesn't respond in time or doesn't respond with success = true (roughly line 1538). It appears as though it eventually does start though based on sqlmap debug logs. Does your system have high utilization when this happens? Does sqlipy work on any other sites or pages? You should actually see two python processes, as one will be for sqlmapapi and one will be for the scan - do you see two after the scan is started? |
What version of sqlmap are you using? Have you tried using the version bundled with the extension? You are using a non-bundled version, and in the past updates to sqlmap aren't always reflected in the API and break things. I recommend attempting a scan using the version included with the extension. |
-I'm using sqlipy v0.8.2
SQLiPy - 0.8.2 Could not find python path in registry at: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Python\PythonCore\2.7\InstallPath. Could not find python path in registry at: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Python\PythonCore\3.x\InstallPath\ExecutablePath. Python found in system path at: C:\Python27\python.exe SQLMap API found at: C:\Users\Administrator\AppData\Roaming\BurpSuite\bapps\f154175126a04bfe8edc6056f340f52e\sqlmap\sqlmapapi.py Calling: C:\Python27\python.exe C:\Users\Administrator\AppData\Roaming\BurpSuite\bapps\f154175126a04bfe8edc6056f340f52e\sqlmap\sqlmapapi.py -s -H 127.0.0.1 -p 9090 SQLMap API started. 22:14:43] [INFO] Running REST-JSON API server at '127.0.0.1:9090'.. Created SQLMap Task: 0c400adf687c52b9 SQLMap options set on Task 0c400adf687c52b9: {"authCred": null, "referer": null, "tamper": null, "getCurrentUser": false, "agent": null, "data": null, "answers": "crack=N,dict=N,continue=Y,quit=N", "dbms": null, "timeout": 30, "getPasswordHashes": false, "torPort": null, "getHostname": false, "textOnly": false, "getUsers": false, "tor": false, "csrfUrl": null, "skipHeuristics": null, "torType": "HTTP", "proxyFreq": null, "authType": null, "testParameter": null, "getRoles": false, "headers": null, "method": null, "cookie": null, "os": null, "isDba": false, "level": 3, "threads": 1, "hpp": false, "timeSec": 5, "ignoreCode": null, "url": "http://********/update_pro_properties_basket.asp?basket_id=42623&pro_id=646&pro_name=m-460_15/0_5g&req_qn=", "proxy": null, "retries": 3, "csrfToken": null, "delay": 0, "liveCookies": null, "getDbs": true, "risk": 1, "getPrivileges": false, "getCurrentDb": false, "getBanner": "true"} SQLMap options returned: {"success": true, "options": {"beep": false, "tamper": null, "getCurrentUser": false, "dnsDomain": null, "bulkFile": null, "googlePage": 1, "api": true, "authFile": null, "safeUrl": null, "taskid": "0c400adf687c52b9", "getRoles": false, "fileDest": null, "rParam": null, "profile": false, "requestFile": null, "proxy": null, "retries": 3, "delay": 0, "sqlFile": null, "authCred": null, "paramFilter": null, "hexConvert": false, "freshQueries": false, "offline": false, "torPort": null, "csrfRetries": 0, "search": false, "getHostname": false, "textOnly": false, "notString": null, "configFile": null, "authType": null, "dumpFormat": "CSV", "outputDir": null, "keepAlive": false, "flushSession": false, "disableColoring": true, "hpp": false, "parseErrors": false, "getSchema": false, "limitStart": null, "wizard": false, "getPrivileges": false, "predictOutput": false, "cookieDel": null, "db": null, "osShell": false, "agent": null, "testFilter": null, "safeFreq": null, "dbms": null, "regDel": false, "proxyFile": null, "getPasswordHashes": false, "osPwn": false, "extensiveFp": false, "testSkip": null, "osSmb": false, "skipHeuristics": null, "forceSSL": false, "getComments": false, "exclude": null, "dbmsCred": null, "randomAgent": false, "dumpTable": false, "batch": true, "ignoreCode": null, "crawlDepth": null, "encoding": null, "commonFiles": false, "unstable": false, "checkTor": false, "logFile": null, "webRoot": null, "listTampers": false, "harFile": null, "string": null, "dumpAll": false, "purge": false, "secondReq": null, "timeout": 30, "paramExclude": null, "ignoreTimeouts": false, "excludeSysDbs": false, "alert": null, "scope": null, "fileWrite": null, "headers": null, "osCmd": null, "mobile": false, "chunked": false, "safePost": null, "titles": false, "commonColumns": false, "safeReqFile": null, "csrfMethod": null, "regData": null, "nullConnection": false, "regRead": false, "loadCookies": null, "risk": 1, "prefix": null, "privEsc": false, "answers": "crack=N,dict=N,continue=Y,quit=N", "base64Parameter": null, "dummy": false, "crawlExclude": null, "fileRead": null, "getUsers": false, "torType": "HTTP", "getCount": false, "smokeTest": false, "secondUrl": null, "skipWaf": false, "murphyRate": null, "method": null, "cookie": null, "sqlQuery": null, "evalCode": null, "regAdd": false, "uFrom": null, "skipStatic": false, "dependencies": false, "saveConfig": null, "charset": null, "regexp": null, "proxyCred": null, "direct": null, "skip": null, "base64Safe": false, "smart": false, "invalidBignum": false, "noCast": false, "tor": false, "invalidString": false, "ignoreProxy": false, "regType": null, "csvDel": ",", "testParameter": null, "trafficFile": null, "invalidLogical": false, "osBof": false, "pivotColumn": null, "regKey": null, "url": "http://*******/update_pro_properties_basket.asp?basket_id=42623&pro_id=646&pro_name=m-460_15/0_5g&req_qn=", "verbose": 1, "shLib": null, "noEscape": false, "tmpPath": null, "commonTables": false, "col": null, "referer": null, "skipUrlEncode": false, "data": null, "checkInternet": false, "forceDns": false, "suffix": null, "sessionFile": null, "preprocess": null, "resultsFile": null, "eta": false, "optimize": false, "dumpWhere": null, "csrfUrl": null, "host": null, "uCols": null, "proxyFreq": null, "disablePrecon": false, "dropSetCookie": false, "level": 3, "limitStop": null, "googleDork": null, "regVal": null, "csrfToken": null, "getStatements": false, "cleanup": false, "getCurrentDb": false, "tbl": null, "firstChar": null, "repair": false, "msfPath": null, "code": null, "updateAll": false, "technique": "BEUSTQ", "getColumns": false, "tmpDir": null, "database": "c:\users\admini~1\appdata\local\temp\2\sqlmapipc-p3u_ez", "getTables": false, "ignoreRedirects": false, "binaryFields": null, "sqlShell": false, "udfInject": false, "getAll": false, "os": null, "isDba": false, "threads": 1, "timeSec": 5, "paramDel": null, "liveCookies": null, "postprocess": null, "getDbs": true, "lastChar": null, "uChar": null, "user": null, "forms": false, "getBanner": "true"}} Failed to start SQLMap Scan for Task: 0c400adf687c52b9 22:18:16] [DEBUG] Created new task: '0c400adf687c52b9' and here are some screenshots attached, just in case: I hope that helps. |
I have the same version of Burp, the extension, and jython installed and cannot replicate this issue. The only difference is that I am using Java 11. Can you add a few lines of code to the extension on your system to troubleshoot? First, at the top, please add: Next, there is a try block that attempts to start a scan beginning around line #1533, that has a print statement around line #1548. Can you comment out that line and add: Then, in the 'except' block just below, comment out the print statement and replace with: My assumption is that for some reason the check is failing completely and hitting that exception. Why I don't know, but the exception should give me the details I need. |
Closing as no extra details were provided. |
Hi!
I'm working with Burpsuite v2021.3.2, I have python 2.7 installed, also added jython 2.7.2 to Burpsuite extensions. SQLiPy is installed with the last available version, SQLMAP API is also running.
The problem is that when I set the scan parameters and configuration, and click "Start Scan", nothing is shown in the scan list in the "SQLMAP logs" tab.
I am running Java SE 14, with python 2.7
I have tried many things but none solved the issue.
Note: I can see a new python process appear in the windows task manager every time I start a scan, but nothing shows within the SQLiPy log tab.
The text was updated successfully, but these errors were encountered: