Hi.
Thank you for your report and find it fixed now [1].
Kind regards,
Miroslav Stampar
[1] https://github.com/sqlmapproject/sqlmap/issues/495
On Mon, Jul 22, 2013 at 11:03 AM, ✿ wrote:
> Hi! I was trying to use metasploit when this error came up.
>
> sqlmap version: 1.0-dev
> Python version
Hi! I was trying to use metasploit when this error came up.
sqlmap version: 1.0-dev
Python version: 2.7
Operating system: nt
Command line: sqlmap.py -u **
--check-tor --
tor --tor-port=9150 --tor-type=SOCKS5 --mobile --os-pwn --msf-path
C:\metasploit
\apps\pro\m
Hi Alexander.
I can see what's happening (at first glance it seems obvious, but it's
really not :). It would be a tromendous help if you could send me a traffic
file (just append --fresh-queries -t traffic.txt to those parameters used)
where this happens.
Kind regards,
Miroslav Stampar
On Fri, N
Hi.
Thank you for your report. This moment opened a new issue for it [1]. Will
keep you posted.
Kind regards,
Miroslav Stampar
[1] https://github.com/sqlmapproject/sqlmap/issues/268
On Fri, Nov 30, 2012 at 7:49 AM, Alexander Hagenah wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi List,
another glitch I ran into. Let me know if you need further info.
[07:47:38] [ERROR] thread MainThread: unhandled exception in
sqlmap/1.0-dev-6ea07f7, retry your run with the latest development
version from the GitHub repository. If the exce
Hi.
Thank you for your report and find it fixed with the latest commit (r4806).
Kind regards,
Miroslav Stampar
On Sat, Feb 25, 2012 at 5:19 PM, Miroslav Stampar <
miroslav.stam...@gmail.com> wrote:
> Hi.
>
> Will fix it ASAP.
>
> Kind regards
> On Feb 25, 2012 2:26 PM, "Duarte Silva"
> wrote:
Hi.
Will fix it ASAP.
Kind regards
On Feb 25, 2012 2:26 PM, "Duarte Silva" wrote:
> Hi there,
>
> update to the last revision, got this bug while testing.
>
> sqlmap version: 1.0-dev (r4805)
> Python version: 2.7.2
> Operating system: posix
> Command line: sqlmap.py --
> url=***
Hi there,
update to the last revision, got this bug while testing.
sqlmap version: 1.0-dev (r4805)
Python version: 2.7.2
Operating system: posix
Command line: sqlmap.py --
url=*** --
proxy=* --random-agent --threads=3 --timeo
Hi.
Could you please retry with the latest revision together with
--flush-session?
If the problem persists could you please send privately a traffic.txt file
taken by that same command with appended -t traffic.txt --flush-session (or
--fresh-queries)?
Kind regards,
Miroslav Stampar
2012/2/21 朱冯
I met with the bug again. Debug info is:
sqlmap version: 1.0-dev (r4770)Python version: 2.7.1Operating system: ntCommand
line: sqlmap.py -u
***
-v 3 --text-only-o --threads=10 --drop-
Hi m4l1c3.
Find this (both reports) fixed with latest the commit (r4575).
Kind regards,
Miroslav Stampar
p.s. I see you are using combo --crawl --forms --smart. I'll just say nice
that you've figured that by yourself as that combination is a really useful
one ;)
On Mon, Dec 5, 2011 at 3:39 AM,
sqlmap version: 1.0-dev (r4574)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u * --batch --dbs --forms
--crawl 3 --technique=U --threads 10 --level 3 --risk 2 --smart
--random-agent --tor
Technique: None
Back-end DBMS: None (identified)
Traceback (mos
sqlmap version: 1.0-dev (r4574)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u * --batch --dbs --forms --crawl 2
--technique=BU --threads 10 --level 3 --risk 2 --smart --random-agent --tor
Technique: None
Back-end DBMS: None (identified)
Traceback (most recen
Hi.
Do you get message like "15:26:04] [INFO] Table 'DB.TABLE' dumped to CSV
file '/home/.../sqlmap/output/.../dump/DB/TABLE.csv'"?
Thing is that I can't reproduce it so I'll need more information. Traffic
file will be ok together with the console output with -v 3.
Kind regards
On Wed, Nov 23,
Updated to 4543. Dumps still not saved to /output/domain/dump/
Please ignore the previous > DUMP redirection.
On Wed, Nov 23, 2011 at 12:54 AM, m4l1c3 wrote:
> Update:
>
> Command:
> ./sqlmap.py -u "http://www..org:80/php"; --forms --batch
> --technique=U -pfield --dump-all --exclu
Hi.
It should be fixed in r4543.
Kind regards
On Wed, Nov 23, 2011 at 5:37 AM, m4l1c3 wrote:
> sqlmap version: 1.0-dev (r4542)
> Python version: 2.6.5
> Operating system: posix
> Command line: ./sqlmap.py -u ***
> --batch --privileges --forms --technique=U -
Update:
Command:
./sqlmap.py -u "http://www..org:80/php"; --forms --batch
--technique=U -pfield --dump-all --exclude-sysdbs > DUMP
This produces normal. "trimmed" dumps to console.
Then, after cracking hashes:
[INFO] cracked password 'password1' for user 'user1'
[INFO] current stat
Command:
./sqlmap.py -u "http://www..XXX:80/SOME.php"; --forms --technique=U
-pNULL --dump -T TABLE01 -D DB
The command completes with no errors, and the contents are dumped to
console (abbreviated, as normal), however; the /output/domain/dump/
directory remains empty. Need traffic.log?
sqlmap version: 1.0-dev (r4542)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u ***
--batch --privileges --forms --technique=U -pXX --dump -T ** -D
Technique: UNION
Back-end DBMS: MySQL (fingerprinted)
Traceback
Hi m4l1c3.
Thank you for your report and find it fixed and committed in the last
revision (r4542).
Kind regards
On Wed, Nov 23, 2011 at 2:36 AM, m4l1c3 wrote:
> sqlmap version: 1.0-dev (r4541)
> Python version: 2.6.5
> Operating system: posix
> Command line: ./sqlmap.py -u
sqlmap version: 1.0-dev (r4541)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u ** --batch --dbs
--forms --crawl 3 --smart --technique=U
Technique: None
Back-end DBMS: None (identified)
Traceback (most recent call last):
File "/pentest/database/s
Hi m4l1c3.
Thank you for your report. This last bug is fixed.
About the first one. Could you please send the URL used? Thing is that it
seems to be incompatible with standard IDNA encoding and that's kind of
strange.
Kind regards,
Miroslav Stampar
On Tue, Nov 22, 2011 at 4:44 AM, m4l1c3 wrote:
[INFO]s have been removed.
sqlmap version: 1.0-dev (r4525)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u --dbs
--technique=U --level 3 --risk 3 --batch --smart --crawl 3 --threads 3
--forms --random-agent
Technique: None
Back-end DB
sqlmap version: 1.0-dev (r4525)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u ***
Technique: None
Back-end DBMS: None (identified)
Traceback (most recent call last):
File "/pentest/database/sqlmap/_sqlmap.py", line 86, in main
start()
File "/
New commit works perfectly, thanks.
On Sun, Nov 13, 2011 at 12:53 PM, m4l1c3 wrote:
> hi again
>
> sqlmap version: 1.0-dev (r4503)
> Python version: 2.6.5
> Operating system: posix
> Command line: ./sqlmap.py -u
> **
sqlmap version: 1.0-dev (r4503)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u
--batch --dbs --technique=BU --random-agent --threads 10 --forms --level 2
--risk 2 --smart
Technique: None
Back-end DBMS: None (identified)
Traceback
hi again
sqlmap version: 1.0-dev (r4503)
Python version: 2.6.5
Operating system: posix
Command line: ./sqlmap.py -u
--batch --dbs --techn
Hi.
Thank you for your report. It should be fixed with the latest commit.
There is a possibility that you'll need to report that original
exception causing problem - in that case please contact me privately.
Kind regards
On Wed, Oct 19, 2011 at 5:52 PM, Soma Cruz wrote:
> [INFO] 972/4352 links
[INFO] 972/4352 links visited (22%)
[19:50:08] [ERROR] thread MainThread: unhandled exception in sqlmap/1.0-dev
(r4407), retry your run with the latest development version from the
Subversion repository. If the exception persists, please send by e-mail to
sqlmap-users@lists.sourceforge.net the foll
hi Christian.
there was a "silent" bug inside which caused buggy waiting for console
input without any warning in cases like yours (no warning waiting
after "[INFO] confirming Microsoft SQL Server").
i've fixed that one in the latest commit, so it would be great if you
could retest and see if tha
Hi Christian,
Can you please rerun with the latest development version from
subversion with --flush-session -v3 -t traffic.log and provide us with
traffic.log file privately in order to debug this possible bug?
Thank you.
Bernardo
On 24 August 2011 16:58, Christian Rothländer
wrote:
> Hi ther
Hi there,
I just updated to the last revision (4365) and tried to attack a Microsoft SQL
Server 2005 via AND/OR time-based blind or MS stacked queries.
The module which analysed which dba is there gets stuck with MSSQL (if I force
--dbms=mssql). Otherwise it finds a Postgres-DB (which obviously
yea, you did you naughty naughty... :)
thx for reporting. fixed
kr
On Tue, Aug 23, 2011 at 10:56 PM, machak machakowitz
wrote:
> Hmmm...did i do this?...:p...
>
> [22:37:32] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4357), retry
> your run with the latest development versi
> on from th
Hmmm...did i do this?...:p...
[22:37:32] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4357), retry
your run with the latest development versi
on from the Subversion repository. If the exception persists, please send by
e-mail to sqlmap-users@lists.sourceforge
.net the following text and any
hi Alex.
thank you for your report. find it "patched" in the latest revision (r4347).
kr
On Mon, Aug 15, 2011 at 3:11 AM, Alex wrote:
> [WARNING] unknown charset '{charset}'. Please report by e-mail to
> sqlmap-users@lists.sourceforge.net
>
> from url http://pp24.biz/?mod=login
>
>
[WARNING] unknown charset '{charset}'. Please report by e-mail to
sqlmap-users@lists.sourceforge.net
from url http://pp24.biz/?mod=login
--
uberSVN's rich system and user administration capabilities and model
configurat
[12:27:44] [CRITICAL] unhandled exception in sqlmap/1.0-dev (r4289), retry
your run with the latest development version from the Subversion repository.
If the exception persi
sts, please send by e-mail to sqlmap-users@lists.sourceforge.net the
following text and any information required to reproduc
hi Phat.
thank you for your report and find it patched in the latest commit.
there should now be a warning for this kind of situations (if no more
threads are allowed then declared).
kr
On Sat, Jul 2, 2011 at 5:46 PM, Phat R. wrote:
> Dear SQLMap developer
>
> I found the bug from SQLMap from 2
Dear SQLMap developer
I found the bug from SQLMap from 2 URLs in my company that are shown below
-
It's not that we expected such large log files, so everything is
loaded into memory and processed. We can adapt and read line by line,
problem will be solved for sure but it would slow down the processing
of the log files.
Will do something regarding later this week.
kr
On Tuesday, April 26, 2011
Target login page is like: Type a number into a field, a login appears. I
log in, and spider with burpsuite. 250mb log file (too much?)
sqlmap version: 1.0-dev (r3770)
Python version: 2.5.2
Operating system: posix
Command line: ./sqlmap.py -l /stough/log --batch --dbs
Technique: None
Back-end D
thank you for your report. find it fixed in latest revision.
kr
On Fri, Apr 15, 2011 at 12:54 PM, m4l1c3 wrote:
> sqlmap version: 1.0-dev (r3674)
> Python version: 2.5.2
> Operating system: posix
> Command line: ./sqlmap.py -u
> *** --batch --dump -C
sqlmap version: 1.0-dev (r3674)
Python version: 2.5.2
Operating system: posix
Command line: ./sqlmap.py -u ***
--batch --dump -C ***
Technique: BOOLEAN
Back-end DBMS: Microsoft SQL Server (fingerprinted)
Traceback (most recent call last):
File "./sq
hi Kirill
i've stumbled upon one case where every approximately 3-4 times
(non-deterministic) i get the same garbled output (-T help_topic -D
mysql). it's probably something about the content itself. I'll
investigate further and let you know.
kr
On Wed, Apr 13, 2011 at 1:07 AM, Miroslav Stampar
hi again.
i've done a minor just in case update to prevent this kind of
behavior. it would be good if you could retest.
kr
On Wed, Apr 13, 2011 at 12:47 AM, Miroslav Stampar
wrote:
> hi Kirill.
>
> can you confirm that this is reproducable?
>
> also, it would be helpful to know which switches h
hi Kirill.
can you confirm that this is reproducable?
also, it would be helpful to know which switches have you used in
previous run, because you've sent screenshot of a run without any
injection points found.
kr
On Tue, Apr 12, 2011 at 10:03 PM, Kirill Morozov wrote:
> Hi,
> with lastest svn
hi m4l1c3.
thank you for your report. find it fixed in the latest commit.
kr
On Thu, Apr 7, 2011 at 3:11 PM, m4l1c3 wrote:
> sqlmap version: 0.9-dev (r3577)
> Python version: 2.5.2
> Operating system: posix
> Command line: ./sqlmap.py -g ** ext:aspx --dbs --batch -o
> --text-onl
sqlmap version: 0.9-dev (r3577)
Python version: 2.5.2
Operating system: posix
Command line: ./sqlmap.py -g ** ext:aspx --dbs --batch -o
--text-only --level 3 --risk 2
Technique: UNION
Back-end DBMS: None (identified)
Traceback (most recent call last):
File "./sqlmap.py", line 82,
hi m4l1c3.
looking at your report together with previous ones related i've
realized that this had to properly fixed. i believe that the last
commit should solve this kind of problems, together with proper
sending of localized data.
please try with the latest commit (r3552) and report back if the
sqlmap version: 0.9-dev (r3551)
Python version: 2.5.2
Operating system: posix
Command line: ./sqlmap.py -g ** --dbs --batch -o
Technique: None
Back-end DBMS: None (identified)
Traceback (most recent call last):
File "./sqlmap.py", line 82, in main
start()
File "/
hi
quick fixed the crash part. but not sure why you are getting all those
'None(s)'. if you want to send some more info you can contact me
privately. have you tried to research the content of -t traffic.txt?
kr
On Fri, Apr 1, 2011 at 12:56 PM, Kirill Morozov wrote:
> [14:47:15] [INFO] testing M
[14:47:15] [INFO] testing MySQL
[14:47:15] [INFO] confirming MySQL
[14:47:16] [INFO] the back-end DBMS is MySQL
[14:47:16] [INFO] fetching banner
web application technology: Apache 2.0.63, PHP 5.2.17
back-end DBMS: MySQL >= 5.0.0
[14:47:16] [INFO] fetching banner
banner:'None'
[14:47:17] [INF
p.s. new with this last commit is the support for non-standard
identificator naming in all 4 major DBMSes (MySQL, Oracle, PgSQL,
MsSQL). sqlmap will automatically try to enclose those identificator
names with proper markings:
example:
SELECT id FROM table-name --> SELECT id FROM `table-name` (MySQ
hi m4l1c3.
thank you for this bug report and find it fixed in last commit (r3503).
kr
On Sun, Mar 27, 2011 at 4:13 AM, m4l1c3 wrote:
>
> [22:01:34] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry your run
> with the latest development version from the Subversion repository. If the
> exc
[22:01:34] [CRITICAL] unhandled exception in sqlmap/0.9-dev, retry your run
with the latest development version from the Subversion repository. If the
exception persists, please send by e-mail to
sqlmap-users@lists.sourceforge.net the following text and any information
required to reproduce the bug
hi m4l1c3.
could you please post me the results of: -t traffic.txt
--flush-session? it would be of great help.
kr
On Fri, Mar 25, 2011 at 3:37 AM, m4l1c3 wrote:
> Python version: 2.5.2
> Operating system: posix
> Command line: ./sqlmap.py -u
> ***
Python version: 2.5.2
Operating system: posix
Command line: ./sqlmap.py -u
--batch -o --tables -D **
Technique: UNION
Back-end DBMS: MySQL (fingerprinted)
Traceback (most recent
57 matches
Mail list logo
