search

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
http://w3af.org/
4.52k stars 1.21k forks source link

[Auto-Generated] Bug Report - " #978

Closed 1d3df9903ad closed 10 years ago

1d3df9903ad commented 10 years ago

User description

What steps will reproduce the problem? 1.try to exploite blind SQLi with sqlmap 2. 3.

What is the expected output? What do you see instead?

What operating system are you using?

Please provide any additional information below:

Version Information

  Python version: 2.7.3 (default, Apr 10 2013, 05:46:21) [GCC 4.6.3]
  GTK version: 2.24.10
  PyGTK version: 2.24.0
  w3af version:
    w3af - Web Application Attack and Audit Framework
    Version: 1.6
    Revision: 9b61cd7027 - 18 Jul 2013 15:10
    Author: Andres Riancho and the w3af team.

Traceback

Traceback (most recent call last):
  File "/usr/share/w3af/core/ui/gui/tabs/exploit/exploit_all.py", line 167, in _launch_exploit_all
    exploit.exploit()
  File "/usr/share/w3af/core/controllers/plugins/attack_plugin.py", line 197, in exploit
    s = self._generate_shell(vuln)
  File "/usr/share/w3af/plugins/attack/sqlmap.py", line 76, in _generate_shell
    if self._verify_vuln(vuln_obj):
  File "/usr/share/w3af/plugins/attack/sqlmap.py", line 105, in _verify_vuln
    if sqlmap.is_vulnerable():
  File "/usr/share/w3af/plugins/attack/db/sqlmap_wrapper.py", line 102, in is_vulnerable
    raise NotImplementedError(fmt % (full_command, stdout))
NotImplementedError: Unexpected answer found in sqlmap output for command "python sqlmap.py --batch --disable-coloring --proxy=http://127.0.0.1:44451/ --batch --url=http://domain/index.php --data=redirect=http%253A%252F%252Fdomain%252F&Itemid=435&task=notask&option=com_acymailing&ctrl=sub&redirectunsub=http%253A%252F%252Fdomain%252F&user%5Bname%5D=%D0%98%D0%BC%D1%8F&acyformname=formAcymailing1&Submit=%D0%9F%D0%BE%D0%B4%D0%BF%D0%B8%D1%81%D0%B0%D1%82%D1%8C%D1%81%D1%8F&hiddenlists=1&user%5Bemail%5D=%D0%90%D0%B4%D1%80%D0%B5%D1%81%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%87%D1%82%D1%8B": "
    sqlmap/1.0-dev-9b61cd7 - automatic SQL injection and database takeover tool
    http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 07:53:30

[?1049h(B[?7h[?1049l
[?1l>
[07:53:30] [WARNING] unable to create default root output directory '/usr/share/w3af/plugins/attack/db/sqlmap/output' ([Errno 13] Permission denied: '/usr/share/w3af/plugins/attack/db/sqlmap/output'). using temporary directory '/tmp/sqlmapoutputQH1uMt' instead

[07:53:30] [INFO] testing connection to the target url

sqlmap got a 303 redirect to 'http://domain/'. Do you want to follow? [Y/n] Y

redirect is a result of a POST request. Do you want to resend original POST data to a new location? [Y/n] Y

[07:53:48] [CRITICAL] infinite redirect loop detected (http://domain/). please check all provided parameters and/or provide missing ones.

[07:53:48] [CRITICAL] infinite redirect loop detected (http://domain/). please check all provided parameters and/or provide missing ones.

[*] shutting down at 07:53:48

"

Enabled Plugins

andresriancho commented 10 years ago

Duplicates #489