Closed shayanb closed 11 years ago
That error detected invalid data for declared content encoding 'gzip' ('size too large')
means that you are getting either invalid compressed data or too large file (>100MB). Something is wrong here, but I wouldn't blame sqlmap for sure.
Could you please provide more details to miroslav@sqlmap.org ?
What details are needed?
I got the same error when extracting the DB name and columns but they worked out.
could you please send traffic file for that case? you can get it by just appending:
--fresh-queries -t traffic.txt
for that same run
I just sent the email with the file attached. I had to abort (CRTL + C) the data retrieval after 2 rows though as it was on the live version.
False statements about "live" and "localhost" installation. "Live" site had protection. Details known to me.
Hope my explanations resolved the issue! thanks for the support though!
Hello! There. Is there any impact of [ERROR] detected invalid data for declared content encoding 'gzip' ('size too large') on database or tables retrieval? I am also suffering from same issue, I got the injection point but get invalid characters in database and banner names.
[ERROR] detected invalid data for declared content encoding 'gzip' ('size too large') on database or tables retrieval
- is usually a sign of some kind of WAF/IPS (they trick attackers to download massive fake responses)
get invalid characters in database and banner names.
- if you get invalid characters everywhere, then you are most probably dealing with a false positive.
Is there any way to bypass this WAF/IPS and retrieve the real dbs and banners?
Usually you'll need to find out it yourself (through manual exploitation). It really depends from case to case.
hello @stamparm , excuse me for commenting on someone else's thread i am also in the same situation but sqlmap is extracting valid data, but it is extremely slow. some details about database : web server operating system: Linux CentOS 6.5 web application technology: Apache 2.2.15 back-end DBMS: MySQL 5.0.11
and thats how it is behaving [17:09:15] [WARNING] multi-threading is considered unsafe in time-based data retrieval. Going to switch it off automatically [17:09:15] [WARNING] time-based comparison requires larger statistical model, please wait............................. [17:10:17] [DEBUG] declared web page charset 'utf-8' [17:10:17] [WARNING] it is very important not to stress the network adapter during usage of time-based payloads to prevent potential errors
first extracting some long characters then making them a valid data. is there any way to augment the data retrieval and also please suggest me any document to read about whats happening there. thank you.
I'm trying to retrieve some columns from a database but all I get are question marks. It worked great for DB name and column names (column names had some missing characters though) but nothing works for the data:
I also added --charset=utf-8 and --charset=utf8 but it doesn't seem to work.