Вопросы по SQLMap

Discussion in 'Уязвимости' started by randman, 1 Oct 2015.

  1. dddg33

    dddg33 New Member

    Joined:
    28 Mar 2021
    Messages:
    2
    Likes Received:
    0
    Reputations:
    0
    После
    Code:
    --tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords
    Выдал

    Code:
    [01:16:41] [CRITICAL] unable to retrieve the tables for any database
    [01:16:41] [WARNING] HTTP error codes detected during run:
    414 (Request-URI Too Long) - 4 times, 500 (Internal Server Error) - 1 times, 400 (Bad Request) - 1 times, 404 (Not Found) - 8 times
    [01:16:41] [DEBUG] too many 4xx and/or 5xx HTTP error codes could mean that some kind of protection is involved (e.g. WAF)
    Как можно обойти waf ?
    Заранее спасибо!
     
  2. man474019

    man474019 New Member

    Joined:
    31 Jul 2015
    Messages:
    55
    Likes Received:
    4
    Reputations:
    0
    ни как не могу дампит table_names, пробовал --hex, --no-cast tamper scripts

    Code:
    [05:46:09] [INFO] fetching tables for database: 'ar_new'
    [05:46:09] [INFO] fetching number of tables for database 'ar_new'
    you provided a HTTP Cookie header value, while target URL provides its own cookies within HTTP Set-Cookie header which intersect with yours. Do you want to merge them in further requests? [Y/n] Y
    [05:46:10] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
    [05:46:10] [INFO] retrieved:
    [05:46:11] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch '--hex'
    [05:46:11] [WARNING] unable to retrieve the number of tables for database 'ar_new'
    [05:46:11] [ERROR] unable to retrieve the table names for any database
    do you want to use common table existence check? [y/N/q] N
    No tables found
    [05:46:11] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/sayt.com'
    
    
     
  3. Xsite

    Xsite Member

    Joined:
    21 Jan 2010
    Messages:
    54
    Likes Received:
    5
    Reputations:
    0

    а есть где то полный мануал от тебя ?
     
  4. Juiseppe

    Juiseppe New Member

    Joined:
    16 Feb 2020
    Messages:
    10
    Likes Received:
    0
    Reputations:
    0
    Кто нибудь мапом обходил Imunify360 (CloudLinux) waf ?
     
  5. Baskin-Robbins

    Baskin-Robbins Reservists Of Antichat

    Joined:
    15 Sep 2018
    Messages:
    209
    Likes Received:
    687
    Reputations:
    173
    Ошибка на отрицательный лимит
     
    #1125 Baskin-Robbins, 8 May 2021
    Last edited: 9 May 2021
    seostock likes this.
  6. matthhy

    matthhy New Member

    Joined:
    16 Feb 2017
    Messages:
    57
    Likes Received:
    0
    Reputations:
    0
    Подскажите, пожалуйста, отсканировал сайт Acunetix, нашел sql уязвимость, но sqlmap не может пробить ее, думаю из-за WAF. Как понять, какой tamper использовать, или же как вытащить необходимую информацию для sqlmap из Acunetix?
     
  7. joelblack

    joelblack Reservists Of Antichat

    Joined:
    6 Jul 2015
    Messages:
    238
    Likes Received:
    425
    Reputations:
    131
    Это не много не так работает. Сначала необходимо раскрутить уязвимость самому, а потом автоматизировать процесс средствами sqlmap. Соответственно, что бы понять какой тампер использовать - раскрути сначала руками.
     
    Svan likes this.
Loading...