Sqlmap: [CRITICAL] connection dropped or unknown HTTP status code received

Created on 22 Nov 2013  路  4Comments  路  Source: sqlmapproject/sqlmap

Hi,

I have the following issue I cannot quite understand (I'm using current git version of sqlmap on Kali). I'm not sure if this is a bug or if I'm simply too stupid.

  1. I have a meterpreter session with port forwarding of remote port 80 to local port 6666
  2. If I use my browser or wget to retrieve url:
    http://localhost:6666/index.php?search=foo
    it works perfectly.
  3. However if I use sqlmap:
    ./sqlmap.py -u http://localhost:6666/index.php?search=foo
    I get the "[CRITICAL] connection dropped or unknown HTTP status code received" error.

The strange thing is that if I trace sqlmap in wireshark I see the requests made by sqlmap and their HTTP 200 OK resposes from the server. Here's the TCP stream from wireshark:

GET /index.php?search=foo HTTP/1.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Host: localhost:6666
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,_/_;q=0.8
User-Agent: sqlmap/1.0-dev-59b6791 (http://sqlmap.org)
Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
Connection: close
Pragma: no-cache
Cache-Control: no-cache,no-store

HTTP/1.1 200 OK
Date: Fri, 22 Nov 2013 13:16:26 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.4-14+deb7u5
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 284
Connection: close
Content-Type: text/html

..........u.]j. ....S.. ..E.R...e[..h2..D.....w44..
!...~:..4..N.....^}...!.....Wm..m..4.mh.A.L^....&$.[-z$Q.._.....0..t.Q..+..\.bA../@.....i...+..;.k....I....`.m........,.L.....%....\L|_-..3...0w..B...sv...?..|.I.7.....MY..;-j.x.z.c_...y|~..../'%m......0>#..*nRi.'........

Can anyone clarify what I'm missing here? Thanks!

support

Most helpful comment

I found a workaround. It works if you set the --keep-alive option such as:

./sqlmap.py -u "http://localhost:6666/index.php?search=foo" --keep-alive

However, I think this is something which should work out of the box :)

All 4 comments

Can you please retry with enclosed URL inside -u?

Like: python sqlmap.py -u "......."

Same result using quotes (see output below).
I also include detailed versions of metasploit and sqlmap, if that helps

msfconsole --version
Framework Version: 4.8.0-2013112001

./sqlmap.py --version
sqlmap/1.0-dev-59b6791

[*] shutting down at 08:13:27

./sqlmap.py -u "http://localhost:6666/index.php?search=foo"

sqlmap/1.0-dev-59b6791 - automatic SQL injection and database takeover tool
http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 08:27:06

[08:27:07] [INFO] testing connection to the target URL
[08:27:07] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request
[08:27:07] [WARNING] if the problem persists please check that the provided target URL is valid. In case that it is, you can try to rerun with the switch '--random-agent' turned on and/or proxy switches ('--ignore-proxy', '--proxy',...)
[08:27:09] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request
[08:27:10] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request
[08:27:12] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'
[08:27:12] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'

[*] shutting down at 08:27:12

Can you please send the Wireshark .pcap to [email protected]? This all looks legitimate, but you say that sqlmap is not acting as expected. .pcap file would clear some things up.

I found a workaround. It works if you set the --keep-alive option such as:

./sqlmap.py -u "http://localhost:6666/index.php?search=foo" --keep-alive

However, I think this is something which should work out of the box :)

Was this page helpful?
0 / 5 - 0 ratings

Related issues

alexintel5 picture alexintel5  路  6Comments

stamparm picture stamparm  路  4Comments

moku23 picture moku23  路  4Comments

mekoki88 picture mekoki88  路  6Comments

dispater13 picture dispater13  路  7Comments