Hi,
I have the following issue I cannot quite understand (I'm using current git version of sqlmap on Kali). I'm not sure if this is a bug or if I'm simply too stupid.
The strange thing is that if I trace sqlmap in wireshark I see the requests made by sqlmap and their HTTP 200 OK resposes from the server. Here's the TCP stream from wireshark:
GET /index.php?search=foo HTTP/1.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Host: localhost:6666
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,_/_;q=0.8
User-Agent: sqlmap/1.0-dev-59b6791 (http://sqlmap.org)
Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
Connection: close
Pragma: no-cache
Cache-Control: no-cache,no-store
HTTP/1.1 200 OK
Date: Fri, 22 Nov 2013 13:16:26 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.4-14+deb7u5
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 284
Connection: close
Content-Type: text/html
..........u.]j. ....S.. ..E.R...e[..h2..D.....w44..
!...~:..4..N.....
Can anyone clarify what I'm missing here? Thanks!
Can you please retry with enclosed URL inside -u?
Like: python sqlmap.py -u "......."
Same result using quotes (see output below).
I also include detailed versions of metasploit and sqlmap, if that helps
msfconsole --version
Framework Version: 4.8.0-2013112001
./sqlmap.py --version
sqlmap/1.0-dev-59b6791
[*] shutting down at 08:13:27
./sqlmap.py -u "http://localhost:6666/index.php?search=foo"
sqlmap/1.0-dev-59b6791 - automatic SQL injection and database takeover tool
http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 08:27:06
[08:27:07] [INFO] testing connection to the target URL
[08:27:07] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request
[08:27:07] [WARNING] if the problem persists please check that the provided target URL is valid. In case that it is, you can try to rerun with the switch '--random-agent' turned on and/or proxy switches ('--ignore-proxy', '--proxy',...)
[08:27:09] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request
[08:27:10] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request
[08:27:12] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'
[08:27:12] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'
[*] shutting down at 08:27:12
Can you please send the Wireshark .pcap to [email protected]? This all looks legitimate, but you say that sqlmap is not acting as expected. .pcap file would clear some things up.
I found a workaround. It works if you set the --keep-alive option such as:
./sqlmap.py -u "http://localhost:6666/index.php?search=foo" --keep-alive
However, I think this is something which should work out of the box :)
Most helpful comment
I found a workaround. It works if you set the --keep-alive option such as:
./sqlmap.py -u "http://localhost:6666/index.php?search=foo" --keep-alive
However, I think this is something which should work out of the box :)