I am a cyber security researcher and programmer.
Do you want to be one too? Check out my advice for learning hacking and programming.
You can support my work with a few bucks, here.
A friend of SQLmap which will do what you always expected from SQLmap.
License: GNU General Public License v3.0
I am a cyber security researcher and programmer.
Do you want to be one too? Check out my advice for learning hacking and programming.
You can support my work with a few bucks, here.
when sqlmate try to bypass thats what i get
Traceback (most recent call last):
File "sqlmate", line 367, in
bypass()
File "sqlmate", line 271, in bypass
find(url, i_title, original)
File "sqlmate", line 226, in find
brute(username, passwd, menu, option, name, form_number, i_title, original) #Calls the bruteforce function
File "sqlmate", line 259, in brute
print '\n\033[1;32m[+]\033[0m ' + login
NameError: global name 'login' is not defined
word of truth "by far that's the best script until now i'm testing"
Python HTTP for Humans.
Library home page: https://files.pythonhosted.org/packages/b8/f7/3bb4d18c234a8ce7044d5ee2e1082b7d72bf6c550afb8d51ae266dea56f1/requests-2.9.1-py2.py3-none-any.whl
Path to dependency file: /sqlmate/requirements.txt
Path to vulnerable library: teSource-ArchiveExtractor_58d5b1a3-882f-4d6a-a9cc-cfbeab782756/20190505155042_80940/20190505155030_depth_0/requests-2.9.1-py2.py3-none-any/requests
Dependency Hierarchy:
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
Publish Date: 2018-10-09
URL: CVE-2018-18074
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-18074
Release Date: 2018-10-09
Fix Resolution: 2.20.0
Step up your Open Source Security Game with WhiteSource here
trying to install this program on osx -- i have both python version 2 and 3 and pip 2 & 3 installed but keep getting errors:
iMac% pip3 install requirements.txt
Collecting requirements.txt
Could not find a version that satisfies the requirement requirements.txt (from versions: )
No matching distribution found for requirements.txt
iMac% man pip
No manual entry for pip
iMac% pwd
/Users/kimberly/Documents/GitHub/sqlmate
iMac% ls
LICENSE paths.txt sqlmate
README.md requirements.txt venv
iMac% pip install requirements.txt
Collecting requirements.txt
Could not find a version that satisfies the requirement requirements.txt (from versions: )
No matching distribution found for requirements.txt
iMac%
not sure how to proceed. many thanks
[>] Finding targets for my mate, SQLmap
From cffi callback <function _verify_callback at 0x7f79deff8cf8>:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/OpenSSL/SSL.py", line 309, in wrapper
_lib.X509_up_ref(x509)
AttributeError: 'module' object has no attribute 'X509_up_ref'
Traceback (most recent call last):
File "sqlmate", line 360, in
google(dork, number)
File "sqlmate", line 67, in google
r = requests.get(url)
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 72, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 508, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 618, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/adapters.py", line 519, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)
root@kali:~/Desktop/sqlmate#
Notes from doing an install on a fresh Ubuntu 16.04 VPS:
pip wasn't installed:
lxml wasn't installed:
Traceback (most recent call last):
File "sqlmate", line 367, in <module>
bypass()
File "sqlmate", line 266, in bypass
soup = BeautifulSoup(data, 'lxml') #Pareses the response with beuatiful soup
File "/usr/local/lib/python2.7/dist-packages/bs4/__init__.py", line 156, in __init__
% ",".join(features))
bs4.FeatureNotFound: Couldn't find a tree builder with the features you requested: lxml. Do you need to install a parser library?
Traceback (most recent call last):
File "sqlmate", line 367, in <module>
bypass()
File "sqlmate", line 271, in bypass
find(url, i_title, original)
File "sqlmate", line 226, in find
brute(username, passwd, menu, option, name, form_number, i_title, original) #Calls the bruteforce function
File "sqlmate", line 234, in brute
br.form[username] = "'or' '='"
File "/usr/local/lib/python2.7/dist-packages/mechanize/_form.py", line 2780, in __setitem__
control = self.find_control(name)
File "/usr/local/lib/python2.7/dist-packages/mechanize/_form.py", line 3101, in find_control
return self._find_control(name, type, kind, id, label, predicate, nr)
File "/usr/local/lib/python2.7/dist-packages/mechanize/_form.py", line 3185, in _find_control
raise ControlNotFoundError("no control matching "+description)
mechanize._form.ControlNotFoundError: no control matching name 'username'
Hello, when executing the sqlmate python command, the following error appears:
root@kali:~/sqlmate# python sqlmate
Traceback (most recent call last):
File "sqlmate", line 4, in
from bs4 import BeautifulSoup
File "/usr/local/lib/python2.7/dist-packages/bs4/init.py", line 30, in
from .builder import builder_registry, ParserRejectedMarkup
File "/usr/local/lib/python2.7/dist-packages/bs4/builder/init.py", line 314, in
from . import _html5lib
File "/usr/local/lib/python2.7/dist-packages/bs4/builder/_html5lib.py", line 70, in
class TreeBuilderForHtml5lib(html5lib.treebuilders._base.TreeBuilder):
AttributeError: 'module' object has no attribute '_base'
I already did the pip install -r requirements.txt command, but still the problem continued, how to solve this problem?
Thank you very much in advance.
Seems like a really awesome tool. I'm having problems with it completing though. The script begins to pull links and find admin panels then just stops. I've ran it several times.
snip
.....
[-] http://www.hr.dmh.go.th/hr/stat/click_paths.asp?hit_id=475
[-] http://www.dmh.go.th/PoliticCrisis/stat/click_paths.asp?hit_id=6508
[-] http://www.dmh.go.th/PoliticCrisis/stat/click_paths.asp?hit_id=520
[-] http://www.dmh.go.th/PoliticCrisis/stat/click_paths.asp?hit_id=5986
[-] http://www.dmh.go.th/PoliticCrisis/stat/click_paths.asp?hit_id=4974
[-] http://www.dmh.go.th/PoliticCrisis/stat/click_paths.asp?hit_id=5011
[-] http://www.dmh.go.th/politiccrisis/stat/click_paths.asp?hit_id=2333
[>] You will also need their admin panels right? Wait a minute..
[>]Let me try to bypass logins. I want to show SQLmap that I am not a noob.
emily@kali:~/sqlmate$
....
snip
Thanks
hey, can you also add tor/proxy support?
thanks
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.