PDA

View Full Version : SQL Ninja Help?



325ci
10-20-2008, 04:32 PM
Hey all, when i try to sqlninja -m test
configure the devices and everything right probably but it always give me an error saying could not create a socket to ip:80

terminal86
10-21-2008, 01:54 AM
Hey all, when i try to sqlninja -m test
configure the devices and everything right probably but it always give me an error saying could not create a socket to ip:80

Are you sure port 80 is open / not blocked on your test victim and did you try another port?

325ci
10-21-2008, 07:57 AM
well what other ports should i try i mean can i scan for any open port?

terminal86
10-21-2008, 08:18 AM
well what other ports should i try i mean can i scan for any open port?

I've never tried it, but as the documentation tells, it is possible:

port

The port to connect to. If not specified, port 80 is assumed. For example:

port = 443
Just give it a try, and response the result.


Update:
I just tested for myself with port 22 (ssh) and port 80 (http) open. (local within backtrack)
I used the command sqlninja -m test -d 2 and the output was something like (from my mind):


Accept ... text ../ language.. / charset.. / content type..
Connection closed
Warning the server responded with http 404 not found
Check config ...
Injection not successful
Not vunlerable or Error in config

So it seems to run fine, but couldn't succeed coz i didn't set up my config yet (consciously)

325ci
10-21-2008, 08:29 AM
its saying trying to inject a waitfor delay than error: could not create socket to ip
yes i tried the 443 port but same problem, is there any other doing the same job? or port scanner?

terminal86
10-21-2008, 08:46 AM
its saying trying to inject a waitfor delay than error: could not create socket to ip
yes i tried the 443 port but same problem, is there any other doing the same job? or port scanner?

Oh i thought you have a little knowledge about the things you do :rolleyes:
Search the forum for "nmap" , maybe "fast-track", and "db_autopwn".

325ci
10-21-2008, 03:13 PM
okay so i learned nmap and i can use, i see the open ports but i can't use sql ninja to get a session, i guess im doing the configuration wrong?
http://sqlninja.sourceforge.net/sqlninjademo1.html
this is what i'm following but it's just not giving me succesfull.

is there any other way i can open a session ?