Information Security

SQLMap won’t enumerate databases

Well, I run with psymera a CTF game and we are constantly adding new VMWare machines and new tests just to keep on playing and not get bored. As part of a internal training where I work I started to create some videos on how to use SQLMap (I promise to upload here shortly in a big rant about it) so I started on what everyone does: update your version.

And something interesting happened, sqlmap enumeration broke (gorgeous) but it didn’t look much like it, it baffled me at first, so much that I had to do all by hand and asked psymera if he changed something, he said no.

So this is the info of the updated sqlmap version to that date:

bash

  1. root@fsckOSX:/pentest/database/sqlmap# svn info
  2. Path: .
  3. URL: https://svn.sqlmap.org/sqlmap/trunk/sqlmap
  4. Repository Root: https://svn.sqlmap.org/sqlmap
  5. Repository UUID: 7eb2e9d7-d917-0410-b3c8-b11144ad09fb
  6. Revision: 4380
  7. Node Kind: directory
  8. Schedule: normal
  9. Last Changed Author: stamparm
  10. Last Changed Rev: 4380
  11. Last Changed Date: 2011-09-19 12:08:08 -0700 (Mon, 19 Sep 2011)

the SVN rev is 4380, latest at Sep 19th, here is the example of a run against the vulnerable web server with this revision.

Technology Errors

mysqldump: Got error: 145: Table ‘./wordpress/bot_prli_clicks’ is marked as crashed and should be repaired when using LOCK TABLES

Earlier I was in the process of upgrading MySQL on a CentOS Linux server and ran into an error when I attempted to backup all of the MySQL databases. When issuing the mysqldump command I received an error 145 noting that one of the mysql database tables was marked as crashed and needed to be repaired. Below I have noted the error in more detail as well as how to repair any tables that are marked as crashed.

Information Security

How To Login To Oracle On Windows 7 When All Oracle Accounts Are Locked

I recently installed Oracle on a Windows 7 computer to test some tools that are available in Backtrack. I am very new to Oracle so it has been a bit of a learning process including the fact that I had no idea you can install Oracle without having to pay any money to download it so I also plan on writing an article on how to do this. Anyhow after the initial Oracle install we were testing oscanner from Backtrack and locked all of the Oracle accounts which was a bummer because I wasn’t sure there was a way to correct the issue. Turns out it is really easy to unlock the Oracle accounts if you have access to the Oracle server so below I describe how to unlock Oracle accounts when it appears they have all been locked.

Technology Errors

ERROR 1146 (42S02): Table ‘mysql.servers’ doesn’t exist

Earlier today while adding a new site to a server running as a web server with many virtual hosts I ran into an error flushing the privileges after I added a new MySQL database followed by a user with only access to that new MySQL database. After a bit of investigation I realized that when I recently updated the MySQL server on the CentOS Linux server in question it must have had some issues during the upgrade. Below I describe not only the error in more detail but also how to resolve the MySQL error when attempting to flush the privileges.