1

I am working on a black box web application pentesting project for a client and while testing found an error-based SQL injection. I went on to exploit it using SQLMAP, I retrieved the Database names, Tables names, and Column names but when I try to dump any of the columns it says

"unable to retrieve 'column_name' in table 'table_name' from the database 'database_name'"

I tried it for other columns and it gives same error and shuts down. Am I doing something wrong? Or the IPS on the client end is blocking the dump?

schroeder
  • 123,438
  • 55
  • 284
  • 319
paU1i
  • 181
  • 1
  • 3
  • 9
  • It is entirely possible that there is an IPS or other DLP system blocking the egress of data. What things have you tried manually? –  Sep 13 '15 at 21:34

1 Answers1

1

It is hard to conclude without knowing the requests and the responses. However, it is less likely that an IPS blocks your access. Most IPSes block SQLMap immediately by simply looking at the request User-Agent.

From debugging, try to run SQLMap through an intercepting proxy and observe the responses from the server:

sqlmap --proxy=http://localhost:8080 [THE REST OF YOUR PARAMETERS]

Then manually modify the request and send to server using your intercepting proxy. This way it is easier to find out where the problem is.

Dr. mattle
  • 300
  • 1
  • 10