1

This is the first time I'm using sqlmap against SQLite.

When I run:
sqlmap -u www.site.com:80/index.php?vulnParametr=p --dump-all --keep-alive --dbms=sqlite

It gives me this:

Output of sqlmap command.

What is that? Is SQLite using some sort of encrypting?

schroeder
  • 123,438
  • 55
  • 284
  • 319
Icurus Love
  • 11
  • 1
  • 2
  • 3
    In the future, it is a good courtesy to go ahead and type or paste-in complex text rather than only giving us the image. We're here to help, not to do your work for you. – 700 Software Oct 12 '16 at 20:38

2 Answers2

2

I could decipher the characters using ASCII code, I got the following result:

[BEL] K [LF] [LF] [LF] [FF] NULL ceuQ \n CI <&NG [SI] [BEL] [BS] [ESC] ( [SO] & " \n E [FS] #' [DC2] [DC4] K [DC1]

[BEL], [LF], [FF], [SI], [BS], [ESC], [SO], [FS], [DC2], [DC4], [DC1] are control characters, then it isn't a encrypted text, it's text in hexadecimal. I think that sqlmap inject control characters to know if it is possible to execute specific actions, for example, [BEL] is a device control code to execute a warning.

You can know more about control characters in the following link.

https://en.wikipedia.org/wiki/Control_character

I hope this information helps you.

hmrojas.p
  • 1,049
  • 1
  • 8
  • 16
1

This looks like encoding, not encryption. It is a string of hex codes, likely corresponding to ASCII characters.

CrunchBangDev
  • 178
  • 7
  • I think the same, this image show a table of ASCII character with the ehxadecimal value: http://www.elcodigoascii.com.ar/codigo-americano-estandar-intercambio-informacion/codigo-ascii.png – hmrojas.p Jul 12 '16 at 15:38
  • Yeah, if the data had been presented as text rather than an image I would've deciphered it... but I'm not typing all that out. :) – CrunchBangDev Jul 13 '16 at 15:04