[14:16:26] [INFO] loading tamper script 'overlongutf8'[14:16:26] [WARNING] pro

1. [14:16:26] [INFO] loading tamper script 'overlongutf8'
2. [14:16:26] [WARNING] provided value for parameter 'ID' is empty. Please, always use only valid parameter values so sqlmap could be able to run properly
3. [14:16:32] [INFO] testing connection to the target URL
4. [14:16:37] [WARNING] the web server responded with an HTTP error code (406) which could interfere with the results of the tests
5. [14:16:37] [INFO] testing if the target URL is stable
6. [14:16:37] [INFO] target URL is stable
7. [14:16:37] [INFO] testing if GET parameter 'ID' is dynamic
8. [14:16:37] [WARNING] GET parameter 'ID' does not appear to be dynamic
9. [14:16:38] [WARNING] heuristic (basic) test shows that GET parameter 'ID' might not be injectable
10. [14:16:38] [INFO] testing for SQL injection on GET parameter 'ID'
11. [14:16:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
12. [14:16:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
13. [14:16:41] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
14. [14:16:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
15. [14:16:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
16. [14:16:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
17. [14:16:45] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
18. [14:16:46] [INFO] testing 'MySQL inline queries'
19. [14:16:46] [INFO] testing 'PostgreSQL inline queries'
20. [14:16:46] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
21. [14:16:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
22. [14:16:47] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
23. [14:16:48] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
24. [14:16:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
25. [14:16:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
26. [14:16:51] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
27. [14:16:53] [INFO] testing 'Oracl[14:16:26] [INFO] loading tamper script 'overlongutf8'
28. [14:16:26] [WARNING] provided value for parameter 'ID' is empty. Please, always use only valid parameter values so sqlmap could be able to run properly
29. [14:16:32] [INFO] testing connection to the target URL
30. [14:16:37] [WARNING] the web server responded with an HTTP error code (406) which could interfere with the results of the tests
31. [14:16:37] [INFO] testing if the target URL is stable
32. [14:16:37] [INFO] target URL is stable
33. [14:16:37] [INFO] testing if GET parameter 'ID' is dynamic
34. [14:16:37] [WARNING] GET parameter 'ID' does not appear to be dynamic
35. [14:16:38] [WARNING] heuristic (basic) test shows that GET parameter 'ID' might not be injectable
36. [14:16:38] [INFO] testing for SQL injection on GET parameter 'ID'
37. [14:16:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
38. [14:16:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
39. [14:16:41] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
40. [14:16:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
41. [14:16:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
42. [14:16:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
43. [14:16:45] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
44. [14:16:46] [INFO] testing 'MySQL inline queries'
45. [14:16:46] [INFO] testing 'PostgreSQL inline queries'
46. [14:16:46] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
47. [14:16:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
48. [14:16:47] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
49. [14:16:48] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
50. [14:16:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
51. [14:16:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
52. [14:16:51] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
53. [14:16:53] [INFO] testing 'Oracle AND time-based blind'
54. [14:16:54] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
55. [14:16:54] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
56. [14:17:08] [WARNING] GET parameter 'ID' does not seem to be injectable
57. [14:17:08] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp')
58. [14:17:08] [WARNING] HTTP error codes detected during run:
59. 406 (Not Acceptable) - 159 times
60. e AND time-based blind'
61. [14:16:54] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
62. [14:16:54] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
63. [14:17:08] [WARNING] GET parameter 'ID' does not seem to be injectable
64. [14:17:08] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp')
65. [14:17:08] [WARNING] HTTP error codes detected during run:
66. 406 (Not Acceptable) - 159 times