Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [14:16:26] [INFO] loading tamper script 'overlongutf8'
- [14:16:26] [WARNING] provided value for parameter 'ID' is empty. Please, always use only valid parameter values so sqlmap could be able to run properly
- [14:16:32] [INFO] testing connection to the target URL
- [14:16:37] [WARNING] the web server responded with an HTTP error code (406) which could interfere with the results of the tests
- [14:16:37] [INFO] testing if the target URL is stable
- [14:16:37] [INFO] target URL is stable
- [14:16:37] [INFO] testing if GET parameter 'ID' is dynamic
- [14:16:37] [WARNING] GET parameter 'ID' does not appear to be dynamic
- [14:16:38] [WARNING] heuristic (basic) test shows that GET parameter 'ID' might not be injectable
- [14:16:38] [INFO] testing for SQL injection on GET parameter 'ID'
- [14:16:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
- [14:16:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
- [14:16:41] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
- [14:16:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
- [14:16:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
- [14:16:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
- [14:16:45] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
- [14:16:46] [INFO] testing 'MySQL inline queries'
- [14:16:46] [INFO] testing 'PostgreSQL inline queries'
- [14:16:46] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
- [14:16:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
- [14:16:47] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
- [14:16:48] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
- [14:16:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
- [14:16:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
- [14:16:51] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
- [14:16:53] [INFO] testing 'Oracl[14:16:26] [INFO] loading tamper script 'overlongutf8'
- [14:16:26] [WARNING] provided value for parameter 'ID' is empty. Please, always use only valid parameter values so sqlmap could be able to run properly
- [14:16:32] [INFO] testing connection to the target URL
- [14:16:37] [WARNING] the web server responded with an HTTP error code (406) which could interfere with the results of the tests
- [14:16:37] [INFO] testing if the target URL is stable
- [14:16:37] [INFO] target URL is stable
- [14:16:37] [INFO] testing if GET parameter 'ID' is dynamic
- [14:16:37] [WARNING] GET parameter 'ID' does not appear to be dynamic
- [14:16:38] [WARNING] heuristic (basic) test shows that GET parameter 'ID' might not be injectable
- [14:16:38] [INFO] testing for SQL injection on GET parameter 'ID'
- [14:16:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
- [14:16:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
- [14:16:41] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
- [14:16:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
- [14:16:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
- [14:16:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
- [14:16:45] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
- [14:16:46] [INFO] testing 'MySQL inline queries'
- [14:16:46] [INFO] testing 'PostgreSQL inline queries'
- [14:16:46] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
- [14:16:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
- [14:16:47] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
- [14:16:48] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
- [14:16:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
- [14:16:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
- [14:16:51] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
- [14:16:53] [INFO] testing 'Oracle AND time-based blind'
- [14:16:54] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
- [14:16:54] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
- [14:17:08] [WARNING] GET parameter 'ID' does not seem to be injectable
- [14:17:08] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp')
- [14:17:08] [WARNING] HTTP error codes detected during run:
- 406 (Not Acceptable) - 159 times
- e AND time-based blind'
- [14:16:54] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
- [14:16:54] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
- [14:17:08] [WARNING] GET parameter 'ID' does not seem to be injectable
- [14:17:08] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp')
- [14:17:08] [WARNING] HTTP error codes detected during run:
- 406 (Not Acceptable) - 159 times
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement