[03:42:45] [INFO] testing connection to the target URL
[03:42:45] [INFO] testing if the target URL is stable
[03:42:46] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] c
[03:42:53] [INFO] testing if GET parameter 's' is dynamic
[03:42:53] [WARNING] GET parameter 's' does not appear dynamic
[03:42:53] [WARNING] heuristic (basic) test shows that GET parameter 's' might not be injectable
[03:42:55] [INFO] testing for SQL injection on GET parameter 's'
[03:42:55] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[03:42:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[03:43:01] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[03:43:01] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[03:43:02] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[03:43:06] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[03:43:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[03:43:07] [INFO] testing 'MySQL inline queries'
[03:43:07] [INFO] testing 'PostgreSQL inline queries'
[03:43:07] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[03:43:07] [INFO] testing 'MySQL > 5.0.11 stacked queries (comment)'
[03:43:07] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[03:43:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[03:43:11] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[03:43:12] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[03:43:12] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
[03:43:16] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[03:43:17] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[03:43:18] [INFO] testing 'Oracle AND time-based blind'
[03:43:27] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[03:43:27] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
[03:43:29] [INFO] target URL appears to be UNION injectable with 4 columns
[03:43:29] [WARNING] applying generic concatenation with double pipes ('||')
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] y
[03:43:46] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[03:44:05] [INFO] testing 'MySQL UNION query (80) - 1 to 10 columns'
[03:44:36] [WARNING] GET parameter 's' is not injectable
[03:44:36] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp'). If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment')
[03:42:45] [INFO] testing if the target URL is stable
[03:42:46] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison' and provide a string or regular expression to match on
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] c
[03:42:53] [INFO] testing if GET parameter 's' is dynamic
[03:42:53] [WARNING] GET parameter 's' does not appear dynamic
[03:42:53] [WARNING] heuristic (basic) test shows that GET parameter 's' might not be injectable
[03:42:55] [INFO] testing for SQL injection on GET parameter 's'
[03:42:55] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[03:42:57] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Parameter replace'
[03:43:01] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[03:43:01] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[03:43:02] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[03:43:06] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[03:43:06] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[03:43:07] [INFO] testing 'MySQL inline queries'
[03:43:07] [INFO] testing 'PostgreSQL inline queries'
[03:43:07] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[03:43:07] [INFO] testing 'MySQL > 5.0.11 stacked queries (comment)'
[03:43:07] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[03:43:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[03:43:11] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[03:43:12] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[03:43:12] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
[03:43:16] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[03:43:17] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[03:43:18] [INFO] testing 'Oracle AND time-based blind'
[03:43:27] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[03:43:27] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it with option '--dbms'
[03:43:29] [INFO] target URL appears to be UNION injectable with 4 columns
[03:43:29] [WARNING] applying generic concatenation with double pipes ('||')
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] y
[03:43:46] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[03:44:05] [INFO] testing 'MySQL UNION query (80) - 1 to 10 columns'
[03:44:36] [WARNING] GET parameter 's' is not injectable
[03:44:36] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp'). If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment')