MvMmallv5. 5SQL injection of php exp exploit-vulnerability warning-the black bar safety net

2015-02-12T00:00:00
ID MYHACK58:62201559032
Type myhack58
Reporter 佚名
Modified 2015-02-12T00:00:00

Description

Vulnerability type: MvMmall v5. 5. 1 SQL injection vulnerability Default background:admincp. php? module=index Google search:”Powered by MvMmall v5. 5. 1" One, use: php exp use 1 Install the php environment Use phpnow very simple to install. 2 Use exp attack Link: <http://pan.baidu.com/s/1eQgr9FO> Extract password: aahj The exp after the download is saved to the PHP directory For example, to build php environment after the success of the path is D:\PHPnow-1.5.6\php-5.2.14-Win32 Then in the current folder create a content for the cmd. exe the bat file Then open the bat file input php exp.php localhost /shop 1 (localhost as the destination site address of the shop as a secondary directory if does not exist, remove the/shop can be