这段代码执行后将打印"Exploit By M80 !"出来,,每台机器的环境不一样,大家测试的时候将
x20x10x40x00(0X00401020)改成适合自己机器环境的地址。
本文不讨论溢出的原理,关于这方面的文章网上很多,感兴趣的可以自己去查询
相关资料.-Implementation of the code will print
SHOW FULL COLUMNS FROM `jrk_downrecords` [ RunTime:0.001080s ]
SELECT `a`.`aid`,`a`.`title`,`a`.`create_time`,`m`.`username` FROM `jrk_downrecords` `a` INNER JOIN `jrk_member` `m` ON `a`.`uid`=`m`.`id` WHERE `a`.`status` = 1 GROUP BY `a`.`aid` ORDER BY `a`.`create_time` DESC LIMIT 10 [ RunTime:0.064055s ]
SHOW FULL COLUMNS FROM `jrk_tagrecords` [ RunTime:0.001031s ]
SELECT * FROM `jrk_tagrecords` WHERE `status` = 1 ORDER BY `num` DESC LIMIT 20 [ RunTime:0.001247s ]
SHOW FULL COLUMNS FROM `jrk_member` [ RunTime:0.001023s ]
SELECT `id`,`username`,`userhead`,`usertime` FROM `jrk_member` WHERE `status` = 1 ORDER BY `usertime` DESC LIMIT 10 [ RunTime:0.004075s ]
SHOW FULL COLUMNS FROM `jrk_searchrecords` [ RunTime:0.000790s ]
SELECT * FROM `jrk_searchrecords` WHERE `status` = 1 ORDER BY `num` DESC LIMIT 5 [ RunTime:0.003576s ]
SELECT aid,title,count(aid) as c FROM `jrk_downrecords` GROUP BY `aid` ORDER BY `c` DESC LIMIT 10 [ RunTime:0.018969s ]
SHOW FULL COLUMNS FROM `jrk_articles` [ RunTime:0.001439s ]
UPDATE `jrk_articles` SET `hits` = 2 WHERE `id` = 243791 [ RunTime:0.014135s ]
