목록워게임 (14)
IT보안관의 공부 클라우드
[los]giant
query : select 1234 fromprob_giant where 1 1. strlen shit >1 2. preg_match : whitespace \n \r \t 코드를 보니 shit은 from 절에 들어감. shit에 2글자 이상 입력하면 no hack from 절이 붙어있어 sql 문이 실패함. 공백을 줘야함. %0a %0b %0c %0d %09 중 %0b %0c로 성공 shit=%0b
워게임/los
2021. 6. 30. 19:51
[los]bugbear
query : select id from prob_bugbear where id='guest' and pw='' and no=
워게임/los
2021. 6. 23. 19:48
[los]golem
query : select id from prob_golem where id='guest' and pw=''
워게임/los
2021. 6. 18. 19:39
[los]darkkinght
query : select id from prob_darkknight where id='guest' and pw='' and no=
워게임/los
2021. 6. 13. 12:58
[los]skeleton
query : select id from prob_skeleton where id='guest' and pw='' and 1=0
워게임/los
2021. 6. 8. 22:35
[los]vampire
query : select id from prob_vampire where id=''
워게임/los
2021. 6. 1. 21:22
[los]troll
query : select id from prob_troll where id=''
워게임/los
2021. 5. 28. 20:05
[los]orge
query : select id from prob_orge where id='guest' and pw=''
워게임/los
2021. 5. 25. 18:41